Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/806917-af6b-4e1e-8773-9ad035474114/1/UnFDjiPOkl5mwlmYEiG1toOi8I8.mft
File:                     UnFDjiPOkl5mwlmYEiG1toOi8I8.mft (raw, json)
Hash identifier:          LneSPRfi16w3aIIYYu0SLjjgTUipcyHrhKqQ5WycvWY=
Subject key identifier:   04:9F:AC:F6:61:E2:11:CE:8D:39:E1:53:C7:12:22:8B:7C:27:1D:8F
Authority key identifier: 52:71:43:8E:23:CE:92:5E:66:C2:59:98:12:21:B5:B6:83:A2:F0:8F
Certificate issuer:       /CN=5271438e23ce925e66c259981221b5b683a2f08f
Certificate serial:       019754235AE11C5C39EA70573DD5090B13E1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/UnFDjiPOkl5mwlmYEiG1toOi8I8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/28/806917-af6b-4e1e-8773-9ad035474114/1/UnFDjiPOkl5mwlmYEiG1toOi8I8.mft
Manifest number:          0AE6
Signing time:             Mon 09 Jun 2025 10:01:32 +0000
Manifest this update:     Mon 09 Jun 2025 10:01:32 +0000
Manifest next update:     Tue 10 Jun 2025 10:01:32 +0000
Files and hashes:         1: UnFDjiPOkl5mwlmYEiG1toOi8I8.crl (hash: mSS28xiJTxSkdDYMP3gi8PFsEuBJDZYuW3xdoZbytlU=)
                          2: b23Ppzc40t1gh2jcC0tEEtTjq-Y.roa (hash: PLO31FJDvhLM1rCGRuVKcX7pZ7U9Xsy2KrFDiy0XrKY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/28/806917-af6b-4e1e-8773-9ad035474114/1/UnFDjiPOkl5mwlmYEiG1toOi8I8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/28/806917-af6b-4e1e-8773-9ad035474114/1/UnFDjiPOkl5mwlmYEiG1toOi8I8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/UnFDjiPOkl5mwlmYEiG1toOi8I8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 10 Jun 2025 06:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:54:23:5a:e1:1c:5c:39:ea:70:57:3d:d5:09:0b:13:e1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5271438e23ce925e66c259981221b5b683a2f08f
        Validity
            Not Before: Jun  9 10:01:32 2025 GMT
            Not After : Jun 10 10:01:32 2025 GMT
        Subject: CN=049facf661e211ce8d39e153c712228b7c271d8f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:e1:57:e4:d0:32:a1:90:e7:33:34:50:df:4f:
                    24:d8:d1:ee:a3:63:d8:4a:16:47:eb:af:d6:dc:c3:
                    b1:1c:3a:6e:a9:87:c9:83:ec:75:14:33:17:a4:a2:
                    5a:a6:09:a0:1a:d4:7c:76:39:98:96:a5:02:96:d5:
                    fe:d9:71:9e:1f:f9:61:e3:d1:af:77:66:35:a3:64:
                    60:01:88:70:e8:e0:20:a3:37:f1:4c:26:df:3f:f6:
                    79:02:cd:e3:ad:77:76:29:2d:aa:4b:1e:34:89:90:
                    45:fb:ef:54:c5:73:7b:ff:d9:d4:66:0a:87:8b:89:
                    2a:96:d9:b7:44:29:5c:c7:5c:ee:d3:ff:c4:55:67:
                    c0:9b:c6:ea:8e:57:27:92:7b:e0:b7:d7:f9:25:15:
                    c9:7a:c1:be:b9:de:39:76:55:34:50:fa:65:d6:2f:
                    28:7f:24:da:b9:1f:44:af:4b:fb:c6:36:31:ba:fb:
                    1f:dd:b1:a3:59:cb:72:ea:34:67:dc:94:34:3a:f2:
                    35:e1:67:5b:41:61:25:8b:4d:cd:24:fc:a7:24:c2:
                    f9:a6:f3:36:52:fa:6b:f1:61:b8:70:e6:b0:ad:38:
                    6f:9e:9e:cd:b2:55:f6:75:0b:fc:e7:a7:60:05:72:
                    2d:9c:1e:57:6e:24:11:39:5d:6a:17:6f:08:52:39:
                    51:85
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                04:9F:AC:F6:61:E2:11:CE:8D:39:E1:53:C7:12:22:8B:7C:27:1D:8F
            X509v3 Authority Key Identifier:
                keyid:52:71:43:8E:23:CE:92:5E:66:C2:59:98:12:21:B5:B6:83:A2:F0:8F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UnFDjiPOkl5mwlmYEiG1toOi8I8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/806917-af6b-4e1e-8773-9ad035474114/1/UnFDjiPOkl5mwlmYEiG1toOi8I8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/28/806917-af6b-4e1e-8773-9ad035474114/1/UnFDjiPOkl5mwlmYEiG1toOi8I8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         b1:58:85:12:51:94:28:6a:9a:14:fd:eb:82:92:86:e1:64:d9:
         80:96:30:b3:c6:9d:66:13:e7:90:a1:5e:7b:38:58:d8:15:3a:
         13:9e:95:3e:3b:af:db:68:8d:7d:33:36:51:2a:b5:8f:32:e4:
         af:d5:45:7b:20:cf:ba:1a:95:c9:7c:15:00:6a:c4:df:1c:7d:
         13:da:28:64:40:b5:80:90:b6:d9:af:79:da:52:91:a3:03:55:
         46:1b:47:68:15:50:3e:f3:d1:b3:e6:cb:71:a7:0c:97:83:6b:
         0a:0c:ba:55:db:02:2d:5a:9f:f8:8d:4b:8a:f6:04:3e:39:28:
         42:eb:30:d2:b1:88:a8:32:8f:c3:26:36:2c:0b:ba:97:d4:d3:
         e8:64:9e:fe:1e:54:e2:59:69:3a:b6:f3:ce:88:d6:50:f9:fc:
         96:f8:45:d4:1b:87:8d:a0:5e:57:ee:53:59:89:62:75:2c:33:
         50:75:51:cb:cd:d0:1c:7f:ad:fe:8e:06:65:a2:5d:1d:e1:b4:
         de:95:47:3e:b3:20:06:30:f2:b2:f8:51:63:cf:85:ea:0d:58:
         c6:cb:35:b4:ba:9a:09:80:8d:29:f2:77:bd:50:3e:89:86:92:
         6f:b8:1e:bb:75:01:ac:ab:fe:35:39:f6:23:a5:aa:10:33:ba:
         12:a3:5d:e6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdUI1rhHFw56nBXPdUJCxPhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNzE0MzhlMjNjZTkyNWU2NmMyNTk5ODEyMjFiNWI2ODNh
MmYwOGYwHhcNMjUwNjA5MTAwMTMyWhcNMjUwNjEwMTAwMTMyWjAzMTEwLwYDVQQD
EygwNDlmYWNmNjYxZTIxMWNlOGQzOWUxNTNjNzEyMjI4YjdjMjcxZDhmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt+FX5NAyoZDnMzRQ308k2NHuo2PY
ShZH66/W3MOxHDpuqYfJg+x1FDMXpKJapgmgGtR8djmYlqUCltX+2XGeH/lh49Gv
d2Y1o2RgAYhw6OAgozfxTCbfP/Z5As3jrXd2KS2qSx40iZBF++9UxXN7/9nUZgqH
i4kqltm3RClcx1zu0//EVWfAm8bqjlcnknvgt9f5JRXJesG+ud45dlU0UPpl1i8o
fyTauR9Er0v7xjYxuvsf3bGjWcty6jRn3JQ0OvI14WdbQWEli03NJPynJML5pvM2
Uvpr8WG4cOawrThvnp7NslX2dQv856dgBXItnB5XbiQROV1qF28IUjlRhQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFASfrPZh4hHOjTnhU8cSIot8Jx2PMB8GA1UdIwQY
MBaAFFJxQ44jzpJeZsJZmBIhtbaDovCPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW5GRGppUE9rbDVtd2xtWUVpRzF0b09pOEk4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC84MDY5MTctYWY2Yi00ZTFlLTg3NzMt
OWFkMDM1NDc0MTE0LzEvVW5GRGppUE9rbDVtd2xtWUVpRzF0b09pOEk4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC84MDY5MTctYWY2Yi00ZTFlLTg3NzMtOWFkMDM1NDc0MTE0
LzEvVW5GRGppUE9rbDVtd2xtWUVpRzF0b09pOEk4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAsViFElGU
KGqaFP3rgpKG4WTZgJYws8adZhPnkKFeezhY2BU6E56VPjuv22iNfTM2USq1jzLk
r9VFeyDPuhqVyXwVAGrE3xx9E9ooZEC1gJC22a952lKRowNVRhtHaBVQPvPRs+bL
cacMl4NrCgy6VdsCLVqf+I1LivYEPjkoQusw0rGIqDKPwyY2LAu6l9TT6GSe/h5U
4llpOrbzzojWUPn8lvhF1BuHjaBeV+5TWYlidSwzUHVRy83QHH+t/o4GZaJdHeG0
3pVHPrMgBjDysvhRY8+F6g1Yxss1tLqaCYCNKfJ3vVA+iYaSb7geu3UBrKv+NTn2
I6WqEDO6EqNd5g==
-----END CERTIFICATE-----
Generated at Mon Jun 9 13:21:35 2025 by rpki-client