Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/806917-af6b-4e1e-8773-9ad035474114/1/UnFDjiPOkl5mwlmYEiG1toOi8I8.mft
File:                     UnFDjiPOkl5mwlmYEiG1toOi8I8.mft (raw, json)
Hash identifier:          QMWz2a1FDEOCYvAFfwtn+O42Ho6iC8F7st4TDb0/Ays=
Subject key identifier:   03:DC:79:2B:37:14:DB:E3:DC:4B:3A:0D:27:6F:2A:1C:27:E9:B1:44
Authority key identifier: 52:71:43:8E:23:CE:92:5E:66:C2:59:98:12:21:B5:B6:83:A2:F0:8F
Certificate issuer:       /CN=5271438e23ce925e66c259981221b5b683a2f08f
Certificate serial:       01976D3DDBBC144CB606829C3D992AC34BDF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/UnFDjiPOkl5mwlmYEiG1toOi8I8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/28/806917-af6b-4e1e-8773-9ad035474114/1/UnFDjiPOkl5mwlmYEiG1toOi8I8.mft
Manifest number:          0AF3
Signing time:             Sat 14 Jun 2025 07:00:59 +0000
Manifest this update:     Sat 14 Jun 2025 07:00:59 +0000
Manifest next update:     Sun 15 Jun 2025 07:00:59 +0000
Files and hashes:         1: UnFDjiPOkl5mwlmYEiG1toOi8I8.crl (hash: G95oCZGe3aPU4KQLhkqPOXLGxlo4R+ACmIdo2LVijKg=)
                          2: b23Ppzc40t1gh2jcC0tEEtTjq-Y.roa (hash: PLO31FJDvhLM1rCGRuVKcX7pZ7U9Xsy2KrFDiy0XrKY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/28/806917-af6b-4e1e-8773-9ad035474114/1/UnFDjiPOkl5mwlmYEiG1toOi8I8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/28/806917-af6b-4e1e-8773-9ad035474114/1/UnFDjiPOkl5mwlmYEiG1toOi8I8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/UnFDjiPOkl5mwlmYEiG1toOi8I8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 15 Jun 2025 01:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:6d:3d:db:bc:14:4c:b6:06:82:9c:3d:99:2a:c3:4b:df
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5271438e23ce925e66c259981221b5b683a2f08f
        Validity
            Not Before: Jun 14 07:00:59 2025 GMT
            Not After : Jun 15 07:00:59 2025 GMT
        Subject: CN=03dc792b3714dbe3dc4b3a0d276f2a1c27e9b144
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cc:4c:a4:93:7f:69:a7:9a:c6:63:ae:da:42:53:
                    45:1b:a8:c3:ba:db:4f:12:27:ad:27:8d:82:0a:c8:
                    4c:b5:d4:e4:49:72:0d:3b:48:60:96:8a:de:a1:89:
                    70:1f:cb:15:4f:0d:fc:1d:b9:24:d9:04:7e:89:24:
                    62:e8:01:76:40:c3:e8:96:60:8e:96:f7:43:25:1b:
                    ac:df:c4:7a:cb:e0:7f:47:7a:d4:27:e0:c8:37:11:
                    91:3e:2f:13:07:f2:fa:62:b2:d2:51:99:36:d7:b5:
                    30:69:a7:b2:57:03:fe:a9:1e:ef:bc:65:73:57:65:
                    41:a2:76:7f:04:42:d2:df:96:3b:f0:60:1a:0f:5a:
                    31:b7:2d:97:9e:0c:6e:8a:b6:4f:50:17:d1:33:e0:
                    36:5b:cf:f0:d1:11:ac:30:71:5a:d5:7e:72:94:95:
                    c2:5c:27:fa:4a:5a:9c:2b:68:fa:d2:e2:1d:e7:a0:
                    c2:08:81:26:b7:6d:87:99:39:39:25:ea:d9:8b:41:
                    bd:57:48:e5:47:5f:fd:88:00:b3:26:8a:7a:7e:0c:
                    fa:7e:75:bd:c3:d1:37:6a:3a:9e:3d:21:ea:75:dd:
                    4a:d0:6c:12:bf:6c:96:d7:b4:ce:b7:ba:9f:26:96:
                    72:d3:5b:df:17:14:6e:2e:74:17:b1:4f:26:5f:52:
                    1d:0b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                03:DC:79:2B:37:14:DB:E3:DC:4B:3A:0D:27:6F:2A:1C:27:E9:B1:44
            X509v3 Authority Key Identifier:
                keyid:52:71:43:8E:23:CE:92:5E:66:C2:59:98:12:21:B5:B6:83:A2:F0:8F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UnFDjiPOkl5mwlmYEiG1toOi8I8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/806917-af6b-4e1e-8773-9ad035474114/1/UnFDjiPOkl5mwlmYEiG1toOi8I8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/28/806917-af6b-4e1e-8773-9ad035474114/1/UnFDjiPOkl5mwlmYEiG1toOi8I8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         01:20:b3:0d:37:28:64:2a:7e:c4:b6:ad:45:b4:97:1a:15:2b:
         ba:da:dd:15:67:64:e9:8c:4d:ae:ed:5e:1a:0c:df:0c:8a:de:
         f7:51:d6:f9:c3:7b:b5:da:0a:0b:78:87:68:f3:08:7b:8e:03:
         0c:3b:48:10:5a:81:66:78:e7:31:f1:21:bb:d7:df:49:12:0f:
         ae:71:6f:44:d9:2a:2f:b9:c9:50:76:4b:45:58:7a:bb:4f:50:
         27:5b:2e:a6:f6:0b:08:31:aa:38:78:e3:45:a3:d8:c0:56:11:
         10:5a:b1:09:b4:0c:24:60:ae:7e:91:dc:eb:54:c7:09:09:df:
         12:65:84:8e:0b:06:f2:21:11:e5:6d:3c:db:e9:30:6f:93:27:
         11:59:4d:f5:b8:21:2b:39:1f:64:c2:b5:60:2f:5b:7d:c6:dd:
         0a:10:8c:c1:c3:f4:b8:f0:6c:12:af:85:24:9d:56:c6:49:bf:
         8b:5f:46:a8:c5:4b:51:9a:90:c3:0e:56:b4:36:2c:59:a6:ca:
         2b:33:bd:4b:01:a2:d7:51:b1:43:6e:12:95:74:ab:59:e3:be:
         0f:0f:bb:76:fe:59:51:c3:7d:fd:6b:a9:28:42:0c:e9:89:2c:
         3b:5c:55:24:fc:8b:19:54:91:bc:e5:78:45:c7:0e:57:90:06:
         16:22:54:17
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdtPdu8FEy2BoKcPZkqw0vfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNzE0MzhlMjNjZTkyNWU2NmMyNTk5ODEyMjFiNWI2ODNh
MmYwOGYwHhcNMjUwNjE0MDcwMDU5WhcNMjUwNjE1MDcwMDU5WjAzMTEwLwYDVQQD
EygwM2RjNzkyYjM3MTRkYmUzZGM0YjNhMGQyNzZmMmExYzI3ZTliMTQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzEykk39pp5rGY67aQlNFG6jDuttP
EietJ42CCshMtdTkSXINO0hgloreoYlwH8sVTw38Hbkk2QR+iSRi6AF2QMPolmCO
lvdDJRus38R6y+B/R3rUJ+DINxGRPi8TB/L6YrLSUZk217UwaaeyVwP+qR7vvGVz
V2VBonZ/BELS35Y78GAaD1oxty2XngxuirZPUBfRM+A2W8/w0RGsMHFa1X5ylJXC
XCf6SlqcK2j60uId56DCCIEmt22HmTk5JerZi0G9V0jlR1/9iACzJop6fgz6fnW9
w9E3ajqePSHqdd1K0GwSv2yW17TOt7qfJpZy01vfFxRuLnQXsU8mX1IdCwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAPceSs3FNvj3Es6DSdvKhwn6bFEMB8GA1UdIwQY
MBaAFFJxQ44jzpJeZsJZmBIhtbaDovCPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW5GRGppUE9rbDVtd2xtWUVpRzF0b09pOEk4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC84MDY5MTctYWY2Yi00ZTFlLTg3NzMt
OWFkMDM1NDc0MTE0LzEvVW5GRGppUE9rbDVtd2xtWUVpRzF0b09pOEk4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC84MDY5MTctYWY2Yi00ZTFlLTg3NzMtOWFkMDM1NDc0MTE0
LzEvVW5GRGppUE9rbDVtd2xtWUVpRzF0b09pOEk4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAASCzDTco
ZCp+xLatRbSXGhUrutrdFWdk6YxNru1eGgzfDIre91HW+cN7tdoKC3iHaPMIe44D
DDtIEFqBZnjnMfEhu9ffSRIPrnFvRNkqL7nJUHZLRVh6u09QJ1supvYLCDGqOHjj
RaPYwFYREFqxCbQMJGCufpHc61THCQnfEmWEjgsG8iER5W082+kwb5MnEVlN9bgh
KzkfZMK1YC9bfcbdChCMwcP0uPBsEq+FJJ1Wxkm/i19GqMVLUZqQww5WtDYsWabK
KzO9SwGi11GxQ24SlXSrWeO+Dw+7dv5ZUcN9/WupKEIM6YksO1xVJPyLGVSRvOV4
RccOV5AGFiJUFw==
-----END CERTIFICATE-----
Generated at Sat Jun 14 09:02:59 2025 by rpki-client