Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/e81c1a-0c87-4825-bccc-36b7b1de045d/1/H9nOye0f1PQcCx4w77lshhVTvjY.mft
File:                     H9nOye0f1PQcCx4w77lshhVTvjY.mft (raw, json)
Hash identifier:          3HJD4x/B7aaa+dGymWWEgsEPIR3jVHQZybtLxpTgagA=
Subject key identifier:   A1:8C:D2:3E:F0:15:02:D3:76:33:31:D1:D8:1E:42:3A:AB:C8:A9:CF
Authority key identifier: 1F:D9:CE:C9:ED:1F:D4:F4:1C:0B:1E:30:EF:B9:6C:86:15:53:BE:36
Certificate issuer:       /CN=1fd9cec9ed1fd4f41c0b1e30efb96c861553be36
Certificate serial:       019754234924E0CC597CA99CF6BA2372D607
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/H9nOye0f1PQcCx4w77lshhVTvjY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2a/e81c1a-0c87-4825-bccc-36b7b1de045d/1/H9nOye0f1PQcCx4w77lshhVTvjY.mft
Manifest number:          0163
Signing time:             Mon 09 Jun 2025 10:01:27 +0000
Manifest this update:     Mon 09 Jun 2025 10:01:27 +0000
Manifest next update:     Tue 10 Jun 2025 10:01:27 +0000
Files and hashes:         1: H9nOye0f1PQcCx4w77lshhVTvjY.crl (hash: Ygv93CEMrmJR8My772DGCMa/OVfKS9jmvpTg4v0Ad8k=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/2a/e81c1a-0c87-4825-bccc-36b7b1de045d/1/H9nOye0f1PQcCx4w77lshhVTvjY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/2a/e81c1a-0c87-4825-bccc-36b7b1de045d/1/H9nOye0f1PQcCx4w77lshhVTvjY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/H9nOye0f1PQcCx4w77lshhVTvjY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 10 Jun 2025 10:01:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:54:23:49:24:e0:cc:59:7c:a9:9c:f6:ba:23:72:d6:07
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1fd9cec9ed1fd4f41c0b1e30efb96c861553be36
        Validity
            Not Before: Jun  9 10:01:27 2025 GMT
            Not After : Jun 10 10:01:27 2025 GMT
        Subject: CN=a18cd23ef01502d3763331d1d81e423aabc8a9cf
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:92:a7:65:42:8b:37:27:02:dd:f7:71:2b:7c:d9:
                    a2:ff:35:83:12:e1:a4:b8:42:37:13:39:43:ff:f7:
                    81:3d:52:dc:28:1c:72:b5:6c:70:09:58:1b:cb:e4:
                    79:eb:25:f4:0c:d0:54:c8:17:d0:ee:99:34:ee:f4:
                    e7:9e:df:41:f0:8c:a5:ea:a1:2e:1f:33:95:34:7a:
                    1e:79:74:7b:c5:7f:54:5d:df:4c:ee:39:8c:84:7b:
                    c9:a7:7b:85:56:8c:9b:0e:99:25:02:0e:89:21:cf:
                    b1:99:8d:46:41:83:11:40:ad:5e:77:e0:fe:32:7a:
                    ae:d5:49:fd:15:d1:f2:13:a4:93:60:3f:9b:a8:ce:
                    25:e9:dd:68:86:51:3e:79:6b:03:dc:f9:89:b0:3f:
                    e4:15:2c:f8:8b:d4:94:0f:fe:65:3d:c0:8e:d1:f9:
                    61:f6:09:cd:48:56:42:d9:6f:03:00:0c:5c:f9:8e:
                    7e:a3:82:59:56:6a:ee:46:b7:5f:47:81:c0:ea:9b:
                    0b:1f:b1:bf:da:ac:19:3d:c7:52:e5:74:57:13:dc:
                    25:63:41:c4:38:d2:78:0f:0a:3e:27:dc:72:b2:37:
                    be:c3:a2:a0:99:b7:5f:3f:27:a7:db:18:f3:b3:52:
                    19:8f:30:84:ce:15:27:aa:41:4f:d4:90:16:ab:88:
                    62:d5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A1:8C:D2:3E:F0:15:02:D3:76:33:31:D1:D8:1E:42:3A:AB:C8:A9:CF
            X509v3 Authority Key Identifier:
                keyid:1F:D9:CE:C9:ED:1F:D4:F4:1C:0B:1E:30:EF:B9:6C:86:15:53:BE:36

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/H9nOye0f1PQcCx4w77lshhVTvjY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/e81c1a-0c87-4825-bccc-36b7b1de045d/1/H9nOye0f1PQcCx4w77lshhVTvjY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/e81c1a-0c87-4825-bccc-36b7b1de045d/1/H9nOye0f1PQcCx4w77lshhVTvjY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         bc:af:0b:7f:bb:d2:b0:24:ea:d6:f7:16:7b:d0:a7:74:d8:53:
         33:f3:aa:de:53:f6:93:dd:c5:a4:68:a8:10:21:bd:f6:1d:e4:
         22:ef:78:ff:e2:d0:1e:2a:b1:12:35:5d:e2:7e:1a:f1:d1:55:
         81:e6:85:b0:b2:65:69:31:c6:45:8d:6c:14:2e:00:8d:8b:67:
         4b:42:55:b8:10:57:7b:3a:2a:ec:88:03:25:b3:f7:a9:3b:ef:
         41:27:ae:e4:69:b5:80:97:c1:28:48:d9:a8:9f:a0:cb:dc:f6:
         41:6a:d4:28:2d:e2:c6:85:7e:c8:4f:f5:41:42:2f:55:b9:9b:
         eb:14:b8:e3:4d:61:97:89:4e:af:b2:01:83:d7:83:92:19:44:
         1f:91:8f:4c:53:79:f0:fa:b6:d6:bf:e1:ee:e0:42:61:09:fb:
         4d:e7:56:93:8a:d3:4a:06:fa:eb:10:83:4a:26:2f:2f:e8:d0:
         12:e6:ad:a7:cd:14:0f:73:8d:9d:f7:55:78:62:63:0f:2b:b9:
         72:3a:76:5e:b3:3a:55:ae:06:94:44:c3:0b:0b:33:64:bc:3a:
         bc:12:8f:bf:f5:7c:60:1d:be:f9:00:8b:53:e5:60:c6:2f:3c:
         9b:c5:e0:99:72:a7:ee:98:1e:0a:7c:83:54:5a:e3:a6:8b:50:
         ff:2e:1a:db
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdUI0kk4MxZfKmc9rojctYHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmZDljZWM5ZWQxZmQ0ZjQxYzBiMWUzMGVmYjk2Yzg2MTU1
M2JlMzYwHhcNMjUwNjA5MTAwMTI3WhcNMjUwNjEwMTAwMTI3WjAzMTEwLwYDVQQD
EyhhMThjZDIzZWYwMTUwMmQzNzYzMzMxZDFkODFlNDIzYWFiYzhhOWNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkqdlQos3JwLd93ErfNmi/zWDEuGk
uEI3EzlD//eBPVLcKBxytWxwCVgby+R56yX0DNBUyBfQ7pk07vTnnt9B8Iyl6qEu
HzOVNHoeeXR7xX9UXd9M7jmMhHvJp3uFVoybDpklAg6JIc+xmY1GQYMRQK1ed+D+
Mnqu1Un9FdHyE6STYD+bqM4l6d1ohlE+eWsD3PmJsD/kFSz4i9SUD/5lPcCO0flh
9gnNSFZC2W8DAAxc+Y5+o4JZVmruRrdfR4HA6psLH7G/2qwZPcdS5XRXE9wlY0HE
ONJ4Dwo+J9xysje+w6KgmbdfPyen2xjzs1IZjzCEzhUnqkFP1JAWq4hi1QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKGM0j7wFQLTdjMx0dgeQjqryKnPMB8GA1UdIwQY
MBaAFB/ZzsntH9T0HAseMO+5bIYVU742MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSDluT3llMGYxUFFjQ3g0dzc3bHNoaFZUdmpZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS9lODFjMWEtMGM4Ny00ODI1LWJjY2Mt
MzZiN2IxZGUwNDVkLzEvSDluT3llMGYxUFFjQ3g0dzc3bHNoaFZUdmpZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS9lODFjMWEtMGM4Ny00ODI1LWJjY2MtMzZiN2IxZGUwNDVk
LzEvSDluT3llMGYxUFFjQ3g0dzc3bHNoaFZUdmpZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAvK8Lf7vS
sCTq1vcWe9CndNhTM/Oq3lP2k93FpGioECG99h3kIu94/+LQHiqxEjVd4n4a8dFV
geaFsLJlaTHGRY1sFC4AjYtnS0JVuBBXezoq7IgDJbP3qTvvQSeu5Gm1gJfBKEjZ
qJ+gy9z2QWrUKC3ixoV+yE/1QUIvVbmb6xS4401hl4lOr7IBg9eDkhlEH5GPTFN5
8Pq21r/h7uBCYQn7TedWk4rTSgb66xCDSiYvL+jQEuatp80UD3ONnfdVeGJjDyu5
cjp2XrM6Va4GlETDCwszZLw6vBKPv/V8YB2++QCLU+Vgxi88m8XgmXKn7pgeCnyD
VFrjpotQ/y4a2w==
-----END CERTIFICATE-----
Generated at Mon Jun 9 19:06:42 2025 by rpki-client