Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/e81c1a-0c87-4825-bccc-36b7b1de045d/1/H9nOye0f1PQcCx4w77lshhVTvjY.mft
File:                     H9nOye0f1PQcCx4w77lshhVTvjY.mft (raw, json)
Hash identifier:          tfWWxnQMw49B6pJPifbC9iocij8xpr7j3Bp0hNxqmjo=
Subject key identifier:   2A:2F:B5:E5:6B:AB:6E:4C:3B:EB:F5:D3:9D:B7:1B:A0:55:A5:BA:6D
Authority key identifier: 1F:D9:CE:C9:ED:1F:D4:F4:1C:0B:1E:30:EF:B9:6C:86:15:53:BE:36
Certificate issuer:       /CN=1fd9cec9ed1fd4f41c0b1e30efb96c861553be36
Certificate serial:       019757FFC98262257356FAB3CB7EC0A4BE15
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/H9nOye0f1PQcCx4w77lshhVTvjY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2a/e81c1a-0c87-4825-bccc-36b7b1de045d/1/H9nOye0f1PQcCx4w77lshhVTvjY.mft
Manifest number:          0165
Signing time:             Tue 10 Jun 2025 04:01:10 +0000
Manifest this update:     Tue 10 Jun 2025 04:01:10 +0000
Manifest next update:     Wed 11 Jun 2025 04:01:10 +0000
Files and hashes:         1: H9nOye0f1PQcCx4w77lshhVTvjY.crl (hash: KkJ7ByM984kkYuu+HDP2Ch19Ksy6yMaKMHIbigMsH10=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/2a/e81c1a-0c87-4825-bccc-36b7b1de045d/1/H9nOye0f1PQcCx4w77lshhVTvjY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/2a/e81c1a-0c87-4825-bccc-36b7b1de045d/1/H9nOye0f1PQcCx4w77lshhVTvjY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/H9nOye0f1PQcCx4w77lshhVTvjY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 11 Jun 2025 04:01:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:57:ff:c9:82:62:25:73:56:fa:b3:cb:7e:c0:a4:be:15
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1fd9cec9ed1fd4f41c0b1e30efb96c861553be36
        Validity
            Not Before: Jun 10 04:01:10 2025 GMT
            Not After : Jun 11 04:01:10 2025 GMT
        Subject: CN=2a2fb5e56bab6e4c3bebf5d39db71ba055a5ba6d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9f:db:cb:6d:59:b5:14:74:f3:22:c7:67:31:78:
                    e9:99:21:68:bf:14:3b:7f:c3:24:b1:43:80:55:f9:
                    b0:8c:91:13:85:a9:f5:48:1d:17:d6:c7:0c:59:ab:
                    23:23:f3:57:38:b7:b2:41:05:b3:44:92:30:be:17:
                    ac:56:39:0a:c0:1c:c3:2c:bf:c7:f8:18:0f:b5:32:
                    f2:60:c8:58:09:8c:b2:8c:93:78:e4:14:0c:d2:17:
                    87:89:c6:0a:a1:4a:6d:46:02:c0:2d:52:9b:14:db:
                    2e:10:b4:b4:57:2f:5b:57:24:be:03:12:7a:b4:40:
                    97:66:a8:50:4b:36:75:ce:14:ee:f0:79:e2:db:27:
                    79:5d:6c:2c:2d:87:b6:9f:fb:d7:35:41:11:06:0b:
                    f5:02:1a:5b:e0:79:b3:c0:4f:89:73:3a:25:8d:7d:
                    9b:07:29:03:40:c8:9b:bb:7c:59:4d:01:82:88:96:
                    1a:b7:8a:98:b1:78:59:09:8f:d6:6e:31:04:5a:60:
                    86:93:77:8b:8e:4c:ff:d7:49:ea:63:47:00:e4:9d:
                    80:b9:4e:9c:6a:03:a2:ce:71:3c:8c:4b:e5:c1:53:
                    4c:ed:a6:3e:d7:b4:59:69:3e:e6:18:5e:d4:4d:c1:
                    c7:8f:13:31:c0:91:4e:b3:3b:a0:db:be:78:39:25:
                    58:23
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2A:2F:B5:E5:6B:AB:6E:4C:3B:EB:F5:D3:9D:B7:1B:A0:55:A5:BA:6D
            X509v3 Authority Key Identifier:
                keyid:1F:D9:CE:C9:ED:1F:D4:F4:1C:0B:1E:30:EF:B9:6C:86:15:53:BE:36

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/H9nOye0f1PQcCx4w77lshhVTvjY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/e81c1a-0c87-4825-bccc-36b7b1de045d/1/H9nOye0f1PQcCx4w77lshhVTvjY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/e81c1a-0c87-4825-bccc-36b7b1de045d/1/H9nOye0f1PQcCx4w77lshhVTvjY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6d:d5:d0:9a:89:a1:31:3b:5c:56:9b:ce:7c:9c:39:f3:2d:34:
         0f:68:19:a0:69:0f:d3:eb:fa:b8:52:c8:ed:7f:83:4d:be:68:
         ea:ac:c2:cc:a2:67:98:bb:dd:bd:a6:76:1e:96:25:3c:a1:92:
         ed:3c:55:7f:02:be:09:d5:ce:0f:e6:0f:85:d8:89:92:da:be:
         95:28:7b:f5:c7:8d:5c:06:78:2f:e5:63:20:f4:87:ed:d0:dc:
         e8:6b:0f:45:a1:21:a1:8b:27:da:ea:0b:62:dc:91:92:77:1a:
         f5:8f:de:7c:46:e0:55:c8:50:ff:91:06:3e:bb:31:70:57:aa:
         67:91:d3:0f:8b:33:03:09:07:12:5d:0d:79:5d:35:ca:67:da:
         3e:9b:91:d7:c5:f5:1b:e7:e9:42:f9:cf:ba:63:fe:3b:70:a8:
         6e:8d:39:7a:c7:30:22:32:59:1f:4d:5a:e6:26:71:00:34:0e:
         8c:e6:d6:6d:c6:a4:22:f4:59:6a:88:08:bf:9e:81:45:1f:04:
         09:83:21:16:51:e6:ad:e0:c3:e6:66:58:2d:cc:ff:f7:1e:bd:
         c2:c6:87:76:db:c3:e9:a5:5a:fc:cd:40:12:8e:03:35:24:a0:
         25:6e:be:50:36:3d:68:78:92:42:bd:6e:e5:93:e0:f0:a8:ad:
         5d:67:4b:fd
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdX/8mCYiVzVvqzy37ApL4VMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmZDljZWM5ZWQxZmQ0ZjQxYzBiMWUzMGVmYjk2Yzg2MTU1
M2JlMzYwHhcNMjUwNjEwMDQwMTEwWhcNMjUwNjExMDQwMTEwWjAzMTEwLwYDVQQD
EygyYTJmYjVlNTZiYWI2ZTRjM2JlYmY1ZDM5ZGI3MWJhMDU1YTViYTZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn9vLbVm1FHTzIsdnMXjpmSFovxQ7
f8MksUOAVfmwjJEThan1SB0X1scMWasjI/NXOLeyQQWzRJIwvhesVjkKwBzDLL/H
+BgPtTLyYMhYCYyyjJN45BQM0heHicYKoUptRgLALVKbFNsuELS0Vy9bVyS+AxJ6
tECXZqhQSzZ1zhTu8Hni2yd5XWwsLYe2n/vXNUERBgv1Ahpb4HmzwE+JczoljX2b
BykDQMibu3xZTQGCiJYat4qYsXhZCY/WbjEEWmCGk3eLjkz/10nqY0cA5J2AuU6c
agOiznE8jEvlwVNM7aY+17RZaT7mGF7UTcHHjxMxwJFOszug2754OSVYIwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCovteVrq25MO+v10523G6BVpbptMB8GA1UdIwQY
MBaAFB/ZzsntH9T0HAseMO+5bIYVU742MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSDluT3llMGYxUFFjQ3g0dzc3bHNoaFZUdmpZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS9lODFjMWEtMGM4Ny00ODI1LWJjY2Mt
MzZiN2IxZGUwNDVkLzEvSDluT3llMGYxUFFjQ3g0dzc3bHNoaFZUdmpZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS9lODFjMWEtMGM4Ny00ODI1LWJjY2MtMzZiN2IxZGUwNDVk
LzEvSDluT3llMGYxUFFjQ3g0dzc3bHNoaFZUdmpZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAbdXQmomh
MTtcVpvOfJw58y00D2gZoGkP0+v6uFLI7X+DTb5o6qzCzKJnmLvdvaZ2HpYlPKGS
7TxVfwK+CdXOD+YPhdiJktq+lSh79ceNXAZ4L+VjIPSH7dDc6GsPRaEhoYsn2uoL
YtyRknca9Y/efEbgVchQ/5EGPrsxcFeqZ5HTD4szAwkHEl0NeV01ymfaPpuR18X1
G+fpQvnPumP+O3Cobo05escwIjJZH01a5iZxADQOjObWbcakIvRZaogIv56BRR8E
CYMhFlHmreDD5mZYLcz/9x69wsaHdtvD6aVa/M1AEo4DNSSgJW6+UDY9aHiSQr1u
5ZPg8KitXWdL/Q==
-----END CERTIFICATE-----
Generated at Tue Jun 10 13:43:19 2025 by rpki-client