Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/697564-0025-4f92-8dfd-ce1c03400d4d/1/dCMNFC7sf2qZsNtAlvk6BCBIP-Y.mft
File:                     dCMNFC7sf2qZsNtAlvk6BCBIP-Y.mft (raw, json)
Hash identifier:          FPk1k+NwJXB4Nb7/Dcwqml76OBkx3My/INyBi182/bw=
Subject key identifier:   E6:EF:D7:68:81:4C:50:11:95:4A:DC:69:71:F1:15:90:EC:10:44:74
Authority key identifier: 74:23:0D:14:2E:EC:7F:6A:99:B0:DB:40:96:F9:3A:04:20:48:3F:E6
Certificate issuer:       /CN=74230d142eec7f6a99b0db4096f93a0420483fe6
Certificate serial:       01976396730BA1A2F2871BC6A3A3ABC20F1E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/dCMNFC7sf2qZsNtAlvk6BCBIP-Y.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/30/697564-0025-4f92-8dfd-ce1c03400d4d/1/dCMNFC7sf2qZsNtAlvk6BCBIP-Y.mft
Manifest number:          077F
Signing time:             Thu 12 Jun 2025 10:01:33 +0000
Manifest this update:     Thu 12 Jun 2025 10:01:33 +0000
Manifest next update:     Fri 13 Jun 2025 10:01:33 +0000
Files and hashes:         1: dCMNFC7sf2qZsNtAlvk6BCBIP-Y.crl (hash: lzvs+dbXXWWx0GXYWa4gVgk/hgSQh9STcrqVec0wqSM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/30/697564-0025-4f92-8dfd-ce1c03400d4d/1/dCMNFC7sf2qZsNtAlvk6BCBIP-Y.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/30/697564-0025-4f92-8dfd-ce1c03400d4d/1/dCMNFC7sf2qZsNtAlvk6BCBIP-Y.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/dCMNFC7sf2qZsNtAlvk6BCBIP-Y.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 13 Jun 2025 10:01:33 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:63:96:73:0b:a1:a2:f2:87:1b:c6:a3:a3:ab:c2:0f:1e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=74230d142eec7f6a99b0db4096f93a0420483fe6
        Validity
            Not Before: Jun 12 10:01:33 2025 GMT
            Not After : Jun 13 10:01:33 2025 GMT
        Subject: CN=e6efd768814c5011954adc6971f11590ec104474
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:99:ba:14:da:71:ba:01:2c:e0:b1:00:ac:ff:bf:
                    13:d2:1a:91:e1:7a:40:99:36:e8:09:2a:6a:40:18:
                    ed:a0:6b:f1:b8:e5:ea:40:32:5f:cb:51:1f:ae:67:
                    5d:77:45:c9:c1:36:ba:12:d7:fb:6a:f7:0f:e0:26:
                    a3:25:7d:25:69:04:bc:6c:98:c6:90:53:58:ae:a6:
                    d5:ad:de:01:4a:66:e0:d3:1b:cc:24:72:07:b0:5a:
                    bf:6c:1e:a8:e5:b0:98:98:8f:3a:be:3b:ba:3d:db:
                    d9:28:7c:5d:ff:bf:75:cd:75:26:50:83:ba:01:75:
                    4c:00:cd:85:f2:7c:8d:5d:da:de:37:87:f9:b3:0e:
                    d1:85:7f:e8:dc:dd:58:09:af:58:19:08:6b:66:25:
                    e4:67:f4:62:3a:5d:06:26:d4:3c:37:27:56:fc:b7:
                    55:5e:8e:c8:04:d5:58:6c:7c:8b:76:b6:60:42:71:
                    e9:58:52:bb:34:95:c0:3b:de:e4:0c:1a:40:95:39:
                    c7:78:2c:70:98:fa:cd:99:a3:e7:d8:9d:5b:52:99:
                    a0:b9:d7:38:8c:03:fe:22:5e:60:a9:b1:1e:7f:59:
                    9c:ea:5b:f9:6c:c5:31:ee:50:64:9c:f9:b7:20:3e:
                    80:60:62:a0:b0:a9:d8:69:62:b6:87:ac:00:69:59:
                    a8:c5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E6:EF:D7:68:81:4C:50:11:95:4A:DC:69:71:F1:15:90:EC:10:44:74
            X509v3 Authority Key Identifier:
                keyid:74:23:0D:14:2E:EC:7F:6A:99:B0:DB:40:96:F9:3A:04:20:48:3F:E6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dCMNFC7sf2qZsNtAlvk6BCBIP-Y.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/697564-0025-4f92-8dfd-ce1c03400d4d/1/dCMNFC7sf2qZsNtAlvk6BCBIP-Y.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/30/697564-0025-4f92-8dfd-ce1c03400d4d/1/dCMNFC7sf2qZsNtAlvk6BCBIP-Y.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         68:1b:cf:28:86:81:ef:06:c3:20:e0:00:1f:ef:49:1a:8c:92:
         a2:43:e3:9a:92:49:76:92:b4:79:dd:b4:e7:43:05:cb:a5:7d:
         5b:cc:b6:2c:04:4d:48:2b:cf:3f:23:00:86:6f:46:65:89:db:
         3a:ac:c4:2c:74:a2:33:71:85:2b:31:5f:9d:dc:33:db:91:e4:
         e5:13:07:6c:07:18:0c:63:22:57:cb:c1:fe:5a:4e:23:b2:f7:
         3b:d4:a8:ea:2f:65:f7:9e:9d:e5:52:b2:93:fe:c7:6a:84:ae:
         ed:f5:7c:7e:6a:bd:32:c0:5d:92:5f:21:32:96:db:3c:02:9f:
         97:d8:b4:72:77:90:7b:34:00:9f:14:13:da:fc:39:9c:16:3e:
         61:a5:6c:48:37:ec:0c:70:33:d3:b1:42:7b:74:82:9f:e1:1a:
         bf:f6:6c:d0:4d:ef:34:18:cb:7f:dd:bf:44:f7:ee:46:0e:e4:
         74:03:05:d2:72:51:22:18:0d:63:70:6d:b5:51:72:c0:b7:fd:
         0b:8a:af:a9:3a:dc:74:0e:5a:15:e7:de:41:49:16:ce:76:4e:
         5b:0f:ec:1c:53:dd:e7:a1:85:fe:13:ad:6d:ef:c1:4c:fc:cc:
         2a:40:0c:94:52:2e:fd:56:35:f1:57:c2:28:0c:2e:26:67:b7:
         64:73:e9:aa
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdjlnMLoaLyhxvGo6Orwg8eMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0MjMwZDE0MmVlYzdmNmE5OWIwZGI0MDk2ZjkzYTA0MjA0
ODNmZTYwHhcNMjUwNjEyMTAwMTMzWhcNMjUwNjEzMTAwMTMzWjAzMTEwLwYDVQQD
EyhlNmVmZDc2ODgxNGM1MDExOTU0YWRjNjk3MWYxMTU5MGVjMTA0NDc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmboU2nG6ASzgsQCs/78T0hqR4XpA
mTboCSpqQBjtoGvxuOXqQDJfy1Efrmddd0XJwTa6Etf7avcP4CajJX0laQS8bJjG
kFNYrqbVrd4BSmbg0xvMJHIHsFq/bB6o5bCYmI86vju6PdvZKHxd/791zXUmUIO6
AXVMAM2F8nyNXdreN4f5sw7RhX/o3N1YCa9YGQhrZiXkZ/RiOl0GJtQ8NydW/LdV
Xo7IBNVYbHyLdrZgQnHpWFK7NJXAO97kDBpAlTnHeCxwmPrNmaPn2J1bUpmgudc4
jAP+Il5gqbEef1mc6lv5bMUx7lBknPm3ID6AYGKgsKnYaWK2h6wAaVmoxQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFObv12iBTFARlUrcaXHxFZDsEER0MB8GA1UdIwQY
MBaAFHQjDRQu7H9qmbDbQJb5OgQgSD/mMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZENNTkZDN3NmMnFac050QWx2azZCQ0JJUC1ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC82OTc1NjQtMDAyNS00ZjkyLThkZmQt
Y2UxYzAzNDAwZDRkLzEvZENNTkZDN3NmMnFac050QWx2azZCQ0JJUC1ZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC82OTc1NjQtMDAyNS00ZjkyLThkZmQtY2UxYzAzNDAwZDRk
LzEvZENNTkZDN3NmMnFac050QWx2azZCQ0JJUC1ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAaBvPKIaB
7wbDIOAAH+9JGoySokPjmpJJdpK0ed2050MFy6V9W8y2LARNSCvPPyMAhm9GZYnb
OqzELHSiM3GFKzFfndwz25Hk5RMHbAcYDGMiV8vB/lpOI7L3O9So6i9l956d5VKy
k/7HaoSu7fV8fmq9MsBdkl8hMpbbPAKfl9i0cneQezQAnxQT2vw5nBY+YaVsSDfs
DHAz07FCe3SCn+Eav/Zs0E3vNBjLf92/RPfuRg7kdAMF0nJRIhgNY3BttVFywLf9
C4qvqTrcdA5aFefeQUkWznZOWw/sHFPd56GF/hOtbe/BTPzMKkAMlFIu/VY18VfC
KAwuJme3ZHPpqg==
-----END CERTIFICATE-----
Generated at Thu Jun 12 15:48:19 2025 by rpki-client