Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/22b88b-1fbf-40f4-ada5-270929d05192/1/AonuzqJ5QTJX2JCMJVaKvrivhnc.mft
File:                     AonuzqJ5QTJX2JCMJVaKvrivhnc.mft (raw, json)
Hash identifier:          FMcqY8+gq3ssberrb9n0pzeOr/a7mknq6wwhXjhmB/k=
Subject key identifier:   1E:2B:58:FF:3C:BF:DD:EC:C6:80:66:01:D4:2A:BC:7F:90:86:9A:82
Authority key identifier: 02:89:EE:CE:A2:79:41:32:57:D8:90:8C:25:56:8A:BE:B8:AF:86:77
Certificate issuer:       /CN=0289eecea279413257d8908c25568abeb8af8677
Certificate serial:       01975C49B06A73EA524069A30718CC6F8D3C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/AonuzqJ5QTJX2JCMJVaKvrivhnc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/36/22b88b-1fbf-40f4-ada5-270929d05192/1/AonuzqJ5QTJX2JCMJVaKvrivhnc.mft
Manifest number:          0AFD
Signing time:             Wed 11 Jun 2025 00:00:22 +0000
Manifest this update:     Wed 11 Jun 2025 00:00:22 +0000
Manifest next update:     Thu 12 Jun 2025 00:00:22 +0000
Files and hashes:         1: AonuzqJ5QTJX2JCMJVaKvrivhnc.crl (hash: 8j5cSZ+i5LmugSiY0gAvwhJItr6EWtz0RomV2nOfT4U=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/36/22b88b-1fbf-40f4-ada5-270929d05192/1/AonuzqJ5QTJX2JCMJVaKvrivhnc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/36/22b88b-1fbf-40f4-ada5-270929d05192/1/AonuzqJ5QTJX2JCMJVaKvrivhnc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/AonuzqJ5QTJX2JCMJVaKvrivhnc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 11 Jun 2025 23:00:18 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:5c:49:b0:6a:73:ea:52:40:69:a3:07:18:cc:6f:8d:3c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0289eecea279413257d8908c25568abeb8af8677
        Validity
            Not Before: Jun 11 00:00:22 2025 GMT
            Not After : Jun 12 00:00:22 2025 GMT
        Subject: CN=1e2b58ff3cbfddecc6806601d42abc7f90869a82
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:96:9d:9d:e7:c9:87:74:1a:34:7c:ad:10:4d:e2:
                    6c:de:29:17:be:f0:b7:38:d6:f6:f1:ae:fa:f4:27:
                    73:a1:d1:b2:ea:77:0f:b8:e9:2f:28:01:9b:ce:11:
                    b9:a5:93:a0:2e:d2:ff:58:39:ae:1f:6b:7f:4d:77:
                    7e:9e:01:ab:04:65:33:9b:8b:46:3e:a6:a2:63:ce:
                    f1:1a:61:93:95:3f:da:7a:c0:fe:28:9e:ec:46:60:
                    03:9a:08:d4:b4:af:64:b9:7f:9e:0f:68:a3:7f:f4:
                    ca:24:b3:44:77:98:09:1a:ab:4a:17:a0:3f:f1:44:
                    2b:eb:b4:1a:8f:ea:4e:66:f6:70:77:98:9f:80:18:
                    ff:fb:06:ff:ad:a1:ac:d8:b7:b0:68:32:ac:29:57:
                    00:ca:fd:a7:1d:17:f9:1a:57:20:da:60:47:39:4e:
                    68:4f:a2:d7:c7:cd:75:e5:78:21:57:8b:8a:76:60:
                    04:a9:3a:7e:a4:07:c9:22:50:93:b8:3c:a7:99:22:
                    9c:1e:a7:22:2f:4d:e1:fb:d6:f6:e9:29:f7:af:b8:
                    fd:71:bc:d2:a8:ca:cc:92:b3:ee:05:f9:d0:3b:b8:
                    c8:b5:0e:9c:d6:b8:48:c1:c8:c8:af:09:e1:7e:88:
                    cb:b3:c3:27:49:a1:a0:e8:10:a2:24:94:b9:cd:22:
                    21:2d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1E:2B:58:FF:3C:BF:DD:EC:C6:80:66:01:D4:2A:BC:7F:90:86:9A:82
            X509v3 Authority Key Identifier:
                keyid:02:89:EE:CE:A2:79:41:32:57:D8:90:8C:25:56:8A:BE:B8:AF:86:77

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AonuzqJ5QTJX2JCMJVaKvrivhnc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/22b88b-1fbf-40f4-ada5-270929d05192/1/AonuzqJ5QTJX2JCMJVaKvrivhnc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/36/22b88b-1fbf-40f4-ada5-270929d05192/1/AonuzqJ5QTJX2JCMJVaKvrivhnc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         72:a3:18:01:3c:5c:2f:f0:31:3c:d5:7e:40:43:34:0e:7b:a1:
         51:30:38:7d:1f:27:53:49:bf:74:06:01:ce:2b:10:7a:b6:35:
         96:88:45:09:48:a5:fd:86:7c:9d:d9:f8:1c:e6:f5:2d:72:a5:
         5c:5c:73:bc:5d:52:b3:b3:75:f1:9c:93:a3:35:1a:69:98:38:
         93:0f:46:e0:3f:3f:3f:cd:46:cd:3a:0f:f4:ad:67:39:e4:fb:
         8f:38:4c:aa:a7:fa:51:fb:db:5b:50:a4:c8:2c:54:19:5c:8c:
         ce:ef:41:64:1b:e6:dd:1c:49:cb:dc:29:7a:1b:ff:fe:29:4c:
         1f:c8:5c:6a:e7:58:17:b1:df:ef:2a:1c:c7:af:83:b6:50:87:
         46:71:f7:ef:21:d3:5a:c3:f3:9d:10:7e:2b:98:35:09:35:4b:
         8d:80:e8:36:6a:d8:f4:d9:4c:54:48:39:81:95:d9:bb:8d:d3:
         19:2b:31:8f:43:ba:f3:76:20:e7:a8:71:21:e7:be:ff:c1:30:
         f0:6e:f8:64:69:d8:8a:fb:14:8c:98:ec:39:81:b1:34:13:d1:
         5d:ed:37:54:4e:28:aa:e1:dd:eb:e5:6e:a6:4c:37:95:51:ee:
         68:44:ca:8b:2d:b7:f1:93:7b:23:a6:db:1c:c9:ef:49:dc:17:
         91:e5:9f:92
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdcSbBqc+pSQGmjBxjMb408MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAyODllZWNlYTI3OTQxMzI1N2Q4OTA4YzI1NTY4YWJlYjhh
Zjg2NzcwHhcNMjUwNjExMDAwMDIyWhcNMjUwNjEyMDAwMDIyWjAzMTEwLwYDVQQD
EygxZTJiNThmZjNjYmZkZGVjYzY4MDY2MDFkNDJhYmM3ZjkwODY5YTgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlp2d58mHdBo0fK0QTeJs3ikXvvC3
ONb28a769CdzodGy6ncPuOkvKAGbzhG5pZOgLtL/WDmuH2t/TXd+ngGrBGUzm4tG
PqaiY87xGmGTlT/aesD+KJ7sRmADmgjUtK9kuX+eD2ijf/TKJLNEd5gJGqtKF6A/
8UQr67Qaj+pOZvZwd5ifgBj/+wb/raGs2LewaDKsKVcAyv2nHRf5Glcg2mBHOU5o
T6LXx8115XghV4uKdmAEqTp+pAfJIlCTuDynmSKcHqciL03h+9b26Sn3r7j9cbzS
qMrMkrPuBfnQO7jItQ6c1rhIwcjIrwnhfojLs8MnSaGg6BCiJJS5zSIhLQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFB4rWP88v93sxoBmAdQqvH+QhpqCMB8GA1UdIwQY
MBaAFAKJ7s6ieUEyV9iQjCVWir64r4Z3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQW9udXpxSjVRVEpYMkpDTUpWYUt2cml2aG5jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi8yMmI4OGItMWZiZi00MGY0LWFkYTUt
MjcwOTI5ZDA1MTkyLzEvQW9udXpxSjVRVEpYMkpDTUpWYUt2cml2aG5jLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi8yMmI4OGItMWZiZi00MGY0LWFkYTUtMjcwOTI5ZDA1MTky
LzEvQW9udXpxSjVRVEpYMkpDTUpWYUt2cml2aG5jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAcqMYATxc
L/AxPNV+QEM0DnuhUTA4fR8nU0m/dAYBzisQerY1lohFCUil/YZ8ndn4HOb1LXKl
XFxzvF1Ss7N18ZyTozUaaZg4kw9G4D8/P81GzToP9K1nOeT7jzhMqqf6UfvbW1Ck
yCxUGVyMzu9BZBvm3RxJy9wpehv//ilMH8hcaudYF7Hf7yocx6+DtlCHRnH37yHT
WsPznRB+K5g1CTVLjYDoNmrY9NlMVEg5gZXZu43TGSsxj0O683Yg56hxIee+/8Ew
8G74ZGnYivsUjJjsOYGxNBPRXe03VE4oquHd6+Vupkw3lVHuaETKiy238ZN7I6bb
HMnvSdwXkeWfkg==
-----END CERTIFICATE-----
Generated at Wed Jun 11 09:25:21 2025 by rpki-client