Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/8bef8b-9765-4131-9caf-77351d0850c9/1/yO91rieylt0KS84TZH2LWJv06cM.mft
File:                     yO91rieylt0KS84TZH2LWJv06cM.mft (raw, json)
Hash identifier:          F3IOGLz64UwZoxVREkU0yD2fQRBYTgpm7B7GZq3ktuw=
Subject key identifier:   FC:44:33:3D:AE:E6:E2:A4:1F:90:F1:44:95:6A:3D:5F:7F:68:68:86
Authority key identifier: C8:EF:75:AE:27:B2:96:DD:0A:4B:CE:13:64:7D:8B:58:9B:F4:E9:C3
Certificate issuer:       /CN=c8ef75ae27b296dd0a4bce13647d8b589bf4e9c3
Certificate serial:       0197639643CBB3345D4C012B29807DD1BE32
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/yO91rieylt0KS84TZH2LWJv06cM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3a/8bef8b-9765-4131-9caf-77351d0850c9/1/yO91rieylt0KS84TZH2LWJv06cM.mft
Manifest number:          10F7
Signing time:             Thu 12 Jun 2025 10:01:21 +0000
Manifest this update:     Thu 12 Jun 2025 10:01:21 +0000
Manifest next update:     Fri 13 Jun 2025 10:01:21 +0000
Files and hashes:         1: yO91rieylt0KS84TZH2LWJv06cM.crl (hash: ALJdDCrmc+sgDomAfwIrTNs7ZiFC5lgDpNCTeF4nPkc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3a/8bef8b-9765-4131-9caf-77351d0850c9/1/yO91rieylt0KS84TZH2LWJv06cM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3a/8bef8b-9765-4131-9caf-77351d0850c9/1/yO91rieylt0KS84TZH2LWJv06cM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/yO91rieylt0KS84TZH2LWJv06cM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 13 Jun 2025 10:01:21 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:63:96:43:cb:b3:34:5d:4c:01:2b:29:80:7d:d1:be:32
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c8ef75ae27b296dd0a4bce13647d8b589bf4e9c3
        Validity
            Not Before: Jun 12 10:01:21 2025 GMT
            Not After : Jun 13 10:01:21 2025 GMT
        Subject: CN=fc44333daee6e2a41f90f144956a3d5f7f686886
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:da:a5:73:f7:c0:75:74:38:fc:45:f9:d9:7c:
                    4c:56:0e:b1:c9:07:33:9d:31:61:7d:9e:8b:35:a9:
                    88:bf:29:f4:23:a2:97:33:1c:75:a2:71:47:c0:50:
                    8a:23:e9:ed:1d:11:57:c6:5b:91:89:80:2d:c2:b7:
                    47:5c:e2:20:42:39:1c:16:88:a5:2b:e9:09:e1:77:
                    e2:2c:7d:53:6b:ff:07:eb:57:f6:4b:3c:a6:f0:aa:
                    6f:cc:42:09:c0:1f:76:e6:de:74:ae:fa:39:50:05:
                    6d:10:db:6e:5c:10:1d:91:c3:08:e5:8f:7c:fd:b8:
                    ab:10:3a:49:39:a8:ec:45:8d:e8:82:a9:f9:0e:d0:
                    93:02:81:fa:de:c6:b2:53:ad:70:f7:eb:27:11:ba:
                    4d:6d:50:13:e8:a1:d4:3a:99:ba:a5:4c:21:20:36:
                    30:52:0d:44:b6:85:7c:0e:b5:5f:ae:1a:9a:fd:4c:
                    46:ac:f2:95:ec:6f:e3:30:d3:58:d9:88:fe:f4:66:
                    50:89:bd:7c:00:4f:d9:d7:87:ae:46:18:8a:08:b6:
                    cd:b8:fa:cb:d8:df:86:24:d9:25:47:81:b2:99:4d:
                    01:45:79:4b:4f:4a:34:84:82:33:13:77:c9:41:8c:
                    31:c6:88:2a:7d:a7:51:45:e7:2e:7d:0d:eb:6e:4b:
                    7f:e9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FC:44:33:3D:AE:E6:E2:A4:1F:90:F1:44:95:6A:3D:5F:7F:68:68:86
            X509v3 Authority Key Identifier:
                keyid:C8:EF:75:AE:27:B2:96:DD:0A:4B:CE:13:64:7D:8B:58:9B:F4:E9:C3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yO91rieylt0KS84TZH2LWJv06cM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/8bef8b-9765-4131-9caf-77351d0850c9/1/yO91rieylt0KS84TZH2LWJv06cM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/8bef8b-9765-4131-9caf-77351d0850c9/1/yO91rieylt0KS84TZH2LWJv06cM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1d:9f:45:d3:52:33:9a:00:5a:a7:0a:32:79:cd:ec:65:17:dd:
         a1:e7:d9:a9:05:84:55:b7:86:43:be:4a:e4:26:91:e7:a5:d6:
         c9:a5:1e:c8:22:7b:aa:89:aa:c7:62:e4:e8:14:e1:c4:e3:76:
         3a:74:74:7d:a2:1e:a0:10:73:8a:2b:31:ba:21:ae:21:77:34:
         f3:d8:07:a6:e9:1a:62:21:4c:9c:f6:e9:a7:ae:ad:1d:57:93:
         10:f5:83:d6:20:33:ad:ed:38:fd:5b:27:a4:8a:3a:1f:50:ad:
         1a:5c:41:dd:f1:5f:0c:19:69:61:6a:85:de:ab:0c:2f:97:22:
         02:bb:07:be:d0:20:f8:64:e2:a4:7e:cb:a6:51:eb:02:c2:31:
         d4:e6:97:5a:e5:5c:5a:f8:46:da:44:b2:59:05:c3:1f:68:49:
         e6:77:b7:2b:6b:28:b1:2e:e9:73:f2:96:8e:d9:41:17:f3:33:
         ab:b6:38:34:a0:7d:5a:1b:23:11:bd:f3:51:24:b1:35:9b:80:
         7d:21:65:fd:34:93:16:32:24:21:7f:a1:20:27:1d:92:6d:b8:
         2d:c4:a8:18:44:b0:1f:48:90:7a:06:f3:f9:6b:f4:83:69:9a:
         80:07:19:b2:d0:fc:d5:ae:5a:1e:c9:58:e6:03:7e:d9:cf:97:
         16:b3:c2:82
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdjlkPLszRdTAErKYB90b4yMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM4ZWY3NWFlMjdiMjk2ZGQwYTRiY2UxMzY0N2Q4YjU4OWJm
NGU5YzMwHhcNMjUwNjEyMTAwMTIxWhcNMjUwNjEzMTAwMTIxWjAzMTEwLwYDVQQD
EyhmYzQ0MzMzZGFlZTZlMmE0MWY5MGYxNDQ5NTZhM2Q1ZjdmNjg2ODg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAotqlc/fAdXQ4/EX52XxMVg6xyQcz
nTFhfZ6LNamIvyn0I6KXMxx1onFHwFCKI+ntHRFXxluRiYAtwrdHXOIgQjkcFoil
K+kJ4XfiLH1Ta/8H61f2Szym8KpvzEIJwB925t50rvo5UAVtENtuXBAdkcMI5Y98
/birEDpJOajsRY3ogqn5DtCTAoH63sayU61w9+snEbpNbVAT6KHUOpm6pUwhIDYw
Ug1EtoV8DrVfrhqa/UxGrPKV7G/jMNNY2Yj+9GZQib18AE/Z14euRhiKCLbNuPrL
2N+GJNklR4GymU0BRXlLT0o0hIIzE3fJQYwxxogqfadRRecufQ3rbkt/6QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPxEMz2u5uKkH5DxRJVqPV9/aGiGMB8GA1UdIwQY
MBaAFMjvda4nspbdCkvOE2R9i1ib9OnDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveU85MXJpZXlsdDBLUzg0VFpIMkxXSnYwNmNNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS84YmVmOGItOTc2NS00MTMxLTljYWYt
NzczNTFkMDg1MGM5LzEveU85MXJpZXlsdDBLUzg0VFpIMkxXSnYwNmNNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS84YmVmOGItOTc2NS00MTMxLTljYWYtNzczNTFkMDg1MGM5
LzEveU85MXJpZXlsdDBLUzg0VFpIMkxXSnYwNmNNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHZ9F01Iz
mgBapwoyec3sZRfdoefZqQWEVbeGQ75K5CaR56XWyaUeyCJ7qomqx2Lk6BThxON2
OnR0faIeoBBziisxuiGuIXc089gHpukaYiFMnPbpp66tHVeTEPWD1iAzre04/Vsn
pIo6H1CtGlxB3fFfDBlpYWqF3qsML5ciArsHvtAg+GTipH7LplHrAsIx1OaXWuVc
WvhG2kSyWQXDH2hJ5ne3K2sosS7pc/KWjtlBF/Mzq7Y4NKB9WhsjEb3zUSSxNZuA
fSFl/TSTFjIkIX+hICcdkm24LcSoGESwH0iQegbz+Wv0g2magAcZstD81a5aHslY
5gN+2c+XFrPCgg==
-----END CERTIFICATE-----
Generated at Thu Jun 12 19:14:00 2025 by rpki-client