Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3b/5ced25-9096-4750-8219-0b31c332d50d/1/nD_Ua11gbBzKtVixc24mIaS8BAM.mft
File:                     nD_Ua11gbBzKtVixc24mIaS8BAM.mft (raw, json)
Hash identifier:          FZIhsW1I80ZaqF9fLnCOZ5GkZhP5+jRurxpt0bXXvsQ=
Subject key identifier:   DE:A2:8C:C8:41:10:B1:D4:BC:57:43:57:D6:4A:EE:77:22:A0:FC:A9
Authority key identifier: 9C:3F:D4:6B:5D:60:6C:1C:CA:B5:58:B1:73:6E:26:21:A4:BC:04:03
Certificate issuer:       /CN=9c3fd46b5d606c1ccab558b1736e2621a4bc0403
Certificate serial:       01975C132E2EC9DA85EFE3FB0C6B38D55131
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/nD_Ua11gbBzKtVixc24mIaS8BAM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3b/5ced25-9096-4750-8219-0b31c332d50d/1/nD_Ua11gbBzKtVixc24mIaS8BAM.mft
Manifest number:          0813
Signing time:             Tue 10 Jun 2025 23:00:50 +0000
Manifest this update:     Tue 10 Jun 2025 23:00:50 +0000
Manifest next update:     Wed 11 Jun 2025 23:00:50 +0000
Files and hashes:         1: nD_Ua11gbBzKtVixc24mIaS8BAM.crl (hash: 4uGvPv+NPYhdaABAgplzmetp/TtMWCHo+EK5rSIkZsY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3b/5ced25-9096-4750-8219-0b31c332d50d/1/nD_Ua11gbBzKtVixc24mIaS8BAM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3b/5ced25-9096-4750-8219-0b31c332d50d/1/nD_Ua11gbBzKtVixc24mIaS8BAM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/nD_Ua11gbBzKtVixc24mIaS8BAM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 11 Jun 2025 20:45:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:5c:13:2e:2e:c9:da:85:ef:e3:fb:0c:6b:38:d5:51:31
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9c3fd46b5d606c1ccab558b1736e2621a4bc0403
        Validity
            Not Before: Jun 10 23:00:50 2025 GMT
            Not After : Jun 11 23:00:50 2025 GMT
        Subject: CN=dea28cc84110b1d4bc574357d64aee7722a0fca9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:2a:0d:70:80:a8:57:79:78:13:29:35:98:0b:
                    c0:15:2d:5e:46:3b:08:11:1f:8b:bb:a6:f0:9d:0c:
                    39:95:f3:17:37:77:0f:fa:5e:3f:91:51:04:28:83:
                    a4:87:e1:6d:d6:ee:7b:12:96:1a:c5:38:65:d4:a5:
                    0b:f0:dc:55:ec:57:39:d0:02:a5:05:aa:2d:e4:f8:
                    0a:79:92:ad:bb:fb:db:63:90:03:e6:90:82:60:8d:
                    34:fa:69:4c:a2:7d:d1:c0:1c:91:cb:5a:03:a5:8e:
                    36:74:cf:e5:98:af:f0:b6:de:8c:dc:63:4d:82:1d:
                    cb:38:cc:02:24:ff:e9:69:70:c8:9c:85:52:58:bd:
                    4d:3a:78:24:d4:4d:87:5f:d1:a0:20:af:68:9a:7e:
                    32:64:5a:c9:df:73:86:e5:29:8e:c0:16:9d:4c:16:
                    3d:65:f4:04:a3:d5:31:14:c5:68:8c:dc:1b:81:a8:
                    7c:a5:7c:70:57:c3:90:85:66:0f:c9:a1:81:f4:9c:
                    7d:25:76:d3:bf:a3:e7:5d:ad:6c:50:5c:ae:0c:37:
                    e9:d4:16:2a:90:ae:41:e4:bb:6a:25:2b:69:f5:4c:
                    8e:0a:06:ef:07:ab:74:28:6e:8a:17:bb:82:d4:f8:
                    6d:4e:73:aa:67:10:4a:f7:e9:86:0b:be:bc:68:d0:
                    71:29
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DE:A2:8C:C8:41:10:B1:D4:BC:57:43:57:D6:4A:EE:77:22:A0:FC:A9
            X509v3 Authority Key Identifier:
                keyid:9C:3F:D4:6B:5D:60:6C:1C:CA:B5:58:B1:73:6E:26:21:A4:BC:04:03

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nD_Ua11gbBzKtVixc24mIaS8BAM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/5ced25-9096-4750-8219-0b31c332d50d/1/nD_Ua11gbBzKtVixc24mIaS8BAM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/5ced25-9096-4750-8219-0b31c332d50d/1/nD_Ua11gbBzKtVixc24mIaS8BAM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         61:8b:34:c3:b2:9c:1e:bd:01:3e:2a:08:fb:ef:db:13:71:12:
         35:bd:8d:89:46:31:39:92:81:31:a1:26:33:e1:eb:b7:cf:35:
         58:9d:12:e8:3a:6d:1d:dc:56:8b:3e:cb:92:d8:e9:8c:15:0b:
         0c:0d:0d:66:3d:b1:51:4c:e5:98:36:2a:83:18:2c:60:f8:10:
         5a:b9:2e:ac:51:7b:6c:11:9b:60:d5:82:c6:a5:0a:0a:88:c8:
         45:98:8e:13:e0:dc:55:ef:11:47:fb:ee:89:ae:15:87:97:06:
         6f:c0:12:9b:b2:ea:7e:29:54:06:4a:d8:7e:99:8a:7d:69:7a:
         5d:a8:5b:3f:cc:24:b2:22:74:b3:ad:b6:76:9e:97:a1:3d:57:
         0a:89:09:a8:6c:8a:6d:5a:76:f3:2a:ca:87:bf:21:30:e8:62:
         5e:d5:bf:70:87:59:17:01:c2:10:41:d4:3c:b5:a1:68:c5:b3:
         c5:46:02:aa:04:ff:f6:dd:7b:da:f8:8f:37:f1:67:84:18:cf:
         e3:f1:65:6e:2e:51:9f:80:40:48:df:2a:74:f6:c4:3f:46:71:
         34:0f:2d:64:af:08:49:e7:24:33:5b:3f:8b:bc:12:d9:a7:f9:
         ec:d0:73:93:be:42:91:ce:2c:de:5e:18:ae:c4:2f:43:db:c2:
         88:e9:72:a2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdcEy4uydqF7+P7DGs41VExMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDljM2ZkNDZiNWQ2MDZjMWNjYWI1NThiMTczNmUyNjIxYTRi
YzA0MDMwHhcNMjUwNjEwMjMwMDUwWhcNMjUwNjExMjMwMDUwWjAzMTEwLwYDVQQD
EyhkZWEyOGNjODQxMTBiMWQ0YmM1NzQzNTdkNjRhZWU3NzIyYTBmY2E5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwyoNcICoV3l4Eyk1mAvAFS1eRjsI
ER+Lu6bwnQw5lfMXN3cP+l4/kVEEKIOkh+Ft1u57EpYaxThl1KUL8NxV7Fc50AKl
Baot5PgKeZKtu/vbY5AD5pCCYI00+mlMon3RwByRy1oDpY42dM/lmK/wtt6M3GNN
gh3LOMwCJP/paXDInIVSWL1NOngk1E2HX9GgIK9omn4yZFrJ33OG5SmOwBadTBY9
ZfQEo9UxFMVojNwbgah8pXxwV8OQhWYPyaGB9Jx9JXbTv6PnXa1sUFyuDDfp1BYq
kK5B5LtqJStp9UyOCgbvB6t0KG6KF7uC1PhtTnOqZxBK9+mGC768aNBxKQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFN6ijMhBELHUvFdDV9ZK7ncioPypMB8GA1UdIwQY
MBaAFJw/1GtdYGwcyrVYsXNuJiGkvAQDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbkRfVWExMWdiQnpLdFZpeGMyNG1JYVM4QkFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYi81Y2VkMjUtOTA5Ni00NzUwLTgyMTkt
MGIzMWMzMzJkNTBkLzEvbkRfVWExMWdiQnpLdFZpeGMyNG1JYVM4QkFNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYi81Y2VkMjUtOTA5Ni00NzUwLTgyMTktMGIzMWMzMzJkNTBk
LzEvbkRfVWExMWdiQnpLdFZpeGMyNG1JYVM4QkFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYYs0w7Kc
Hr0BPioI++/bE3ESNb2NiUYxOZKBMaEmM+Hrt881WJ0S6DptHdxWiz7LktjpjBUL
DA0NZj2xUUzlmDYqgxgsYPgQWrkurFF7bBGbYNWCxqUKCojIRZiOE+DcVe8RR/vu
ia4Vh5cGb8ASm7LqfilUBkrYfpmKfWl6XahbP8wksiJ0s622dp6XoT1XCokJqGyK
bVp28yrKh78hMOhiXtW/cIdZFwHCEEHUPLWhaMWzxUYCqgT/9t172viPN/FnhBjP
4/Flbi5Rn4BASN8qdPbEP0ZxNA8tZK8ISeckM1s/i7wS2af57NBzk75Ckc4s3l4Y
rsQvQ9vCiOlyog==
-----END CERTIFICATE-----
Generated at Wed Jun 11 04:35:41 2025 by rpki-client