Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3b/5ced25-9096-4750-8219-0b31c332d50d/1/nD_Ua11gbBzKtVixc24mIaS8BAM.mft
File:                     nD_Ua11gbBzKtVixc24mIaS8BAM.mft (raw, json)
Hash identifier:          WLS6QpSexqc0Gmk2iK8F1xnItack1sbfedOw005NiBw=
Subject key identifier:   3B:EA:53:A9:7E:5B:AC:6F:5B:1F:56:2B:78:FE:53:E6:E0:09:00:91
Authority key identifier: 9C:3F:D4:6B:5D:60:6C:1C:CA:B5:58:B1:73:6E:26:21:A4:BC:04:03
Certificate issuer:       /CN=9c3fd46b5d606c1ccab558b1736e2621a4bc0403
Certificate serial:       019763CC6AC784EA2CA094010208C84C38B8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/nD_Ua11gbBzKtVixc24mIaS8BAM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3b/5ced25-9096-4750-8219-0b31c332d50d/1/nD_Ua11gbBzKtVixc24mIaS8BAM.mft
Manifest number:          0817
Signing time:             Thu 12 Jun 2025 11:00:30 +0000
Manifest this update:     Thu 12 Jun 2025 11:00:30 +0000
Manifest next update:     Fri 13 Jun 2025 11:00:30 +0000
Files and hashes:         1: nD_Ua11gbBzKtVixc24mIaS8BAM.crl (hash: aLrsHfkI0FoYZZ3b9nozWhzWcKqyG4UwYZwk7m3HtII=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3b/5ced25-9096-4750-8219-0b31c332d50d/1/nD_Ua11gbBzKtVixc24mIaS8BAM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3b/5ced25-9096-4750-8219-0b31c332d50d/1/nD_Ua11gbBzKtVixc24mIaS8BAM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/nD_Ua11gbBzKtVixc24mIaS8BAM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 13 Jun 2025 11:00:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:63:cc:6a:c7:84:ea:2c:a0:94:01:02:08:c8:4c:38:b8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9c3fd46b5d606c1ccab558b1736e2621a4bc0403
        Validity
            Not Before: Jun 12 11:00:30 2025 GMT
            Not After : Jun 13 11:00:30 2025 GMT
        Subject: CN=3bea53a97e5bac6f5b1f562b78fe53e6e0090091
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:86:83:4f:97:ab:49:9f:2c:ea:72:44:f5:a3:76:
                    fe:f6:95:3d:ee:06:54:37:da:ff:5b:7a:a8:4e:cb:
                    52:8a:57:e7:63:40:df:9b:7e:84:94:37:20:c0:e3:
                    da:26:47:72:74:9c:84:a6:bc:2b:b3:51:62:ce:8a:
                    be:ef:74:3b:28:d3:e5:46:4d:0b:9f:76:4d:f4:ef:
                    ec:6b:3a:4c:47:2f:8d:10:ea:6b:02:f9:a2:2b:a8:
                    47:5d:24:64:f6:09:69:fa:c1:4e:a6:48:11:04:cc:
                    c9:a7:3d:80:f8:5b:61:fa:47:8a:98:7d:7e:e3:ca:
                    b0:64:e4:69:cc:27:3c:02:83:f6:93:86:b2:66:58:
                    ae:bd:04:a8:37:87:66:71:0f:be:49:b8:4e:b0:8a:
                    1b:90:12:dc:1d:11:65:a3:43:ec:87:fd:55:52:86:
                    09:05:9b:00:2b:2f:b8:3a:49:1e:cf:c8:e9:f8:56:
                    b7:23:85:b5:8c:1d:c4:de:9f:b7:35:e2:50:55:19:
                    10:0d:ea:7c:18:46:86:d9:bc:50:52:d1:a4:48:46:
                    cb:a4:cc:11:61:9c:68:22:13:98:8c:21:4f:6d:86:
                    15:81:c0:99:13:99:c4:30:6c:cc:f5:b3:ae:5d:a6:
                    de:12:42:85:0f:cb:02:a6:93:ef:b9:8b:15:11:21:
                    60:b5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3B:EA:53:A9:7E:5B:AC:6F:5B:1F:56:2B:78:FE:53:E6:E0:09:00:91
            X509v3 Authority Key Identifier:
                keyid:9C:3F:D4:6B:5D:60:6C:1C:CA:B5:58:B1:73:6E:26:21:A4:BC:04:03

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nD_Ua11gbBzKtVixc24mIaS8BAM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/5ced25-9096-4750-8219-0b31c332d50d/1/nD_Ua11gbBzKtVixc24mIaS8BAM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/5ced25-9096-4750-8219-0b31c332d50d/1/nD_Ua11gbBzKtVixc24mIaS8BAM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         73:02:e2:ec:fa:0c:0b:ca:34:98:66:cc:25:15:f0:17:e0:7d:
         c2:5e:77:37:d4:42:c2:48:7d:38:5e:db:8d:1d:d5:92:59:28:
         c6:89:d4:b3:0a:19:c4:88:02:2e:dd:35:b4:e8:20:d4:bd:0a:
         be:1a:7b:55:9c:82:24:2b:b4:c5:74:c2:37:4b:c0:e6:4c:97:
         3e:c4:6e:ae:34:f6:4f:df:f8:69:de:36:57:57:8d:85:ac:c3:
         6c:d0:37:98:5b:62:d9:06:f0:71:68:df:e0:cb:5f:42:8b:e1:
         9d:2e:60:9c:af:68:06:cd:f1:b7:49:29:e0:f9:9a:bc:a9:68:
         92:07:04:3f:6b:95:8c:6b:fd:3c:99:55:d0:65:f5:2e:16:fd:
         5c:7b:90:30:f2:f6:d0:62:b1:2e:eb:33:2e:83:89:d5:45:09:
         8f:e3:57:48:8a:5f:80:9d:37:fb:01:c8:00:03:e8:4d:5c:69:
         52:8b:4e:09:1b:60:7c:da:e2:52:56:ed:20:b3:02:9f:69:8f:
         3a:39:6d:26:0d:b8:b2:fa:e0:14:fd:a2:31:91:b8:d3:bc:c3:
         9e:77:71:0f:49:1a:b1:63:0b:26:7e:a6:ed:3e:59:d2:ba:66:
         d2:d4:1d:1b:47:b3:da:e0:00:eb:97:b4:81:9d:d2:55:e7:13:
         52:dc:34:da
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdjzGrHhOosoJQBAgjITDi4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDljM2ZkNDZiNWQ2MDZjMWNjYWI1NThiMTczNmUyNjIxYTRi
YzA0MDMwHhcNMjUwNjEyMTEwMDMwWhcNMjUwNjEzMTEwMDMwWjAzMTEwLwYDVQQD
EygzYmVhNTNhOTdlNWJhYzZmNWIxZjU2MmI3OGZlNTNlNmUwMDkwMDkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhoNPl6tJnyzqckT1o3b+9pU97gZU
N9r/W3qoTstSilfnY0Dfm36ElDcgwOPaJkdydJyEprwrs1Fizoq+73Q7KNPlRk0L
n3ZN9O/sazpMRy+NEOprAvmiK6hHXSRk9glp+sFOpkgRBMzJpz2A+Fth+keKmH1+
48qwZORpzCc8AoP2k4ayZliuvQSoN4dmcQ++SbhOsIobkBLcHRFlo0Psh/1VUoYJ
BZsAKy+4Okkez8jp+Fa3I4W1jB3E3p+3NeJQVRkQDep8GEaG2bxQUtGkSEbLpMwR
YZxoIhOYjCFPbYYVgcCZE5nEMGzM9bOuXabeEkKFD8sCppPvuYsVESFgtQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDvqU6l+W6xvWx9WK3j+U+bgCQCRMB8GA1UdIwQY
MBaAFJw/1GtdYGwcyrVYsXNuJiGkvAQDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbkRfVWExMWdiQnpLdFZpeGMyNG1JYVM4QkFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYi81Y2VkMjUtOTA5Ni00NzUwLTgyMTkt
MGIzMWMzMzJkNTBkLzEvbkRfVWExMWdiQnpLdFZpeGMyNG1JYVM4QkFNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYi81Y2VkMjUtOTA5Ni00NzUwLTgyMTktMGIzMWMzMzJkNTBk
LzEvbkRfVWExMWdiQnpLdFZpeGMyNG1JYVM4QkFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAcwLi7PoM
C8o0mGbMJRXwF+B9wl53N9RCwkh9OF7bjR3VklkoxonUswoZxIgCLt01tOgg1L0K
vhp7VZyCJCu0xXTCN0vA5kyXPsRurjT2T9/4ad42V1eNhazDbNA3mFti2QbwcWjf
4MtfQovhnS5gnK9oBs3xt0kp4PmavKlokgcEP2uVjGv9PJlV0GX1Lhb9XHuQMPL2
0GKxLuszLoOJ1UUJj+NXSIpfgJ03+wHIAAPoTVxpUotOCRtgfNriUlbtILMCn2mP
OjltJg24svrgFP2iMZG407zDnndxD0kasWMLJn6m7T5Z0rpm0tQdG0ez2uAA65e0
gZ3SVecTUtw02g==
-----END CERTIFICATE-----
Generated at Thu Jun 12 18:07:54 2025 by rpki-client