Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3b/5ced25-9096-4750-8219-0b31c332d50d/1/nD_Ua11gbBzKtVixc24mIaS8BAM.mft
File:                     nD_Ua11gbBzKtVixc24mIaS8BAM.mft (raw, json)
Hash identifier:          7286eHsKpHaO/kUqlv2nFxl429gaJ8Gc26M+i57IgSQ=
Subject key identifier:   17:D7:9A:7D:93:79:29:61:B0:4F:23:7D:44:AB:5D:74:DD:D1:A0:30
Authority key identifier: 9C:3F:D4:6B:5D:60:6C:1C:CA:B5:58:B1:73:6E:26:21:A4:BC:04:03
Certificate issuer:       /CN=9c3fd46b5d606c1ccab558b1736e2621a4bc0403
Certificate serial:       01975A24956E816865FFE3094939CDF6D90C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/nD_Ua11gbBzKtVixc24mIaS8BAM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3b/5ced25-9096-4750-8219-0b31c332d50d/1/nD_Ua11gbBzKtVixc24mIaS8BAM.mft
Manifest number:          0812
Signing time:             Tue 10 Jun 2025 14:00:36 +0000
Manifest this update:     Tue 10 Jun 2025 14:00:36 +0000
Manifest next update:     Wed 11 Jun 2025 14:00:36 +0000
Files and hashes:         1: nD_Ua11gbBzKtVixc24mIaS8BAM.crl (hash: 6/cbwZkBs4dtcfP9OCvH70SWFAfLyjNtuaBnNRaU9GA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3b/5ced25-9096-4750-8219-0b31c332d50d/1/nD_Ua11gbBzKtVixc24mIaS8BAM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3b/5ced25-9096-4750-8219-0b31c332d50d/1/nD_Ua11gbBzKtVixc24mIaS8BAM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/nD_Ua11gbBzKtVixc24mIaS8BAM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 11 Jun 2025 14:00:36 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:5a:24:95:6e:81:68:65:ff:e3:09:49:39:cd:f6:d9:0c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9c3fd46b5d606c1ccab558b1736e2621a4bc0403
        Validity
            Not Before: Jun 10 14:00:36 2025 GMT
            Not After : Jun 11 14:00:36 2025 GMT
        Subject: CN=17d79a7d93792961b04f237d44ab5d74ddd1a030
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:98:5e:02:84:7f:09:a8:4b:68:db:65:96:6a:9a:
                    6a:8d:55:4b:8e:8b:4b:ed:61:84:64:2b:4d:21:9d:
                    1f:92:bb:e3:45:6b:59:bc:d2:c4:de:31:d9:f8:86:
                    35:b0:c7:c6:ea:a8:ff:79:d8:36:33:a2:41:6f:2a:
                    9d:4e:30:fe:d0:d6:43:b3:01:84:98:ef:d3:1d:9f:
                    19:95:67:7f:44:ce:0d:a3:3b:24:b2:cb:4f:87:cd:
                    3e:d1:5a:32:86:dd:55:80:2c:dd:10:15:a3:7d:42:
                    07:3d:a9:01:03:82:20:47:fc:2d:95:9c:6a:6d:e1:
                    de:c4:5f:72:a0:4b:08:2e:98:88:51:8f:2d:19:9a:
                    b1:b3:e8:88:b9:97:f8:0f:ab:77:04:60:81:91:af:
                    94:cf:94:95:b5:d1:c8:b1:a2:a3:7b:bd:8a:6e:b9:
                    dd:e8:2c:58:7e:7e:d0:90:4f:72:4b:81:e6:27:11:
                    c0:46:61:f1:1e:e1:6b:5a:fe:57:fc:70:32:77:38:
                    77:40:a6:e9:1e:35:0e:26:28:67:e6:df:af:6f:37:
                    ff:19:ed:89:9e:27:c3:58:3f:0a:ab:a1:26:e7:34:
                    61:e4:37:9f:f1:2b:64:12:06:94:0a:21:f4:e4:2d:
                    f4:13:bb:e0:6c:5a:8f:d5:55:c4:41:ad:26:68:23:
                    04:db
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                17:D7:9A:7D:93:79:29:61:B0:4F:23:7D:44:AB:5D:74:DD:D1:A0:30
            X509v3 Authority Key Identifier:
                keyid:9C:3F:D4:6B:5D:60:6C:1C:CA:B5:58:B1:73:6E:26:21:A4:BC:04:03

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nD_Ua11gbBzKtVixc24mIaS8BAM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/5ced25-9096-4750-8219-0b31c332d50d/1/nD_Ua11gbBzKtVixc24mIaS8BAM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/5ced25-9096-4750-8219-0b31c332d50d/1/nD_Ua11gbBzKtVixc24mIaS8BAM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         76:28:5f:19:8d:7a:05:69:f2:16:18:54:ce:e6:9e:34:00:ee:
         f5:b5:ca:4b:57:2f:a5:d0:48:b5:d5:96:be:c3:35:2f:25:ca:
         e7:5f:9a:b6:51:83:0e:8a:93:05:7e:ad:40:23:fd:b8:e7:8b:
         80:49:0a:43:fc:c0:2b:5f:d0:04:4e:21:d0:67:bd:bb:5c:8e:
         d3:3c:fd:c2:e3:da:9d:97:2e:c8:5b:34:26:c9:58:1f:bf:a8:
         a0:66:aa:5e:98:fc:d3:8e:4b:fa:76:f0:08:d0:c9:41:49:0d:
         9b:f7:df:7f:34:b0:52:ae:81:08:b3:d8:ed:8a:9c:13:80:74:
         cc:48:96:80:3d:91:df:0a:35:e7:69:11:ce:59:dc:80:66:7c:
         25:a9:1f:be:ef:29:35:eb:91:dd:fd:5e:72:72:d2:31:39:79:
         dd:8e:bd:88:43:69:99:5f:df:3c:d0:e5:bd:51:1c:4a:ab:c6:
         0a:75:8c:98:93:0e:0b:15:8f:88:69:17:df:e2:fe:15:3c:d3:
         5b:65:b0:db:5c:32:52:81:c5:80:c3:13:d9:d0:3a:3b:67:e2:
         e4:91:e8:5c:24:35:ba:8d:f1:ea:f1:d7:27:08:9c:ef:d2:b2:
         e3:c5:06:f6:19:ae:9b:ee:40:ca:44:ca:41:63:aa:33:b3:56:
         07:50:42:fc
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdaJJVugWhl/+MJSTnN9tkMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDljM2ZkNDZiNWQ2MDZjMWNjYWI1NThiMTczNmUyNjIxYTRi
YzA0MDMwHhcNMjUwNjEwMTQwMDM2WhcNMjUwNjExMTQwMDM2WjAzMTEwLwYDVQQD
EygxN2Q3OWE3ZDkzNzkyOTYxYjA0ZjIzN2Q0NGFiNWQ3NGRkZDFhMDMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmF4ChH8JqEto22WWappqjVVLjotL
7WGEZCtNIZ0fkrvjRWtZvNLE3jHZ+IY1sMfG6qj/edg2M6JBbyqdTjD+0NZDswGE
mO/THZ8ZlWd/RM4NozsksstPh80+0Voyht1VgCzdEBWjfUIHPakBA4IgR/wtlZxq
beHexF9yoEsILpiIUY8tGZqxs+iIuZf4D6t3BGCBka+Uz5SVtdHIsaKje72Kbrnd
6CxYfn7QkE9yS4HmJxHARmHxHuFrWv5X/HAydzh3QKbpHjUOJihn5t+vbzf/Ge2J
nifDWD8Kq6Em5zRh5Def8StkEgaUCiH05C30E7vgbFqP1VXEQa0maCME2wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBfXmn2TeSlhsE8jfUSrXXTd0aAwMB8GA1UdIwQY
MBaAFJw/1GtdYGwcyrVYsXNuJiGkvAQDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbkRfVWExMWdiQnpLdFZpeGMyNG1JYVM4QkFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYi81Y2VkMjUtOTA5Ni00NzUwLTgyMTkt
MGIzMWMzMzJkNTBkLzEvbkRfVWExMWdiQnpLdFZpeGMyNG1JYVM4QkFNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYi81Y2VkMjUtOTA5Ni00NzUwLTgyMTktMGIzMWMzMzJkNTBk
LzEvbkRfVWExMWdiQnpLdFZpeGMyNG1JYVM4QkFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAdihfGY16
BWnyFhhUzuaeNADu9bXKS1cvpdBItdWWvsM1LyXK51+atlGDDoqTBX6tQCP9uOeL
gEkKQ/zAK1/QBE4h0Ge9u1yO0zz9wuPanZcuyFs0JslYH7+ooGaqXpj8045L+nbw
CNDJQUkNm/fffzSwUq6BCLPY7YqcE4B0zEiWgD2R3wo152kRzlncgGZ8Jakfvu8p
NeuR3f1ecnLSMTl53Y69iENpmV/fPNDlvVEcSqvGCnWMmJMOCxWPiGkX3+L+FTzT
W2Ww21wyUoHFgMMT2dA6O2fi5JHoXCQ1uo3x6vHXJwic79Ky48UG9hmum+5AykTK
QWOqM7NWB1BC/A==
-----END CERTIFICATE-----
Generated at Tue Jun 10 16:34:03 2025 by rpki-client