Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3f/4b48f3-8808-473d-a7e6-186b286854be/1/pNOAQa5OcxV3JKqfPuBDBeXxKDQ.mft
File:                     pNOAQa5OcxV3JKqfPuBDBeXxKDQ.mft (raw, json)
Hash identifier:          JEEL3QWJ5fhhjx7ORb7s+c0ItrRH+aXt9WZmpW/P9k0=
Subject key identifier:   14:CB:76:B3:71:60:96:4E:D2:6F:65:7B:E4:57:45:15:4B:1B:20:F0
Authority key identifier: A4:D3:80:41:AE:4E:73:15:77:24:AA:9F:3E:E0:43:05:E5:F1:28:34
Certificate issuer:       /CN=a4d38041ae4e73157724aa9f3ee04305e5f12834
Certificate serial:       01975FB923D82DF5DDEC82A2230E536C04E0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/pNOAQa5OcxV3JKqfPuBDBeXxKDQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3f/4b48f3-8808-473d-a7e6-186b286854be/1/pNOAQa5OcxV3JKqfPuBDBeXxKDQ.mft
Manifest number:          1558
Signing time:             Wed 11 Jun 2025 16:00:58 +0000
Manifest this update:     Wed 11 Jun 2025 16:00:58 +0000
Manifest next update:     Thu 12 Jun 2025 16:00:58 +0000
Files and hashes:         1: pNOAQa5OcxV3JKqfPuBDBeXxKDQ.crl (hash: 6vk4LtbtC6/Qbc95driaQCc5siUacLshkS2hOLypin4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3f/4b48f3-8808-473d-a7e6-186b286854be/1/pNOAQa5OcxV3JKqfPuBDBeXxKDQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3f/4b48f3-8808-473d-a7e6-186b286854be/1/pNOAQa5OcxV3JKqfPuBDBeXxKDQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/pNOAQa5OcxV3JKqfPuBDBeXxKDQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 12 Jun 2025 15:40:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:5f:b9:23:d8:2d:f5:dd:ec:82:a2:23:0e:53:6c:04:e0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a4d38041ae4e73157724aa9f3ee04305e5f12834
        Validity
            Not Before: Jun 11 16:00:58 2025 GMT
            Not After : Jun 12 16:00:58 2025 GMT
        Subject: CN=14cb76b37160964ed26f657be45745154b1b20f0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:90:f9:5d:8b:aa:ff:bb:6d:9b:aa:7e:ee:54:71:
                    00:22:2d:b1:49:e2:d4:82:9a:f6:6d:d1:ab:6d:0d:
                    1d:83:ad:6d:f8:96:ed:c2:e2:ba:b0:1b:29:d6:e6:
                    21:71:cc:72:34:23:96:88:5b:66:41:3c:85:a9:58:
                    6f:f0:b0:be:1b:fb:1b:ab:82:bf:3a:b0:39:52:4a:
                    60:25:97:86:60:c4:37:69:05:26:9b:da:86:5a:b8:
                    58:b1:ed:7c:93:55:af:95:f7:fa:84:06:ec:f5:ea:
                    48:1f:f1:3b:53:4e:43:72:75:ca:d8:f5:64:8a:0d:
                    8c:9d:c5:23:4f:93:f7:87:55:87:eb:59:3e:ad:11:
                    80:99:ac:83:46:26:9a:51:9c:4d:f0:82:32:bd:76:
                    79:c6:3b:ee:39:b3:ef:d1:c4:48:91:3f:8f:95:8b:
                    87:1d:0c:6f:b1:ec:a6:e6:91:b8:4f:18:86:4c:1f:
                    67:57:fe:61:74:34:9c:b6:82:fc:ae:02:3a:94:23:
                    60:08:cc:36:cb:39:a6:19:6f:e4:f0:5f:cd:de:db:
                    8a:27:4a:ee:eb:02:07:16:eb:a5:b0:65:81:2b:ff:
                    32:15:e1:07:ae:3f:f4:2a:42:13:9f:c8:b5:5b:0d:
                    c9:bf:eb:b3:9a:e8:cd:9f:80:a0:a1:18:51:63:e0:
                    03:b1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                14:CB:76:B3:71:60:96:4E:D2:6F:65:7B:E4:57:45:15:4B:1B:20:F0
            X509v3 Authority Key Identifier:
                keyid:A4:D3:80:41:AE:4E:73:15:77:24:AA:9F:3E:E0:43:05:E5:F1:28:34

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pNOAQa5OcxV3JKqfPuBDBeXxKDQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/4b48f3-8808-473d-a7e6-186b286854be/1/pNOAQa5OcxV3JKqfPuBDBeXxKDQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/4b48f3-8808-473d-a7e6-186b286854be/1/pNOAQa5OcxV3JKqfPuBDBeXxKDQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         23:5d:fa:dc:d0:45:73:36:85:cd:2b:ef:52:bb:b7:42:99:45:
         b6:49:93:30:cf:24:7a:5a:cf:fc:ea:41:f8:00:ed:49:e0:13:
         fb:e3:21:cd:ff:54:fb:c2:ed:2c:b2:4b:14:f0:ea:2c:0b:b7:
         5c:89:9a:14:b8:14:b6:a5:a8:23:58:4b:1d:e2:ac:00:c0:6f:
         5b:d3:16:eb:0e:a7:0b:cd:73:2c:b5:ce:73:0b:80:ac:f9:62:
         5d:bf:f0:87:14:63:8c:03:11:1a:aa:ac:3c:3a:0f:13:17:8f:
         af:45:96:e2:af:3e:ce:95:2d:01:3a:a3:7c:a2:cb:45:3a:86:
         fa:93:0b:df:e0:16:3a:23:a8:18:71:c8:05:46:d4:2d:c9:52:
         28:a3:3a:78:e9:a7:0b:aa:0d:4e:86:ae:e3:ef:60:cf:9d:1d:
         05:99:bc:66:5b:00:64:b3:fb:69:6e:89:c3:b4:22:51:8f:26:
         9e:b0:80:b3:37:e0:38:1d:6b:64:47:40:3c:07:36:40:da:81:
         16:d3:a3:00:c4:a7:1e:55:e8:21:d7:ed:cd:22:00:81:89:52:
         26:26:02:4b:46:a8:5e:b0:c7:37:ad:52:40:3f:f3:f3:61:74:
         a6:3e:36:c6:ae:82:be:dd:30:eb:fb:d0:e1:f9:3e:65:ed:40:
         a7:a8:16:f8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdfuSPYLfXd7IKiIw5TbATgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE0ZDM4MDQxYWU0ZTczMTU3NzI0YWE5ZjNlZTA0MzA1ZTVm
MTI4MzQwHhcNMjUwNjExMTYwMDU4WhcNMjUwNjEyMTYwMDU4WjAzMTEwLwYDVQQD
EygxNGNiNzZiMzcxNjA5NjRlZDI2ZjY1N2JlNDU3NDUxNTRiMWIyMGYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkPldi6r/u22bqn7uVHEAIi2xSeLU
gpr2bdGrbQ0dg61t+JbtwuK6sBsp1uYhccxyNCOWiFtmQTyFqVhv8LC+G/sbq4K/
OrA5UkpgJZeGYMQ3aQUmm9qGWrhYse18k1Wvlff6hAbs9epIH/E7U05DcnXK2PVk
ig2MncUjT5P3h1WH61k+rRGAmayDRiaaUZxN8IIyvXZ5xjvuObPv0cRIkT+PlYuH
HQxvseym5pG4TxiGTB9nV/5hdDSctoL8rgI6lCNgCMw2yzmmGW/k8F/N3tuKJ0ru
6wIHFuulsGWBK/8yFeEHrj/0KkITn8i1Ww3Jv+uzmujNn4CgoRhRY+ADsQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBTLdrNxYJZO0m9le+RXRRVLGyDwMB8GA1UdIwQY
MBaAFKTTgEGuTnMVdySqnz7gQwXl8Sg0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcE5PQVFhNU9jeFYzSktxZlB1QkRCZVh4S0RRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZi80YjQ4ZjMtODgwOC00NzNkLWE3ZTYt
MTg2YjI4Njg1NGJlLzEvcE5PQVFhNU9jeFYzSktxZlB1QkRCZVh4S0RRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZi80YjQ4ZjMtODgwOC00NzNkLWE3ZTYtMTg2YjI4Njg1NGJl
LzEvcE5PQVFhNU9jeFYzSktxZlB1QkRCZVh4S0RRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAI1363NBF
czaFzSvvUru3QplFtkmTMM8kelrP/OpB+ADtSeAT++Mhzf9U+8LtLLJLFPDqLAu3
XImaFLgUtqWoI1hLHeKsAMBvW9MW6w6nC81zLLXOcwuArPliXb/whxRjjAMRGqqs
PDoPExePr0WW4q8+zpUtATqjfKLLRTqG+pML3+AWOiOoGHHIBUbULclSKKM6eOmn
C6oNToau4+9gz50dBZm8ZlsAZLP7aW6Jw7QiUY8mnrCAszfgOB1rZEdAPAc2QNqB
FtOjAMSnHlXoIdftzSIAgYlSJiYCS0aoXrDHN61SQD/z82F0pj42xq6Cvt0w6/vQ
4fk+Ze1Ap6gW+A==
-----END CERTIFICATE-----
Generated at Thu Jun 12 00:58:18 2025 by rpki-client