Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/37c514-8213-438c-a164-d98487bdee48/1/hJxbptQKtOTjm3tpttLZhEqiSK8.mft
File:                     hJxbptQKtOTjm3tpttLZhEqiSK8.mft (raw, json)
Hash identifier:          9zuAwe09Wa3kEoZZx3LyvDW8OiQQnzzMScrx2WOy960=
Subject key identifier:   23:C8:5E:70:62:EB:2E:BD:6E:F6:CE:94:C1:65:A5:8D:4C:33:09:EE
Authority key identifier: 84:9C:5B:A6:D4:0A:B4:E4:E3:9B:7B:69:B6:D2:D9:84:4A:A2:48:AF
Certificate issuer:       /CN=849c5ba6d40ab4e4e39b7b69b6d2d9844aa248af
Certificate serial:       019759489982662BF487F370C7B69C6FF18E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hJxbptQKtOTjm3tpttLZhEqiSK8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/42/37c514-8213-438c-a164-d98487bdee48/1/hJxbptQKtOTjm3tpttLZhEqiSK8.mft
Manifest number:          0C64
Signing time:             Tue 10 Jun 2025 10:00:19 +0000
Manifest this update:     Tue 10 Jun 2025 10:00:19 +0000
Manifest next update:     Wed 11 Jun 2025 10:00:19 +0000
Files and hashes:         1: hJxbptQKtOTjm3tpttLZhEqiSK8.crl (hash: rkJC8KNtAwRPZepWcL6uqz8TSoEWGK2fs4ydRK0sus0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/42/37c514-8213-438c-a164-d98487bdee48/1/hJxbptQKtOTjm3tpttLZhEqiSK8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/42/37c514-8213-438c-a164-d98487bdee48/1/hJxbptQKtOTjm3tpttLZhEqiSK8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/hJxbptQKtOTjm3tpttLZhEqiSK8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 11 Jun 2025 10:00:19 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:59:48:99:82:66:2b:f4:87:f3:70:c7:b6:9c:6f:f1:8e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=849c5ba6d40ab4e4e39b7b69b6d2d9844aa248af
        Validity
            Not Before: Jun 10 10:00:19 2025 GMT
            Not After : Jun 11 10:00:19 2025 GMT
        Subject: CN=23c85e7062eb2ebd6ef6ce94c165a58d4c3309ee
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:6c:2b:e1:58:49:26:c8:3c:ff:4f:0c:18:86:
                    06:f4:37:5c:df:6c:15:1e:75:e6:10:67:a9:55:a5:
                    71:0c:34:ce:3c:df:ba:b5:d4:54:37:e1:7f:39:37:
                    1b:c7:17:af:0d:45:ab:59:49:9d:a2:46:b7:b6:4e:
                    3a:8f:7e:d8:20:42:99:0e:5b:e9:00:8c:e9:fc:1e:
                    00:94:93:75:cf:e6:1b:c5:8d:b1:0a:a2:bc:9c:2f:
                    49:38:e7:07:85:fc:6b:fc:97:7a:10:5e:14:08:6a:
                    68:16:86:db:0c:28:91:b1:df:c3:9b:6e:8c:90:85:
                    02:bf:59:b0:30:19:1c:aa:0f:a8:26:9f:53:8a:b5:
                    e6:fb:3a:c6:b5:89:b0:25:c6:ca:d5:66:33:7f:9d:
                    d2:a5:ad:5a:3e:2f:42:46:57:e0:94:9b:97:37:08:
                    ef:70:e3:bc:71:ed:8e:8b:4d:1a:48:f9:1e:9e:09:
                    0e:7e:6d:52:81:a6:27:c8:7a:a9:b0:31:8b:99:9e:
                    99:cf:8b:51:31:18:dd:80:cf:f4:17:1a:1e:fb:e2:
                    a3:49:a6:d5:ea:5e:49:6f:96:b2:03:79:e5:d8:43:
                    4b:4d:91:92:20:90:5c:78:82:b3:0a:15:45:c8:d0:
                    6e:c1:96:f0:15:fd:d6:16:01:4e:00:1d:0b:5a:eb:
                    1c:45
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                23:C8:5E:70:62:EB:2E:BD:6E:F6:CE:94:C1:65:A5:8D:4C:33:09:EE
            X509v3 Authority Key Identifier:
                keyid:84:9C:5B:A6:D4:0A:B4:E4:E3:9B:7B:69:B6:D2:D9:84:4A:A2:48:AF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hJxbptQKtOTjm3tpttLZhEqiSK8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/37c514-8213-438c-a164-d98487bdee48/1/hJxbptQKtOTjm3tpttLZhEqiSK8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/42/37c514-8213-438c-a164-d98487bdee48/1/hJxbptQKtOTjm3tpttLZhEqiSK8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         15:18:9f:ba:ff:cb:e5:f1:d1:fa:8f:7d:0d:05:ff:0a:51:3d:
         91:d1:01:6c:91:3f:13:ec:88:bf:6f:df:d4:7f:cf:82:fd:2b:
         d3:05:46:ee:eb:8d:1a:54:0c:72:81:e6:88:79:d1:99:a5:34:
         11:87:40:98:12:b9:cf:2b:91:44:d0:80:46:27:12:d8:c3:56:
         5a:6a:35:e7:92:57:60:71:cf:dd:4c:19:1f:dc:1c:b6:6f:25:
         db:f9:18:b7:71:84:82:04:3b:8f:7f:d0:d2:56:47:9a:ac:65:
         77:4b:8b:8c:4a:0c:48:68:69:05:12:97:e3:71:da:72:c1:f4:
         af:a0:f4:19:5a:f5:2a:da:be:ba:f3:57:25:bc:b5:33:f4:c7:
         88:99:a5:cb:27:59:5d:d8:13:76:74:82:94:f8:e5:fc:5a:ba:
         ec:03:12:bb:1c:75:32:5c:8d:c8:9f:23:65:f9:0e:2f:05:b9:
         cb:c5:f0:65:1a:da:f9:e9:ef:c1:2c:70:04:d7:92:bb:9e:1b:
         66:cc:19:18:14:34:5d:5b:19:90:36:88:e2:38:9c:41:28:86:
         0f:dd:32:91:51:4c:a2:9d:96:4e:08:7e:03:e2:65:78:50:09:
         a7:ab:70:87:09:34:fe:84:4e:b1:3d:38:8b:d1:26:2d:8b:ce:
         d4:86:c3:34
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdZSJmCZiv0h/Nwx7acb/GOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0OWM1YmE2ZDQwYWI0ZTRlMzliN2I2OWI2ZDJkOTg0NGFh
MjQ4YWYwHhcNMjUwNjEwMTAwMDE5WhcNMjUwNjExMTAwMDE5WjAzMTEwLwYDVQQD
EygyM2M4NWU3MDYyZWIyZWJkNmVmNmNlOTRjMTY1YTU4ZDRjMzMwOWVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp2wr4VhJJsg8/08MGIYG9Ddc32wV
HnXmEGepVaVxDDTOPN+6tdRUN+F/OTcbxxevDUWrWUmdoka3tk46j37YIEKZDlvp
AIzp/B4AlJN1z+YbxY2xCqK8nC9JOOcHhfxr/Jd6EF4UCGpoFobbDCiRsd/Dm26M
kIUCv1mwMBkcqg+oJp9TirXm+zrGtYmwJcbK1WYzf53Spa1aPi9CRlfglJuXNwjv
cOO8ce2Oi00aSPkengkOfm1SgaYnyHqpsDGLmZ6Zz4tRMRjdgM/0Fxoe++KjSabV
6l5Jb5ayA3nl2ENLTZGSIJBceIKzChVFyNBuwZbwFf3WFgFOAB0LWuscRQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCPIXnBi6y69bvbOlMFlpY1MMwnuMB8GA1UdIwQY
MBaAFIScW6bUCrTk45t7abbS2YRKokivMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaEp4YnB0UUt0T1RqbTN0cHR0TFpoRXFpU0s4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi8zN2M1MTQtODIxMy00MzhjLWExNjQt
ZDk4NDg3YmRlZTQ4LzEvaEp4YnB0UUt0T1RqbTN0cHR0TFpoRXFpU0s4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi8zN2M1MTQtODIxMy00MzhjLWExNjQtZDk4NDg3YmRlZTQ4
LzEvaEp4YnB0UUt0T1RqbTN0cHR0TFpoRXFpU0s4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAFRifuv/L
5fHR+o99DQX/ClE9kdEBbJE/E+yIv2/f1H/Pgv0r0wVG7uuNGlQMcoHmiHnRmaU0
EYdAmBK5zyuRRNCARicS2MNWWmo155JXYHHP3UwZH9wctm8l2/kYt3GEggQ7j3/Q
0lZHmqxld0uLjEoMSGhpBRKX43HacsH0r6D0GVr1Ktq+uvNXJby1M/THiJmlyydZ
XdgTdnSClPjl/Fq67AMSuxx1MlyNyJ8jZfkOLwW5y8XwZRra+envwSxwBNeSu54b
ZswZGBQ0XVsZkDaI4jicQSiGD90ykVFMop2WTgh+A+JleFAJp6twhwk0/oROsT04
i9EmLYvO1IbDNA==
-----END CERTIFICATE-----
Generated at Tue Jun 10 20:37:22 2025 by rpki-client