Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/e7fe06-4d44-430f-9ecb-295fcf87ea27/1/JaKQVZ9ypwEjHAKOcKJQaQNVpjk.mft
File:                     JaKQVZ9ypwEjHAKOcKJQaQNVpjk.mft (raw, json)
Hash identifier:          JTOteO2WvlRUMbC1fB3NtNIYaSldggVZzjxk98O5lxs=
Subject key identifier:   87:BA:89:5E:B1:B3:5A:3D:56:6E:4F:D8:3B:7A:DF:0F:FD:30:53:5F
Authority key identifier: 25:A2:90:55:9F:72:A7:01:23:1C:02:8E:70:A2:50:69:03:55:A6:39
Certificate issuer:       /CN=25a290559f72a701231c028e70a250690355a639
Certificate serial:       0197580055BA85401FF369B4CCA65CAB25E4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/JaKQVZ9ypwEjHAKOcKJQaQNVpjk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/42/e7fe06-4d44-430f-9ecb-295fcf87ea27/1/JaKQVZ9ypwEjHAKOcKJQaQNVpjk.mft
Manifest number:          12C3
Signing time:             Tue 10 Jun 2025 04:01:46 +0000
Manifest this update:     Tue 10 Jun 2025 04:01:46 +0000
Manifest next update:     Wed 11 Jun 2025 04:01:46 +0000
Files and hashes:         1: JaKQVZ9ypwEjHAKOcKJQaQNVpjk.crl (hash: dJUdhyuDlD5mPltuHKemgtICVaE3jU+eoo1ll6Ao4Gs=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/42/e7fe06-4d44-430f-9ecb-295fcf87ea27/1/JaKQVZ9ypwEjHAKOcKJQaQNVpjk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/42/e7fe06-4d44-430f-9ecb-295fcf87ea27/1/JaKQVZ9ypwEjHAKOcKJQaQNVpjk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/JaKQVZ9ypwEjHAKOcKJQaQNVpjk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 11 Jun 2025 00:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:58:00:55:ba:85:40:1f:f3:69:b4:cc:a6:5c:ab:25:e4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=25a290559f72a701231c028e70a250690355a639
        Validity
            Not Before: Jun 10 04:01:46 2025 GMT
            Not After : Jun 11 04:01:46 2025 GMT
        Subject: CN=87ba895eb1b35a3d566e4fd83b7adf0ffd30535f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:97:ff:ad:6b:fd:db:fb:05:79:4a:82:60:26:81:
                    9c:28:e7:38:2e:3a:5c:09:87:23:63:07:8a:8c:77:
                    6e:4f:df:92:ab:96:31:e9:a0:86:3b:2b:f3:2f:7a:
                    3d:27:9d:dd:db:08:02:3f:cc:f0:a6:e7:c8:00:09:
                    1e:6f:86:18:18:36:a5:79:1e:5c:fd:ce:85:c7:08:
                    33:db:c3:0c:3b:54:17:4f:73:3d:13:26:d3:cb:2c:
                    28:bc:84:4d:7b:0f:db:c2:2f:fe:5f:9c:ab:f8:3a:
                    b2:2b:28:b5:48:fa:87:32:bf:84:db:73:fd:01:f7:
                    fd:77:f2:33:55:35:40:ed:be:1f:1a:29:d0:6f:e6:
                    c3:1c:c4:66:33:d4:12:5a:69:5b:8c:10:df:88:e8:
                    fd:78:25:2e:f8:6f:58:fd:47:54:b2:74:30:60:a6:
                    f1:63:56:a3:ef:a6:b3:01:76:19:6c:cb:b0:a2:09:
                    e3:0e:5d:2d:89:17:bb:31:b6:56:7e:3c:2e:0d:4e:
                    ec:23:4b:ab:3a:8f:7a:77:d9:ce:ff:3d:7f:1a:12:
                    54:b1:6f:60:51:b5:52:12:38:99:6a:41:c6:15:aa:
                    a9:0d:46:8b:04:d2:62:31:ef:a9:27:e0:69:21:cb:
                    7c:38:58:50:78:cd:94:69:06:00:96:78:8b:73:75:
                    ca:0b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                87:BA:89:5E:B1:B3:5A:3D:56:6E:4F:D8:3B:7A:DF:0F:FD:30:53:5F
            X509v3 Authority Key Identifier:
                keyid:25:A2:90:55:9F:72:A7:01:23:1C:02:8E:70:A2:50:69:03:55:A6:39

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JaKQVZ9ypwEjHAKOcKJQaQNVpjk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/e7fe06-4d44-430f-9ecb-295fcf87ea27/1/JaKQVZ9ypwEjHAKOcKJQaQNVpjk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/42/e7fe06-4d44-430f-9ecb-295fcf87ea27/1/JaKQVZ9ypwEjHAKOcKJQaQNVpjk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         24:38:1e:67:99:9c:5a:95:ea:fa:5e:37:95:1b:94:9b:b4:b1:
         31:c3:a3:75:5d:57:26:5c:8b:3b:24:c2:cd:af:35:71:24:a6:
         6a:ec:a2:db:bd:7d:b4:e8:a8:5a:dc:0c:8e:5d:b8:f6:d8:a8:
         3f:d3:ef:35:83:dd:a6:90:2f:15:c1:d7:37:50:03:31:6b:6c:
         7c:7b:18:db:53:55:91:af:71:dd:26:01:77:eb:0a:88:c2:bb:
         8e:5c:d2:88:cb:1e:42:41:4f:b8:14:9f:54:7b:71:35:55:93:
         45:23:87:66:da:3c:b2:9c:14:af:be:37:ae:05:7f:0f:88:9a:
         90:d6:f3:2a:a5:05:f2:3a:87:ee:99:d0:e5:f3:b2:29:5b:a5:
         f9:73:47:12:18:36:70:9c:86:dd:2d:8d:33:d3:b9:df:a8:de:
         60:be:96:18:eb:dc:67:58:42:0b:fc:98:0c:60:f9:8c:fd:8f:
         24:35:8e:6b:a6:9f:ff:f7:a5:93:6b:3d:c6:d1:87:fd:c2:28:
         1e:e9:fc:ac:58:3a:56:e5:c3:35:9e:7f:8b:7e:9c:de:9b:5f:
         ea:93:df:5f:b4:44:be:20:cb:35:49:ef:c1:39:f7:84:5c:00:
         ec:65:8c:08:91:25:96:1a:af:e6:7a:c4:5e:9b:ec:e1:5f:1c:
         02:18:7d:d6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdYAFW6hUAf82m0zKZcqyXkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI1YTI5MDU1OWY3MmE3MDEyMzFjMDI4ZTcwYTI1MDY5MDM1
NWE2MzkwHhcNMjUwNjEwMDQwMTQ2WhcNMjUwNjExMDQwMTQ2WjAzMTEwLwYDVQQD
Eyg4N2JhODk1ZWIxYjM1YTNkNTY2ZTRmZDgzYjdhZGYwZmZkMzA1MzVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl/+ta/3b+wV5SoJgJoGcKOc4Ljpc
CYcjYweKjHduT9+Sq5Yx6aCGOyvzL3o9J53d2wgCP8zwpufIAAkeb4YYGDaleR5c
/c6Fxwgz28MMO1QXT3M9EybTyywovIRNew/bwi/+X5yr+DqyKyi1SPqHMr+E23P9
Aff9d/IzVTVA7b4fGinQb+bDHMRmM9QSWmlbjBDfiOj9eCUu+G9Y/UdUsnQwYKbx
Y1aj76azAXYZbMuwognjDl0tiRe7MbZWfjwuDU7sI0urOo96d9nO/z1/GhJUsW9g
UbVSEjiZakHGFaqpDUaLBNJiMe+pJ+BpIct8OFhQeM2UaQYAlniLc3XKCwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIe6iV6xs1o9Vm5P2Dt63w/9MFNfMB8GA1UdIwQY
MBaAFCWikFWfcqcBIxwCjnCiUGkDVaY5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSmFLUVZaOXlwd0VqSEFLT2NLSlFhUU5WcGprLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi9lN2ZlMDYtNGQ0NC00MzBmLTllY2It
Mjk1ZmNmODdlYTI3LzEvSmFLUVZaOXlwd0VqSEFLT2NLSlFhUU5WcGprLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi9lN2ZlMDYtNGQ0NC00MzBmLTllY2ItMjk1ZmNmODdlYTI3
LzEvSmFLUVZaOXlwd0VqSEFLT2NLSlFhUU5WcGprLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJDgeZ5mc
WpXq+l43lRuUm7SxMcOjdV1XJlyLOyTCza81cSSmauyi2719tOioWtwMjl249tio
P9PvNYPdppAvFcHXN1ADMWtsfHsY21NVka9x3SYBd+sKiMK7jlzSiMseQkFPuBSf
VHtxNVWTRSOHZto8spwUr743rgV/D4iakNbzKqUF8jqH7pnQ5fOyKVul+XNHEhg2
cJyG3S2NM9O536jeYL6WGOvcZ1hCC/yYDGD5jP2PJDWOa6af//elk2s9xtGH/cIo
Hun8rFg6VuXDNZ5/i36c3ptf6pPfX7REviDLNUnvwTn3hFwA7GWMCJEllhqv5nrE
Xpvs4V8cAhh91g==
-----END CERTIFICATE-----
Generated at Tue Jun 10 10:18:49 2025 by rpki-client