Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/e7fe06-4d44-430f-9ecb-295fcf87ea27/1/JaKQVZ9ypwEjHAKOcKJQaQNVpjk.mft
File:                     JaKQVZ9ypwEjHAKOcKJQaQNVpjk.mft (raw, json)
Hash identifier:          QBbm+R78GA3SDVqzB/lPCFMVHV9eAvw9TwqLz64264E=
Subject key identifier:   B7:B4:7E:A7:D3:DD:F3:91:97:37:0D:21:73:C9:13:50:87:58:BF:5C
Authority key identifier: 25:A2:90:55:9F:72:A7:01:23:1C:02:8E:70:A2:50:69:03:55:A6:39
Certificate issuer:       /CN=25a290559f72a701231c028e70a250690355a639
Certificate serial:       01976B4F5D917EA0C8C57BC2D7B34CB0E6D6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/JaKQVZ9ypwEjHAKOcKJQaQNVpjk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/42/e7fe06-4d44-430f-9ecb-295fcf87ea27/1/JaKQVZ9ypwEjHAKOcKJQaQNVpjk.mft
Manifest number:          12CD
Signing time:             Fri 13 Jun 2025 22:00:52 +0000
Manifest this update:     Fri 13 Jun 2025 22:00:52 +0000
Manifest next update:     Sat 14 Jun 2025 22:00:52 +0000
Files and hashes:         1: JaKQVZ9ypwEjHAKOcKJQaQNVpjk.crl (hash: 5PBwxrdF28y+RfweymMRAmG/uEKeCceO3vxgUygolQs=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/42/e7fe06-4d44-430f-9ecb-295fcf87ea27/1/JaKQVZ9ypwEjHAKOcKJQaQNVpjk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/42/e7fe06-4d44-430f-9ecb-295fcf87ea27/1/JaKQVZ9ypwEjHAKOcKJQaQNVpjk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/JaKQVZ9ypwEjHAKOcKJQaQNVpjk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 14 Jun 2025 22:00:52 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:6b:4f:5d:91:7e:a0:c8:c5:7b:c2:d7:b3:4c:b0:e6:d6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=25a290559f72a701231c028e70a250690355a639
        Validity
            Not Before: Jun 13 22:00:52 2025 GMT
            Not After : Jun 14 22:00:52 2025 GMT
        Subject: CN=b7b47ea7d3ddf39197370d2173c913508758bf5c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e1:72:78:5b:13:1f:10:6b:b9:29:fe:71:ec:a7:
                    50:2c:e3:78:d7:09:4a:05:65:72:b2:e1:30:b6:6e:
                    11:3e:e7:f3:f8:66:0d:f0:cd:c2:c4:f3:a1:4a:17:
                    8d:38:7e:99:52:d2:99:68:ad:92:4a:11:da:6e:6f:
                    41:e0:61:bc:cd:55:6d:b9:8c:cf:5c:d7:bb:03:cd:
                    9c:2a:49:4e:e3:03:dd:f5:68:0c:00:69:62:ab:83:
                    83:d4:2d:40:e9:06:f3:c3:9c:ca:08:6b:0b:4f:d3:
                    17:20:10:e8:76:77:51:1f:d0:bf:5a:1e:aa:9c:29:
                    bf:4b:1a:bc:6b:b1:c0:1f:32:87:fd:31:ba:5a:65:
                    2c:1d:62:a0:dc:4f:b0:42:b1:93:45:b0:95:d3:30:
                    94:52:b9:5e:4b:85:7c:52:ea:c9:8a:4d:fb:60:ad:
                    6f:a9:36:6b:7f:99:30:c9:98:f4:ba:58:33:25:7a:
                    08:24:9b:19:37:cc:21:c9:58:d2:7a:a2:bc:24:93:
                    0c:44:72:cb:35:5d:c4:f0:ae:08:53:47:01:a7:19:
                    b0:b7:44:ec:d1:31:2b:00:91:63:e2:35:7d:85:88:
                    08:d1:3a:d8:76:72:dc:56:8a:bf:fa:fa:8f:8a:c7:
                    22:01:ba:14:a7:c6:3c:41:11:a8:af:b4:43:d1:e2:
                    14:d5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B7:B4:7E:A7:D3:DD:F3:91:97:37:0D:21:73:C9:13:50:87:58:BF:5C
            X509v3 Authority Key Identifier:
                keyid:25:A2:90:55:9F:72:A7:01:23:1C:02:8E:70:A2:50:69:03:55:A6:39

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JaKQVZ9ypwEjHAKOcKJQaQNVpjk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/e7fe06-4d44-430f-9ecb-295fcf87ea27/1/JaKQVZ9ypwEjHAKOcKJQaQNVpjk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/42/e7fe06-4d44-430f-9ecb-295fcf87ea27/1/JaKQVZ9ypwEjHAKOcKJQaQNVpjk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         9b:84:86:14:ef:d2:c5:a0:f7:d4:fe:ed:8e:04:20:7e:f8:93:
         90:9c:fb:d4:9a:31:a1:e5:5e:0c:de:cb:cb:1c:12:88:79:dc:
         c7:60:99:70:0a:8a:f0:7b:94:61:cc:34:40:cd:2d:06:10:0d:
         04:4a:39:88:3f:0f:03:d9:c6:04:18:d8:f8:7d:ec:77:03:64:
         bf:cc:84:d2:47:2b:96:e5:36:81:7f:cd:0b:85:09:1e:c2:c8:
         bc:11:48:58:47:19:33:8d:0f:ad:d4:31:21:e5:74:17:04:25:
         d5:df:6d:47:6c:dd:c7:12:59:49:92:45:4f:97:9f:4b:fc:a3:
         be:3b:00:26:98:2d:ed:fa:ee:a4:c8:8e:eb:ff:fc:43:9b:e7:
         dc:91:9f:5a:af:71:b7:8d:31:39:17:56:14:fd:ff:4b:67:39:
         37:f0:b1:ab:cb:d7:44:95:55:bd:90:80:56:8c:66:17:b3:55:
         d8:b4:a3:08:64:4d:a2:b3:49:43:ee:08:a5:d1:4c:d9:5e:bb:
         57:d4:ac:4f:5e:c3:a4:56:19:02:da:25:91:71:42:ec:aa:7c:
         0c:1a:ce:33:c6:90:8e:15:91:8e:a1:a6:dc:16:e4:f6:57:ac:
         14:e5:f6:52:3d:35:6c:99:1d:47:e5:55:75:6f:58:c7:e9:0a:
         5c:2b:04:b6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdrT12RfqDIxXvC17NMsObWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI1YTI5MDU1OWY3MmE3MDEyMzFjMDI4ZTcwYTI1MDY5MDM1
NWE2MzkwHhcNMjUwNjEzMjIwMDUyWhcNMjUwNjE0MjIwMDUyWjAzMTEwLwYDVQQD
EyhiN2I0N2VhN2QzZGRmMzkxOTczNzBkMjE3M2M5MTM1MDg3NThiZjVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4XJ4WxMfEGu5Kf5x7KdQLON41wlK
BWVysuEwtm4RPufz+GYN8M3CxPOhSheNOH6ZUtKZaK2SShHabm9B4GG8zVVtuYzP
XNe7A82cKklO4wPd9WgMAGliq4OD1C1A6Qbzw5zKCGsLT9MXIBDodndRH9C/Wh6q
nCm/Sxq8a7HAHzKH/TG6WmUsHWKg3E+wQrGTRbCV0zCUUrleS4V8UurJik37YK1v
qTZrf5kwyZj0ulgzJXoIJJsZN8whyVjSeqK8JJMMRHLLNV3E8K4IU0cBpxmwt0Ts
0TErAJFj4jV9hYgI0TrYdnLcVoq/+vqPisciAboUp8Y8QRGor7RD0eIU1QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLe0fqfT3fORlzcNIXPJE1CHWL9cMB8GA1UdIwQY
MBaAFCWikFWfcqcBIxwCjnCiUGkDVaY5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSmFLUVZaOXlwd0VqSEFLT2NLSlFhUU5WcGprLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi9lN2ZlMDYtNGQ0NC00MzBmLTllY2It
Mjk1ZmNmODdlYTI3LzEvSmFLUVZaOXlwd0VqSEFLT2NLSlFhUU5WcGprLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi9lN2ZlMDYtNGQ0NC00MzBmLTllY2ItMjk1ZmNmODdlYTI3
LzEvSmFLUVZaOXlwd0VqSEFLT2NLSlFhUU5WcGprLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAm4SGFO/S
xaD31P7tjgQgfviTkJz71JoxoeVeDN7LyxwSiHncx2CZcAqK8HuUYcw0QM0tBhAN
BEo5iD8PA9nGBBjY+H3sdwNkv8yE0kcrluU2gX/NC4UJHsLIvBFIWEcZM40PrdQx
IeV0FwQl1d9tR2zdxxJZSZJFT5efS/yjvjsAJpgt7frupMiO6//8Q5vn3JGfWq9x
t40xORdWFP3/S2c5N/Cxq8vXRJVVvZCAVoxmF7NV2LSjCGRNorNJQ+4IpdFM2V67
V9SsT17DpFYZAtolkXFC7Kp8DBrOM8aQjhWRjqGm3Bbk9lesFOX2Uj01bJkdR+VV
dW9Yx+kKXCsEtg==
-----END CERTIFICATE-----
Generated at Sat Jun 14 06:36:50 2025 by rpki-client