Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/44/7ac7bb-21dc-4a11-9791-4ee16d6c80a6/1/i9iTH2NXlCi_CMyxmaOpjcumuCQ.mft
File:                     i9iTH2NXlCi_CMyxmaOpjcumuCQ.mft (raw, json)
Hash identifier:          HSl0m9KZrEgBOgsOg0roVO176hhug78mELNbsAHy1qM=
Subject key identifier:   CE:42:39:31:6C:44:E7:CC:F9:B4:2E:6A:3A:59:75:53:E1:49:76:4E
Authority key identifier: 8B:D8:93:1F:63:57:94:28:BF:08:CC:B1:99:A3:A9:8D:CB:A6:B8:24
Certificate issuer:       /CN=8bd8931f63579428bf08ccb199a3a98dcba6b824
Certificate serial:       0197537DCEF5770F56553807AEBF9E206398
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/i9iTH2NXlCi_CMyxmaOpjcumuCQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/44/7ac7bb-21dc-4a11-9791-4ee16d6c80a6/1/i9iTH2NXlCi_CMyxmaOpjcumuCQ.mft
Manifest number:          0A59
Signing time:             Mon 09 Jun 2025 07:00:43 +0000
Manifest this update:     Mon 09 Jun 2025 07:00:43 +0000
Manifest next update:     Tue 10 Jun 2025 07:00:43 +0000
Files and hashes:         1: i9iTH2NXlCi_CMyxmaOpjcumuCQ.crl (hash: T8lgqDKjSa5X/uao+3Ua44F9EFo588TUHy+7jABJx7c=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/44/7ac7bb-21dc-4a11-9791-4ee16d6c80a6/1/i9iTH2NXlCi_CMyxmaOpjcumuCQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/44/7ac7bb-21dc-4a11-9791-4ee16d6c80a6/1/i9iTH2NXlCi_CMyxmaOpjcumuCQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/i9iTH2NXlCi_CMyxmaOpjcumuCQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 10 Jun 2025 02:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:53:7d:ce:f5:77:0f:56:55:38:07:ae:bf:9e:20:63:98
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8bd8931f63579428bf08ccb199a3a98dcba6b824
        Validity
            Not Before: Jun  9 07:00:43 2025 GMT
            Not After : Jun 10 07:00:43 2025 GMT
        Subject: CN=ce4239316c44e7ccf9b42e6a3a597553e149764e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c4:1a:f4:ec:eb:15:7e:8e:a0:bd:bb:27:9b:7b:
                    59:fe:ac:fd:42:a5:70:59:0d:7b:cd:0d:ef:f6:9b:
                    16:05:c9:c1:95:f1:e7:9c:9b:53:f9:1e:d8:d6:19:
                    3d:f3:cd:f1:b7:70:52:88:75:43:18:70:f4:e0:8a:
                    a9:6f:05:19:13:32:e3:55:8b:ff:25:b2:d3:2c:4b:
                    5f:7c:2b:26:98:9f:65:75:58:59:c1:e5:29:05:af:
                    df:fe:57:92:24:93:6f:e3:0f:ac:1b:bd:64:5b:c8:
                    65:13:5f:5b:69:8e:01:62:da:05:d2:3d:de:85:22:
                    7a:9b:86:6a:66:2e:d9:a4:3b:be:e6:73:dd:ed:5c:
                    1c:24:9c:0c:1c:ea:5c:dd:a7:4f:e1:a0:7c:c4:0f:
                    1a:7f:51:64:a9:2e:e9:a8:5c:54:61:5e:46:b0:a0:
                    a3:f1:1c:cb:b5:6a:3e:2b:c2:4d:66:62:43:70:36:
                    f1:fb:65:cb:b9:7e:a7:82:65:9f:52:85:ed:a9:7f:
                    b2:7c:f6:23:73:ac:ab:d1:09:c0:da:3f:d7:d0:ed:
                    ca:ef:69:44:f4:32:14:03:80:cb:39:53:84:13:20:
                    a0:90:4e:6a:1b:ce:e2:3a:fa:f5:a6:01:15:52:0a:
                    1b:cf:83:26:f0:44:71:46:f7:b0:e0:37:b8:98:df:
                    a9:9d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CE:42:39:31:6C:44:E7:CC:F9:B4:2E:6A:3A:59:75:53:E1:49:76:4E
            X509v3 Authority Key Identifier:
                keyid:8B:D8:93:1F:63:57:94:28:BF:08:CC:B1:99:A3:A9:8D:CB:A6:B8:24

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i9iTH2NXlCi_CMyxmaOpjcumuCQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/44/7ac7bb-21dc-4a11-9791-4ee16d6c80a6/1/i9iTH2NXlCi_CMyxmaOpjcumuCQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/44/7ac7bb-21dc-4a11-9791-4ee16d6c80a6/1/i9iTH2NXlCi_CMyxmaOpjcumuCQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         63:6e:28:24:ca:0a:e1:3c:11:58:f9:29:a8:9f:6c:5d:14:fc:
         85:50:85:4f:08:4a:8a:b2:ae:77:a3:fe:4e:4e:96:76:de:84:
         e8:ad:bf:14:c3:06:60:99:58:0b:70:bf:b3:b6:cd:b2:01:24:
         94:5a:f9:c3:29:4d:ce:e3:64:b4:cd:0f:f5:93:2d:ea:e1:6d:
         8c:f7:f3:10:19:87:42:a0:c9:58:72:d6:81:91:8e:19:e8:f8:
         ec:2a:bf:af:2f:39:16:dc:a9:63:7d:74:73:25:63:23:c3:0f:
         7a:b3:f5:d6:7e:39:0c:5b:08:87:df:3c:d7:f2:0d:1c:c9:36:
         1b:e6:3b:9c:75:4b:6d:59:6a:ae:3b:63:68:4f:62:91:39:c9:
         8b:8e:ea:d8:48:06:a6:60:11:56:39:03:08:cb:35:51:f7:b5:
         24:47:98:fe:fb:b8:3b:1e:f7:6a:eb:81:a0:22:61:39:d1:be:
         fc:d0:36:17:e7:d0:71:e0:d1:33:c8:e1:bc:90:fc:da:73:a7:
         63:52:1b:8d:fe:44:f4:64:2a:1e:61:2c:e0:1b:f5:5e:81:d4:
         34:bc:63:54:9f:49:d4:a1:68:9b:59:19:f7:6f:de:14:8c:78:
         8e:0a:57:8c:11:9e:6b:7b:52:c5:c1:49:c3:31:f4:f8:35:5a:
         22:f4:15:67
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdTfc71dw9WVTgHrr+eIGOYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiZDg5MzFmNjM1Nzk0MjhiZjA4Y2NiMTk5YTNhOThkY2Jh
NmI4MjQwHhcNMjUwNjA5MDcwMDQzWhcNMjUwNjEwMDcwMDQzWjAzMTEwLwYDVQQD
EyhjZTQyMzkzMTZjNDRlN2NjZjliNDJlNmEzYTU5NzU1M2UxNDk3NjRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxBr07OsVfo6gvbsnm3tZ/qz9QqVw
WQ17zQ3v9psWBcnBlfHnnJtT+R7Y1hk9883xt3BSiHVDGHD04IqpbwUZEzLjVYv/
JbLTLEtffCsmmJ9ldVhZweUpBa/f/leSJJNv4w+sG71kW8hlE19baY4BYtoF0j3e
hSJ6m4ZqZi7ZpDu+5nPd7VwcJJwMHOpc3adP4aB8xA8af1FkqS7pqFxUYV5GsKCj
8RzLtWo+K8JNZmJDcDbx+2XLuX6ngmWfUoXtqX+yfPYjc6yr0QnA2j/X0O3K72lE
9DIUA4DLOVOEEyCgkE5qG87iOvr1pgEVUgobz4Mm8ERxRvew4De4mN+pnQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFM5COTFsROfM+bQuajpZdVPhSXZOMB8GA1UdIwQY
MBaAFIvYkx9jV5QovwjMsZmjqY3LprgkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTlpVEgyTlhsQ2lfQ015eG1hT3BqY3VtdUNRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NC83YWM3YmItMjFkYy00YTExLTk3OTEt
NGVlMTZkNmM4MGE2LzEvaTlpVEgyTlhsQ2lfQ015eG1hT3BqY3VtdUNRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NC83YWM3YmItMjFkYy00YTExLTk3OTEtNGVlMTZkNmM4MGE2
LzEvaTlpVEgyTlhsQ2lfQ015eG1hT3BqY3VtdUNRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAY24oJMoK
4TwRWPkpqJ9sXRT8hVCFTwhKirKud6P+Tk6Wdt6E6K2/FMMGYJlYC3C/s7bNsgEk
lFr5wylNzuNktM0P9ZMt6uFtjPfzEBmHQqDJWHLWgZGOGej47Cq/ry85FtypY310
cyVjI8MPerP11n45DFsIh9881/INHMk2G+Y7nHVLbVlqrjtjaE9ikTnJi47q2EgG
pmARVjkDCMs1Ufe1JEeY/vu4Ox73auuBoCJhOdG+/NA2F+fQceDRM8jhvJD82nOn
Y1Ibjf5E9GQqHmEs4Bv1XoHUNLxjVJ9J1KFom1kZ92/eFIx4jgpXjBGea3tSxcFJ
wzH0+DVaIvQVZw==
-----END CERTIFICATE-----
Generated at Mon Jun 9 12:42:32 2025 by rpki-client