Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/44/bf144b-aab5-407e-904f-c1734d50cb3b/1/coCW6KzXbpqhfz62eAQG49pWPtI.mft
File:                     coCW6KzXbpqhfz62eAQG49pWPtI.mft (raw, json)
Hash identifier:          Xotuit0ryG23cgSKwrhGm04BKw81j/TvgzB/yVTeWm0=
Subject key identifier:   F3:CB:C2:86:18:4A:3D:31:76:42:A7:1C:15:CA:CF:F5:3A:BB:98:C2
Authority key identifier: 72:80:96:E8:AC:D7:6E:9A:A1:7F:3E:B6:78:04:06:E3:DA:56:3E:D2
Certificate issuer:       /CN=728096e8acd76e9aa17f3eb6780406e3da563ed2
Certificate serial:       0197530FD5144A312C6ECFB617FDC901B750
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/coCW6KzXbpqhfz62eAQG49pWPtI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/44/bf144b-aab5-407e-904f-c1734d50cb3b/1/coCW6KzXbpqhfz62eAQG49pWPtI.mft
Manifest number:          143B
Signing time:             Mon 09 Jun 2025 05:00:35 +0000
Manifest this update:     Mon 09 Jun 2025 05:00:35 +0000
Manifest next update:     Tue 10 Jun 2025 05:00:35 +0000
Files and hashes:         1: coCW6KzXbpqhfz62eAQG49pWPtI.crl (hash: nttQ+B2o4qJg0ymzig1pXA4VX+eXONMFIm/hSO/1yEQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/44/bf144b-aab5-407e-904f-c1734d50cb3b/1/coCW6KzXbpqhfz62eAQG49pWPtI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/44/bf144b-aab5-407e-904f-c1734d50cb3b/1/coCW6KzXbpqhfz62eAQG49pWPtI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/coCW6KzXbpqhfz62eAQG49pWPtI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 10 Jun 2025 05:00:35 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:53:0f:d5:14:4a:31:2c:6e:cf:b6:17:fd:c9:01:b7:50
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=728096e8acd76e9aa17f3eb6780406e3da563ed2
        Validity
            Not Before: Jun  9 05:00:35 2025 GMT
            Not After : Jun 10 05:00:35 2025 GMT
        Subject: CN=f3cbc286184a3d317642a71c15cacff53abb98c2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a9:81:e9:86:ea:5c:bc:9a:b4:ac:68:de:94:12:
                    04:60:8c:06:fc:9f:de:7a:94:f7:53:e0:1f:ea:8d:
                    00:a1:ce:9b:65:71:81:b8:89:ce:cb:92:7b:e7:89:
                    1d:49:d9:c9:70:d7:22:ef:fd:50:7b:5c:a2:4d:90:
                    fb:d7:b3:f8:9e:7c:86:a0:90:a0:a9:04:cc:a2:c2:
                    a8:6e:92:0c:87:23:95:7e:46:16:39:09:2c:9f:53:
                    ea:d7:ce:ec:94:c3:81:e0:1d:64:65:54:83:17:20:
                    35:1b:9c:6e:4b:c6:27:89:94:77:62:12:30:32:74:
                    e3:e3:b2:c6:49:65:49:97:30:53:78:27:91:a8:42:
                    41:33:28:a3:7d:60:4b:b5:1e:90:a6:f6:ac:d1:89:
                    8c:d2:72:25:c3:e6:48:70:63:4c:14:a8:0d:4a:26:
                    5a:3f:e0:9f:09:8e:9d:45:dd:34:83:47:d8:37:08:
                    ce:b2:b0:bf:ac:8a:a0:c7:08:51:1f:44:57:0f:b6:
                    04:a9:00:48:34:18:10:de:a6:17:d6:c6:45:2d:a4:
                    d7:81:f1:32:c6:7f:a9:fc:50:bd:2c:68:0c:a7:be:
                    b1:c7:7f:75:11:d9:79:a2:10:f6:8f:fb:c8:c4:aa:
                    d2:0c:36:0b:bc:5c:95:f8:b8:d1:06:b3:ea:d6:b9:
                    32:db
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F3:CB:C2:86:18:4A:3D:31:76:42:A7:1C:15:CA:CF:F5:3A:BB:98:C2
            X509v3 Authority Key Identifier:
                keyid:72:80:96:E8:AC:D7:6E:9A:A1:7F:3E:B6:78:04:06:E3:DA:56:3E:D2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/coCW6KzXbpqhfz62eAQG49pWPtI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/44/bf144b-aab5-407e-904f-c1734d50cb3b/1/coCW6KzXbpqhfz62eAQG49pWPtI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/44/bf144b-aab5-407e-904f-c1734d50cb3b/1/coCW6KzXbpqhfz62eAQG49pWPtI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         72:dc:e2:4a:d4:36:2a:a3:55:36:28:14:63:fc:49:f0:a9:da:
         38:00:dc:dc:6c:7b:53:8d:04:37:8b:33:2e:f1:89:df:07:3b:
         4d:0d:f2:b7:a8:38:e8:25:90:f5:47:5f:eb:f2:5f:33:90:d3:
         49:df:c5:ab:32:d8:4d:5b:6f:4b:e1:b4:08:06:f1:94:ae:41:
         0c:d0:d0:c4:a7:37:fa:c0:ce:ae:b5:c3:25:bb:23:c6:7c:3d:
         50:7f:a5:1d:ee:03:32:56:86:5d:ee:9d:92:2f:ca:7a:d5:37:
         93:92:b8:b4:f8:f2:41:74:b7:d7:ff:a7:3d:02:11:7b:f3:1b:
         97:28:9c:cd:6b:7b:9c:e7:82:52:94:ff:37:26:03:3e:00:67:
         9d:ef:c5:cc:8e:30:19:5f:d3:43:08:45:f8:1c:4a:62:87:c4:
         b0:1d:7d:34:c0:8f:8d:88:8d:04:d1:4a:6a:8a:b8:a1:fc:1d:
         9f:25:55:8b:58:59:ee:9d:9c:b9:6e:c7:d6:33:85:38:5c:91:
         4f:66:cc:3f:a2:cd:a3:ba:a6:e9:3e:a0:67:e1:a2:a7:0a:c1:
         e3:74:ed:1e:96:44:d2:c8:e7:7a:a6:e7:78:f0:99:f2:a8:38:
         45:76:5d:7a:22:4e:76:e0:76:28:50:ec:ea:60:2b:03:6c:83:
         a7:3b:e8:62
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdTD9UUSjEsbs+2F/3JAbdQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyODA5NmU4YWNkNzZlOWFhMTdmM2ViNjc4MDQwNmUzZGE1
NjNlZDIwHhcNMjUwNjA5MDUwMDM1WhcNMjUwNjEwMDUwMDM1WjAzMTEwLwYDVQQD
EyhmM2NiYzI4NjE4NGEzZDMxNzY0MmE3MWMxNWNhY2ZmNTNhYmI5OGMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqYHphupcvJq0rGjelBIEYIwG/J/e
epT3U+Af6o0Aoc6bZXGBuInOy5J754kdSdnJcNci7/1Qe1yiTZD717P4nnyGoJCg
qQTMosKobpIMhyOVfkYWOQksn1Pq187slMOB4B1kZVSDFyA1G5xuS8YniZR3YhIw
MnTj47LGSWVJlzBTeCeRqEJBMyijfWBLtR6Qpvas0YmM0nIlw+ZIcGNMFKgNSiZa
P+CfCY6dRd00g0fYNwjOsrC/rIqgxwhRH0RXD7YEqQBINBgQ3qYX1sZFLaTXgfEy
xn+p/FC9LGgMp76xx391Edl5ohD2j/vIxKrSDDYLvFyV+LjRBrPq1rky2wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPPLwoYYSj0xdkKnHBXKz/U6u5jCMB8GA1UdIwQY
MBaAFHKAluis126aoX8+tngEBuPaVj7SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY29DVzZLelhicHFoZno2MmVBUUc0OXBXUHRJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NC9iZjE0NGItYWFiNS00MDdlLTkwNGYt
YzE3MzRkNTBjYjNiLzEvY29DVzZLelhicHFoZno2MmVBUUc0OXBXUHRJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NC9iZjE0NGItYWFiNS00MDdlLTkwNGYtYzE3MzRkNTBjYjNi
LzEvY29DVzZLelhicHFoZno2MmVBUUc0OXBXUHRJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEActziStQ2
KqNVNigUY/xJ8KnaOADc3Gx7U40EN4szLvGJ3wc7TQ3yt6g46CWQ9Udf6/JfM5DT
Sd/FqzLYTVtvS+G0CAbxlK5BDNDQxKc3+sDOrrXDJbsjxnw9UH+lHe4DMlaGXe6d
ki/KetU3k5K4tPjyQXS31/+nPQIRe/MblyiczWt7nOeCUpT/NyYDPgBnne/FzI4w
GV/TQwhF+BxKYofEsB19NMCPjYiNBNFKaoq4ofwdnyVVi1hZ7p2cuW7H1jOFOFyR
T2bMP6LNo7qm6T6gZ+GipwrB43TtHpZE0sjneqbnePCZ8qg4RXZdeiJOduB2KFDs
6mArA2yDpzvoYg==
-----END CERTIFICATE-----
Generated at Mon Jun 9 13:25:57 2025 by rpki-client