Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/44/bf144b-aab5-407e-904f-c1734d50cb3b/1/coCW6KzXbpqhfz62eAQG49pWPtI.mft
File:                     coCW6KzXbpqhfz62eAQG49pWPtI.mft (raw, json)
Hash identifier:          EVZ1AvKBl/GqbMa7cIdEe7r6QTF7Qum8qJo30Mh2BS8=
Subject key identifier:   42:08:A6:25:AA:07:42:49:49:B1:45:EC:4D:5C:0B:28:3E:D6:DF:41
Authority key identifier: 72:80:96:E8:AC:D7:6E:9A:A1:7F:3E:B6:78:04:06:E3:DA:56:3E:D2
Certificate issuer:       /CN=728096e8acd76e9aa17f3eb6780406e3da563ed2
Certificate serial:       0197647168C257206F204CC965C030B0E4B3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/coCW6KzXbpqhfz62eAQG49pWPtI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/44/bf144b-aab5-407e-904f-c1734d50cb3b/1/coCW6KzXbpqhfz62eAQG49pWPtI.mft
Manifest number:          1444
Signing time:             Thu 12 Jun 2025 14:00:43 +0000
Manifest this update:     Thu 12 Jun 2025 14:00:43 +0000
Manifest next update:     Fri 13 Jun 2025 14:00:43 +0000
Files and hashes:         1: coCW6KzXbpqhfz62eAQG49pWPtI.crl (hash: AvzVAV7BadbCLIs+SGecx9KEImEkCdDpp9K/qV0nnCU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/44/bf144b-aab5-407e-904f-c1734d50cb3b/1/coCW6KzXbpqhfz62eAQG49pWPtI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/44/bf144b-aab5-407e-904f-c1734d50cb3b/1/coCW6KzXbpqhfz62eAQG49pWPtI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/coCW6KzXbpqhfz62eAQG49pWPtI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 13 Jun 2025 13:55:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:64:71:68:c2:57:20:6f:20:4c:c9:65:c0:30:b0:e4:b3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=728096e8acd76e9aa17f3eb6780406e3da563ed2
        Validity
            Not Before: Jun 12 14:00:43 2025 GMT
            Not After : Jun 13 14:00:43 2025 GMT
        Subject: CN=4208a625aa07424949b145ec4d5c0b283ed6df41
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:68:30:2d:86:5a:de:8a:7b:c7:2e:59:e2:bf:
                    b9:a6:73:ed:1f:4c:8f:bd:8f:f7:18:08:4e:66:9f:
                    3f:d7:05:91:4e:c7:1f:20:3c:96:79:96:e9:ad:6b:
                    58:3f:b6:92:cf:c6:86:92:24:1b:61:59:64:e8:c9:
                    9c:10:c6:d6:2f:27:e9:42:ad:d9:cf:c5:84:22:2f:
                    75:a6:1a:4a:67:cf:35:1d:e8:95:9e:24:90:62:77:
                    73:ba:c6:d0:7f:00:f9:c2:98:7b:32:15:ae:c7:48:
                    1e:1e:c6:37:11:44:03:00:ef:fe:9f:d1:4b:8f:d1:
                    82:e7:56:c5:8d:d7:5c:a5:1f:9f:36:ca:77:54:27:
                    44:0c:6e:e1:1c:7c:19:15:0c:64:f5:22:03:c3:03:
                    20:2b:f0:0f:bd:78:f0:02:58:b9:11:b6:f7:4d:6d:
                    34:98:6e:2a:1a:8f:d3:bb:4a:b7:5a:4d:21:44:0e:
                    33:88:94:5b:ef:c7:fb:99:83:1c:69:6b:e5:ed:7e:
                    d9:6d:56:fb:55:df:70:0c:77:44:0e:ab:08:3d:b0:
                    30:5f:f4:82:0c:4c:ee:cc:f6:da:d1:d7:04:f3:98:
                    09:d9:32:33:86:04:91:65:bd:21:b2:76:b7:0c:4a:
                    9c:33:36:69:06:be:7f:cb:eb:5e:fa:ba:04:7f:e3:
                    79:b9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                42:08:A6:25:AA:07:42:49:49:B1:45:EC:4D:5C:0B:28:3E:D6:DF:41
            X509v3 Authority Key Identifier:
                keyid:72:80:96:E8:AC:D7:6E:9A:A1:7F:3E:B6:78:04:06:E3:DA:56:3E:D2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/coCW6KzXbpqhfz62eAQG49pWPtI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/44/bf144b-aab5-407e-904f-c1734d50cb3b/1/coCW6KzXbpqhfz62eAQG49pWPtI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/44/bf144b-aab5-407e-904f-c1734d50cb3b/1/coCW6KzXbpqhfz62eAQG49pWPtI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         61:fb:3d:78:2c:0b:4c:f4:55:aa:fd:0b:f8:9c:af:8d:56:b7:
         41:a9:60:6d:c0:c0:bb:41:6d:12:b6:80:e2:61:71:f2:5d:7a:
         94:c1:31:c9:7b:e3:27:89:5b:f0:54:7a:cb:31:56:17:d6:07:
         09:12:07:14:9e:d4:90:ef:b0:3b:56:31:3c:b1:72:d2:ed:65:
         7f:6c:6f:85:26:b2:dc:fe:5c:ce:9e:53:25:c0:01:bd:66:fe:
         06:31:34:1d:ec:bc:c1:15:6c:92:24:da:4c:ff:6a:12:92:b8:
         0c:58:c8:ad:78:21:c5:ef:53:31:94:22:a4:ac:bf:e5:09:63:
         31:d2:25:90:b4:25:fa:45:00:47:a7:01:b2:9b:20:d1:80:cf:
         f9:c3:0a:cb:98:c4:e6:8e:6a:3f:35:20:53:8c:9b:3a:bc:24:
         ef:25:31:a9:d0:f9:b7:08:3c:54:18:83:77:22:38:02:33:d2:
         18:b8:3a:06:6e:d2:12:6f:ab:cf:d0:e9:c2:21:85:55:41:f6:
         6e:c4:b2:5b:c6:c4:d0:90:b3:df:bf:ee:20:7b:6d:2b:71:39:
         bd:9a:eb:10:f9:42:0d:27:90:52:f7:c3:9f:a3:aa:4e:e1:5c:
         a8:c8:60:7e:0c:99:a2:9e:dd:9a:b2:2d:45:99:fd:d3:b9:1d:
         9d:80:a7:6e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdkcWjCVyBvIEzJZcAwsOSzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyODA5NmU4YWNkNzZlOWFhMTdmM2ViNjc4MDQwNmUzZGE1
NjNlZDIwHhcNMjUwNjEyMTQwMDQzWhcNMjUwNjEzMTQwMDQzWjAzMTEwLwYDVQQD
Eyg0MjA4YTYyNWFhMDc0MjQ5NDliMTQ1ZWM0ZDVjMGIyODNlZDZkZjQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoGgwLYZa3op7xy5Z4r+5pnPtH0yP
vY/3GAhOZp8/1wWRTscfIDyWeZbprWtYP7aSz8aGkiQbYVlk6MmcEMbWLyfpQq3Z
z8WEIi91phpKZ881HeiVniSQYndzusbQfwD5wph7MhWux0geHsY3EUQDAO/+n9FL
j9GC51bFjddcpR+fNsp3VCdEDG7hHHwZFQxk9SIDwwMgK/APvXjwAli5Ebb3TW00
mG4qGo/Tu0q3Wk0hRA4ziJRb78f7mYMcaWvl7X7ZbVb7Vd9wDHdEDqsIPbAwX/SC
DEzuzPba0dcE85gJ2TIzhgSRZb0hsna3DEqcMzZpBr5/y+te+roEf+N5uQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEIIpiWqB0JJSbFF7E1cCyg+1t9BMB8GA1UdIwQY
MBaAFHKAluis126aoX8+tngEBuPaVj7SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY29DVzZLelhicHFoZno2MmVBUUc0OXBXUHRJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NC9iZjE0NGItYWFiNS00MDdlLTkwNGYt
YzE3MzRkNTBjYjNiLzEvY29DVzZLelhicHFoZno2MmVBUUc0OXBXUHRJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NC9iZjE0NGItYWFiNS00MDdlLTkwNGYtYzE3MzRkNTBjYjNi
LzEvY29DVzZLelhicHFoZno2MmVBUUc0OXBXUHRJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYfs9eCwL
TPRVqv0L+JyvjVa3QalgbcDAu0FtEraA4mFx8l16lMExyXvjJ4lb8FR6yzFWF9YH
CRIHFJ7UkO+wO1YxPLFy0u1lf2xvhSay3P5czp5TJcABvWb+BjE0Hey8wRVskiTa
TP9qEpK4DFjIrXghxe9TMZQipKy/5QljMdIlkLQl+kUAR6cBspsg0YDP+cMKy5jE
5o5qPzUgU4ybOrwk7yUxqdD5twg8VBiDdyI4AjPSGLg6Bm7SEm+rz9DpwiGFVUH2
bsSyW8bE0JCz37/uIHttK3E5vZrrEPlCDSeQUvfDn6OqTuFcqMhgfgyZop7dmrIt
RZn907kdnYCnbg==
-----END CERTIFICATE-----
Generated at Thu Jun 12 16:01:53 2025 by rpki-client