Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/48/ecdb18-8d3b-4a72-a883-3284684ac7ec/1/JmQ9Xo5785a-PNTesdkvYBtRFp8.mft
File:                     JmQ9Xo5785a-PNTesdkvYBtRFp8.mft (raw, json)
Hash identifier:          PQtszEHkdTQDImt8GgxuaboofY3PE/dSQBrkFEb+Dsg=
Subject key identifier:   47:86:87:E6:F0:4E:94:56:E4:77:96:75:6C:B4:E1:61:10:FD:B2:82
Authority key identifier: 26:64:3D:5E:8E:7B:F3:96:BE:3C:D4:DE:B1:D9:2F:60:1B:51:16:9F
Certificate issuer:       /CN=26643d5e8e7bf396be3cd4deb1d92f601b51169f
Certificate serial:       01975D25AF0D2EAC22C4D0CE39BFD5224321
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/JmQ9Xo5785a-PNTesdkvYBtRFp8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/48/ecdb18-8d3b-4a72-a883-3284684ac7ec/1/JmQ9Xo5785a-PNTesdkvYBtRFp8.mft
Manifest number:          0C1A
Signing time:             Wed 11 Jun 2025 04:00:40 +0000
Manifest this update:     Wed 11 Jun 2025 04:00:40 +0000
Manifest next update:     Thu 12 Jun 2025 04:00:40 +0000
Files and hashes:         1: JmQ9Xo5785a-PNTesdkvYBtRFp8.crl (hash: Q06fwF6RM253FWmU28oW8k2IjkrENOPsov/lMgWLG/s=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/48/ecdb18-8d3b-4a72-a883-3284684ac7ec/1/JmQ9Xo5785a-PNTesdkvYBtRFp8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/48/ecdb18-8d3b-4a72-a883-3284684ac7ec/1/JmQ9Xo5785a-PNTesdkvYBtRFp8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/JmQ9Xo5785a-PNTesdkvYBtRFp8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 12 Jun 2025 04:00:40 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:5d:25:af:0d:2e:ac:22:c4:d0:ce:39:bf:d5:22:43:21
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=26643d5e8e7bf396be3cd4deb1d92f601b51169f
        Validity
            Not Before: Jun 11 04:00:40 2025 GMT
            Not After : Jun 12 04:00:40 2025 GMT
        Subject: CN=478687e6f04e9456e47796756cb4e16110fdb282
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:c7:c3:cf:67:e1:0b:23:e6:48:a4:16:5c:46:
                    e0:0f:1e:a8:86:26:1d:cf:da:4d:0e:40:73:84:ed:
                    9a:bf:f7:c4:ba:a4:a0:5d:e4:cb:d1:c6:f4:6a:e6:
                    09:14:01:fa:e9:7b:66:38:4a:0c:9b:96:da:01:79:
                    cd:6a:55:7b:38:9f:08:6a:f5:ae:4f:d0:bd:52:ee:
                    5e:f0:9b:fb:1f:29:3a:28:79:9d:bb:3b:55:dd:a7:
                    51:cb:99:df:9d:06:a6:c8:55:21:c9:1e:03:d3:8f:
                    44:a9:5e:81:fc:3c:df:21:9c:73:6e:ed:65:5d:92:
                    91:f2:4f:c2:e6:73:ed:d1:5b:71:74:16:5a:81:d9:
                    35:e7:ac:d7:65:6e:1f:a6:54:12:03:7c:3f:a7:2a:
                    70:fa:76:b1:78:30:d4:e5:26:2e:2b:3f:55:5c:68:
                    d2:1d:cb:32:b2:b7:d6:9d:7c:56:78:d5:39:6c:50:
                    4c:89:60:c0:8d:fe:93:1c:cb:6f:89:0f:00:bc:90:
                    fa:0f:0e:93:a7:ba:11:d0:2a:13:e1:cf:f2:d0:d6:
                    10:1b:15:19:62:81:f1:ab:be:10:83:b1:2c:0f:92:
                    84:05:28:ec:4b:97:b1:cc:8e:2e:6e:e1:f0:88:44:
                    e8:fd:e8:0d:6d:8f:4f:cf:77:ae:76:10:7a:c0:c3:
                    8c:0d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                47:86:87:E6:F0:4E:94:56:E4:77:96:75:6C:B4:E1:61:10:FD:B2:82
            X509v3 Authority Key Identifier:
                keyid:26:64:3D:5E:8E:7B:F3:96:BE:3C:D4:DE:B1:D9:2F:60:1B:51:16:9F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JmQ9Xo5785a-PNTesdkvYBtRFp8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/48/ecdb18-8d3b-4a72-a883-3284684ac7ec/1/JmQ9Xo5785a-PNTesdkvYBtRFp8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/48/ecdb18-8d3b-4a72-a883-3284684ac7ec/1/JmQ9Xo5785a-PNTesdkvYBtRFp8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         50:83:a5:88:a7:02:a7:17:67:f2:65:9c:59:1f:e3:8e:f0:39:
         f6:73:d7:cd:c1:c8:4e:70:44:87:8c:3d:dc:87:c7:dd:fa:8e:
         6a:49:a6:02:18:0e:42:20:d9:24:b0:9e:4a:ff:ae:4a:3e:03:
         98:7f:92:32:ef:b0:8f:db:39:1d:81:a5:70:6b:97:8d:cc:4f:
         3e:35:41:56:c4:af:09:e1:04:94:b4:cf:86:41:a1:28:3f:b7:
         ee:c6:a9:5a:fd:ee:cb:69:dc:89:4f:47:12:89:0b:89:26:44:
         96:41:3e:11:3d:5b:7e:b4:b9:10:db:c4:83:72:a8:8d:61:66:
         c5:b4:64:a1:b4:6e:6b:a0:82:4d:f1:a2:91:a9:f9:cb:c0:4c:
         52:7e:2d:1b:3c:46:21:9d:64:9f:ea:ff:72:79:e5:38:3f:ce:
         af:5f:12:bf:79:d0:e2:14:0c:90:99:9c:77:f0:5e:2c:2e:99:
         52:bb:85:3b:dd:e1:75:76:05:dc:f0:16:75:e3:00:49:a4:ee:
         e8:89:c6:be:7b:b0:81:f1:7f:6b:9f:0d:db:f4:51:e5:96:9a:
         69:fc:7a:f5:12:80:49:42:d9:62:3d:48:9c:f9:35:38:65:ee:
         f5:e3:c7:3b:a6:b8:f2:54:97:89:2c:0a:15:ca:4a:aa:0d:60:
         ae:1a:7f:8b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZddJa8NLqwixNDOOb/VIkMhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI2NjQzZDVlOGU3YmYzOTZiZTNjZDRkZWIxZDkyZjYwMWI1
MTE2OWYwHhcNMjUwNjExMDQwMDQwWhcNMjUwNjEyMDQwMDQwWjAzMTEwLwYDVQQD
Eyg0Nzg2ODdlNmYwNGU5NDU2ZTQ3Nzk2NzU2Y2I0ZTE2MTEwZmRiMjgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyMfDz2fhCyPmSKQWXEbgDx6ohiYd
z9pNDkBzhO2av/fEuqSgXeTL0cb0auYJFAH66XtmOEoMm5baAXnNalV7OJ8IavWu
T9C9Uu5e8Jv7Hyk6KHmduztV3adRy5nfnQamyFUhyR4D049EqV6B/DzfIZxzbu1l
XZKR8k/C5nPt0VtxdBZagdk156zXZW4fplQSA3w/pypw+naxeDDU5SYuKz9VXGjS
HcsysrfWnXxWeNU5bFBMiWDAjf6THMtviQ8AvJD6Dw6Tp7oR0CoT4c/y0NYQGxUZ
YoHxq74Qg7EsD5KEBSjsS5exzI4ubuHwiETo/egNbY9Pz3eudhB6wMOMDQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEeGh+bwTpRW5HeWdWy04WEQ/bKCMB8GA1UdIwQY
MBaAFCZkPV6Oe/OWvjzU3rHZL2AbURafMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSm1ROVhvNTc4NWEtUE5UZXNka3ZZQnRSRnA4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OC9lY2RiMTgtOGQzYi00YTcyLWE4ODMt
MzI4NDY4NGFjN2VjLzEvSm1ROVhvNTc4NWEtUE5UZXNka3ZZQnRSRnA4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OC9lY2RiMTgtOGQzYi00YTcyLWE4ODMtMzI4NDY4NGFjN2Vj
LzEvSm1ROVhvNTc4NWEtUE5UZXNka3ZZQnRSRnA4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAUIOliKcC
pxdn8mWcWR/jjvA59nPXzcHITnBEh4w93IfH3fqOakmmAhgOQiDZJLCeSv+uSj4D
mH+SMu+wj9s5HYGlcGuXjcxPPjVBVsSvCeEElLTPhkGhKD+37sapWv3uy2nciU9H
EokLiSZElkE+ET1bfrS5ENvEg3KojWFmxbRkobRua6CCTfGikan5y8BMUn4tGzxG
IZ1kn+r/cnnlOD/Or18Sv3nQ4hQMkJmcd/BeLC6ZUruFO93hdXYF3PAWdeMASaTu
6InGvnuwgfF/a58N2/RR5Zaaafx69RKASULZYj1InPk1OGXu9ePHO6a48lSXiSwK
FcpKqg1grhp/iw==
-----END CERTIFICATE-----
Generated at Wed Jun 11 11:47:52 2025 by rpki-client