Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/48/ecdb18-8d3b-4a72-a883-3284684ac7ec/1/JmQ9Xo5785a-PNTesdkvYBtRFp8.mft
File:                     JmQ9Xo5785a-PNTesdkvYBtRFp8.mft (raw, json)
Hash identifier:          NSueZ9TsCBCP0n5QSemkBOF9OF4ZFu9da67Z1rA7xyA=
Subject key identifier:   C0:00:CA:23:5C:DE:23:C7:E0:72:FE:9F:85:B5:53:03:E8:23:53:1E
Authority key identifier: 26:64:3D:5E:8E:7B:F3:96:BE:3C:D4:DE:B1:D9:2F:60:1B:51:16:9F
Certificate issuer:       /CN=26643d5e8e7bf396be3cd4deb1d92f601b51169f
Certificate serial:       01975F1412561C3E1A3AFD2BAE0DEC86F8C0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/JmQ9Xo5785a-PNTesdkvYBtRFp8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/48/ecdb18-8d3b-4a72-a883-3284684ac7ec/1/JmQ9Xo5785a-PNTesdkvYBtRFp8.mft
Manifest number:          0C1B
Signing time:             Wed 11 Jun 2025 13:00:40 +0000
Manifest this update:     Wed 11 Jun 2025 13:00:40 +0000
Manifest next update:     Thu 12 Jun 2025 13:00:40 +0000
Files and hashes:         1: JmQ9Xo5785a-PNTesdkvYBtRFp8.crl (hash: CwDshVndC76noEULcCRpzA/EO4F6W0lDh0v/b99peBc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/48/ecdb18-8d3b-4a72-a883-3284684ac7ec/1/JmQ9Xo5785a-PNTesdkvYBtRFp8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/48/ecdb18-8d3b-4a72-a883-3284684ac7ec/1/JmQ9Xo5785a-PNTesdkvYBtRFp8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/JmQ9Xo5785a-PNTesdkvYBtRFp8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 12 Jun 2025 13:00:40 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:5f:14:12:56:1c:3e:1a:3a:fd:2b:ae:0d:ec:86:f8:c0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=26643d5e8e7bf396be3cd4deb1d92f601b51169f
        Validity
            Not Before: Jun 11 13:00:40 2025 GMT
            Not After : Jun 12 13:00:40 2025 GMT
        Subject: CN=c000ca235cde23c7e072fe9f85b55303e823531e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a4:d0:a7:f5:5a:0c:da:2e:5b:2a:dc:21:ef:d7:
                    1f:b4:3f:b6:8c:77:94:71:4e:ca:d8:1f:09:d4:5e:
                    d8:d2:27:b3:f4:0f:1a:06:fb:27:70:74:88:18:dc:
                    a2:3f:47:ba:04:e7:64:a8:03:b2:cb:13:d5:1d:e6:
                    31:7a:b2:d1:98:fa:3c:d2:74:c6:ae:6e:52:c1:40:
                    f7:6f:55:1c:fa:ed:00:bf:51:69:31:06:de:5d:1d:
                    2a:d5:37:2f:8e:5f:5f:1c:33:7f:f9:17:55:fa:e0:
                    7b:e0:9d:43:56:ef:ee:f7:06:11:17:df:2f:11:71:
                    8d:0f:f3:4b:c4:ba:8b:df:f6:a4:c2:15:ce:c5:39:
                    e2:c9:f4:24:40:e2:08:04:e0:67:20:6d:08:f3:72:
                    f8:bf:3d:cc:a8:93:c0:f7:2a:f7:fe:83:45:9c:a2:
                    2d:17:ef:a0:c1:d2:40:bd:d0:07:25:ce:57:af:6c:
                    66:53:22:6b:21:1c:74:13:9a:92:65:81:64:a9:79:
                    87:5e:b1:9e:ca:25:c6:04:4b:b8:d4:f8:40:32:55:
                    1e:93:a7:b8:7e:00:0d:bd:88:ac:18:f6:1e:c6:86:
                    d2:fa:a6:ee:fd:81:52:61:9e:3e:e7:6b:4e:8c:3b:
                    c0:86:67:b2:b4:db:e7:4a:e8:af:d2:7b:18:22:0e:
                    39:53
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C0:00:CA:23:5C:DE:23:C7:E0:72:FE:9F:85:B5:53:03:E8:23:53:1E
            X509v3 Authority Key Identifier:
                keyid:26:64:3D:5E:8E:7B:F3:96:BE:3C:D4:DE:B1:D9:2F:60:1B:51:16:9F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JmQ9Xo5785a-PNTesdkvYBtRFp8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/48/ecdb18-8d3b-4a72-a883-3284684ac7ec/1/JmQ9Xo5785a-PNTesdkvYBtRFp8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/48/ecdb18-8d3b-4a72-a883-3284684ac7ec/1/JmQ9Xo5785a-PNTesdkvYBtRFp8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         67:99:c0:d6:0d:ef:ee:d0:8b:c4:b6:dd:0f:16:ef:6b:34:72:
         d6:b9:f0:45:2c:01:bf:90:f4:06:6a:18:56:f5:e6:8a:81:df:
         01:f4:c8:b1:8a:87:10:06:5a:74:b0:45:a0:85:ea:f2:ed:32:
         de:11:62:e0:b3:9c:28:4d:a5:15:1b:e2:86:5a:b3:2d:72:6b:
         9c:9a:2a:83:b3:64:47:98:fa:f8:f9:08:5b:15:fc:1b:35:b0:
         a8:8d:bd:9e:cc:dd:ff:d0:0b:1b:5c:1d:7c:4f:77:a4:64:3c:
         c9:39:24:b3:20:8e:b6:17:88:7c:50:7a:cc:d9:f3:3a:94:a4:
         3c:fc:18:80:af:ec:1c:d4:c8:04:e7:65:fe:c0:4e:ab:89:c8:
         0c:d1:74:82:89:7e:b7:dc:3e:1c:14:2c:24:a1:84:ed:c9:78:
         4d:e6:26:09:82:4f:86:fa:a1:ee:39:b9:7a:41:28:f9:94:ca:
         22:df:e3:b5:3a:0b:84:4a:03:d5:2e:74:53:12:4b:e6:4e:bf:
         2e:e2:b6:02:7c:0d:59:3b:67:34:9d:78:3e:00:d7:c6:b8:72:
         3e:8e:d1:5a:15:80:a0:0d:30:a3:4d:32:84:08:c3:e6:50:93:
         3d:57:0a:7c:6b:55:00:39:e7:23:82:84:50:00:a2:e6:40:5f:
         00:cf:8c:3c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdfFBJWHD4aOv0rrg3shvjAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI2NjQzZDVlOGU3YmYzOTZiZTNjZDRkZWIxZDkyZjYwMWI1
MTE2OWYwHhcNMjUwNjExMTMwMDQwWhcNMjUwNjEyMTMwMDQwWjAzMTEwLwYDVQQD
EyhjMDAwY2EyMzVjZGUyM2M3ZTA3MmZlOWY4NWI1NTMwM2U4MjM1MzFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApNCn9VoM2i5bKtwh79cftD+2jHeU
cU7K2B8J1F7Y0iez9A8aBvsncHSIGNyiP0e6BOdkqAOyyxPVHeYxerLRmPo80nTG
rm5SwUD3b1Uc+u0Av1FpMQbeXR0q1Tcvjl9fHDN/+RdV+uB74J1DVu/u9wYRF98v
EXGND/NLxLqL3/akwhXOxTniyfQkQOIIBOBnIG0I83L4vz3MqJPA9yr3/oNFnKIt
F++gwdJAvdAHJc5Xr2xmUyJrIRx0E5qSZYFkqXmHXrGeyiXGBEu41PhAMlUek6e4
fgANvYisGPYexobS+qbu/YFSYZ4+52tOjDvAhmeytNvnSuiv0nsYIg45UwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMAAyiNc3iPH4HL+n4W1UwPoI1MeMB8GA1UdIwQY
MBaAFCZkPV6Oe/OWvjzU3rHZL2AbURafMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSm1ROVhvNTc4NWEtUE5UZXNka3ZZQnRSRnA4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OC9lY2RiMTgtOGQzYi00YTcyLWE4ODMt
MzI4NDY4NGFjN2VjLzEvSm1ROVhvNTc4NWEtUE5UZXNka3ZZQnRSRnA4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OC9lY2RiMTgtOGQzYi00YTcyLWE4ODMtMzI4NDY4NGFjN2Vj
LzEvSm1ROVhvNTc4NWEtUE5UZXNka3ZZQnRSRnA4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZ5nA1g3v
7tCLxLbdDxbvazRy1rnwRSwBv5D0BmoYVvXmioHfAfTIsYqHEAZadLBFoIXq8u0y
3hFi4LOcKE2lFRvihlqzLXJrnJoqg7NkR5j6+PkIWxX8GzWwqI29nszd/9ALG1wd
fE93pGQ8yTkksyCOtheIfFB6zNnzOpSkPPwYgK/sHNTIBOdl/sBOq4nIDNF0gol+
t9w+HBQsJKGE7cl4TeYmCYJPhvqh7jm5ekEo+ZTKIt/jtToLhEoD1S50UxJL5k6/
LuK2AnwNWTtnNJ14PgDXxrhyPo7RWhWAoA0wo00yhAjD5lCTPVcKfGtVADnnI4KE
UACi5kBfAM+MPA==
-----END CERTIFICATE-----
Generated at Wed Jun 11 20:42:16 2025 by rpki-client