Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/48/ecdb18-8d3b-4a72-a883-3284684ac7ec/1/JmQ9Xo5785a-PNTesdkvYBtRFp8.mft
File:                     JmQ9Xo5785a-PNTesdkvYBtRFp8.mft (raw, json)
Hash identifier:          bu+aFnq9v7H2yAOVz7B6dlLOU7XmTuB2dtS2QvypkXg=
Subject key identifier:   71:02:64:13:CB:B4:08:DF:DA:8E:88:0B:31:39:19:8E:A3:C1:1A:A7
Authority key identifier: 26:64:3D:5E:8E:7B:F3:96:BE:3C:D4:DE:B1:D9:2F:60:1B:51:16:9F
Certificate issuer:       /CN=26643d5e8e7bf396be3cd4deb1d92f601b51169f
Certificate serial:       01975B374E1944E9B963F9BBC70C83FB0B87
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/JmQ9Xo5785a-PNTesdkvYBtRFp8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/48/ecdb18-8d3b-4a72-a883-3284684ac7ec/1/JmQ9Xo5785a-PNTesdkvYBtRFp8.mft
Manifest number:          0C19
Signing time:             Tue 10 Jun 2025 19:00:40 +0000
Manifest this update:     Tue 10 Jun 2025 19:00:40 +0000
Manifest next update:     Wed 11 Jun 2025 19:00:40 +0000
Files and hashes:         1: JmQ9Xo5785a-PNTesdkvYBtRFp8.crl (hash: DAvAZercLpWZ/2Z3MtB46av6zLcEdP/RgY9tx98es/g=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/48/ecdb18-8d3b-4a72-a883-3284684ac7ec/1/JmQ9Xo5785a-PNTesdkvYBtRFp8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/48/ecdb18-8d3b-4a72-a883-3284684ac7ec/1/JmQ9Xo5785a-PNTesdkvYBtRFp8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/JmQ9Xo5785a-PNTesdkvYBtRFp8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 11 Jun 2025 14:55:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:5b:37:4e:19:44:e9:b9:63:f9:bb:c7:0c:83:fb:0b:87
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=26643d5e8e7bf396be3cd4deb1d92f601b51169f
        Validity
            Not Before: Jun 10 19:00:40 2025 GMT
            Not After : Jun 11 19:00:40 2025 GMT
        Subject: CN=71026413cbb408dfda8e880b3139198ea3c11aa7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a9:4a:bb:64:d2:51:e7:bd:3c:36:94:27:58:52:
                    d5:4d:5b:5c:e4:ec:15:09:4c:00:9b:40:ed:bd:68:
                    6a:ad:c2:0a:c5:99:1e:6e:47:59:b2:0b:58:df:f6:
                    1d:b4:ed:84:d1:69:cd:ed:2c:6d:81:97:9c:bf:62:
                    b4:49:1c:5f:a8:f8:0a:00:58:07:38:eb:b2:32:ca:
                    1e:8d:78:1f:e6:47:6a:86:2a:3e:4b:7b:ca:7f:2c:
                    02:c0:58:b4:f2:f6:7d:86:86:4f:92:ea:4e:be:85:
                    1d:0b:43:60:3d:45:00:cf:e9:09:49:81:0f:e3:22:
                    3a:dd:8a:fc:81:13:23:d1:1b:60:67:87:2a:9b:0e:
                    98:79:3d:be:fe:5a:59:c7:b2:1b:be:56:d3:14:70:
                    51:ba:45:c4:5f:a3:a9:d3:88:4b:52:32:20:76:8c:
                    f6:0a:af:ce:86:21:04:55:14:92:01:2a:d6:0c:db:
                    d5:3d:30:52:be:8f:58:13:e4:f5:6b:dd:30:82:b8:
                    4c:2b:02:2f:56:56:96:48:d2:49:1d:6b:a0:48:0f:
                    46:d9:a2:12:2c:6e:66:fa:e1:af:27:e9:19:79:4c:
                    e3:b3:e5:12:f2:c9:78:72:12:61:73:ee:30:eb:4a:
                    89:a0:9e:d1:9b:5a:64:3c:f6:41:4a:fa:87:39:f0:
                    cc:37
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                71:02:64:13:CB:B4:08:DF:DA:8E:88:0B:31:39:19:8E:A3:C1:1A:A7
            X509v3 Authority Key Identifier:
                keyid:26:64:3D:5E:8E:7B:F3:96:BE:3C:D4:DE:B1:D9:2F:60:1B:51:16:9F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JmQ9Xo5785a-PNTesdkvYBtRFp8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/48/ecdb18-8d3b-4a72-a883-3284684ac7ec/1/JmQ9Xo5785a-PNTesdkvYBtRFp8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/48/ecdb18-8d3b-4a72-a883-3284684ac7ec/1/JmQ9Xo5785a-PNTesdkvYBtRFp8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         00:6a:59:91:c6:c7:c3:be:7d:6a:3f:b2:13:75:17:a1:b1:45:
         d5:d5:79:2d:52:06:f7:a7:a1:07:fa:2d:05:19:14:5a:bb:de:
         d2:73:67:79:77:07:6a:b8:59:76:6d:08:74:c7:47:eb:4a:76:
         99:6e:61:f4:16:c1:95:25:66:8c:2c:17:e7:3b:69:ba:38:b8:
         ee:63:52:4c:cf:04:af:4e:d7:51:ca:a4:5a:48:f9:77:4f:ec:
         d0:50:34:26:84:d5:5d:6d:9b:75:0e:fb:00:5d:c5:ef:4c:cf:
         e3:92:f7:20:ec:4a:77:3c:ce:1f:97:72:99:6d:fa:5d:d0:ba:
         ae:ff:45:5b:61:6c:da:9d:76:e8:75:33:b0:ae:4b:aa:e0:71:
         e3:04:f5:8a:ce:a7:9a:90:d1:16:41:da:05:81:2d:89:df:c1:
         55:3e:d5:18:c5:74:a0:dc:89:6a:6b:a3:45:09:b3:98:ad:85:
         37:f0:33:b1:b1:1f:54:8e:ec:54:5c:26:24:c1:4f:4e:95:a0:
         c8:36:c9:89:f4:80:fd:78:0a:79:92:10:11:e8:40:67:26:a2:
         e6:6c:da:3c:50:ab:d2:93:d1:2f:e4:d5:eb:24:33:b8:28:a3:
         7b:85:63:84:87:4e:3e:a3:e6:84:ce:8e:45:96:b0:be:a8:91:
         af:cc:2f:3f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdbN04ZROm5Y/m7xwyD+wuHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI2NjQzZDVlOGU3YmYzOTZiZTNjZDRkZWIxZDkyZjYwMWI1
MTE2OWYwHhcNMjUwNjEwMTkwMDQwWhcNMjUwNjExMTkwMDQwWjAzMTEwLwYDVQQD
Eyg3MTAyNjQxM2NiYjQwOGRmZGE4ZTg4MGIzMTM5MTk4ZWEzYzExYWE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqUq7ZNJR5708NpQnWFLVTVtc5OwV
CUwAm0DtvWhqrcIKxZkebkdZsgtY3/YdtO2E0WnN7SxtgZecv2K0SRxfqPgKAFgH
OOuyMsoejXgf5kdqhio+S3vKfywCwFi08vZ9hoZPkupOvoUdC0NgPUUAz+kJSYEP
4yI63Yr8gRMj0RtgZ4cqmw6YeT2+/lpZx7IbvlbTFHBRukXEX6Op04hLUjIgdoz2
Cq/OhiEEVRSSASrWDNvVPTBSvo9YE+T1a90wgrhMKwIvVlaWSNJJHWugSA9G2aIS
LG5m+uGvJ+kZeUzjs+US8sl4chJhc+4w60qJoJ7Rm1pkPPZBSvqHOfDMNwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHECZBPLtAjf2o6ICzE5GY6jwRqnMB8GA1UdIwQY
MBaAFCZkPV6Oe/OWvjzU3rHZL2AbURafMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSm1ROVhvNTc4NWEtUE5UZXNka3ZZQnRSRnA4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OC9lY2RiMTgtOGQzYi00YTcyLWE4ODMt
MzI4NDY4NGFjN2VjLzEvSm1ROVhvNTc4NWEtUE5UZXNka3ZZQnRSRnA4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OC9lY2RiMTgtOGQzYi00YTcyLWE4ODMtMzI4NDY4NGFjN2Vj
LzEvSm1ROVhvNTc4NWEtUE5UZXNka3ZZQnRSRnA4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAAGpZkcbH
w759aj+yE3UXobFF1dV5LVIG96ehB/otBRkUWrve0nNneXcHarhZdm0IdMdH60p2
mW5h9BbBlSVmjCwX5ztpuji47mNSTM8Er07XUcqkWkj5d0/s0FA0JoTVXW2bdQ77
AF3F70zP45L3IOxKdzzOH5dymW36XdC6rv9FW2Fs2p126HUzsK5LquBx4wT1is6n
mpDRFkHaBYEtid/BVT7VGMV0oNyJamujRQmzmK2FN/AzsbEfVI7sVFwmJMFPTpWg
yDbJifSA/XgKeZIQEehAZyai5mzaPFCr0pPRL+TV6yQzuCije4VjhIdOPqPmhM6O
RZawvqiRr8wvPw==
-----END CERTIFICATE-----
Generated at Tue Jun 10 20:57:10 2025 by rpki-client