Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4a/4ae99d-f552-476c-8177-ebf5f0433772/1/xZZ4VHbvuud_lh0jBXBX-gNvsn8.mft
File:                     xZZ4VHbvuud_lh0jBXBX-gNvsn8.mft (raw, json)
Hash identifier:          KfuuNuRnliUtyqXVF1zLVsOQthXGbkxaIAJw4W3xZtg=
Subject key identifier:   15:24:48:41:7E:9B:1E:76:A5:0D:7E:7E:49:DD:E5:51:04:04:0F:FE
Authority key identifier: C5:96:78:54:76:EF:BA:E7:7F:96:1D:23:05:70:57:FA:03:6F:B2:7F
Certificate issuer:       /CN=c596785476efbae77f961d23057057fa036fb27f
Certificate serial:       019756EC7F7CAC7CD4FE943220B503892DB8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/xZZ4VHbvuud_lh0jBXBX-gNvsn8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4a/4ae99d-f552-476c-8177-ebf5f0433772/1/xZZ4VHbvuud_lh0jBXBX-gNvsn8.mft
Manifest number:          142F
Signing time:             Mon 09 Jun 2025 23:00:29 +0000
Manifest this update:     Mon 09 Jun 2025 23:00:29 +0000
Manifest next update:     Tue 10 Jun 2025 23:00:29 +0000
Files and hashes:         1: xZZ4VHbvuud_lh0jBXBX-gNvsn8.crl (hash: 7vEEiG3enXsJuqb9lO/AZRnUERA9FnvFAf0Qqx6GxoE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/4a/4ae99d-f552-476c-8177-ebf5f0433772/1/xZZ4VHbvuud_lh0jBXBX-gNvsn8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/4a/4ae99d-f552-476c-8177-ebf5f0433772/1/xZZ4VHbvuud_lh0jBXBX-gNvsn8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/xZZ4VHbvuud_lh0jBXBX-gNvsn8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 10 Jun 2025 23:00:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:56:ec:7f:7c:ac:7c:d4:fe:94:32:20:b5:03:89:2d:b8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c596785476efbae77f961d23057057fa036fb27f
        Validity
            Not Before: Jun  9 23:00:29 2025 GMT
            Not After : Jun 10 23:00:29 2025 GMT
        Subject: CN=152448417e9b1e76a50d7e7e49dde55104040ffe
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:e6:fa:cc:76:0f:db:17:a4:b4:c3:d6:e8:45:
                    2a:7d:9d:bf:59:e5:d2:78:3d:b6:ef:77:ec:01:62:
                    eb:fa:da:7a:ae:44:6b:78:0a:8d:49:25:ed:cd:43:
                    b0:ab:c1:79:1a:fa:50:7c:2c:76:6c:bb:67:53:7e:
                    03:a1:d8:e5:f5:6a:d5:fc:74:84:1c:7a:9e:58:82:
                    b3:c6:b9:e7:d5:46:b2:04:24:67:c9:09:e3:7f:de:
                    ca:d5:e0:35:b4:44:b2:ff:e6:6a:95:87:0d:60:d9:
                    15:b9:e8:50:67:3a:41:ac:80:e2:c7:d2:99:07:81:
                    75:e5:d3:ad:3c:54:61:e8:26:9d:13:cc:98:e8:df:
                    57:22:c9:0e:62:38:b1:0f:8b:7d:32:e3:2c:88:0a:
                    6b:37:da:d4:c7:e8:1c:3c:75:2b:d9:40:aa:09:7f:
                    c1:8b:6d:6f:41:17:2f:93:37:f8:45:42:56:a9:58:
                    da:88:54:1a:24:7d:ae:6f:fb:ac:99:57:f1:9c:f6:
                    52:ea:c1:49:c7:2b:24:c9:b8:af:72:a9:28:81:f5:
                    55:0b:c3:5c:7c:79:5f:20:87:a9:04:36:2a:1e:f8:
                    0e:3a:ca:a6:97:96:e5:de:7d:5a:f0:82:1f:24:c1:
                    9e:49:41:86:ab:35:57:c3:7f:52:76:b8:62:e8:13:
                    f6:bb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                15:24:48:41:7E:9B:1E:76:A5:0D:7E:7E:49:DD:E5:51:04:04:0F:FE
            X509v3 Authority Key Identifier:
                keyid:C5:96:78:54:76:EF:BA:E7:7F:96:1D:23:05:70:57:FA:03:6F:B2:7F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xZZ4VHbvuud_lh0jBXBX-gNvsn8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/4ae99d-f552-476c-8177-ebf5f0433772/1/xZZ4VHbvuud_lh0jBXBX-gNvsn8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/4ae99d-f552-476c-8177-ebf5f0433772/1/xZZ4VHbvuud_lh0jBXBX-gNvsn8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         ae:df:a5:77:9d:97:da:a3:49:61:ac:f4:c3:dc:bb:2a:d6:56:
         d1:11:7f:fc:e7:b3:7e:cd:30:e1:37:4f:21:9e:8f:25:b0:72:
         cb:32:0e:48:71:c3:c3:10:24:bf:ae:40:0e:0a:f6:40:44:29:
         e4:ad:ce:63:ad:c1:f8:a9:7f:d5:e5:0e:3d:59:c2:12:10:c3:
         60:7c:44:f6:91:99:53:63:b3:82:02:57:cb:47:ac:01:57:4d:
         eb:31:9f:f3:a4:f4:14:cc:9d:34:9f:1c:3c:cf:5e:9a:01:2a:
         ac:89:eb:18:a1:7e:60:7e:fc:4a:2d:47:a6:4e:4e:e0:75:df:
         40:e5:ed:00:c9:c1:2b:76:a2:a4:d7:34:8d:76:b0:ae:87:86:
         10:db:3d:4f:45:24:92:65:1b:7d:92:8a:62:d7:84:34:f2:48:
         f5:83:5c:d0:21:52:d5:6c:ce:77:54:53:de:96:08:6d:a0:df:
         58:b6:64:eb:90:01:bb:0e:da:23:35:f8:c7:a5:5c:9e:ea:b3:
         2b:b9:53:73:a3:b6:d3:f1:83:1f:18:c4:dc:2c:e1:49:95:b0:
         23:3c:4e:18:d4:d7:bf:d6:04:84:ca:9a:3e:d8:6b:c2:bf:fc:
         a7:be:5f:0e:5e:ca:7c:42:a9:b7:92:25:88:fa:2b:9c:47:1f:
         86:20:96:4f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdW7H98rHzU/pQyILUDiS24MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM1OTY3ODU0NzZlZmJhZTc3Zjk2MWQyMzA1NzA1N2ZhMDM2
ZmIyN2YwHhcNMjUwNjA5MjMwMDI5WhcNMjUwNjEwMjMwMDI5WjAzMTEwLwYDVQQD
EygxNTI0NDg0MTdlOWIxZTc2YTUwZDdlN2U0OWRkZTU1MTA0MDQwZmZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAteb6zHYP2xektMPW6EUqfZ2/WeXS
eD2273fsAWLr+tp6rkRreAqNSSXtzUOwq8F5GvpQfCx2bLtnU34Dodjl9WrV/HSE
HHqeWIKzxrnn1UayBCRnyQnjf97K1eA1tESy/+ZqlYcNYNkVuehQZzpBrIDix9KZ
B4F15dOtPFRh6CadE8yY6N9XIskOYjixD4t9MuMsiAprN9rUx+gcPHUr2UCqCX/B
i21vQRcvkzf4RUJWqVjaiFQaJH2ub/usmVfxnPZS6sFJxyskybivcqkogfVVC8Nc
fHlfIIepBDYqHvgOOsqml5bl3n1a8IIfJMGeSUGGqzVXw39Sdrhi6BP2uwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBUkSEF+mx52pQ1+fknd5VEEBA/+MB8GA1UdIwQY
MBaAFMWWeFR277rnf5YdIwVwV/oDb7J/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveFpaNFZIYnZ1dWRfbGgwakJYQlgtZ052c244LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80YS80YWU5OWQtZjU1Mi00NzZjLTgxNzct
ZWJmNWYwNDMzNzcyLzEveFpaNFZIYnZ1dWRfbGgwakJYQlgtZ052c244Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80YS80YWU5OWQtZjU1Mi00NzZjLTgxNzctZWJmNWYwNDMzNzcy
LzEveFpaNFZIYnZ1dWRfbGgwakJYQlgtZ052c244LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEArt+ld52X
2qNJYaz0w9y7KtZW0RF//Oezfs0w4TdPIZ6PJbByyzIOSHHDwxAkv65ADgr2QEQp
5K3OY63B+Kl/1eUOPVnCEhDDYHxE9pGZU2OzggJXy0esAVdN6zGf86T0FMydNJ8c
PM9emgEqrInrGKF+YH78Si1Hpk5O4HXfQOXtAMnBK3aipNc0jXawroeGENs9T0Uk
kmUbfZKKYteENPJI9YNc0CFS1WzOd1RT3pYIbaDfWLZk65ABuw7aIzX4x6Vcnuqz
K7lTc6O20/GDHxjE3CzhSZWwIzxOGNTXv9YEhMqaPthrwr/8p75fDl7KfEKpt5Il
iPornEcfhiCWTw==
-----END CERTIFICATE-----
Generated at Tue Jun 10 08:09:15 2025 by rpki-client