Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/5b2305-97fd-4730-b1a0-a779b993df58/1/rfjUKjroBc6WqpT66fW0QG_0VZk.mft
File:                     rfjUKjroBc6WqpT66fW0QG_0VZk.mft (raw, json)
Hash identifier:          jfXx/qF8rLHrwRmbEpGYgF67B/SN8+WU41j2xUxXuZU=
Subject key identifier:   92:18:BC:6D:8D:B5:63:9B:17:31:5B:BB:CB:44:85:83:F3:D5:39:1E
Authority key identifier: AD:F8:D4:2A:3A:E8:05:CE:96:AA:94:FA:E9:F5:B4:40:6F:F4:55:99
Certificate issuer:       /CN=adf8d42a3ae805ce96aa94fae9f5b4406ff45599
Certificate serial:       019754C76FF2DAC5E17BBA1A0152C3E46A8E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/rfjUKjroBc6WqpT66fW0QG_0VZk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/52/5b2305-97fd-4730-b1a0-a779b993df58/1/rfjUKjroBc6WqpT66fW0QG_0VZk.mft
Manifest number:          02E9
Signing time:             Mon 09 Jun 2025 13:00:45 +0000
Manifest this update:     Mon 09 Jun 2025 13:00:45 +0000
Manifest next update:     Tue 10 Jun 2025 13:00:45 +0000
Files and hashes:         1: rfjUKjroBc6WqpT66fW0QG_0VZk.crl (hash: QGfA0q+rZ42w2y/WYLWvLt3nNIKklTvqTvWcLMD2vXk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/52/5b2305-97fd-4730-b1a0-a779b993df58/1/rfjUKjroBc6WqpT66fW0QG_0VZk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/52/5b2305-97fd-4730-b1a0-a779b993df58/1/rfjUKjroBc6WqpT66fW0QG_0VZk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/rfjUKjroBc6WqpT66fW0QG_0VZk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 10 Jun 2025 11:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:54:c7:6f:f2:da:c5:e1:7b:ba:1a:01:52:c3:e4:6a:8e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=adf8d42a3ae805ce96aa94fae9f5b4406ff45599
        Validity
            Not Before: Jun  9 13:00:45 2025 GMT
            Not After : Jun 10 13:00:45 2025 GMT
        Subject: CN=9218bc6d8db5639b17315bbbcb448583f3d5391e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c9:82:81:aa:c6:5b:7c:17:36:dd:d4:f6:60:d2:
                    fb:7c:47:72:2d:91:21:c6:55:ce:27:dd:28:9e:2a:
                    c9:f8:6f:7e:88:56:d0:94:7c:b7:29:f7:6e:c2:0b:
                    b0:4c:01:2a:db:e3:e5:3e:8f:94:59:f0:c0:db:ab:
                    f0:c8:62:f2:12:c6:c3:dd:23:91:31:12:cb:ae:f2:
                    c5:85:66:84:e7:64:00:29:53:70:c7:fc:14:0e:9b:
                    b9:f0:39:f6:29:25:ab:e8:95:8b:29:df:71:27:b1:
                    91:20:10:0b:8b:f6:af:06:cc:3e:d0:99:c2:55:50:
                    b2:a8:21:42:7b:3e:ba:19:ac:42:c1:0c:3a:12:1a:
                    87:d8:4b:2d:fd:8d:8a:a4:b2:62:10:db:29:75:6f:
                    56:f5:34:ec:1e:39:20:47:00:b0:13:a4:5e:5e:e6:
                    91:ad:64:ef:6e:ab:9f:d0:50:0e:28:40:ae:1c:23:
                    4e:cf:8a:c9:dd:4a:11:18:a2:85:28:11:73:46:4a:
                    42:d0:71:25:e0:7f:9c:04:8a:f0:14:88:b9:78:70:
                    64:1f:59:29:01:9c:9a:73:f4:0a:83:91:6a:f0:43:
                    88:89:80:65:0b:22:7d:23:ae:fc:9f:8b:24:a3:79:
                    96:38:cd:fe:f9:fe:e3:33:61:57:11:7e:fa:b7:e2:
                    b1:b9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                92:18:BC:6D:8D:B5:63:9B:17:31:5B:BB:CB:44:85:83:F3:D5:39:1E
            X509v3 Authority Key Identifier:
                keyid:AD:F8:D4:2A:3A:E8:05:CE:96:AA:94:FA:E9:F5:B4:40:6F:F4:55:99

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rfjUKjroBc6WqpT66fW0QG_0VZk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/5b2305-97fd-4730-b1a0-a779b993df58/1/rfjUKjroBc6WqpT66fW0QG_0VZk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/52/5b2305-97fd-4730-b1a0-a779b993df58/1/rfjUKjroBc6WqpT66fW0QG_0VZk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         12:33:af:98:aa:4b:d8:8a:00:85:19:8b:7c:ef:fe:37:93:66:
         c1:15:8a:ee:16:a3:49:49:d4:4a:2e:61:a2:c7:81:2f:3f:84:
         dd:0c:a0:94:13:dd:87:b2:f5:0c:2c:2c:96:ac:24:03:9b:3a:
         0b:45:39:c6:f5:40:79:c5:dd:8d:0b:48:37:e9:6d:24:ad:0b:
         de:36:01:6d:30:a8:ca:27:49:6b:45:27:ec:e7:4e:65:90:15:
         fa:06:50:e0:6c:f9:d9:f0:2c:4b:8d:38:69:a3:3d:03:39:43:
         46:41:9a:aa:cf:5b:8b:d7:79:8f:dd:a1:8c:19:7a:d5:23:16:
         09:5c:f8:48:94:8e:f5:b3:74:9f:c0:a9:48:67:63:5d:bd:ca:
         49:6d:8d:c2:4a:63:db:7d:50:99:9d:79:aa:a1:76:f0:a4:e0:
         9f:3b:17:ae:36:ab:4f:43:8f:e8:3e:bc:fb:ca:37:18:40:64:
         02:27:a3:b9:26:d2:f5:f7:2b:a1:4e:b8:83:5d:b8:ef:a9:0f:
         ac:b1:4d:a6:62:c3:c6:09:10:e4:0b:68:f0:67:76:ae:95:e3:
         c4:e2:0c:f2:18:fa:1b:ba:7b:22:13:91:b5:53:d4:c1:2c:80:
         3d:97:5a:d8:cb:97:6a:f3:d7:1f:d8:27:cc:e7:51:1f:d1:01:
         5a:8e:0d:5b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdUx2/y2sXhe7oaAVLD5GqOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFkZjhkNDJhM2FlODA1Y2U5NmFhOTRmYWU5ZjViNDQwNmZm
NDU1OTkwHhcNMjUwNjA5MTMwMDQ1WhcNMjUwNjEwMTMwMDQ1WjAzMTEwLwYDVQQD
Eyg5MjE4YmM2ZDhkYjU2MzliMTczMTViYmJjYjQ0ODU4M2YzZDUzOTFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyYKBqsZbfBc23dT2YNL7fEdyLZEh
xlXOJ90onirJ+G9+iFbQlHy3KfduwguwTAEq2+PlPo+UWfDA26vwyGLyEsbD3SOR
MRLLrvLFhWaE52QAKVNwx/wUDpu58Dn2KSWr6JWLKd9xJ7GRIBALi/avBsw+0JnC
VVCyqCFCez66GaxCwQw6EhqH2Est/Y2KpLJiENspdW9W9TTsHjkgRwCwE6ReXuaR
rWTvbquf0FAOKECuHCNOz4rJ3UoRGKKFKBFzRkpC0HEl4H+cBIrwFIi5eHBkH1kp
AZyac/QKg5Fq8EOIiYBlCyJ9I678n4sko3mWOM3++f7jM2FXEX76t+KxuQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJIYvG2NtWObFzFbu8tEhYPz1TkeMB8GA1UdIwQY
MBaAFK341Co66AXOlqqU+un1tEBv9FWZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcmZqVUtqcm9CYzZXcXBUNjZmVzBRR18wVlprLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi81YjIzMDUtOTdmZC00NzMwLWIxYTAt
YTc3OWI5OTNkZjU4LzEvcmZqVUtqcm9CYzZXcXBUNjZmVzBRR18wVlprLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi81YjIzMDUtOTdmZC00NzMwLWIxYTAtYTc3OWI5OTNkZjU4
LzEvcmZqVUtqcm9CYzZXcXBUNjZmVzBRR18wVlprLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAEjOvmKpL
2IoAhRmLfO/+N5NmwRWK7hajSUnUSi5hoseBLz+E3QyglBPdh7L1DCwslqwkA5s6
C0U5xvVAecXdjQtIN+ltJK0L3jYBbTCoyidJa0Un7OdOZZAV+gZQ4Gz52fAsS404
aaM9AzlDRkGaqs9bi9d5j92hjBl61SMWCVz4SJSO9bN0n8CpSGdjXb3KSW2Nwkpj
231QmZ15qqF28KTgnzsXrjarT0OP6D68+8o3GEBkAiejuSbS9fcroU64g12476kP
rLFNpmLDxgkQ5Ato8Gd2rpXjxOIM8hj6G7p7IhORtVPUwSyAPZda2MuXavPXH9gn
zOdRH9EBWo4NWw==
-----END CERTIFICATE-----
Generated at Mon Jun 9 19:37:51 2025 by rpki-client