Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/8c8811-01c6-47c2-b5f0-3c1624100752/1/5NCejvFx6a4hYnzKdu1k_Rfm7tI.mft
File:                     5NCejvFx6a4hYnzKdu1k_Rfm7tI.mft (raw, json)
Hash identifier:          tPjJGSIHCaCatFv00pT211nLr2tGwtE38RaxkMBh0gY=
Subject key identifier:   DF:28:34:D2:8F:EC:04:94:90:2D:85:FE:02:AB:59:C7:6D:A5:9E:7E
Authority key identifier: E4:D0:9E:8E:F1:71:E9:AE:21:62:7C:CA:76:ED:64:FD:17:E6:EE:D2
Certificate issuer:       /CN=e4d09e8ef171e9ae21627cca76ed64fd17e6eed2
Certificate serial:       01975490BD9C4548F79B354279F81AC05B84
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/5NCejvFx6a4hYnzKdu1k_Rfm7tI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/58/8c8811-01c6-47c2-b5f0-3c1624100752/1/5NCejvFx6a4hYnzKdu1k_Rfm7tI.mft
Manifest number:          14C3
Signing time:             Mon 09 Jun 2025 12:01:01 +0000
Manifest this update:     Mon 09 Jun 2025 12:01:01 +0000
Manifest next update:     Tue 10 Jun 2025 12:01:01 +0000
Files and hashes:         1: 5NCejvFx6a4hYnzKdu1k_Rfm7tI.crl (hash: /1b+WQnB/V+2ZP9fEZEFQmCTmMoGb4G8YGj1FsOAo2Q=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/58/8c8811-01c6-47c2-b5f0-3c1624100752/1/5NCejvFx6a4hYnzKdu1k_Rfm7tI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/58/8c8811-01c6-47c2-b5f0-3c1624100752/1/5NCejvFx6a4hYnzKdu1k_Rfm7tI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/5NCejvFx6a4hYnzKdu1k_Rfm7tI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 10 Jun 2025 11:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:54:90:bd:9c:45:48:f7:9b:35:42:79:f8:1a:c0:5b:84
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e4d09e8ef171e9ae21627cca76ed64fd17e6eed2
        Validity
            Not Before: Jun  9 12:01:01 2025 GMT
            Not After : Jun 10 12:01:01 2025 GMT
        Subject: CN=df2834d28fec0494902d85fe02ab59c76da59e7e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:df:19:45:4f:17:be:39:21:1a:35:76:0d:a9:93:
                    f1:0b:05:54:81:fc:7d:c8:d9:6c:52:31:62:99:80:
                    cc:a1:41:ee:58:32:4d:dc:85:a1:44:9f:d4:cd:af:
                    d9:61:87:31:79:09:9f:e1:21:7d:0f:25:ca:cf:36:
                    45:af:2c:d7:c2:df:0e:f1:13:b1:bf:4f:ef:75:b9:
                    89:6f:08:e8:56:62:37:3f:5c:42:cf:c6:2c:72:a2:
                    82:19:c6:37:55:d4:0e:e5:e0:22:e3:14:f9:ab:90:
                    e5:42:a0:cf:fa:ab:e2:96:7b:99:c8:f5:47:c9:24:
                    b8:c4:b7:e3:86:a4:d9:2a:e1:01:42:1d:40:20:d9:
                    a8:08:34:00:89:cd:0a:9b:5e:28:ba:c2:8f:63:af:
                    59:06:f3:ca:90:40:fc:6a:cc:6e:db:fa:73:2b:c3:
                    65:f9:69:cd:df:22:60:5a:3c:02:0b:63:08:4a:f6:
                    6f:02:33:8c:fc:3c:e9:c6:be:0b:69:71:34:d8:f0:
                    24:30:af:87:a8:68:6d:7d:53:26:71:76:67:5f:15:
                    ad:ce:94:94:12:fd:a9:d9:dd:c4:2e:10:4f:e6:0b:
                    af:52:f8:18:06:af:61:97:bd:cf:0a:3a:40:8d:73:
                    06:7d:bd:43:0f:fe:fd:07:5d:11:40:d2:b3:45:2c:
                    a7:d1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DF:28:34:D2:8F:EC:04:94:90:2D:85:FE:02:AB:59:C7:6D:A5:9E:7E
            X509v3 Authority Key Identifier:
                keyid:E4:D0:9E:8E:F1:71:E9:AE:21:62:7C:CA:76:ED:64:FD:17:E6:EE:D2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5NCejvFx6a4hYnzKdu1k_Rfm7tI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/8c8811-01c6-47c2-b5f0-3c1624100752/1/5NCejvFx6a4hYnzKdu1k_Rfm7tI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/58/8c8811-01c6-47c2-b5f0-3c1624100752/1/5NCejvFx6a4hYnzKdu1k_Rfm7tI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4d:46:0d:83:6f:51:e6:73:40:f7:9d:d6:e3:f6:40:a4:80:49:
         3c:1b:34:14:63:bd:53:81:33:da:77:2f:91:75:50:98:32:1b:
         fc:7c:ec:3e:a0:21:c4:9e:aa:55:3e:fb:63:1f:90:28:cc:84:
         a4:85:2a:a8:50:e6:c0:91:91:fb:54:74:96:92:2e:e5:14:9d:
         7e:40:aa:aa:4f:f1:86:d1:06:fd:c2:41:10:dd:4f:db:d3:73:
         18:65:84:7d:19:6a:15:7c:ee:c1:ab:cf:31:c9:a5:9f:e9:58:
         d1:f4:4f:b5:68:32:d0:45:ed:a7:74:05:32:65:e6:7f:df:94:
         ed:f3:3a:8b:71:be:06:21:81:ad:04:b2:0f:a3:44:c1:09:dc:
         f2:fa:b0:e2:c3:61:5b:b6:02:2f:90:76:86:89:3f:54:1f:72:
         0c:6f:3d:4a:f5:79:89:02:90:13:73:59:46:c9:6a:20:a0:ca:
         d7:94:d1:82:4a:4a:a9:8d:25:dc:c4:66:29:a0:f1:38:eb:17:
         d4:b2:71:91:28:96:b0:41:a8:af:cd:2e:fd:43:a3:f5:16:bb:
         4b:27:28:ee:a6:32:09:7f:0f:3a:cb:6a:29:57:4c:aa:ad:b1:
         1b:44:34:85:39:cd:73:55:7d:0d:96:ff:32:76:6f:72:d1:a9:
         46:09:2d:b3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdUkL2cRUj3mzVCefgawFuEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU0ZDA5ZThlZjE3MWU5YWUyMTYyN2NjYTc2ZWQ2NGZkMTdl
NmVlZDIwHhcNMjUwNjA5MTIwMTAxWhcNMjUwNjEwMTIwMTAxWjAzMTEwLwYDVQQD
EyhkZjI4MzRkMjhmZWMwNDk0OTAyZDg1ZmUwMmFiNTljNzZkYTU5ZTdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3xlFTxe+OSEaNXYNqZPxCwVUgfx9
yNlsUjFimYDMoUHuWDJN3IWhRJ/Uza/ZYYcxeQmf4SF9DyXKzzZFryzXwt8O8ROx
v0/vdbmJbwjoVmI3P1xCz8YscqKCGcY3VdQO5eAi4xT5q5DlQqDP+qvilnuZyPVH
ySS4xLfjhqTZKuEBQh1AINmoCDQAic0Km14ousKPY69ZBvPKkED8asxu2/pzK8Nl
+WnN3yJgWjwCC2MISvZvAjOM/Dzpxr4LaXE02PAkMK+HqGhtfVMmcXZnXxWtzpSU
Ev2p2d3ELhBP5guvUvgYBq9hl73PCjpAjXMGfb1DD/79B10RQNKzRSyn0QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFN8oNNKP7ASUkC2F/gKrWcdtpZ5+MB8GA1UdIwQY
MBaAFOTQno7xcemuIWJ8ynbtZP0X5u7SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNU5DZWp2Rng2YTRoWW56S2R1MWtfUmZtN3RJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC84Yzg4MTEtMDFjNi00N2MyLWI1ZjAt
M2MxNjI0MTAwNzUyLzEvNU5DZWp2Rng2YTRoWW56S2R1MWtfUmZtN3RJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC84Yzg4MTEtMDFjNi00N2MyLWI1ZjAtM2MxNjI0MTAwNzUy
LzEvNU5DZWp2Rng2YTRoWW56S2R1MWtfUmZtN3RJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATUYNg29R
5nNA953W4/ZApIBJPBs0FGO9U4Ez2ncvkXVQmDIb/HzsPqAhxJ6qVT77Yx+QKMyE
pIUqqFDmwJGR+1R0lpIu5RSdfkCqqk/xhtEG/cJBEN1P29NzGGWEfRlqFXzuwavP
Mcmln+lY0fRPtWgy0EXtp3QFMmXmf9+U7fM6i3G+BiGBrQSyD6NEwQnc8vqw4sNh
W7YCL5B2hok/VB9yDG89SvV5iQKQE3NZRslqIKDK15TRgkpKqY0l3MRmKaDxOOsX
1LJxkSiWsEGor80u/UOj9Ra7Syco7qYyCX8POstqKVdMqq2xG0Q0hTnNc1V9DZb/
MnZvctGpRgktsw==
-----END CERTIFICATE-----
Generated at Mon Jun 9 20:42:53 2025 by rpki-client