Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/8c8811-01c6-47c2-b5f0-3c1624100752/1/5NCejvFx6a4hYnzKdu1k_Rfm7tI.mft
File:                     5NCejvFx6a4hYnzKdu1k_Rfm7tI.mft (raw, json)
Hash identifier:          Z1zaA5JF0WtKjhWKjYEBwQ5iYOHL2cfk+uvwBbGbKp8=
Subject key identifier:   D6:E8:3D:14:C2:7A:18:19:B2:8C:97:C9:FF:65:A8:CE:B4:B2:9C:CC
Authority key identifier: E4:D0:9E:8E:F1:71:E9:AE:21:62:7C:CA:76:ED:64:FD:17:E6:EE:D2
Certificate issuer:       /CN=e4d09e8ef171e9ae21627cca76ed64fd17e6eed2
Certificate serial:       0197640372683259CFF9C190D8A236B566C5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/5NCejvFx6a4hYnzKdu1k_Rfm7tI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/58/8c8811-01c6-47c2-b5f0-3c1624100752/1/5NCejvFx6a4hYnzKdu1k_Rfm7tI.mft
Manifest number:          14CB
Signing time:             Thu 12 Jun 2025 12:00:36 +0000
Manifest this update:     Thu 12 Jun 2025 12:00:36 +0000
Manifest next update:     Fri 13 Jun 2025 12:00:36 +0000
Files and hashes:         1: 5NCejvFx6a4hYnzKdu1k_Rfm7tI.crl (hash: ScZS2g+tXC0owwpXbUYA7X9zw7YSSM0Imv/Le670Q7o=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/58/8c8811-01c6-47c2-b5f0-3c1624100752/1/5NCejvFx6a4hYnzKdu1k_Rfm7tI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/58/8c8811-01c6-47c2-b5f0-3c1624100752/1/5NCejvFx6a4hYnzKdu1k_Rfm7tI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/5NCejvFx6a4hYnzKdu1k_Rfm7tI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 13 Jun 2025 12:00:36 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:64:03:72:68:32:59:cf:f9:c1:90:d8:a2:36:b5:66:c5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e4d09e8ef171e9ae21627cca76ed64fd17e6eed2
        Validity
            Not Before: Jun 12 12:00:36 2025 GMT
            Not After : Jun 13 12:00:36 2025 GMT
        Subject: CN=d6e83d14c27a1819b28c97c9ff65a8ceb4b29ccc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:7f:53:9f:22:c7:97:82:17:23:81:1c:47:fa:
                    04:1a:a5:6e:bf:06:79:84:71:c4:e6:db:d0:3e:b3:
                    5d:1d:43:d5:c3:42:6b:03:26:1d:f2:86:ba:c1:94:
                    52:c1:9f:67:41:96:47:91:8e:5e:d4:41:85:8c:5d:
                    de:65:d7:3f:02:ee:b7:3e:81:e0:ab:ae:fc:f0:57:
                    d5:eb:22:60:4d:0f:c6:f7:f7:29:86:ef:3f:92:cc:
                    45:18:fe:1d:91:e6:12:73:7c:22:06:e3:fb:73:e8:
                    5c:bd:47:d1:05:5e:7b:be:67:cc:23:ea:36:1d:75:
                    2a:a0:93:50:a7:10:30:ad:92:3a:97:4f:fb:70:0e:
                    5e:4a:34:ca:07:d2:f1:e4:ad:44:bb:a3:ec:af:81:
                    07:97:b8:18:8e:9e:c9:58:6d:5a:5f:d5:14:36:05:
                    96:81:bb:ff:67:65:26:c0:a1:33:6c:46:53:cd:a9:
                    45:3b:75:99:44:97:dd:67:23:6c:74:05:4e:4b:34:
                    9d:36:16:15:bc:64:48:cc:5a:f6:a0:d5:37:32:69:
                    b1:f3:e9:df:b5:75:9d:9b:6d:36:88:ab:d7:fa:77:
                    0f:54:e0:a2:47:86:03:d8:3c:55:3e:69:52:fd:ff:
                    9c:15:c9:54:c5:26:1b:92:c1:62:c0:77:94:70:fe:
                    88:11
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D6:E8:3D:14:C2:7A:18:19:B2:8C:97:C9:FF:65:A8:CE:B4:B2:9C:CC
            X509v3 Authority Key Identifier:
                keyid:E4:D0:9E:8E:F1:71:E9:AE:21:62:7C:CA:76:ED:64:FD:17:E6:EE:D2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5NCejvFx6a4hYnzKdu1k_Rfm7tI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/8c8811-01c6-47c2-b5f0-3c1624100752/1/5NCejvFx6a4hYnzKdu1k_Rfm7tI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/58/8c8811-01c6-47c2-b5f0-3c1624100752/1/5NCejvFx6a4hYnzKdu1k_Rfm7tI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         12:c3:f5:3f:c0:82:de:74:1f:47:dd:21:f9:a0:8e:f6:f6:5f:
         19:36:b8:33:e4:be:7f:a7:bc:76:87:ad:a1:be:7d:9a:4d:34:
         a1:b7:f1:12:a9:4b:41:90:21:07:a4:af:bd:d1:46:87:70:d5:
         64:c7:b2:08:87:44:16:80:f0:d3:fc:a8:fb:66:86:ea:a1:7d:
         85:0e:48:8e:71:57:27:3e:90:d9:49:06:aa:5d:f5:96:b0:f4:
         c1:db:4b:4f:08:b9:f8:98:77:59:0a:83:76:7e:44:43:2d:61:
         2a:ef:e3:c8:2a:b7:b2:f2:25:9c:6d:20:b6:fc:d0:d8:0c:fd:
         cf:77:bf:da:e9:12:6c:02:ee:7a:5f:1d:ca:14:01:90:b7:fe:
         c3:c3:00:d2:55:1c:0f:d3:99:cf:6c:f1:43:9c:40:ae:ea:4a:
         86:92:7a:5f:35:88:26:64:12:9e:5d:87:4f:5d:9b:ea:12:2b:
         c5:83:68:6c:89:36:2d:96:b2:86:42:11:28:c0:9f:8b:46:1d:
         dd:b4:03:c1:cb:ba:22:c8:ef:f9:e4:be:df:ea:6f:4b:d1:96:
         c4:c2:7b:ff:e5:bd:39:59:78:c9:31:47:59:f1:41:5d:94:ae:
         22:a2:d5:32:ed:ab:9d:5a:4f:04:9e:ee:b7:a3:f9:fe:81:c4:
         18:65:f5:54
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdkA3JoMlnP+cGQ2KI2tWbFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU0ZDA5ZThlZjE3MWU5YWUyMTYyN2NjYTc2ZWQ2NGZkMTdl
NmVlZDIwHhcNMjUwNjEyMTIwMDM2WhcNMjUwNjEzMTIwMDM2WjAzMTEwLwYDVQQD
EyhkNmU4M2QxNGMyN2ExODE5YjI4Yzk3YzlmZjY1YThjZWI0YjI5Y2NjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsH9TnyLHl4IXI4EcR/oEGqVuvwZ5
hHHE5tvQPrNdHUPVw0JrAyYd8oa6wZRSwZ9nQZZHkY5e1EGFjF3eZdc/Au63PoHg
q6788FfV6yJgTQ/G9/cphu8/ksxFGP4dkeYSc3wiBuP7c+hcvUfRBV57vmfMI+o2
HXUqoJNQpxAwrZI6l0/7cA5eSjTKB9Lx5K1Eu6Psr4EHl7gYjp7JWG1aX9UUNgWW
gbv/Z2UmwKEzbEZTzalFO3WZRJfdZyNsdAVOSzSdNhYVvGRIzFr2oNU3Mmmx8+nf
tXWdm202iKvX+ncPVOCiR4YD2DxVPmlS/f+cFclUxSYbksFiwHeUcP6IEQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNboPRTCehgZsoyXyf9lqM60spzMMB8GA1UdIwQY
MBaAFOTQno7xcemuIWJ8ynbtZP0X5u7SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNU5DZWp2Rng2YTRoWW56S2R1MWtfUmZtN3RJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC84Yzg4MTEtMDFjNi00N2MyLWI1ZjAt
M2MxNjI0MTAwNzUyLzEvNU5DZWp2Rng2YTRoWW56S2R1MWtfUmZtN3RJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC84Yzg4MTEtMDFjNi00N2MyLWI1ZjAtM2MxNjI0MTAwNzUy
LzEvNU5DZWp2Rng2YTRoWW56S2R1MWtfUmZtN3RJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAEsP1P8CC
3nQfR90h+aCO9vZfGTa4M+S+f6e8doetob59mk00obfxEqlLQZAhB6SvvdFGh3DV
ZMeyCIdEFoDw0/yo+2aG6qF9hQ5IjnFXJz6Q2UkGql31lrD0wdtLTwi5+Jh3WQqD
dn5EQy1hKu/jyCq3svIlnG0gtvzQ2Az9z3e/2ukSbALuel8dyhQBkLf+w8MA0lUc
D9OZz2zxQ5xArupKhpJ6XzWIJmQSnl2HT12b6hIrxYNobIk2LZayhkIRKMCfi0Yd
3bQDwcu6Isjv+eS+3+pvS9GWxMJ7/+W9OVl4yTFHWfFBXZSuIqLVMu2rnVpPBJ7u
t6P5/oHEGGX1VA==
-----END CERTIFICATE-----
Generated at Thu Jun 12 21:30:10 2025 by rpki-client