Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/8c8811-01c6-47c2-b5f0-3c1624100752/1/5NCejvFx6a4hYnzKdu1k_Rfm7tI.mft
File:                     5NCejvFx6a4hYnzKdu1k_Rfm7tI.mft (raw, json)
Hash identifier:          U6MwIXwciIjAmPB3RylPgzpwKgv/LOqf/uCGKbBDgD0=
Subject key identifier:   2B:C2:F6:4D:D4:9C:CE:8F:49:ED:89:F2:7C:CC:7D:68:B6:4E:DA:CA
Authority key identifier: E4:D0:9E:8E:F1:71:E9:AE:21:62:7C:CA:76:ED:64:FD:17:E6:EE:D2
Certificate issuer:       /CN=e4d09e8ef171e9ae21627cca76ed64fd17e6eed2
Certificate serial:       0197586DCB75C51A020DC7E24FE42AC19ABD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/5NCejvFx6a4hYnzKdu1k_Rfm7tI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/58/8c8811-01c6-47c2-b5f0-3c1624100752/1/5NCejvFx6a4hYnzKdu1k_Rfm7tI.mft
Manifest number:          14C5
Signing time:             Tue 10 Jun 2025 06:01:19 +0000
Manifest this update:     Tue 10 Jun 2025 06:01:19 +0000
Manifest next update:     Wed 11 Jun 2025 06:01:19 +0000
Files and hashes:         1: 5NCejvFx6a4hYnzKdu1k_Rfm7tI.crl (hash: 3dgLT8YW4ZW0xXpJHWmO+WM+YjhBKhyR88WxxTCgUg0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/58/8c8811-01c6-47c2-b5f0-3c1624100752/1/5NCejvFx6a4hYnzKdu1k_Rfm7tI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/58/8c8811-01c6-47c2-b5f0-3c1624100752/1/5NCejvFx6a4hYnzKdu1k_Rfm7tI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/5NCejvFx6a4hYnzKdu1k_Rfm7tI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 11 Jun 2025 00:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:58:6d:cb:75:c5:1a:02:0d:c7:e2:4f:e4:2a:c1:9a:bd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e4d09e8ef171e9ae21627cca76ed64fd17e6eed2
        Validity
            Not Before: Jun 10 06:01:19 2025 GMT
            Not After : Jun 11 06:01:19 2025 GMT
        Subject: CN=2bc2f64dd49cce8f49ed89f27ccc7d68b64edaca
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:de:5e:f5:6c:8a:3f:ab:2d:3e:4a:5f:74:16:7c:
                    0e:d9:96:1d:7b:66:9f:f5:fa:b4:5c:34:32:bb:e9:
                    39:95:fc:c2:b8:59:28:39:11:e2:e7:f4:80:a4:6e:
                    ae:7a:32:29:76:78:c9:a6:12:3c:42:1f:bc:54:c5:
                    f0:76:5d:6f:cf:bd:61:c8:a6:61:d4:11:9c:d0:fd:
                    6f:3f:a9:5c:1f:8a:75:87:5e:4f:0b:fd:ca:15:97:
                    5f:6f:c4:a7:86:65:5c:e0:13:02:89:b1:60:67:1e:
                    de:e6:5b:85:0f:14:13:ee:0d:8e:af:ea:f0:cc:ec:
                    bc:94:75:82:a4:ec:bd:55:6d:c5:6f:00:31:71:3b:
                    e6:5e:ab:37:ce:45:6f:16:95:02:1a:d6:8a:fb:da:
                    2a:0d:ce:24:81:c7:e7:b1:b6:89:78:27:07:81:48:
                    e0:ac:08:80:b1:37:cf:b3:64:bf:3a:42:eb:8b:85:
                    42:98:8a:2d:19:29:1a:81:fd:45:04:b1:d1:73:24:
                    e9:d9:ad:b9:4f:f1:0c:1d:54:5b:60:83:6c:f3:47:
                    6d:52:d1:25:79:90:03:06:06:8d:b9:d8:87:8e:e3:
                    1a:4f:ee:e8:ee:96:94:c5:01:ed:83:e2:7d:f2:a8:
                    25:5d:43:98:b6:f7:05:46:44:36:16:5a:a0:b2:54:
                    e6:5f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2B:C2:F6:4D:D4:9C:CE:8F:49:ED:89:F2:7C:CC:7D:68:B6:4E:DA:CA
            X509v3 Authority Key Identifier:
                keyid:E4:D0:9E:8E:F1:71:E9:AE:21:62:7C:CA:76:ED:64:FD:17:E6:EE:D2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5NCejvFx6a4hYnzKdu1k_Rfm7tI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/8c8811-01c6-47c2-b5f0-3c1624100752/1/5NCejvFx6a4hYnzKdu1k_Rfm7tI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/58/8c8811-01c6-47c2-b5f0-3c1624100752/1/5NCejvFx6a4hYnzKdu1k_Rfm7tI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2f:82:4d:1a:ea:46:24:e3:dc:23:46:68:d4:5b:84:d6:21:d6:
         0f:a6:25:10:01:7b:70:8b:e4:5b:1d:91:ce:fa:d3:11:13:f7:
         35:30:46:34:bc:e9:32:3f:e1:64:ce:f1:f3:81:6e:b4:99:8d:
         4e:07:f6:c9:16:3a:7f:9b:ee:78:c6:bc:bf:d6:a6:9f:bb:8f:
         d8:45:dc:9f:70:15:3d:71:5c:84:98:b8:ed:60:e5:0b:b3:ae:
         fa:fd:4f:73:8e:f5:51:98:a7:1a:59:73:e4:08:76:75:e6:eb:
         46:52:6f:66:83:2e:b6:23:22:3b:4f:53:37:7e:30:28:2a:1c:
         0b:f0:a7:1d:ec:21:f8:40:b2:dd:3b:8f:42:9d:5a:e6:a6:ea:
         29:82:bd:35:ad:a5:8c:b8:e4:e3:e6:c5:79:1f:16:61:59:4e:
         11:82:00:9a:2a:e0:ff:62:42:a9:16:78:59:17:1e:c9:43:16:
         2e:75:c2:1c:b4:ad:96:da:f4:95:0d:aa:86:f5:a5:1a:96:29:
         5a:38:5d:47:21:71:d4:42:d4:d8:c9:95:ec:43:e6:ac:75:5e:
         69:2f:ab:a6:4c:de:43:80:88:93:a1:ff:fc:63:8e:03:fb:fb:
         9e:04:90:9e:0a:3c:44:2f:e3:31:6d:a2:bf:a7:1e:f7:56:a9:
         d6:7f:07:5b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdYbct1xRoCDcfiT+QqwZq9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU0ZDA5ZThlZjE3MWU5YWUyMTYyN2NjYTc2ZWQ2NGZkMTdl
NmVlZDIwHhcNMjUwNjEwMDYwMTE5WhcNMjUwNjExMDYwMTE5WjAzMTEwLwYDVQQD
EygyYmMyZjY0ZGQ0OWNjZThmNDllZDg5ZjI3Y2NjN2Q2OGI2NGVkYWNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3l71bIo/qy0+Sl90FnwO2ZYde2af
9fq0XDQyu+k5lfzCuFkoORHi5/SApG6uejIpdnjJphI8Qh+8VMXwdl1vz71hyKZh
1BGc0P1vP6lcH4p1h15PC/3KFZdfb8SnhmVc4BMCibFgZx7e5luFDxQT7g2Or+rw
zOy8lHWCpOy9VW3FbwAxcTvmXqs3zkVvFpUCGtaK+9oqDc4kgcfnsbaJeCcHgUjg
rAiAsTfPs2S/OkLri4VCmIotGSkagf1FBLHRcyTp2a25T/EMHVRbYINs80dtUtEl
eZADBgaNudiHjuMaT+7o7paUxQHtg+J98qglXUOYtvcFRkQ2FlqgslTmXwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCvC9k3UnM6PSe2J8nzMfWi2TtrKMB8GA1UdIwQY
MBaAFOTQno7xcemuIWJ8ynbtZP0X5u7SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNU5DZWp2Rng2YTRoWW56S2R1MWtfUmZtN3RJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC84Yzg4MTEtMDFjNi00N2MyLWI1ZjAt
M2MxNjI0MTAwNzUyLzEvNU5DZWp2Rng2YTRoWW56S2R1MWtfUmZtN3RJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC84Yzg4MTEtMDFjNi00N2MyLWI1ZjAtM2MxNjI0MTAwNzUy
LzEvNU5DZWp2Rng2YTRoWW56S2R1MWtfUmZtN3RJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAL4JNGupG
JOPcI0Zo1FuE1iHWD6YlEAF7cIvkWx2RzvrTERP3NTBGNLzpMj/hZM7x84FutJmN
Tgf2yRY6f5vueMa8v9amn7uP2EXcn3AVPXFchJi47WDlC7Ou+v1Pc471UZinGllz
5Ah2debrRlJvZoMutiMiO09TN34wKCocC/CnHewh+ECy3TuPQp1a5qbqKYK9Na2l
jLjk4+bFeR8WYVlOEYIAmirg/2JCqRZ4WRceyUMWLnXCHLStltr0lQ2qhvWlGpYp
WjhdRyFx1ELU2MmV7EPmrHVeaS+rpkzeQ4CIk6H//GOOA/v7ngSQngo8RC/jMW2i
v6ce91ap1n8HWw==
-----END CERTIFICATE-----
Generated at Tue Jun 10 10:43:11 2025 by rpki-client