Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/8c8811-01c6-47c2-b5f0-3c1624100752/1/5NCejvFx6a4hYnzKdu1k_Rfm7tI.mft
File:                     5NCejvFx6a4hYnzKdu1k_Rfm7tI.mft (raw, json)
Hash identifier:          GGDpvB8RgwBa81L21qk0JNw8L3wrblJAR/+54adlZZY=
Subject key identifier:   20:E9:C0:B6:6F:C7:D0:BF:F1:A3:44:97:C1:58:33:8D:DC:7B:72:92
Authority key identifier: E4:D0:9E:8E:F1:71:E9:AE:21:62:7C:CA:76:ED:64:FD:17:E6:EE:D2
Certificate issuer:       /CN=e4d09e8ef171e9ae21627cca76ed64fd17e6eed2
Certificate serial:       01976026E360FEA618DB175E94356A930B93
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/5NCejvFx6a4hYnzKdu1k_Rfm7tI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/58/8c8811-01c6-47c2-b5f0-3c1624100752/1/5NCejvFx6a4hYnzKdu1k_Rfm7tI.mft
Manifest number:          14C9
Signing time:             Wed 11 Jun 2025 18:00:50 +0000
Manifest this update:     Wed 11 Jun 2025 18:00:50 +0000
Manifest next update:     Thu 12 Jun 2025 18:00:50 +0000
Files and hashes:         1: 5NCejvFx6a4hYnzKdu1k_Rfm7tI.crl (hash: fOY4xm2/Dah6W6B1MhwlVD2jzkXZwO0XEV6Y6Tuso4E=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/58/8c8811-01c6-47c2-b5f0-3c1624100752/1/5NCejvFx6a4hYnzKdu1k_Rfm7tI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/58/8c8811-01c6-47c2-b5f0-3c1624100752/1/5NCejvFx6a4hYnzKdu1k_Rfm7tI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/5NCejvFx6a4hYnzKdu1k_Rfm7tI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 12 Jun 2025 15:40:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:60:26:e3:60:fe:a6:18:db:17:5e:94:35:6a:93:0b:93
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e4d09e8ef171e9ae21627cca76ed64fd17e6eed2
        Validity
            Not Before: Jun 11 18:00:50 2025 GMT
            Not After : Jun 12 18:00:50 2025 GMT
        Subject: CN=20e9c0b66fc7d0bff1a34497c158338ddc7b7292
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:db:6f:e9:b2:4c:b6:78:ca:19:7d:9f:1d:d1:80:
                    bc:f3:b3:b1:37:51:48:88:b5:84:68:3d:96:fa:f6:
                    90:5a:31:83:82:d3:76:95:78:c8:b2:3c:ae:e5:06:
                    ec:21:09:86:cd:c8:20:69:ed:61:c0:c4:af:2f:78:
                    1e:f4:2c:de:b4:0b:1c:fe:ef:2e:dc:14:d1:0d:26:
                    92:a9:cb:2c:ca:51:4e:fa:6f:a6:48:fc:10:32:30:
                    54:ab:17:1b:c1:56:da:ac:f0:5f:ad:7f:c1:b6:c7:
                    3e:ef:7a:cf:de:2b:d8:80:46:dc:7a:17:9f:cd:d4:
                    99:77:6e:54:7a:11:57:39:a0:cf:0a:96:30:66:1c:
                    ab:0a:79:ef:a5:93:b3:af:85:1f:16:12:4d:70:6b:
                    1d:3a:40:00:ea:a3:b3:e9:ea:1d:cb:17:5c:11:29:
                    5f:ed:fa:66:87:a7:19:fa:51:2d:7f:ac:5a:c8:25:
                    e8:01:55:ab:df:37:c5:a1:ec:e4:a7:d4:f6:4d:40:
                    fa:f7:78:bb:b9:39:1a:f3:90:76:fd:29:32:64:33:
                    d4:8d:8a:c0:5a:82:27:26:b4:8a:32:96:cb:a8:08:
                    10:40:d5:dc:5f:39:85:67:eb:90:35:a3:da:32:45:
                    c7:3b:55:9a:8b:5c:d1:31:f5:01:d2:77:8d:52:2f:
                    1d:77
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                20:E9:C0:B6:6F:C7:D0:BF:F1:A3:44:97:C1:58:33:8D:DC:7B:72:92
            X509v3 Authority Key Identifier:
                keyid:E4:D0:9E:8E:F1:71:E9:AE:21:62:7C:CA:76:ED:64:FD:17:E6:EE:D2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5NCejvFx6a4hYnzKdu1k_Rfm7tI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/8c8811-01c6-47c2-b5f0-3c1624100752/1/5NCejvFx6a4hYnzKdu1k_Rfm7tI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/58/8c8811-01c6-47c2-b5f0-3c1624100752/1/5NCejvFx6a4hYnzKdu1k_Rfm7tI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5e:43:ab:8a:c8:f3:7d:ab:45:49:93:0e:b2:87:b2:04:76:25:
         2a:49:7a:6e:17:a8:65:dd:63:3a:63:7d:a4:f5:0b:8b:22:18:
         de:d2:7f:89:9a:d2:69:3d:1c:bd:2a:64:ca:cf:c1:a4:e2:8e:
         77:19:b1:d1:41:68:2f:12:88:1d:bc:c4:01:8e:0b:74:40:de:
         8a:55:fc:4b:f5:4f:b3:04:cf:e9:62:67:96:f0:be:48:ca:85:
         52:66:fa:15:90:94:06:64:9d:91:bf:b8:0c:26:36:76:da:78:
         58:69:1f:55:8e:00:b3:38:a2:0f:6b:c5:c4:d8:e7:39:8e:8a:
         39:75:c4:07:d4:ce:1f:93:26:e5:77:8f:7c:d0:0d:41:a7:de:
         43:cf:92:8a:6d:e7:40:30:8f:82:47:95:6a:bd:fd:c4:c6:81:
         e2:2c:f4:74:c7:1f:a7:e7:91:9a:65:7d:f4:54:16:d1:7a:77:
         ae:f3:7c:e1:24:c3:8e:e4:80:1e:58:e7:48:e0:a2:41:38:43:
         6a:98:6c:b5:70:8b:0c:01:d4:cf:ff:52:fe:6e:34:2d:a7:7c:
         a9:9a:24:cf:33:09:7f:de:e6:4e:fd:18:01:ad:2a:da:8d:e5:
         7c:ea:48:5a:32:d0:3b:4b:6e:4a:26:cf:87:6f:d2:13:f2:ca:
         5e:98:16:63
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdgJuNg/qYY2xdelDVqkwuTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU0ZDA5ZThlZjE3MWU5YWUyMTYyN2NjYTc2ZWQ2NGZkMTdl
NmVlZDIwHhcNMjUwNjExMTgwMDUwWhcNMjUwNjEyMTgwMDUwWjAzMTEwLwYDVQQD
EygyMGU5YzBiNjZmYzdkMGJmZjFhMzQ0OTdjMTU4MzM4ZGRjN2I3MjkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA22/psky2eMoZfZ8d0YC887OxN1FI
iLWEaD2W+vaQWjGDgtN2lXjIsjyu5QbsIQmGzcggae1hwMSvL3ge9CzetAsc/u8u
3BTRDSaSqcssylFO+m+mSPwQMjBUqxcbwVbarPBfrX/Btsc+73rP3ivYgEbcehef
zdSZd25UehFXOaDPCpYwZhyrCnnvpZOzr4UfFhJNcGsdOkAA6qOz6eodyxdcESlf
7fpmh6cZ+lEtf6xayCXoAVWr3zfFoezkp9T2TUD693i7uTka85B2/SkyZDPUjYrA
WoInJrSKMpbLqAgQQNXcXzmFZ+uQNaPaMkXHO1Wai1zRMfUB0neNUi8ddwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCDpwLZvx9C/8aNEl8FYM43ce3KSMB8GA1UdIwQY
MBaAFOTQno7xcemuIWJ8ynbtZP0X5u7SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNU5DZWp2Rng2YTRoWW56S2R1MWtfUmZtN3RJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC84Yzg4MTEtMDFjNi00N2MyLWI1ZjAt
M2MxNjI0MTAwNzUyLzEvNU5DZWp2Rng2YTRoWW56S2R1MWtfUmZtN3RJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC84Yzg4MTEtMDFjNi00N2MyLWI1ZjAtM2MxNjI0MTAwNzUy
LzEvNU5DZWp2Rng2YTRoWW56S2R1MWtfUmZtN3RJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXkOrisjz
fatFSZMOsoeyBHYlKkl6bheoZd1jOmN9pPULiyIY3tJ/iZrSaT0cvSpkys/BpOKO
dxmx0UFoLxKIHbzEAY4LdEDeilX8S/VPswTP6WJnlvC+SMqFUmb6FZCUBmSdkb+4
DCY2dtp4WGkfVY4AsziiD2vFxNjnOY6KOXXEB9TOH5Mm5XePfNANQafeQ8+Sim3n
QDCPgkeVar39xMaB4iz0dMcfp+eRmmV99FQW0Xp3rvN84STDjuSAHljnSOCiQThD
aphstXCLDAHUz/9S/m40Lad8qZokzzMJf97mTv0YAa0q2o3lfOpIWjLQO0tuSibP
h2/SE/LKXpgWYw==
-----END CERTIFICATE-----
Generated at Wed Jun 11 22:21:22 2025 by rpki-client