Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/a24095-0908-4884-9244-95d59465e9a8/1/2UKEuUMl9QYPig6Hwb4oJ3iPGPk.mft
File:                     2UKEuUMl9QYPig6Hwb4oJ3iPGPk.mft (raw, json)
Hash identifier:          KWW6y1gV5Ob3Qb6G82peUr4PLMJiBJOABw/QueVto+Y=
Subject key identifier:   63:A6:76:EA:3D:B0:F0:B7:AA:3B:14:56:A0:BE:31:95:F2:EC:9D:72
Authority key identifier: D9:42:84:B9:43:25:F5:06:0F:8A:0E:87:C1:BE:28:27:78:8F:18:F9
Certificate issuer:       /CN=d94284b94325f5060f8a0e87c1be2827788f18f9
Certificate serial:       01975C8121687758E76C354CAE944B18CBBB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2UKEuUMl9QYPig6Hwb4oJ3iPGPk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5a/a24095-0908-4884-9244-95d59465e9a8/1/2UKEuUMl9QYPig6Hwb4oJ3iPGPk.mft
Manifest number:          12C9
Signing time:             Wed 11 Jun 2025 01:00:55 +0000
Manifest this update:     Wed 11 Jun 2025 01:00:55 +0000
Manifest next update:     Thu 12 Jun 2025 01:00:55 +0000
Files and hashes:         1: 2UKEuUMl9QYPig6Hwb4oJ3iPGPk.crl (hash: GT0eOJM3EtPqsoGYcqg8ojF9kdyxlrg/+UTaeCgkXyA=)
                          2: ysJps6pTqYBp8hRsJvvn2nSnB6Y.roa (hash: xFEzrUJlVVBWEtFecNObcV0TMloS/XizxOFPtUYtswE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5a/a24095-0908-4884-9244-95d59465e9a8/1/2UKEuUMl9QYPig6Hwb4oJ3iPGPk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5a/a24095-0908-4884-9244-95d59465e9a8/1/2UKEuUMl9QYPig6Hwb4oJ3iPGPk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2UKEuUMl9QYPig6Hwb4oJ3iPGPk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 11 Jun 2025 23:00:18 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:5c:81:21:68:77:58:e7:6c:35:4c:ae:94:4b:18:cb:bb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d94284b94325f5060f8a0e87c1be2827788f18f9
        Validity
            Not Before: Jun 11 01:00:55 2025 GMT
            Not After : Jun 12 01:00:55 2025 GMT
        Subject: CN=63a676ea3db0f0b7aa3b1456a0be3195f2ec9d72
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:c2:98:f3:49:8e:fa:62:c1:d5:be:0f:4b:65:
                    d6:4e:df:3e:f9:16:b4:80:0e:f5:4a:27:d6:1e:1d:
                    a5:fb:84:33:02:76:7c:48:7d:9f:07:bb:4c:5f:d1:
                    7e:fe:3b:87:db:c1:98:29:70:c1:15:5b:ca:2e:a3:
                    75:8a:b0:b8:8c:5f:70:5c:53:16:59:7b:c3:b6:88:
                    6d:01:17:ce:70:7f:1c:b8:8e:e1:36:c9:1f:1e:ea:
                    fb:15:dc:8d:d2:be:80:db:7b:ff:54:10:3f:23:de:
                    92:67:6a:c1:68:1e:60:72:b8:a5:e3:a9:06:a8:d3:
                    c1:63:96:8f:3d:99:2c:4c:32:ac:33:64:99:89:aa:
                    e3:34:c9:ee:e9:be:16:e6:49:21:86:9b:a2:fb:7b:
                    c5:f8:e0:3d:40:14:a2:90:ff:e5:67:2f:ac:d2:b5:
                    2f:2e:8e:b9:8f:d6:e4:42:4f:68:a6:49:85:93:59:
                    cc:86:7b:ef:94:4f:c2:96:c2:83:11:64:b2:17:1a:
                    aa:5b:53:7d:a2:1f:f3:bf:dd:63:be:78:49:01:67:
                    cf:1e:7c:dd:47:ad:01:c4:78:0d:2b:65:c3:40:ec:
                    36:54:0b:db:74:13:b1:78:05:e0:26:44:81:96:e2:
                    49:2a:73:1f:61:c1:61:60:1c:d6:7e:91:24:d9:d5:
                    38:39
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                63:A6:76:EA:3D:B0:F0:B7:AA:3B:14:56:A0:BE:31:95:F2:EC:9D:72
            X509v3 Authority Key Identifier:
                keyid:D9:42:84:B9:43:25:F5:06:0F:8A:0E:87:C1:BE:28:27:78:8F:18:F9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2UKEuUMl9QYPig6Hwb4oJ3iPGPk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/a24095-0908-4884-9244-95d59465e9a8/1/2UKEuUMl9QYPig6Hwb4oJ3iPGPk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/a24095-0908-4884-9244-95d59465e9a8/1/2UKEuUMl9QYPig6Hwb4oJ3iPGPk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         71:39:15:08:34:77:0b:30:ab:2d:c0:e2:c0:79:11:ec:7b:34:
         62:32:93:bc:f5:1e:02:ec:ac:8c:3b:4d:3f:32:8c:fe:e1:45:
         43:28:87:9b:11:07:f3:d7:f0:c8:43:af:45:55:62:ed:e6:57:
         b7:16:7b:81:d4:5f:8b:bc:50:fc:ae:ee:b2:eb:14:d9:5f:56:
         f5:d3:b3:13:63:f5:71:82:4b:d1:70:a7:6b:6b:8d:d8:08:a3:
         92:a9:71:24:8e:96:c2:7f:62:9c:6f:bd:1d:46:82:36:0c:50:
         61:f1:52:af:5e:43:b6:b8:be:a9:22:15:56:36:0d:7a:c2:97:
         87:60:87:5c:90:a7:b5:01:61:4c:ec:81:c6:08:fa:72:2b:11:
         81:42:d4:f0:b0:20:5d:36:65:67:c9:76:73:57:d5:36:ae:90:
         00:aa:fe:5f:35:9b:11:21:f8:15:75:f4:c7:52:07:f4:de:2e:
         d8:a3:eb:6f:9c:aa:84:d8:ca:3b:0d:ce:6f:d3:c3:3b:d2:a9:
         a9:f6:fc:89:c8:b1:9e:63:43:ee:0d:9a:2d:82:f9:e0:31:3a:
         b6:cd:e4:14:9f:36:c7:34:7e:86:d7:cd:98:13:6f:07:1d:9e:
         14:81:c8:7a:ad:e2:01:8b:8d:59:c2:03:3b:8d:bd:eb:d2:b6:
         92:43:15:7e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdcgSFod1jnbDVMrpRLGMu7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5NDI4NGI5NDMyNWY1MDYwZjhhMGU4N2MxYmUyODI3Nzg4
ZjE4ZjkwHhcNMjUwNjExMDEwMDU1WhcNMjUwNjEyMDEwMDU1WjAzMTEwLwYDVQQD
Eyg2M2E2NzZlYTNkYjBmMGI3YWEzYjE0NTZhMGJlMzE5NWYyZWM5ZDcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAusKY80mO+mLB1b4PS2XWTt8++Ra0
gA71SifWHh2l+4QzAnZ8SH2fB7tMX9F+/juH28GYKXDBFVvKLqN1irC4jF9wXFMW
WXvDtohtARfOcH8cuI7hNskfHur7FdyN0r6A23v/VBA/I96SZ2rBaB5gcril46kG
qNPBY5aPPZksTDKsM2SZiarjNMnu6b4W5kkhhpui+3vF+OA9QBSikP/lZy+s0rUv
Lo65j9bkQk9opkmFk1nMhnvvlE/ClsKDEWSyFxqqW1N9oh/zv91jvnhJAWfPHnzd
R60BxHgNK2XDQOw2VAvbdBOxeAXgJkSBluJJKnMfYcFhYBzWfpEk2dU4OQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGOmduo9sPC3qjsUVqC+MZXy7J1yMB8GA1UdIwQY
MBaAFNlChLlDJfUGD4oOh8G+KCd4jxj5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMlVLRXVVTWw5UVlQaWc2SHdiNG9KM2lQR1BrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS9hMjQwOTUtMDkwOC00ODg0LTkyNDQt
OTVkNTk0NjVlOWE4LzEvMlVLRXVVTWw5UVlQaWc2SHdiNG9KM2lQR1BrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS9hMjQwOTUtMDkwOC00ODg0LTkyNDQtOTVkNTk0NjVlOWE4
LzEvMlVLRXVVTWw5UVlQaWc2SHdiNG9KM2lQR1BrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAcTkVCDR3
CzCrLcDiwHkR7Hs0YjKTvPUeAuysjDtNPzKM/uFFQyiHmxEH89fwyEOvRVVi7eZX
txZ7gdRfi7xQ/K7ususU2V9W9dOzE2P1cYJL0XCna2uN2AijkqlxJI6Wwn9inG+9
HUaCNgxQYfFSr15Dtri+qSIVVjYNesKXh2CHXJCntQFhTOyBxgj6cisRgULU8LAg
XTZlZ8l2c1fVNq6QAKr+XzWbESH4FXX0x1IH9N4u2KPrb5yqhNjKOw3Ob9PDO9Kp
qfb8icixnmND7g2aLYL54DE6ts3kFJ82xzR+htfNmBNvBx2eFIHIeq3iAYuNWcID
O42969K2kkMVfg==
-----END CERTIFICATE-----
Generated at Wed Jun 11 10:07:58 2025 by rpki-client