Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/a24095-0908-4884-9244-95d59465e9a8/1/2UKEuUMl9QYPig6Hwb4oJ3iPGPk.mft
File:                     2UKEuUMl9QYPig6Hwb4oJ3iPGPk.mft (raw, json)
Hash identifier:          4rzBxbW4PoUVYMprEA9Kn0ObULY5vLq2+7SgLPRjw1E=
Subject key identifier:   69:49:04:2C:7B:85:38:C6:60:46:23:FA:FE:DD:24:0B:65:0C:2C:BA
Authority key identifier: D9:42:84:B9:43:25:F5:06:0F:8A:0E:87:C1:BE:28:27:78:8F:18:F9
Certificate issuer:       /CN=d94284b94325f5060f8a0e87c1be2827788f18f9
Certificate serial:       019766296F205684310C2F531C70580AE738
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2UKEuUMl9QYPig6Hwb4oJ3iPGPk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5a/a24095-0908-4884-9244-95d59465e9a8/1/2UKEuUMl9QYPig6Hwb4oJ3iPGPk.mft
Manifest number:          12CE
Signing time:             Thu 12 Jun 2025 22:01:20 +0000
Manifest this update:     Thu 12 Jun 2025 22:01:20 +0000
Manifest next update:     Fri 13 Jun 2025 22:01:20 +0000
Files and hashes:         1: 2UKEuUMl9QYPig6Hwb4oJ3iPGPk.crl (hash: RcMohWCtvQRWSarHXToFTlm4exnm0gbCVi6knH4k/1Q=)
                          2: ysJps6pTqYBp8hRsJvvn2nSnB6Y.roa (hash: xFEzrUJlVVBWEtFecNObcV0TMloS/XizxOFPtUYtswE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5a/a24095-0908-4884-9244-95d59465e9a8/1/2UKEuUMl9QYPig6Hwb4oJ3iPGPk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5a/a24095-0908-4884-9244-95d59465e9a8/1/2UKEuUMl9QYPig6Hwb4oJ3iPGPk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2UKEuUMl9QYPig6Hwb4oJ3iPGPk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 13 Jun 2025 22:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:66:29:6f:20:56:84:31:0c:2f:53:1c:70:58:0a:e7:38
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d94284b94325f5060f8a0e87c1be2827788f18f9
        Validity
            Not Before: Jun 12 22:01:20 2025 GMT
            Not After : Jun 13 22:01:20 2025 GMT
        Subject: CN=6949042c7b8538c6604623fafedd240b650c2cba
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a9:38:9b:19:fd:92:d9:c5:a6:0e:d6:38:5e:af:
                    4f:47:fc:c7:05:ab:23:f9:d3:e9:a1:f4:5b:4e:32:
                    8c:cb:ce:ca:6c:b2:ab:7b:68:a6:bc:19:1a:55:fc:
                    9a:04:26:ef:7c:85:9a:e3:07:6b:ed:82:ac:76:cc:
                    a8:2e:b8:71:aa:52:ad:6a:fb:e9:61:5f:20:e3:9f:
                    ee:20:cd:76:10:90:c6:72:6c:53:c4:5a:cc:81:50:
                    4c:fb:f5:f4:f9:da:1f:f8:80:82:09:1b:d3:c6:6e:
                    23:3a:de:30:47:87:89:f0:0f:a3:d4:4f:39:88:b0:
                    0e:fd:6a:86:63:79:fd:51:5d:c3:c3:c6:b6:ce:53:
                    94:39:2c:57:3f:ba:52:03:91:8a:a7:0e:6d:b4:19:
                    67:1b:9d:13:82:4e:b8:c0:c6:a7:b4:a8:39:68:4b:
                    ee:d4:76:23:c9:df:fe:ba:cc:7b:68:11:c2:a3:e2:
                    a9:3e:4f:a0:bf:c5:16:64:d8:97:c2:e4:61:ad:79:
                    62:6e:4b:f0:bd:17:db:c9:92:b5:15:05:de:08:35:
                    3e:9e:f5:ac:00:d5:2f:7c:e1:07:b0:a3:6f:8c:38:
                    d4:ab:70:13:f8:3f:9a:cf:a2:10:ab:ab:79:4c:45:
                    03:7e:58:cf:4f:c2:31:8c:23:96:19:e3:85:22:08:
                    b3:5b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                69:49:04:2C:7B:85:38:C6:60:46:23:FA:FE:DD:24:0B:65:0C:2C:BA
            X509v3 Authority Key Identifier:
                keyid:D9:42:84:B9:43:25:F5:06:0F:8A:0E:87:C1:BE:28:27:78:8F:18:F9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2UKEuUMl9QYPig6Hwb4oJ3iPGPk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/a24095-0908-4884-9244-95d59465e9a8/1/2UKEuUMl9QYPig6Hwb4oJ3iPGPk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/a24095-0908-4884-9244-95d59465e9a8/1/2UKEuUMl9QYPig6Hwb4oJ3iPGPk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         c4:71:9d:dc:6b:7f:bb:4b:4a:53:fa:54:67:4c:76:b6:26:95:
         0a:36:06:75:0f:2f:3f:d9:0b:13:c6:c7:90:61:2c:62:ef:c7:
         97:ef:7f:96:2c:df:1c:ca:6d:6c:cc:48:8e:db:95:0e:6e:80:
         61:f6:e4:cc:0c:11:e3:71:2d:7c:e1:33:c3:a4:c4:6c:62:d2:
         86:2c:f5:28:14:89:56:46:d3:2a:d6:86:42:27:e1:72:16:eb:
         bf:e1:e6:22:ae:45:a6:5e:37:0a:69:8f:39:cd:85:a5:7e:a0:
         f6:81:da:07:c0:0e:90:f4:5e:72:14:bc:09:0f:5a:07:04:81:
         b7:dc:6d:bc:e5:eb:f7:18:d9:93:0b:5e:46:1c:15:39:cb:ef:
         06:61:86:0c:ef:e4:23:60:fb:fb:21:6c:b9:f4:26:a7:2b:62:
         ad:44:f1:7b:96:1e:d3:5a:91:ce:8b:0c:7c:d5:54:e6:a3:99:
         b3:fc:61:a5:3e:b7:bc:25:ea:49:83:e7:dc:a2:ce:b0:d6:97:
         a3:44:03:b8:e6:d8:96:7b:21:aa:86:24:78:24:c5:f5:e8:7c:
         5e:38:b2:81:65:3f:14:e3:77:c1:b4:fc:09:89:ee:64:83:82:
         72:a3:30:0c:d6:96:5e:36:01:2c:11:cf:67:46:20:97:d0:cb:
         c1:b5:20:8d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdmKW8gVoQxDC9THHBYCuc4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5NDI4NGI5NDMyNWY1MDYwZjhhMGU4N2MxYmUyODI3Nzg4
ZjE4ZjkwHhcNMjUwNjEyMjIwMTIwWhcNMjUwNjEzMjIwMTIwWjAzMTEwLwYDVQQD
Eyg2OTQ5MDQyYzdiODUzOGM2NjA0NjIzZmFmZWRkMjQwYjY1MGMyY2JhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqTibGf2S2cWmDtY4Xq9PR/zHBasj
+dPpofRbTjKMy87KbLKre2imvBkaVfyaBCbvfIWa4wdr7YKsdsyoLrhxqlKtavvp
YV8g45/uIM12EJDGcmxTxFrMgVBM+/X0+dof+ICCCRvTxm4jOt4wR4eJ8A+j1E85
iLAO/WqGY3n9UV3Dw8a2zlOUOSxXP7pSA5GKpw5ttBlnG50Tgk64wMantKg5aEvu
1HYjyd/+usx7aBHCo+KpPk+gv8UWZNiXwuRhrXlibkvwvRfbyZK1FQXeCDU+nvWs
ANUvfOEHsKNvjDjUq3AT+D+az6IQq6t5TEUDfljPT8IxjCOWGeOFIgizWwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGlJBCx7hTjGYEYj+v7dJAtlDCy6MB8GA1UdIwQY
MBaAFNlChLlDJfUGD4oOh8G+KCd4jxj5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMlVLRXVVTWw5UVlQaWc2SHdiNG9KM2lQR1BrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS9hMjQwOTUtMDkwOC00ODg0LTkyNDQt
OTVkNTk0NjVlOWE4LzEvMlVLRXVVTWw5UVlQaWc2SHdiNG9KM2lQR1BrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS9hMjQwOTUtMDkwOC00ODg0LTkyNDQtOTVkNTk0NjVlOWE4
LzEvMlVLRXVVTWw5UVlQaWc2SHdiNG9KM2lQR1BrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAxHGd3Gt/
u0tKU/pUZ0x2tiaVCjYGdQ8vP9kLE8bHkGEsYu/Hl+9/lizfHMptbMxIjtuVDm6A
YfbkzAwR43EtfOEzw6TEbGLShiz1KBSJVkbTKtaGQifhchbrv+HmIq5Fpl43CmmP
Oc2FpX6g9oHaB8AOkPRechS8CQ9aBwSBt9xtvOXr9xjZkwteRhwVOcvvBmGGDO/k
I2D7+yFsufQmpytirUTxe5Ye01qRzosMfNVU5qOZs/xhpT63vCXqSYPn3KLOsNaX
o0QDuObYlnshqoYkeCTF9eh8XjiygWU/FON3wbT8CYnuZIOCcqMwDNaWXjYBLBHP
Z0Ygl9DLwbUgjQ==
-----END CERTIFICATE-----
Generated at Fri Jun 13 01:33:11 2025 by rpki-client