Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/aef44f-cbdf-4120-84f1-621a2bb40c66/1/kHpNEpJLU1fjAmev48XMc2QkEVg.mft
File:                     kHpNEpJLU1fjAmev48XMc2QkEVg.mft (raw, json)
Hash identifier:          35FrBdcXZmoa0C4jN6+o9jRXdH3EX36PiMXWWBRK1XE=
Subject key identifier:   3E:14:D2:50:6A:FD:EB:02:AA:E8:1B:E3:F4:48:E5:1B:4E:5B:99:EF
Authority key identifier: 90:7A:4D:12:92:4B:53:57:E3:02:67:AF:E3:C5:CC:73:64:24:11:58
Certificate issuer:       /CN=907a4d12924b5357e30267afe3c5cc7364241158
Certificate serial:       01975FB9BFA634F20FF449A7923D1FE67FEA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/kHpNEpJLU1fjAmev48XMc2QkEVg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5a/aef44f-cbdf-4120-84f1-621a2bb40c66/1/kHpNEpJLU1fjAmev48XMc2QkEVg.mft
Manifest number:          0F9D
Signing time:             Wed 11 Jun 2025 16:01:38 +0000
Manifest this update:     Wed 11 Jun 2025 16:01:38 +0000
Manifest next update:     Thu 12 Jun 2025 16:01:38 +0000
Files and hashes:         1: kHpNEpJLU1fjAmev48XMc2QkEVg.crl (hash: Xp7bYC9DHRaLz8V6dOy6KrE2lLfeSBX7eFcOjcO2aew=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5a/aef44f-cbdf-4120-84f1-621a2bb40c66/1/kHpNEpJLU1fjAmev48XMc2QkEVg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5a/aef44f-cbdf-4120-84f1-621a2bb40c66/1/kHpNEpJLU1fjAmev48XMc2QkEVg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/kHpNEpJLU1fjAmev48XMc2QkEVg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 12 Jun 2025 15:40:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:5f:b9:bf:a6:34:f2:0f:f4:49:a7:92:3d:1f:e6:7f:ea
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=907a4d12924b5357e30267afe3c5cc7364241158
        Validity
            Not Before: Jun 11 16:01:38 2025 GMT
            Not After : Jun 12 16:01:38 2025 GMT
        Subject: CN=3e14d2506afdeb02aae81be3f448e51b4e5b99ef
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:3e:e6:65:71:27:83:75:87:fc:d0:d3:3f:a7:
                    29:dd:23:9b:fe:97:20:23:6e:cb:43:0c:4b:34:c5:
                    bd:06:7d:ea:99:52:4f:42:36:67:aa:e3:f6:f1:8d:
                    86:12:9b:09:df:1c:18:56:7e:b1:33:ec:ae:c1:87:
                    09:5d:03:c8:ab:2a:a4:59:2e:70:30:d7:16:09:bf:
                    f9:6c:97:ff:01:ff:0a:2b:d6:a1:e7:67:5b:d6:e7:
                    a2:c4:ca:49:5c:61:91:3c:bd:38:7a:7c:1b:cd:04:
                    82:c8:66:52:99:98:37:94:df:46:ac:9b:2c:16:f6:
                    d1:27:4e:0a:8d:28:dd:a0:b7:1d:ba:56:b7:61:fc:
                    96:36:e9:6f:0c:5f:1d:be:ec:f6:06:76:33:af:df:
                    21:bb:21:3b:05:ed:ba:13:2a:bd:ea:40:68:27:fd:
                    4b:79:52:20:f4:6c:b3:3d:38:00:86:03:2a:bf:cb:
                    e2:ed:71:ce:c4:c2:83:1f:6d:fa:85:70:b8:d5:2a:
                    f3:1e:18:7d:e3:5c:03:0d:29:58:d7:b6:04:a3:16:
                    8e:87:fc:a6:74:c1:2d:84:15:b8:e1:4a:38:0c:ee:
                    03:6e:21:b1:03:04:6a:d3:a3:60:46:c3:51:13:69:
                    00:43:d1:15:60:27:f8:dc:bc:60:a7:54:cf:70:f0:
                    4f:17
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3E:14:D2:50:6A:FD:EB:02:AA:E8:1B:E3:F4:48:E5:1B:4E:5B:99:EF
            X509v3 Authority Key Identifier:
                keyid:90:7A:4D:12:92:4B:53:57:E3:02:67:AF:E3:C5:CC:73:64:24:11:58

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kHpNEpJLU1fjAmev48XMc2QkEVg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/aef44f-cbdf-4120-84f1-621a2bb40c66/1/kHpNEpJLU1fjAmev48XMc2QkEVg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/aef44f-cbdf-4120-84f1-621a2bb40c66/1/kHpNEpJLU1fjAmev48XMc2QkEVg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5a:76:e3:4d:75:32:9b:bd:86:17:e6:d9:52:4a:f7:07:c9:1e:
         1c:46:b2:13:14:a8:29:6e:ea:3a:39:14:56:18:87:6b:8d:c2:
         6c:01:dd:2c:41:ed:fb:e4:8f:7a:c7:c9:a1:bc:48:2a:63:bf:
         b1:87:07:cd:46:5f:9e:83:0e:c6:a5:8a:c0:a4:af:c6:3d:36:
         74:f1:d2:29:ac:4c:80:80:5f:17:b5:19:65:96:88:88:9d:f6:
         54:65:2c:d2:6e:30:a9:46:5d:63:0b:6e:42:9d:2c:2f:bc:c7:
         cb:7f:6b:97:a7:59:d1:e5:4d:57:2f:d1:9b:54:33:7e:c3:1e:
         c7:03:3f:6e:53:d6:8a:ab:f7:a6:bd:08:f0:d7:df:e2:3c:d9:
         56:1f:68:d1:4f:a3:c8:25:50:0f:48:20:84:7f:e6:a5:25:27:
         e9:27:1d:51:34:c4:01:b4:27:52:03:04:07:6e:dc:4e:15:99:
         6a:52:8c:08:e2:01:49:ce:fe:28:06:3b:35:d9:83:b8:70:8c:
         60:e1:73:0d:b4:3b:23:03:f0:8e:81:7f:56:71:f7:ae:04:b5:
         c9:b9:f7:c5:fe:8a:78:23:97:29:cd:8c:37:9e:ba:83:89:40:
         77:d8:a3:34:9d:4f:f4:3b:9c:65:50:be:4e:ec:02:e6:a5:d9:
         ad:e7:13:f1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdfub+mNPIP9Emnkj0f5n/qMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkwN2E0ZDEyOTI0YjUzNTdlMzAyNjdhZmUzYzVjYzczNjQy
NDExNTgwHhcNMjUwNjExMTYwMTM4WhcNMjUwNjEyMTYwMTM4WjAzMTEwLwYDVQQD
EygzZTE0ZDI1MDZhZmRlYjAyYWFlODFiZTNmNDQ4ZTUxYjRlNWI5OWVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqj7mZXEng3WH/NDTP6cp3SOb/pcg
I27LQwxLNMW9Bn3qmVJPQjZnquP28Y2GEpsJ3xwYVn6xM+yuwYcJXQPIqyqkWS5w
MNcWCb/5bJf/Af8KK9ah52db1ueixMpJXGGRPL04enwbzQSCyGZSmZg3lN9GrJss
FvbRJ04KjSjdoLcdula3YfyWNulvDF8dvuz2BnYzr98huyE7Be26Eyq96kBoJ/1L
eVIg9GyzPTgAhgMqv8vi7XHOxMKDH236hXC41SrzHhh941wDDSlY17YEoxaOh/ym
dMEthBW44Uo4DO4DbiGxAwRq06NgRsNRE2kAQ9EVYCf43Lxgp1TPcPBPFwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFD4U0lBq/esCqugb4/RI5RtOW5nvMB8GA1UdIwQY
MBaAFJB6TRKSS1NX4wJnr+PFzHNkJBFYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva0hwTkVwSkxVMWZqQW1ldjQ4WE1jMlFrRVZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS9hZWY0NGYtY2JkZi00MTIwLTg0ZjEt
NjIxYTJiYjQwYzY2LzEva0hwTkVwSkxVMWZqQW1ldjQ4WE1jMlFrRVZnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS9hZWY0NGYtY2JkZi00MTIwLTg0ZjEtNjIxYTJiYjQwYzY2
LzEva0hwTkVwSkxVMWZqQW1ldjQ4WE1jMlFrRVZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWnbjTXUy
m72GF+bZUkr3B8keHEayExSoKW7qOjkUVhiHa43CbAHdLEHt++SPesfJobxIKmO/
sYcHzUZfnoMOxqWKwKSvxj02dPHSKaxMgIBfF7UZZZaIiJ32VGUs0m4wqUZdYwtu
Qp0sL7zHy39rl6dZ0eVNVy/Rm1QzfsMexwM/blPWiqv3pr0I8Nff4jzZVh9o0U+j
yCVQD0gghH/mpSUn6ScdUTTEAbQnUgMEB27cThWZalKMCOIBSc7+KAY7NdmDuHCM
YOFzDbQ7IwPwjoF/VnH3rgS1ybn3xf6KeCOXKc2MN566g4lAd9ijNJ1P9DucZVC+
TuwC5qXZrecT8Q==
-----END CERTIFICATE-----
Generated at Wed Jun 11 20:20:48 2025 by rpki-client