Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/aef44f-cbdf-4120-84f1-621a2bb40c66/1/kHpNEpJLU1fjAmev48XMc2QkEVg.mft
File:                     kHpNEpJLU1fjAmev48XMc2QkEVg.mft (raw, json)
Hash identifier:          ObGQmCDXtZl0PElxH/jORJ9b8G+nxtJTwDUKis6tZIg=
Subject key identifier:   A5:22:3D:1E:E1:05:B8:20:0B:41:A8:F1:B8:D9:4B:03:89:B8:C0:63
Authority key identifier: 90:7A:4D:12:92:4B:53:57:E3:02:67:AF:E3:C5:CC:73:64:24:11:58
Certificate issuer:       /CN=907a4d12924b5357e30267afe3c5cc7364241158
Certificate serial:       01975BDCA971B707C1C62B8182554A87E268
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/kHpNEpJLU1fjAmev48XMc2QkEVg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5a/aef44f-cbdf-4120-84f1-621a2bb40c66/1/kHpNEpJLU1fjAmev48XMc2QkEVg.mft
Manifest number:          0F9B
Signing time:             Tue 10 Jun 2025 22:01:17 +0000
Manifest this update:     Tue 10 Jun 2025 22:01:17 +0000
Manifest next update:     Wed 11 Jun 2025 22:01:17 +0000
Files and hashes:         1: kHpNEpJLU1fjAmev48XMc2QkEVg.crl (hash: 4u70VGyhtZLC0ygFchJ0/mwnDMvSbqV96sUpsQFJvm0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5a/aef44f-cbdf-4120-84f1-621a2bb40c66/1/kHpNEpJLU1fjAmev48XMc2QkEVg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5a/aef44f-cbdf-4120-84f1-621a2bb40c66/1/kHpNEpJLU1fjAmev48XMc2QkEVg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/kHpNEpJLU1fjAmev48XMc2QkEVg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 11 Jun 2025 22:01:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:5b:dc:a9:71:b7:07:c1:c6:2b:81:82:55:4a:87:e2:68
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=907a4d12924b5357e30267afe3c5cc7364241158
        Validity
            Not Before: Jun 10 22:01:17 2025 GMT
            Not After : Jun 11 22:01:17 2025 GMT
        Subject: CN=a5223d1ee105b8200b41a8f1b8d94b0389b8c063
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:37:e0:06:c8:3d:91:64:14:43:4a:c7:30:44:
                    27:09:b0:2f:4a:0c:cf:77:55:4e:04:6e:27:b4:5b:
                    7b:88:34:9c:2a:ac:ff:a6:95:0a:68:5a:6e:8a:7d:
                    1e:1c:a5:f7:00:dd:8c:ef:3a:ba:fe:2d:ad:07:89:
                    68:09:04:06:e1:d7:59:90:14:a1:90:bf:b5:c5:bc:
                    14:0d:d7:8d:c1:08:8f:f5:4d:fc:ac:6d:f2:91:13:
                    77:6e:aa:b4:c2:44:11:6b:05:51:c7:3d:1d:1e:f0:
                    02:63:de:dc:5d:3f:dc:56:be:38:bc:12:53:70:07:
                    20:3f:02:36:3a:ae:a7:e4:5d:37:60:9d:4f:be:ed:
                    56:70:8d:79:43:77:ca:5c:4e:a2:14:62:f4:2b:ec:
                    cd:ea:d9:6c:05:23:95:96:ab:c9:d3:22:67:7c:1b:
                    d1:67:59:86:43:5f:75:de:81:61:79:7e:4c:87:7f:
                    24:1b:9e:2e:2e:95:3b:e1:44:55:db:83:da:22:4b:
                    13:7d:d1:16:de:45:67:31:e5:0d:bc:d9:b6:b4:86:
                    70:7e:04:be:63:c7:14:f7:f5:58:7c:59:13:10:08:
                    63:10:39:42:6a:80:42:a7:a8:7b:6f:7a:25:a3:09:
                    76:08:e5:83:e9:7f:59:dc:35:6c:08:58:dd:a6:4b:
                    40:a9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A5:22:3D:1E:E1:05:B8:20:0B:41:A8:F1:B8:D9:4B:03:89:B8:C0:63
            X509v3 Authority Key Identifier:
                keyid:90:7A:4D:12:92:4B:53:57:E3:02:67:AF:E3:C5:CC:73:64:24:11:58

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kHpNEpJLU1fjAmev48XMc2QkEVg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/aef44f-cbdf-4120-84f1-621a2bb40c66/1/kHpNEpJLU1fjAmev48XMc2QkEVg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/aef44f-cbdf-4120-84f1-621a2bb40c66/1/kHpNEpJLU1fjAmev48XMc2QkEVg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         79:d4:2e:e6:97:65:67:a4:da:1b:aa:e8:e2:40:56:cd:da:a9:
         67:04:78:98:db:87:f4:88:85:c4:e8:28:8d:2a:ef:3e:e8:a1:
         2d:f6:ea:cc:32:b9:d3:7c:e9:cb:a2:5d:1b:e4:a4:05:ce:61:
         fc:a8:62:e9:53:a6:b6:4c:26:a8:4e:50:3c:71:88:80:4b:fb:
         85:a3:f8:c9:68:aa:c4:34:2e:f7:7e:90:99:4d:bb:10:7b:72:
         9e:0f:75:87:a2:e5:89:7d:33:1f:4a:82:86:71:ac:86:44:74:
         4f:d5:4c:1b:88:54:10:af:19:04:a4:0e:f3:b3:37:79:9e:47:
         9c:2d:8e:7b:70:d3:34:d9:00:9d:79:41:14:e9:96:2c:67:2c:
         8b:a0:b9:18:8b:17:ff:68:26:f5:02:7a:ed:13:5a:6e:4b:6f:
         63:51:b0:01:6a:d5:ee:e8:9e:59:4b:92:12:cb:8c:96:33:69:
         3b:22:eb:44:98:6c:46:96:12:dc:82:64:44:be:b0:17:30:32:
         d4:51:f9:90:4b:33:1c:1a:07:88:36:bf:f7:8c:76:d7:0e:46:
         e6:62:75:ca:ad:41:c5:3a:93:7c:e9:1a:c9:85:4e:d9:1f:2a:
         42:d4:29:f4:60:ab:06:98:ce:f7:d0:6f:c9:c6:cb:35:9c:1e:
         96:92:ff:6a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdb3KlxtwfBxiuBglVKh+JoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkwN2E0ZDEyOTI0YjUzNTdlMzAyNjdhZmUzYzVjYzczNjQy
NDExNTgwHhcNMjUwNjEwMjIwMTE3WhcNMjUwNjExMjIwMTE3WjAzMTEwLwYDVQQD
EyhhNTIyM2QxZWUxMDViODIwMGI0MWE4ZjFiOGQ5NGIwMzg5YjhjMDYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvjfgBsg9kWQUQ0rHMEQnCbAvSgzP
d1VOBG4ntFt7iDScKqz/ppUKaFpuin0eHKX3AN2M7zq6/i2tB4loCQQG4ddZkBSh
kL+1xbwUDdeNwQiP9U38rG3ykRN3bqq0wkQRawVRxz0dHvACY97cXT/cVr44vBJT
cAcgPwI2Oq6n5F03YJ1Pvu1WcI15Q3fKXE6iFGL0K+zN6tlsBSOVlqvJ0yJnfBvR
Z1mGQ1913oFheX5Mh38kG54uLpU74URV24PaIksTfdEW3kVnMeUNvNm2tIZwfgS+
Y8cU9/VYfFkTEAhjEDlCaoBCp6h7b3olowl2COWD6X9Z3DVsCFjdpktAqQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKUiPR7hBbggC0Go8bjZSwOJuMBjMB8GA1UdIwQY
MBaAFJB6TRKSS1NX4wJnr+PFzHNkJBFYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva0hwTkVwSkxVMWZqQW1ldjQ4WE1jMlFrRVZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS9hZWY0NGYtY2JkZi00MTIwLTg0ZjEt
NjIxYTJiYjQwYzY2LzEva0hwTkVwSkxVMWZqQW1ldjQ4WE1jMlFrRVZnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS9hZWY0NGYtY2JkZi00MTIwLTg0ZjEtNjIxYTJiYjQwYzY2
LzEva0hwTkVwSkxVMWZqQW1ldjQ4WE1jMlFrRVZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAedQu5pdl
Z6TaG6ro4kBWzdqpZwR4mNuH9IiFxOgojSrvPuihLfbqzDK503zpy6JdG+SkBc5h
/Khi6VOmtkwmqE5QPHGIgEv7haP4yWiqxDQu936QmU27EHtyng91h6LliX0zH0qC
hnGshkR0T9VMG4hUEK8ZBKQO87M3eZ5HnC2Oe3DTNNkAnXlBFOmWLGcsi6C5GIsX
/2gm9QJ67RNabktvY1GwAWrV7uieWUuSEsuMljNpOyLrRJhsRpYS3IJkRL6wFzAy
1FH5kEszHBoHiDa/94x21w5G5mJ1yq1BxTqTfOkayYVO2R8qQtQp9GCrBpjO99Bv
ycbLNZwelpL/ag==
-----END CERTIFICATE-----
Generated at Wed Jun 11 08:44:56 2025 by rpki-client