Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/aef44f-cbdf-4120-84f1-621a2bb40c66/1/kHpNEpJLU1fjAmev48XMc2QkEVg.mft
File:                     kHpNEpJLU1fjAmev48XMc2QkEVg.mft (raw, json)
Hash identifier:          bOIc2J50/VK1aUhKAnd22xaoKcaZNBb18/TClted/l4=
Subject key identifier:   89:3D:9E:84:8A:A6:9F:FE:F1:27:46:A5:74:AC:A3:F7:1B:B5:82:F7
Authority key identifier: 90:7A:4D:12:92:4B:53:57:E3:02:67:AF:E3:C5:CC:73:64:24:11:58
Certificate issuer:       /CN=907a4d12924b5357e30267afe3c5cc7364241158
Certificate serial:       019754237F3EB77BAFACA3B2097069997D8C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/kHpNEpJLU1fjAmev48XMc2QkEVg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5a/aef44f-cbdf-4120-84f1-621a2bb40c66/1/kHpNEpJLU1fjAmev48XMc2QkEVg.mft
Manifest number:          0F97
Signing time:             Mon 09 Jun 2025 10:01:41 +0000
Manifest this update:     Mon 09 Jun 2025 10:01:41 +0000
Manifest next update:     Tue 10 Jun 2025 10:01:41 +0000
Files and hashes:         1: kHpNEpJLU1fjAmev48XMc2QkEVg.crl (hash: qL1tUJ1UgG9tk3d+fXyH1iqInjtS2nFzXUjqY1YpOAU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5a/aef44f-cbdf-4120-84f1-621a2bb40c66/1/kHpNEpJLU1fjAmev48XMc2QkEVg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5a/aef44f-cbdf-4120-84f1-621a2bb40c66/1/kHpNEpJLU1fjAmev48XMc2QkEVg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/kHpNEpJLU1fjAmev48XMc2QkEVg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 10 Jun 2025 06:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:54:23:7f:3e:b7:7b:af:ac:a3:b2:09:70:69:99:7d:8c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=907a4d12924b5357e30267afe3c5cc7364241158
        Validity
            Not Before: Jun  9 10:01:41 2025 GMT
            Not After : Jun 10 10:01:41 2025 GMT
        Subject: CN=893d9e848aa69ffef12746a574aca3f71bb582f7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e9:50:7a:e8:26:2b:a2:b1:01:33:4e:b5:45:ba:
                    84:5d:51:e0:08:06:c4:8d:30:a6:4c:85:31:37:9d:
                    29:5d:06:65:11:34:01:ef:88:af:2f:a9:b9:1c:23:
                    d8:92:94:dc:74:ad:aa:d6:ab:78:04:4b:89:5f:1f:
                    01:7b:c3:2b:21:6e:7a:92:a8:b4:56:28:e6:a5:c8:
                    03:33:ce:15:06:ac:9e:2a:8f:1e:10:0a:45:16:b4:
                    91:10:ce:0a:30:06:f7:c2:5a:3c:c5:ed:1f:10:a8:
                    45:0e:59:19:9a:d3:93:a7:8a:18:e2:62:9e:77:fb:
                    d1:f6:6b:32:bd:51:e4:d5:2c:7b:44:85:b3:79:67:
                    4a:9f:96:d3:a4:a4:89:cb:49:39:fe:a8:4b:f7:a2:
                    ab:6c:3c:ae:3d:e1:93:d9:9a:41:5c:e9:12:af:70:
                    c9:96:cd:8f:f8:1b:c9:e3:60:c7:cc:c0:27:ca:e3:
                    3a:c0:7b:36:38:93:22:99:d9:6a:d4:a8:54:1a:f2:
                    36:1e:0b:86:25:4c:9d:be:1e:bf:9c:17:a7:bf:50:
                    eb:5c:20:0a:e1:e5:e1:94:98:f4:78:f8:9c:68:dd:
                    d1:88:ef:42:33:02:d8:da:02:97:e2:ae:f6:64:4c:
                    07:ce:e5:06:e2:c6:50:aa:86:da:0c:c6:ee:d8:88:
                    dc:11
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                89:3D:9E:84:8A:A6:9F:FE:F1:27:46:A5:74:AC:A3:F7:1B:B5:82:F7
            X509v3 Authority Key Identifier:
                keyid:90:7A:4D:12:92:4B:53:57:E3:02:67:AF:E3:C5:CC:73:64:24:11:58

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kHpNEpJLU1fjAmev48XMc2QkEVg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/aef44f-cbdf-4120-84f1-621a2bb40c66/1/kHpNEpJLU1fjAmev48XMc2QkEVg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/aef44f-cbdf-4120-84f1-621a2bb40c66/1/kHpNEpJLU1fjAmev48XMc2QkEVg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         13:5c:75:e6:99:c6:81:6a:d9:17:11:c6:52:12:8b:e8:79:78:
         7f:93:54:32:38:9b:b4:8b:d2:98:a8:71:2d:53:08:a9:15:9d:
         bd:6f:e9:7f:57:79:74:03:7e:78:4e:e1:04:9c:a8:b4:6b:b4:
         76:e9:b9:34:1c:35:30:f7:e1:ef:2d:bb:38:7e:b9:0f:2b:1e:
         8d:6c:d1:28:5c:09:92:a3:29:d8:45:16:10:ad:38:9a:6f:4d:
         3a:89:05:ab:6f:60:20:b9:02:4d:9a:2e:86:8b:61:64:91:21:
         f4:0d:a5:09:71:f1:86:2b:e1:9f:c0:d6:db:c4:68:a1:31:a0:
         90:b6:ba:5f:63:64:70:ca:20:73:83:af:61:b2:da:f8:96:5e:
         f7:05:02:b5:e4:bb:19:9f:af:75:05:93:1e:ba:8c:c9:7c:7c:
         d7:17:91:43:df:7b:c7:c6:90:ce:97:07:60:b1:14:93:0e:75:
         90:28:9f:49:d1:26:72:32:71:86:b0:d5:7b:92:2a:62:85:6c:
         ba:29:9b:8d:53:50:8b:9c:f9:16:87:e8:1a:5a:a8:5e:db:2c:
         a5:1e:6d:8e:96:df:69:f4:27:d8:f4:53:ae:1f:e8:2d:1b:3b:
         4a:a8:00:df:56:04:dd:83:bb:f7:4e:57:70:8e:f4:26:43:f7:
         e9:39:8b:c4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdUI38+t3uvrKOyCXBpmX2MMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkwN2E0ZDEyOTI0YjUzNTdlMzAyNjdhZmUzYzVjYzczNjQy
NDExNTgwHhcNMjUwNjA5MTAwMTQxWhcNMjUwNjEwMTAwMTQxWjAzMTEwLwYDVQQD
Eyg4OTNkOWU4NDhhYTY5ZmZlZjEyNzQ2YTU3NGFjYTNmNzFiYjU4MmY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6VB66CYrorEBM061RbqEXVHgCAbE
jTCmTIUxN50pXQZlETQB74ivL6m5HCPYkpTcdK2q1qt4BEuJXx8Be8MrIW56kqi0
VijmpcgDM84VBqyeKo8eEApFFrSREM4KMAb3wlo8xe0fEKhFDlkZmtOTp4oY4mKe
d/vR9msyvVHk1Sx7RIWzeWdKn5bTpKSJy0k5/qhL96KrbDyuPeGT2ZpBXOkSr3DJ
ls2P+BvJ42DHzMAnyuM6wHs2OJMimdlq1KhUGvI2HguGJUydvh6/nBenv1DrXCAK
4eXhlJj0ePicaN3RiO9CMwLY2gKX4q72ZEwHzuUG4sZQqobaDMbu2IjcEQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIk9noSKpp/+8SdGpXSso/cbtYL3MB8GA1UdIwQY
MBaAFJB6TRKSS1NX4wJnr+PFzHNkJBFYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva0hwTkVwSkxVMWZqQW1ldjQ4WE1jMlFrRVZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS9hZWY0NGYtY2JkZi00MTIwLTg0ZjEt
NjIxYTJiYjQwYzY2LzEva0hwTkVwSkxVMWZqQW1ldjQ4WE1jMlFrRVZnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS9hZWY0NGYtY2JkZi00MTIwLTg0ZjEtNjIxYTJiYjQwYzY2
LzEva0hwTkVwSkxVMWZqQW1ldjQ4WE1jMlFrRVZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAE1x15pnG
gWrZFxHGUhKL6Hl4f5NUMjibtIvSmKhxLVMIqRWdvW/pf1d5dAN+eE7hBJyotGu0
dum5NBw1MPfh7y27OH65DysejWzRKFwJkqMp2EUWEK04mm9NOokFq29gILkCTZou
hothZJEh9A2lCXHxhivhn8DW28RooTGgkLa6X2NkcMogc4OvYbLa+JZe9wUCteS7
GZ+vdQWTHrqMyXx81xeRQ997x8aQzpcHYLEUkw51kCifSdEmcjJxhrDVe5IqYoVs
uimbjVNQi5z5FofoGlqoXtsspR5tjpbfafQn2PRTrh/oLRs7SqgA31YE3YO7905X
cI70JkP36TmLxA==
-----END CERTIFICATE-----
Generated at Mon Jun 9 14:33:00 2025 by rpki-client