Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/aef44f-cbdf-4120-84f1-621a2bb40c66/1/kHpNEpJLU1fjAmev48XMc2QkEVg.mft
File:                     kHpNEpJLU1fjAmev48XMc2QkEVg.mft (raw, json)
Hash identifier:          VqTNM9LI42iqI5X+QpI5T2Rx4ocCSJ40P++HxWssI2A=
Subject key identifier:   3C:C9:76:C8:FA:2D:10:4F:CD:CD:F5:4E:6F:64:34:33:55:02:BF:3E
Authority key identifier: 90:7A:4D:12:92:4B:53:57:E3:02:67:AF:E3:C5:CC:73:64:24:11:58
Certificate issuer:       /CN=907a4d12924b5357e30267afe3c5cc7364241158
Certificate serial:       0197580070B90574E5A360120709A55A7E1E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/kHpNEpJLU1fjAmev48XMc2QkEVg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5a/aef44f-cbdf-4120-84f1-621a2bb40c66/1/kHpNEpJLU1fjAmev48XMc2QkEVg.mft
Manifest number:          0F99
Signing time:             Tue 10 Jun 2025 04:01:53 +0000
Manifest this update:     Tue 10 Jun 2025 04:01:53 +0000
Manifest next update:     Wed 11 Jun 2025 04:01:53 +0000
Files and hashes:         1: kHpNEpJLU1fjAmev48XMc2QkEVg.crl (hash: XiX5D0jiuHlCwcaxfkFstTtOHhbt8Q6b6fm9nlon9rg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5a/aef44f-cbdf-4120-84f1-621a2bb40c66/1/kHpNEpJLU1fjAmev48XMc2QkEVg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5a/aef44f-cbdf-4120-84f1-621a2bb40c66/1/kHpNEpJLU1fjAmev48XMc2QkEVg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/kHpNEpJLU1fjAmev48XMc2QkEVg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 11 Jun 2025 04:01:53 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:58:00:70:b9:05:74:e5:a3:60:12:07:09:a5:5a:7e:1e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=907a4d12924b5357e30267afe3c5cc7364241158
        Validity
            Not Before: Jun 10 04:01:53 2025 GMT
            Not After : Jun 11 04:01:53 2025 GMT
        Subject: CN=3cc976c8fa2d104fcdcdf54e6f6434335502bf3e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:fa:89:a1:aa:0c:99:22:93:6c:12:c2:7f:dc:
                    14:27:44:ed:86:d3:e0:61:3e:8c:24:b1:52:f7:66:
                    a9:e0:6c:e9:44:3a:f1:70:ed:83:d8:8e:33:5f:ec:
                    b4:2c:1e:39:27:13:c1:7a:16:85:c5:07:71:9b:78:
                    3a:8f:d2:10:ef:33:82:e5:00:ab:df:42:0e:66:95:
                    17:98:d7:0b:0a:08:68:80:46:bd:a1:fb:05:b9:82:
                    e3:20:47:6b:76:10:0d:5d:03:14:f0:e4:75:70:db:
                    56:e8:76:ef:85:31:fe:70:ec:06:ca:f6:24:63:3b:
                    89:4d:4c:20:7b:71:75:af:84:21:53:27:dd:7a:98:
                    51:f7:72:16:86:bb:83:86:69:3e:8e:ee:dd:3a:85:
                    ed:2f:dc:cf:3b:86:40:4b:40:04:9a:87:39:0a:73:
                    72:2d:48:25:4c:18:32:b8:76:c0:d4:df:89:e1:dc:
                    8d:38:69:94:67:44:34:5e:74:c3:73:f4:71:50:54:
                    b4:9c:fd:a7:c1:05:14:43:44:82:c7:93:b1:66:3f:
                    8b:1d:0d:14:b1:f8:1f:56:3b:16:76:20:2a:80:ad:
                    50:e3:6d:76:e1:56:1a:c2:e8:2c:a6:6c:7e:4d:69:
                    b4:10:7f:f8:49:05:d1:51:91:cc:bb:39:64:31:52:
                    df:e1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3C:C9:76:C8:FA:2D:10:4F:CD:CD:F5:4E:6F:64:34:33:55:02:BF:3E
            X509v3 Authority Key Identifier:
                keyid:90:7A:4D:12:92:4B:53:57:E3:02:67:AF:E3:C5:CC:73:64:24:11:58

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kHpNEpJLU1fjAmev48XMc2QkEVg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/aef44f-cbdf-4120-84f1-621a2bb40c66/1/kHpNEpJLU1fjAmev48XMc2QkEVg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/aef44f-cbdf-4120-84f1-621a2bb40c66/1/kHpNEpJLU1fjAmev48XMc2QkEVg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5b:0a:bd:fc:49:da:a2:4e:4b:55:13:26:ed:80:7d:21:e6:77:
         93:59:b9:fe:27:5e:2e:58:81:fa:94:19:80:90:d3:68:e2:dc:
         33:af:3b:5e:26:4d:6d:e6:3b:b8:62:c1:e3:8c:7b:cf:f2:e7:
         b6:9b:16:9e:6b:43:d2:be:1c:68:71:a0:5b:d3:bc:b5:4d:9b:
         e6:d0:f4:f2:33:7b:4b:1d:8f:48:34:90:a7:9c:c0:e1:73:58:
         f3:dc:83:b8:62:82:b2:a3:40:1d:17:0c:16:bc:18:a5:fa:0e:
         22:67:a6:77:2d:33:ff:9a:71:7e:d6:bb:cb:1a:7f:26:06:e4:
         9b:e2:d2:fb:94:a0:e5:df:f4:81:a3:3c:2e:80:1c:cf:81:84:
         0d:9b:05:0e:f5:0d:97:6a:2d:63:94:07:38:09:5c:6e:7d:58:
         0d:c9:ab:3d:39:84:2d:16:44:85:a7:62:40:6c:6c:06:6e:ed:
         fb:88:62:54:b3:1e:72:f1:d1:bf:6f:76:05:2b:99:31:b0:9c:
         8f:a5:24:35:a8:25:c0:2c:de:a6:01:e4:df:c6:28:65:98:55:
         75:5e:64:a6:40:37:41:80:d8:0a:5f:43:95:7f:7b:27:94:d9:
         0d:13:4c:9a:62:16:20:3b:c4:de:13:42:1f:e6:89:f8:bc:37:
         e8:5c:38:9a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdYAHC5BXTlo2ASBwmlWn4eMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkwN2E0ZDEyOTI0YjUzNTdlMzAyNjdhZmUzYzVjYzczNjQy
NDExNTgwHhcNMjUwNjEwMDQwMTUzWhcNMjUwNjExMDQwMTUzWjAzMTEwLwYDVQQD
EygzY2M5NzZjOGZhMmQxMDRmY2RjZGY1NGU2ZjY0MzQzMzU1MDJiZjNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwfqJoaoMmSKTbBLCf9wUJ0TthtPg
YT6MJLFS92ap4GzpRDrxcO2D2I4zX+y0LB45JxPBehaFxQdxm3g6j9IQ7zOC5QCr
30IOZpUXmNcLCghogEa9ofsFuYLjIEdrdhANXQMU8OR1cNtW6HbvhTH+cOwGyvYk
YzuJTUwge3F1r4QhUyfdephR93IWhruDhmk+ju7dOoXtL9zPO4ZAS0AEmoc5CnNy
LUglTBgyuHbA1N+J4dyNOGmUZ0Q0XnTDc/RxUFS0nP2nwQUUQ0SCx5OxZj+LHQ0U
sfgfVjsWdiAqgK1Q42124VYawugspmx+TWm0EH/4SQXRUZHMuzlkMVLf4QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDzJdsj6LRBPzc31Tm9kNDNVAr8+MB8GA1UdIwQY
MBaAFJB6TRKSS1NX4wJnr+PFzHNkJBFYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva0hwTkVwSkxVMWZqQW1ldjQ4WE1jMlFrRVZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS9hZWY0NGYtY2JkZi00MTIwLTg0ZjEt
NjIxYTJiYjQwYzY2LzEva0hwTkVwSkxVMWZqQW1ldjQ4WE1jMlFrRVZnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS9hZWY0NGYtY2JkZi00MTIwLTg0ZjEtNjIxYTJiYjQwYzY2
LzEva0hwTkVwSkxVMWZqQW1ldjQ4WE1jMlFrRVZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWwq9/Ena
ok5LVRMm7YB9IeZ3k1m5/ideLliB+pQZgJDTaOLcM687XiZNbeY7uGLB44x7z/Ln
tpsWnmtD0r4caHGgW9O8tU2b5tD08jN7Sx2PSDSQp5zA4XNY89yDuGKCsqNAHRcM
FrwYpfoOImemdy0z/5pxfta7yxp/Jgbkm+LS+5Sg5d/0gaM8LoAcz4GEDZsFDvUN
l2otY5QHOAlcbn1YDcmrPTmELRZEhadiQGxsBm7t+4hiVLMecvHRv292BSuZMbCc
j6UkNaglwCzepgHk38YoZZhVdV5kpkA3QYDYCl9DlX97J5TZDRNMmmIWIDvE3hNC
H+aJ+Lw36Fw4mg==
-----END CERTIFICATE-----
Generated at Tue Jun 10 11:36:11 2025 by rpki-client