Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/8b2bbd-af12-46ae-a50f-dab38fd3c786/1/qK9MCjctAUVV99TXyJz5lvBRQvU.mft
File:                     qK9MCjctAUVV99TXyJz5lvBRQvU.mft (raw, json)
Hash identifier:          kX5aI+GD10OLzFisbLdXjPJDMjmmXOzvJfAEj0Kjqmg=
Subject key identifier:   E7:A9:1B:9B:46:DA:53:0C:EE:A8:E7:0A:6C:F7:FE:CA:0C:7C:AE:CE
Authority key identifier: A8:AF:4C:0A:37:2D:01:45:55:F7:D4:D7:C8:9C:F9:96:F0:51:42:F5
Certificate issuer:       /CN=a8af4c0a372d014555f7d4d7c89cf996f05142f5
Certificate serial:       019757FF89FE15099F91D52273EF6086C412
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/qK9MCjctAUVV99TXyJz5lvBRQvU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/60/8b2bbd-af12-46ae-a50f-dab38fd3c786/1/qK9MCjctAUVV99TXyJz5lvBRQvU.mft
Manifest number:          0317
Signing time:             Tue 10 Jun 2025 04:00:54 +0000
Manifest this update:     Tue 10 Jun 2025 04:00:54 +0000
Manifest next update:     Wed 11 Jun 2025 04:00:54 +0000
Files and hashes:         1: qK9MCjctAUVV99TXyJz5lvBRQvU.crl (hash: pCLvHM18iTcrdQ9jSLvasvBcUAJGdAwixy0CFkCFXO0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/60/8b2bbd-af12-46ae-a50f-dab38fd3c786/1/qK9MCjctAUVV99TXyJz5lvBRQvU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/60/8b2bbd-af12-46ae-a50f-dab38fd3c786/1/qK9MCjctAUVV99TXyJz5lvBRQvU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/qK9MCjctAUVV99TXyJz5lvBRQvU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 11 Jun 2025 04:00:54 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:57:ff:89:fe:15:09:9f:91:d5:22:73:ef:60:86:c4:12
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a8af4c0a372d014555f7d4d7c89cf996f05142f5
        Validity
            Not Before: Jun 10 04:00:54 2025 GMT
            Not After : Jun 11 04:00:54 2025 GMT
        Subject: CN=e7a91b9b46da530ceea8e70a6cf7feca0c7caece
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:5d:3e:42:06:a9:af:8f:ba:22:dd:31:d4:83:
                    72:62:e4:4a:fb:85:4b:d5:bd:19:a0:60:56:3e:88:
                    76:19:be:bf:0e:76:61:7c:e5:6c:77:20:23:87:73:
                    d0:62:b0:7c:a6:8c:11:1b:57:8b:f4:db:cd:40:c0:
                    ab:3e:d3:57:44:d1:fe:3e:86:eb:c8:4b:f0:de:b9:
                    9b:b6:1b:3d:22:1a:e6:e3:85:4e:c2:e9:64:1b:93:
                    39:e2:b3:25:82:91:51:0e:b0:a8:43:fe:61:29:b1:
                    7f:80:5b:40:9a:98:ff:53:97:a7:44:4e:d7:88:5d:
                    17:38:b4:46:36:b4:39:b0:23:dc:f2:8d:7d:a1:9b:
                    04:e3:0f:73:ef:57:22:66:18:82:3b:c1:71:11:d6:
                    43:16:3e:66:43:1a:77:3c:ba:73:5d:48:cd:6b:e2:
                    42:b0:71:ee:dd:ec:d2:aa:c9:20:a0:ea:55:e1:97:
                    a8:65:f1:1b:5b:b2:c6:74:04:4c:08:03:cb:62:45:
                    a4:2c:0a:e2:37:b3:f1:25:e0:0e:22:e8:16:d2:cf:
                    d8:af:e4:e3:5c:b5:4b:1a:41:95:ad:50:ae:2e:3d:
                    f5:60:7a:72:85:41:fb:f7:63:99:9b:83:40:2a:aa:
                    96:9b:8d:fd:3f:39:43:1d:1d:db:7e:58:9f:cf:0a:
                    b2:f3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E7:A9:1B:9B:46:DA:53:0C:EE:A8:E7:0A:6C:F7:FE:CA:0C:7C:AE:CE
            X509v3 Authority Key Identifier:
                keyid:A8:AF:4C:0A:37:2D:01:45:55:F7:D4:D7:C8:9C:F9:96:F0:51:42:F5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qK9MCjctAUVV99TXyJz5lvBRQvU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/8b2bbd-af12-46ae-a50f-dab38fd3c786/1/qK9MCjctAUVV99TXyJz5lvBRQvU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/60/8b2bbd-af12-46ae-a50f-dab38fd3c786/1/qK9MCjctAUVV99TXyJz5lvBRQvU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5f:16:21:74:1a:d1:d3:fb:9d:bf:1b:c4:e6:72:fa:33:5a:01:
         62:45:07:d1:80:4f:ac:e8:01:6f:72:a6:10:73:32:df:b3:3b:
         5a:4f:47:85:8f:04:f9:88:b3:10:d1:d9:01:12:66:63:04:7b:
         52:75:3a:dc:1a:dd:e8:48:64:c8:0b:35:92:76:60:ea:77:6f:
         8e:63:fe:37:e4:51:46:f7:3e:c7:ee:6e:ce:a5:ef:d1:62:2c:
         5e:72:f8:7e:3b:3d:68:33:03:9a:bf:cc:eb:fe:8d:c6:9f:19:
         44:a8:d9:a7:dc:e5:5c:fe:71:81:50:45:06:0d:03:6c:41:89:
         dd:4b:4e:49:8d:61:97:0d:9c:3d:0e:b0:50:b6:22:8e:25:51:
         cb:2a:d0:f5:c2:f5:83:3b:c9:f0:b5:c0:f0:7c:9f:57:1e:61:
         01:56:cf:45:c8:d9:7d:db:85:a0:21:63:0f:31:97:a6:d7:53:
         4c:f1:63:fc:5a:c5:a7:11:77:e7:b5:b1:e3:b9:77:1f:95:a9:
         b0:16:96:f3:13:55:12:6f:d6:76:bb:59:18:44:34:a5:b8:6e:
         39:23:25:c0:f2:9a:13:be:d6:b4:3f:51:76:f7:7e:92:17:dd:
         81:05:47:19:9e:54:28:c8:2f:e1:fc:5a:24:25:8d:36:8f:31:
         88:d2:8b:f2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdX/4n+FQmfkdUic+9ghsQSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE4YWY0YzBhMzcyZDAxNDU1NWY3ZDRkN2M4OWNmOTk2ZjA1
MTQyZjUwHhcNMjUwNjEwMDQwMDU0WhcNMjUwNjExMDQwMDU0WjAzMTEwLwYDVQQD
EyhlN2E5MWI5YjQ2ZGE1MzBjZWVhOGU3MGE2Y2Y3ZmVjYTBjN2NhZWNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsV0+Qgapr4+6It0x1INyYuRK+4VL
1b0ZoGBWPoh2Gb6/DnZhfOVsdyAjh3PQYrB8powRG1eL9NvNQMCrPtNXRNH+Pobr
yEvw3rmbths9Ihrm44VOwulkG5M54rMlgpFRDrCoQ/5hKbF/gFtAmpj/U5enRE7X
iF0XOLRGNrQ5sCPc8o19oZsE4w9z71ciZhiCO8FxEdZDFj5mQxp3PLpzXUjNa+JC
sHHu3ezSqskgoOpV4ZeoZfEbW7LGdARMCAPLYkWkLAriN7PxJeAOIugW0s/Yr+Tj
XLVLGkGVrVCuLj31YHpyhUH792OZm4NAKqqWm439PzlDHR3bflifzwqy8wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOepG5tG2lMM7qjnCmz3/soMfK7OMB8GA1UdIwQY
MBaAFKivTAo3LQFFVffU18ic+ZbwUUL1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcUs5TUNqY3RBVVZWOTlUWHlKejVsdkJSUXZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC84YjJiYmQtYWYxMi00NmFlLWE1MGYt
ZGFiMzhmZDNjNzg2LzEvcUs5TUNqY3RBVVZWOTlUWHlKejVsdkJSUXZVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MC84YjJiYmQtYWYxMi00NmFlLWE1MGYtZGFiMzhmZDNjNzg2
LzEvcUs5TUNqY3RBVVZWOTlUWHlKejVsdkJSUXZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXxYhdBrR
0/udvxvE5nL6M1oBYkUH0YBPrOgBb3KmEHMy37M7Wk9HhY8E+YizENHZARJmYwR7
UnU63Brd6EhkyAs1knZg6ndvjmP+N+RRRvc+x+5uzqXv0WIsXnL4fjs9aDMDmr/M
6/6Nxp8ZRKjZp9zlXP5xgVBFBg0DbEGJ3UtOSY1hlw2cPQ6wULYijiVRyyrQ9cL1
gzvJ8LXA8HyfVx5hAVbPRcjZfduFoCFjDzGXptdTTPFj/FrFpxF357Wx47l3H5Wp
sBaW8xNVEm/WdrtZGEQ0pbhuOSMlwPKaE77WtD9Rdvd+khfdgQVHGZ5UKMgv4fxa
JCWNNo8xiNKL8g==
-----END CERTIFICATE-----
Generated at Tue Jun 10 15:40:41 2025 by rpki-client