Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/8b2bbd-af12-46ae-a50f-dab38fd3c786/1/qK9MCjctAUVV99TXyJz5lvBRQvU.mft
File:                     qK9MCjctAUVV99TXyJz5lvBRQvU.mft (raw, json)
Hash identifier:          pOr1Rs2+w12kTECyE8lYqkLSTupUGfRHhcgszTUTdGo=
Subject key identifier:   75:A3:74:33:0C:F9:D7:DF:8B:C9:BF:20:F7:4B:20:0F:7C:12:28:01
Authority key identifier: A8:AF:4C:0A:37:2D:01:45:55:F7:D4:D7:C8:9C:F9:96:F0:51:42:F5
Certificate issuer:       /CN=a8af4c0a372d014555f7d4d7c89cf996f05142f5
Certificate serial:       0197639651DFD5CFF3E24E670A51A9E1A3D7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/qK9MCjctAUVV99TXyJz5lvBRQvU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/60/8b2bbd-af12-46ae-a50f-dab38fd3c786/1/qK9MCjctAUVV99TXyJz5lvBRQvU.mft
Manifest number:          031D
Signing time:             Thu 12 Jun 2025 10:01:25 +0000
Manifest this update:     Thu 12 Jun 2025 10:01:25 +0000
Manifest next update:     Fri 13 Jun 2025 10:01:25 +0000
Files and hashes:         1: qK9MCjctAUVV99TXyJz5lvBRQvU.crl (hash: KUs0MjmlJCOH9mkHLAqcEfGgMO9lyjq4CRko4RyrYuU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/60/8b2bbd-af12-46ae-a50f-dab38fd3c786/1/qK9MCjctAUVV99TXyJz5lvBRQvU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/60/8b2bbd-af12-46ae-a50f-dab38fd3c786/1/qK9MCjctAUVV99TXyJz5lvBRQvU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/qK9MCjctAUVV99TXyJz5lvBRQvU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 13 Jun 2025 09:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:63:96:51:df:d5:cf:f3:e2:4e:67:0a:51:a9:e1:a3:d7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a8af4c0a372d014555f7d4d7c89cf996f05142f5
        Validity
            Not Before: Jun 12 10:01:25 2025 GMT
            Not After : Jun 13 10:01:25 2025 GMT
        Subject: CN=75a374330cf9d7df8bc9bf20f74b200f7c122801
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:e1:24:b2:68:e8:8c:6b:14:98:49:e4:92:46:
                    36:21:21:d1:53:94:56:52:94:cb:f4:6d:ac:c8:ec:
                    f6:37:7a:37:1c:80:ce:25:b5:82:50:ac:a4:0e:ea:
                    d1:6f:b6:78:0a:64:66:69:2c:08:6e:78:43:0d:42:
                    7d:0f:66:d8:ad:16:f4:9c:48:1b:a6:d7:76:44:e0:
                    37:1b:f5:3c:00:0b:39:b8:1d:c8:61:ca:df:b0:19:
                    ad:cf:cd:24:8b:0c:25:55:0d:c3:3d:0f:2d:6f:b6:
                    b6:45:63:db:20:4b:6e:5b:27:ad:39:15:92:ef:24:
                    2b:4d:df:37:b2:c1:92:fb:74:1d:12:49:75:66:64:
                    d0:b2:ca:4f:5e:9e:2d:e5:ad:92:92:e1:81:c2:83:
                    39:4b:6e:d0:36:65:83:5c:a8:de:35:6b:78:17:6b:
                    e2:86:d9:53:d1:19:75:50:bd:3e:07:92:0d:38:20:
                    3f:6c:5d:eb:bf:2a:0b:13:aa:ee:ef:9a:2a:b9:6e:
                    3e:06:43:4e:1e:aa:ea:13:f7:73:00:36:12:0a:2b:
                    31:a4:ac:92:ba:7d:f8:0e:47:70:16:c4:89:e4:99:
                    09:a4:2c:35:c1:90:c3:99:42:f0:91:bd:37:1a:a6:
                    ae:a6:41:ac:87:81:46:13:d2:53:56:fd:6e:85:a7:
                    68:17
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                75:A3:74:33:0C:F9:D7:DF:8B:C9:BF:20:F7:4B:20:0F:7C:12:28:01
            X509v3 Authority Key Identifier:
                keyid:A8:AF:4C:0A:37:2D:01:45:55:F7:D4:D7:C8:9C:F9:96:F0:51:42:F5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qK9MCjctAUVV99TXyJz5lvBRQvU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/8b2bbd-af12-46ae-a50f-dab38fd3c786/1/qK9MCjctAUVV99TXyJz5lvBRQvU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/60/8b2bbd-af12-46ae-a50f-dab38fd3c786/1/qK9MCjctAUVV99TXyJz5lvBRQvU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         02:e3:30:e8:fa:07:78:20:d3:03:0f:74:19:23:00:00:97:a0:
         5a:af:b7:c7:76:1c:29:96:0b:d7:bd:45:5d:49:19:93:3d:79:
         9c:3a:bf:cc:93:f6:7d:7e:45:58:6f:a3:24:aa:4d:9f:1d:c6:
         17:b4:8f:c2:2c:50:3b:bf:76:b5:d2:86:44:d4:3f:9d:aa:7a:
         c6:cb:6e:39:d4:13:fa:e7:ec:fb:c0:7f:8f:45:9d:48:f1:b7:
         dc:be:78:af:9c:6d:76:91:f3:9f:e7:8f:aa:4f:a0:95:aa:d0:
         a9:d2:e0:fc:1b:36:84:56:81:19:4b:b8:d4:c0:23:e4:6f:9a:
         7d:7f:38:5b:62:e4:c1:3d:6c:df:e5:60:4d:50:8d:bc:0f:23:
         43:1a:12:25:06:04:81:1c:fb:a6:5e:0b:39:f7:a5:12:46:02:
         af:a2:21:fd:f8:c2:3e:aa:da:be:96:ca:80:29:e7:7f:2d:f2:
         35:6d:98:27:c2:f6:fe:91:c3:98:9b:a5:95:36:85:61:3a:b9:
         03:1a:66:5c:14:d0:8c:c9:97:41:f1:f4:ae:a4:b2:8d:b0:ab:
         ee:e0:23:49:54:7e:8c:9c:98:62:0e:a4:16:b8:8a:d5:4d:25:
         78:d8:3c:46:1f:34:5e:6a:90:81:a4:ce:99:3c:d6:c2:43:81:
         8f:65:5c:88
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdjllHf1c/z4k5nClGp4aPXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE4YWY0YzBhMzcyZDAxNDU1NWY3ZDRkN2M4OWNmOTk2ZjA1
MTQyZjUwHhcNMjUwNjEyMTAwMTI1WhcNMjUwNjEzMTAwMTI1WjAzMTEwLwYDVQQD
Eyg3NWEzNzQzMzBjZjlkN2RmOGJjOWJmMjBmNzRiMjAwZjdjMTIyODAxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoOEksmjojGsUmEnkkkY2ISHRU5RW
UpTL9G2syOz2N3o3HIDOJbWCUKykDurRb7Z4CmRmaSwIbnhDDUJ9D2bYrRb0nEgb
ptd2ROA3G/U8AAs5uB3IYcrfsBmtz80kiwwlVQ3DPQ8tb7a2RWPbIEtuWyetORWS
7yQrTd83ssGS+3QdEkl1ZmTQsspPXp4t5a2SkuGBwoM5S27QNmWDXKjeNWt4F2vi
htlT0Rl1UL0+B5INOCA/bF3rvyoLE6ru75oquW4+BkNOHqrqE/dzADYSCisxpKyS
un34DkdwFsSJ5JkJpCw1wZDDmULwkb03GqaupkGsh4FGE9JTVv1uhadoFwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHWjdDMM+dffi8m/IPdLIA98EigBMB8GA1UdIwQY
MBaAFKivTAo3LQFFVffU18ic+ZbwUUL1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcUs5TUNqY3RBVVZWOTlUWHlKejVsdkJSUXZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC84YjJiYmQtYWYxMi00NmFlLWE1MGYt
ZGFiMzhmZDNjNzg2LzEvcUs5TUNqY3RBVVZWOTlUWHlKejVsdkJSUXZVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MC84YjJiYmQtYWYxMi00NmFlLWE1MGYtZGFiMzhmZDNjNzg2
LzEvcUs5TUNqY3RBVVZWOTlUWHlKejVsdkJSUXZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAAuMw6PoH
eCDTAw90GSMAAJegWq+3x3YcKZYL171FXUkZkz15nDq/zJP2fX5FWG+jJKpNnx3G
F7SPwixQO792tdKGRNQ/nap6xstuOdQT+ufs+8B/j0WdSPG33L54r5xtdpHzn+eP
qk+glarQqdLg/Bs2hFaBGUu41MAj5G+afX84W2LkwT1s3+VgTVCNvA8jQxoSJQYE
gRz7pl4LOfelEkYCr6Ih/fjCPqravpbKgCnnfy3yNW2YJ8L2/pHDmJullTaFYTq5
AxpmXBTQjMmXQfH0rqSyjbCr7uAjSVR+jJyYYg6kFriK1U0leNg8Rh80XmqQgaTO
mTzWwkOBj2VciA==
-----END CERTIFICATE-----
Generated at Thu Jun 12 12:43:59 2025 by rpki-client