Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/ea5b40-2886-4baf-8ea0-113eefa51aa6/1/jKD-wY7yn5qt_pYrz3QIkNsPc5A.mft
File:                     jKD-wY7yn5qt_pYrz3QIkNsPc5A.mft (raw, json)
Hash identifier:          kk//Wf9tS4Xd41BusguTjR4kLSgmAbmChUhJhq+Tz2A=
Subject key identifier:   AE:E2:40:09:B6:FA:15:68:E7:D5:E2:ED:7A:40:99:2C:48:B5:C1:83
Authority key identifier: 8C:A0:FE:C1:8E:F2:9F:9A:AD:FE:96:2B:CF:74:08:90:DB:0F:73:90
Certificate issuer:       /CN=8ca0fec18ef29f9aadfe962bcf740890db0f7390
Certificate serial:       0197537DC82CCF5B78B7F5BEDF5975A001D4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/jKD-wY7yn5qt_pYrz3QIkNsPc5A.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/61/ea5b40-2886-4baf-8ea0-113eefa51aa6/1/jKD-wY7yn5qt_pYrz3QIkNsPc5A.mft
Manifest number:          0D6B
Signing time:             Mon 09 Jun 2025 07:00:41 +0000
Manifest this update:     Mon 09 Jun 2025 07:00:41 +0000
Manifest next update:     Tue 10 Jun 2025 07:00:41 +0000
Files and hashes:         1: jKD-wY7yn5qt_pYrz3QIkNsPc5A.crl (hash: D7IfGklIkHIfYn6HeUKAao2pobsNVqxCZUHJdUPWcfU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/61/ea5b40-2886-4baf-8ea0-113eefa51aa6/1/jKD-wY7yn5qt_pYrz3QIkNsPc5A.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/61/ea5b40-2886-4baf-8ea0-113eefa51aa6/1/jKD-wY7yn5qt_pYrz3QIkNsPc5A.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/jKD-wY7yn5qt_pYrz3QIkNsPc5A.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 10 Jun 2025 06:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:53:7d:c8:2c:cf:5b:78:b7:f5:be:df:59:75:a0:01:d4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8ca0fec18ef29f9aadfe962bcf740890db0f7390
        Validity
            Not Before: Jun  9 07:00:41 2025 GMT
            Not After : Jun 10 07:00:41 2025 GMT
        Subject: CN=aee24009b6fa1568e7d5e2ed7a40992c48b5c183
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:90:ab:54:c3:cf:a8:7f:3b:75:3d:9a:50:ad:53:
                    8f:8e:bc:e6:54:ab:f9:0e:fe:5d:64:8a:c9:64:ec:
                    4e:ba:2c:f6:05:3f:e7:ac:70:be:d4:25:2d:f9:06:
                    d3:1d:1a:a0:09:31:a3:cc:e2:db:e4:1d:cc:c9:63:
                    07:56:56:d7:2d:e1:55:66:0a:f2:db:9b:4b:4d:8c:
                    8a:0a:44:16:f0:c5:91:9c:c1:18:0e:f2:2b:af:9a:
                    66:f8:88:dd:ae:9d:b2:c5:c5:c5:fc:e0:92:5d:f5:
                    d0:cf:ed:ba:fe:e6:95:9b:13:74:20:32:60:98:7f:
                    c3:53:f6:b8:3d:12:6f:db:24:c3:84:6a:25:5f:35:
                    d4:41:58:84:00:ea:0f:7a:f6:ce:e2:6e:e6:de:b1:
                    35:c2:91:f1:e3:70:a4:3a:86:a5:d7:5e:dc:bd:72:
                    7e:a2:fa:32:f9:41:3a:63:aa:06:2d:06:59:1f:dd:
                    61:02:ce:d5:01:8d:01:b7:43:28:6c:b5:8d:48:d6:
                    5a:b6:a7:46:5d:5d:45:ed:e0:1e:7d:af:45:0a:3c:
                    cc:51:c5:8f:a0:9e:94:28:1d:64:5e:90:6d:9d:96:
                    9f:80:35:58:ce:9d:33:38:8d:b8:53:a5:b7:d5:02:
                    f3:10:7b:46:70:0c:58:06:62:93:01:77:f6:67:ad:
                    8f:9d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AE:E2:40:09:B6:FA:15:68:E7:D5:E2:ED:7A:40:99:2C:48:B5:C1:83
            X509v3 Authority Key Identifier:
                keyid:8C:A0:FE:C1:8E:F2:9F:9A:AD:FE:96:2B:CF:74:08:90:DB:0F:73:90

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jKD-wY7yn5qt_pYrz3QIkNsPc5A.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/ea5b40-2886-4baf-8ea0-113eefa51aa6/1/jKD-wY7yn5qt_pYrz3QIkNsPc5A.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/61/ea5b40-2886-4baf-8ea0-113eefa51aa6/1/jKD-wY7yn5qt_pYrz3QIkNsPc5A.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4f:d1:37:c7:a7:a4:fd:3a:f1:99:a1:02:61:23:b8:79:dc:ad:
         ad:a4:1e:1f:f9:27:65:da:5e:c7:2d:58:5b:7b:5e:e3:59:b8:
         c3:eb:76:e4:55:a0:a6:db:f2:ef:3b:40:27:5b:b0:34:cd:5a:
         4c:78:43:4f:64:a9:f7:e2:2c:86:03:29:ad:43:e6:0a:0b:18:
         33:4a:b5:d9:06:bd:4d:bd:cc:c5:8c:48:0e:a8:60:39:76:4e:
         1e:b6:c2:fd:19:46:87:94:be:e8:b5:f8:9d:9e:6c:0d:15:62:
         f8:57:c5:8d:e6:95:2b:84:d7:cc:4f:2f:4b:72:c8:c6:d4:54:
         8e:79:33:ca:f7:a8:d8:41:38:42:3d:75:a2:1d:0e:e5:df:cc:
         e6:1c:0c:97:7f:42:0f:19:56:f3:41:86:2d:c9:4b:a5:f2:1e:
         ef:57:be:f7:bf:de:b1:9f:f2:19:4e:ea:a7:34:61:cf:64:9f:
         45:d1:7f:cb:4b:01:57:f0:0c:8a:24:6b:40:b6:6b:23:44:75:
         3a:7e:4d:9b:91:34:f0:f6:cc:5f:ca:eb:4b:14:a6:3c:ca:22:
         aa:57:08:fc:7f:27:0b:16:62:fa:16:d2:f7:d8:13:2f:cc:2d:
         62:a5:3c:f6:4f:d9:5c:fb:b7:bb:97:74:95:82:fa:80:47:08:
         1f:00:ec:5f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdTfcgsz1t4t/W+31l1oAHUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhjYTBmZWMxOGVmMjlmOWFhZGZlOTYyYmNmNzQwODkwZGIw
ZjczOTAwHhcNMjUwNjA5MDcwMDQxWhcNMjUwNjEwMDcwMDQxWjAzMTEwLwYDVQQD
EyhhZWUyNDAwOWI2ZmExNTY4ZTdkNWUyZWQ3YTQwOTkyYzQ4YjVjMTgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkKtUw8+ofzt1PZpQrVOPjrzmVKv5
Dv5dZIrJZOxOuiz2BT/nrHC+1CUt+QbTHRqgCTGjzOLb5B3MyWMHVlbXLeFVZgry
25tLTYyKCkQW8MWRnMEYDvIrr5pm+Ijdrp2yxcXF/OCSXfXQz+26/uaVmxN0IDJg
mH/DU/a4PRJv2yTDhGolXzXUQViEAOoPevbO4m7m3rE1wpHx43CkOoal117cvXJ+
ovoy+UE6Y6oGLQZZH91hAs7VAY0Bt0MobLWNSNZatqdGXV1F7eAefa9FCjzMUcWP
oJ6UKB1kXpBtnZafgDVYzp0zOI24U6W31QLzEHtGcAxYBmKTAXf2Z62PnQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFK7iQAm2+hVo59Xi7XpAmSxItcGDMB8GA1UdIwQY
MBaAFIyg/sGO8p+arf6WK890CJDbD3OQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaktELXdZN3luNXF0X3BZcnozUUlrTnNQYzVBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MS9lYTViNDAtMjg4Ni00YmFmLThlYTAt
MTEzZWVmYTUxYWE2LzEvaktELXdZN3luNXF0X3BZcnozUUlrTnNQYzVBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MS9lYTViNDAtMjg4Ni00YmFmLThlYTAtMTEzZWVmYTUxYWE2
LzEvaktELXdZN3luNXF0X3BZcnozUUlrTnNQYzVBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAT9E3x6ek
/TrxmaECYSO4edytraQeH/knZdpexy1YW3te41m4w+t25FWgptvy7ztAJ1uwNM1a
THhDT2Sp9+IshgMprUPmCgsYM0q12Qa9Tb3MxYxIDqhgOXZOHrbC/RlGh5S+6LX4
nZ5sDRVi+FfFjeaVK4TXzE8vS3LIxtRUjnkzyveo2EE4Qj11oh0O5d/M5hwMl39C
DxlW80GGLclLpfIe71e+97/esZ/yGU7qpzRhz2SfRdF/y0sBV/AMiiRrQLZrI0R1
On5Nm5E08PbMX8rrSxSmPMoiqlcI/H8nCxZi+hbS99gTL8wtYqU89k/ZXPu3u5d0
lYL6gEcIHwDsXw==
-----END CERTIFICATE-----
Generated at Mon Jun 9 15:13:47 2025 by rpki-client