Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/ea5b40-2886-4baf-8ea0-113eefa51aa6/1/jKD-wY7yn5qt_pYrz3QIkNsPc5A.mft
File:                     jKD-wY7yn5qt_pYrz3QIkNsPc5A.mft (raw, json)
Hash identifier:          Tl1sx8TkCffrbFA8BxSDS4a0TMQ4gqHYHAg17uIBgM0=
Subject key identifier:   34:36:0D:28:71:0C:BD:55:85:5A:3A:B5:20:11:11:42:5B:9D:A5:B2
Authority key identifier: 8C:A0:FE:C1:8E:F2:9F:9A:AD:FE:96:2B:CF:74:08:90:DB:0F:73:90
Certificate issuer:       /CN=8ca0fec18ef29f9aadfe962bcf740890db0f7390
Certificate serial:       01975948CCFC9D7543EDF8895E98A0F9544F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/jKD-wY7yn5qt_pYrz3QIkNsPc5A.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/61/ea5b40-2886-4baf-8ea0-113eefa51aa6/1/jKD-wY7yn5qt_pYrz3QIkNsPc5A.mft
Manifest number:          0D6E
Signing time:             Tue 10 Jun 2025 10:00:32 +0000
Manifest this update:     Tue 10 Jun 2025 10:00:32 +0000
Manifest next update:     Wed 11 Jun 2025 10:00:32 +0000
Files and hashes:         1: jKD-wY7yn5qt_pYrz3QIkNsPc5A.crl (hash: /ql7rvt6uzIO8HIGcE8EmFaROf4UUdVEboyj04odEyo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/61/ea5b40-2886-4baf-8ea0-113eefa51aa6/1/jKD-wY7yn5qt_pYrz3QIkNsPc5A.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/61/ea5b40-2886-4baf-8ea0-113eefa51aa6/1/jKD-wY7yn5qt_pYrz3QIkNsPc5A.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/jKD-wY7yn5qt_pYrz3QIkNsPc5A.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 11 Jun 2025 09:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:59:48:cc:fc:9d:75:43:ed:f8:89:5e:98:a0:f9:54:4f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8ca0fec18ef29f9aadfe962bcf740890db0f7390
        Validity
            Not Before: Jun 10 10:00:32 2025 GMT
            Not After : Jun 11 10:00:32 2025 GMT
        Subject: CN=34360d28710cbd55855a3ab5201111425b9da5b2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:9a:e7:d0:b3:44:b5:73:f2:23:2c:b5:a5:e2:
                    23:bb:00:52:93:db:1c:96:2c:f3:72:14:76:7c:b1:
                    46:f2:db:f2:c8:5d:cd:0b:2e:82:0f:82:a8:c5:ab:
                    82:a1:75:9a:91:d7:3e:d4:c4:12:ce:2d:6c:92:ee:
                    68:58:64:1a:ae:b3:45:56:b6:c8:24:8f:d5:ec:1d:
                    8e:df:b5:a9:c9:ec:b2:30:47:57:84:08:6b:d7:dd:
                    21:90:c9:3e:9e:c7:c6:ea:f4:5e:e7:aa:ed:56:9f:
                    74:2c:da:bd:1a:6f:0d:b8:ba:d1:d8:6c:9c:e2:1d:
                    c0:a5:f1:18:c1:bd:46:89:40:cd:2f:41:ac:31:a3:
                    49:1c:09:fc:d3:0c:b5:b4:c2:df:ce:86:a6:fa:10:
                    0f:fc:b9:e6:95:fc:c8:c9:e5:eb:11:cc:bb:a7:72:
                    5c:3b:18:01:d6:76:55:81:f9:c0:67:32:3d:ba:b0:
                    dc:ef:20:58:85:86:21:36:3d:89:56:ba:be:c0:28:
                    32:d4:0e:bb:8f:97:d7:74:f4:c7:64:a2:8d:4e:28:
                    34:b2:6d:ed:cb:0c:43:b4:25:2c:bb:16:05:8b:c0:
                    ab:43:01:dc:a8:a7:93:a6:78:0e:0f:5e:45:56:83:
                    2e:71:75:f5:45:41:7b:8d:14:63:fd:8d:c9:b4:e8:
                    b6:df
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                34:36:0D:28:71:0C:BD:55:85:5A:3A:B5:20:11:11:42:5B:9D:A5:B2
            X509v3 Authority Key Identifier:
                keyid:8C:A0:FE:C1:8E:F2:9F:9A:AD:FE:96:2B:CF:74:08:90:DB:0F:73:90

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jKD-wY7yn5qt_pYrz3QIkNsPc5A.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/ea5b40-2886-4baf-8ea0-113eefa51aa6/1/jKD-wY7yn5qt_pYrz3QIkNsPc5A.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/61/ea5b40-2886-4baf-8ea0-113eefa51aa6/1/jKD-wY7yn5qt_pYrz3QIkNsPc5A.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         be:9d:53:9e:5d:a0:38:2b:fd:55:b0:cc:44:92:88:f0:c9:f8:
         98:7b:63:55:0c:f9:37:fb:16:a3:07:f5:61:c0:97:f6:0f:3c:
         eb:47:a7:0b:56:76:35:7c:0a:11:44:38:ef:0c:23:b8:98:cf:
         7c:49:79:fe:39:8c:ac:9c:75:58:aa:bd:fb:c0:cb:65:31:10:
         9e:7d:d6:e3:68:21:96:2e:ec:1c:e5:ea:9a:f1:c5:53:d1:fa:
         6e:56:45:2e:3e:54:f2:d4:a0:49:53:d1:87:79:36:3a:74:47:
         85:00:9c:3f:5f:13:ae:f0:c8:16:fd:16:b4:61:aa:3b:17:69:
         be:d4:a4:76:9b:e5:74:c8:dc:59:33:cd:1e:a7:70:f8:e5:9a:
         13:83:e3:b8:33:92:d9:99:83:b4:b8:1d:e8:22:0e:a0:72:a3:
         6b:74:b5:d8:3d:f5:2a:7e:d1:9c:01:c0:c4:05:45:df:e5:8a:
         c3:e9:31:93:f8:15:0c:11:ce:e2:77:e4:eb:26:91:61:12:bc:
         ac:82:7e:63:d9:0a:77:23:12:85:47:c1:85:85:aa:7f:2d:50:
         25:93:33:ca:7f:32:4e:1f:2d:72:25:11:5b:92:1a:ea:6d:65:
         82:9b:fb:b9:be:4f:ab:bc:9d:e5:ea:0a:53:0e:18:85:f8:a8:
         a9:99:d7:51
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdZSMz8nXVD7fiJXpig+VRPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhjYTBmZWMxOGVmMjlmOWFhZGZlOTYyYmNmNzQwODkwZGIw
ZjczOTAwHhcNMjUwNjEwMTAwMDMyWhcNMjUwNjExMTAwMDMyWjAzMTEwLwYDVQQD
EygzNDM2MGQyODcxMGNiZDU1ODU1YTNhYjUyMDExMTE0MjViOWRhNWIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsJrn0LNEtXPyIyy1peIjuwBSk9sc
lizzchR2fLFG8tvyyF3NCy6CD4KoxauCoXWakdc+1MQSzi1sku5oWGQarrNFVrbI
JI/V7B2O37WpyeyyMEdXhAhr190hkMk+nsfG6vRe56rtVp90LNq9Gm8NuLrR2Gyc
4h3ApfEYwb1GiUDNL0GsMaNJHAn80wy1tMLfzoam+hAP/LnmlfzIyeXrEcy7p3Jc
OxgB1nZVgfnAZzI9urDc7yBYhYYhNj2JVrq+wCgy1A67j5fXdPTHZKKNTig0sm3t
ywxDtCUsuxYFi8CrQwHcqKeTpngOD15FVoMucXX1RUF7jRRj/Y3JtOi23wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDQ2DShxDL1VhVo6tSAREUJbnaWyMB8GA1UdIwQY
MBaAFIyg/sGO8p+arf6WK890CJDbD3OQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaktELXdZN3luNXF0X3BZcnozUUlrTnNQYzVBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MS9lYTViNDAtMjg4Ni00YmFmLThlYTAt
MTEzZWVmYTUxYWE2LzEvaktELXdZN3luNXF0X3BZcnozUUlrTnNQYzVBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MS9lYTViNDAtMjg4Ni00YmFmLThlYTAtMTEzZWVmYTUxYWE2
LzEvaktELXdZN3luNXF0X3BZcnozUUlrTnNQYzVBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAvp1Tnl2g
OCv9VbDMRJKI8Mn4mHtjVQz5N/sWowf1YcCX9g8860enC1Z2NXwKEUQ47wwjuJjP
fEl5/jmMrJx1WKq9+8DLZTEQnn3W42ghli7sHOXqmvHFU9H6blZFLj5U8tSgSVPR
h3k2OnRHhQCcP18TrvDIFv0WtGGqOxdpvtSkdpvldMjcWTPNHqdw+OWaE4PjuDOS
2ZmDtLgd6CIOoHKja3S12D31Kn7RnAHAxAVF3+WKw+kxk/gVDBHO4nfk6yaRYRK8
rIJ+Y9kKdyMShUfBhYWqfy1QJZMzyn8yTh8tciURW5Ia6m1lgpv7ub5Pq7yd5eoK
Uw4YhfioqZnXUQ==
-----END CERTIFICATE-----
Generated at Tue Jun 10 13:26:16 2025 by rpki-client