Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/63/d4e557-0640-48d3-87d6-59029a8b533a/1/Pgq6MPS0BP9N7J_AAWwLvuS2uHc.mft
File:                     Pgq6MPS0BP9N7J_AAWwLvuS2uHc.mft (raw, json)
Hash identifier:          e9gUwFClZuEHVH/wTSPVveYDxldnS0VqPEf2mtDh4bo=
Subject key identifier:   71:99:97:0D:60:D8:A3:4F:E1:1C:45:5D:DE:03:61:F0:B9:DD:D1:31
Authority key identifier: 3E:0A:BA:30:F4:B4:04:FF:4D:EC:9F:C0:01:6C:0B:BE:E4:B6:B8:77
Certificate issuer:       /CN=3e0aba30f4b404ff4dec9fc0016c0bbee4b6b877
Certificate serial:       0197643A2B1BDBC04F02BF6B21B6A1E3D2EB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Pgq6MPS0BP9N7J_AAWwLvuS2uHc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/63/d4e557-0640-48d3-87d6-59029a8b533a/1/Pgq6MPS0BP9N7J_AAWwLvuS2uHc.mft
Manifest number:          0409
Signing time:             Thu 12 Jun 2025 13:00:23 +0000
Manifest this update:     Thu 12 Jun 2025 13:00:23 +0000
Manifest next update:     Fri 13 Jun 2025 13:00:23 +0000
Files and hashes:         1: Pgq6MPS0BP9N7J_AAWwLvuS2uHc.crl (hash: vJhlwUQ66LmEKK9ojie6yWkXBVFbq38fDVYRqoWNS1E=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/63/d4e557-0640-48d3-87d6-59029a8b533a/1/Pgq6MPS0BP9N7J_AAWwLvuS2uHc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/63/d4e557-0640-48d3-87d6-59029a8b533a/1/Pgq6MPS0BP9N7J_AAWwLvuS2uHc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Pgq6MPS0BP9N7J_AAWwLvuS2uHc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 13 Jun 2025 13:00:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:64:3a:2b:1b:db:c0:4f:02:bf:6b:21:b6:a1:e3:d2:eb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3e0aba30f4b404ff4dec9fc0016c0bbee4b6b877
        Validity
            Not Before: Jun 12 13:00:23 2025 GMT
            Not After : Jun 13 13:00:23 2025 GMT
        Subject: CN=7199970d60d8a34fe11c455dde0361f0b9ddd131
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:24:38:17:40:a4:7d:29:0d:52:90:b5:3a:1b:
                    54:0a:0f:cc:3b:a0:94:fe:7c:b6:3c:10:55:83:8c:
                    8b:70:6d:cc:2b:8e:eb:02:bd:22:69:9b:b0:52:26:
                    74:21:64:2f:24:60:77:d0:de:da:73:b5:6a:7e:fa:
                    79:a6:35:20:67:70:c8:63:23:58:91:db:08:fb:eb:
                    3e:95:63:9d:87:8c:16:f9:74:b9:5d:78:87:cb:a8:
                    ba:7f:c6:e3:b0:96:f0:56:59:10:5e:04:74:c2:15:
                    49:df:ea:e7:61:c1:94:49:77:bf:d9:fe:4a:9e:4c:
                    dd:d7:26:1f:aa:28:ae:71:52:aa:99:73:dc:31:e3:
                    62:1f:89:b5:fa:7a:54:13:be:1c:7a:06:61:24:50:
                    90:f7:92:7c:b6:02:04:77:0e:32:3b:80:2f:f7:c2:
                    9a:ca:a8:38:10:61:f7:82:c1:b4:04:d9:6b:e9:ca:
                    c1:4b:50:3f:c0:2b:ee:f4:f3:af:3d:72:d0:b0:82:
                    9b:d7:9b:e9:bc:56:3f:d1:5e:ed:ff:5b:eb:81:7a:
                    11:7e:35:94:5d:69:10:f7:38:23:21:50:51:3a:9e:
                    90:e5:b8:c7:1a:d5:b7:2c:09:d8:80:f1:6e:35:d4:
                    f5:60:dd:22:c5:d3:9b:f7:17:6c:ba:44:36:cf:c8:
                    1d:9f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                71:99:97:0D:60:D8:A3:4F:E1:1C:45:5D:DE:03:61:F0:B9:DD:D1:31
            X509v3 Authority Key Identifier:
                keyid:3E:0A:BA:30:F4:B4:04:FF:4D:EC:9F:C0:01:6C:0B:BE:E4:B6:B8:77

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Pgq6MPS0BP9N7J_AAWwLvuS2uHc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/63/d4e557-0640-48d3-87d6-59029a8b533a/1/Pgq6MPS0BP9N7J_AAWwLvuS2uHc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/63/d4e557-0640-48d3-87d6-59029a8b533a/1/Pgq6MPS0BP9N7J_AAWwLvuS2uHc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7d:08:de:93:75:25:c5:72:b6:89:a6:03:82:d1:f4:58:e2:bd:
         85:88:ab:76:27:94:52:ed:af:e0:69:34:1d:f5:b2:62:c9:4d:
         73:70:fd:ce:f6:a2:80:5f:6c:64:00:a0:7d:5a:9e:55:d9:b2:
         a9:3a:fd:3f:fe:02:6b:99:7b:e3:ce:ae:9d:b2:84:51:77:5e:
         e7:e6:45:f4:9a:bf:37:95:b0:f6:10:c7:65:f4:39:11:78:33:
         f8:22:8a:67:00:89:3b:58:15:6a:2d:82:24:c8:c0:5c:8d:d6:
         95:54:f8:09:56:c2:cf:87:9f:6f:51:93:d4:77:f0:47:89:3a:
         38:9c:cf:f9:c8:d1:82:b2:c4:ac:76:50:61:a3:e9:2b:95:a8:
         6b:da:ef:16:60:1b:36:cb:d6:dc:75:6a:f1:56:a9:60:f8:20:
         72:80:14:c4:f3:2a:97:6f:67:c0:96:e0:e3:97:69:24:15:82:
         73:46:2b:59:71:46:98:67:72:ed:29:ac:b7:b8:00:46:4f:36:
         db:68:af:5d:19:06:ed:dd:9a:e0:b0:1d:4c:90:a7:7d:e5:be:
         86:6d:81:01:da:14:a5:2d:60:33:fc:71:a0:8d:18:b2:6b:2d:
         eb:a6:41:51:67:2c:ad:a5:b4:2f:85:ce:05:ba:c7:64:b7:4c:
         c8:87:07:d5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdkOisb28BPAr9rIbah49LrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlMGFiYTMwZjRiNDA0ZmY0ZGVjOWZjMDAxNmMwYmJlZTRi
NmI4NzcwHhcNMjUwNjEyMTMwMDIzWhcNMjUwNjEzMTMwMDIzWjAzMTEwLwYDVQQD
Eyg3MTk5OTcwZDYwZDhhMzRmZTExYzQ1NWRkZTAzNjFmMGI5ZGRkMTMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqyQ4F0CkfSkNUpC1OhtUCg/MO6CU
/ny2PBBVg4yLcG3MK47rAr0iaZuwUiZ0IWQvJGB30N7ac7Vqfvp5pjUgZ3DIYyNY
kdsI++s+lWOdh4wW+XS5XXiHy6i6f8bjsJbwVlkQXgR0whVJ3+rnYcGUSXe/2f5K
nkzd1yYfqiiucVKqmXPcMeNiH4m1+npUE74cegZhJFCQ95J8tgIEdw4yO4Av98Ka
yqg4EGH3gsG0BNlr6crBS1A/wCvu9POvPXLQsIKb15vpvFY/0V7t/1vrgXoRfjWU
XWkQ9zgjIVBROp6Q5bjHGtW3LAnYgPFuNdT1YN0ixdOb9xdsukQ2z8gdnwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHGZlw1g2KNP4RxFXd4DYfC53dExMB8GA1UdIwQY
MBaAFD4KujD0tAT/TeyfwAFsC77ktrh3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUGdxNk1QUzBCUDlON0pfQUFXd0x2dVMydUhjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82My9kNGU1NTctMDY0MC00OGQzLTg3ZDYt
NTkwMjlhOGI1MzNhLzEvUGdxNk1QUzBCUDlON0pfQUFXd0x2dVMydUhjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82My9kNGU1NTctMDY0MC00OGQzLTg3ZDYtNTkwMjlhOGI1MzNh
LzEvUGdxNk1QUzBCUDlON0pfQUFXd0x2dVMydUhjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAfQjek3Ul
xXK2iaYDgtH0WOK9hYirdieUUu2v4Gk0HfWyYslNc3D9zvaigF9sZACgfVqeVdmy
qTr9P/4Ca5l7486unbKEUXde5+ZF9Jq/N5Ww9hDHZfQ5EXgz+CKKZwCJO1gVai2C
JMjAXI3WlVT4CVbCz4efb1GT1HfwR4k6OJzP+cjRgrLErHZQYaPpK5Woa9rvFmAb
NsvW3HVq8VapYPggcoAUxPMql29nwJbg45dpJBWCc0YrWXFGmGdy7Smst7gARk82
22ivXRkG7d2a4LAdTJCnfeW+hm2BAdoUpS1gM/xxoI0Ysmst66ZBUWcsraW0L4XO
BbrHZLdMyIcH1Q==
-----END CERTIFICATE-----
Generated at Thu Jun 12 18:08:30 2025 by rpki-client