Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6c/59c063-27dc-44ce-a60f-b149eb705dcc/1/aY1Hvt-EiaoC09tG-YtPeiZLSAo.mft
File:                     aY1Hvt-EiaoC09tG-YtPeiZLSAo.mft (raw, json)
Hash identifier:          7pK4CnNzBIqBP7M5hvfVxHOV6JZHSfXREK1/V/obj1s=
Subject key identifier:   03:B6:51:BE:11:A9:98:10:D7:A4:02:3D:64:9B:40:73:A3:63:6C:E4
Authority key identifier: 69:8D:47:BE:DF:84:89:AA:02:D3:DB:46:F9:8B:4F:7A:26:4B:48:0A
Certificate issuer:       /CN=698d47bedf8489aa02d3db46f98b4f7a264b480a
Certificate serial:       019758DAD9D822487893DBB2ABE0AD898C81
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/aY1Hvt-EiaoC09tG-YtPeiZLSAo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/6c/59c063-27dc-44ce-a60f-b149eb705dcc/1/aY1Hvt-EiaoC09tG-YtPeiZLSAo.mft
Manifest number:          1513
Signing time:             Tue 10 Jun 2025 08:00:26 +0000
Manifest this update:     Tue 10 Jun 2025 08:00:26 +0000
Manifest next update:     Wed 11 Jun 2025 08:00:26 +0000
Files and hashes:         1: aY1Hvt-EiaoC09tG-YtPeiZLSAo.crl (hash: 7pZal1luXXQ4sWgW4iWvVw1DUT5jJyvepLv6P9sxgDY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/6c/59c063-27dc-44ce-a60f-b149eb705dcc/1/aY1Hvt-EiaoC09tG-YtPeiZLSAo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/6c/59c063-27dc-44ce-a60f-b149eb705dcc/1/aY1Hvt-EiaoC09tG-YtPeiZLSAo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/aY1Hvt-EiaoC09tG-YtPeiZLSAo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 11 Jun 2025 00:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:58:da:d9:d8:22:48:78:93:db:b2:ab:e0:ad:89:8c:81
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=698d47bedf8489aa02d3db46f98b4f7a264b480a
        Validity
            Not Before: Jun 10 08:00:26 2025 GMT
            Not After : Jun 11 08:00:26 2025 GMT
        Subject: CN=03b651be11a99810d7a4023d649b4073a3636ce4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9e:c6:c1:2e:80:87:5b:c2:1c:63:ed:24:ff:c5:
                    4d:e1:b7:bd:45:77:76:ad:f0:90:2b:9c:b5:b9:b6:
                    ab:72:3a:da:43:a2:a6:b2:dd:57:d0:1a:2b:63:2e:
                    fe:d1:71:d7:e5:9b:29:8c:f0:f9:c1:c3:4f:4a:0f:
                    13:41:78:6e:8c:31:cf:29:73:83:aa:aa:70:27:9e:
                    12:ba:5e:33:8e:5b:f5:7f:1c:08:e2:85:ec:9a:8d:
                    72:d1:16:c0:97:1f:0d:3c:4c:f4:41:43:2f:ed:d2:
                    50:b6:c2:f1:4c:64:32:ad:04:db:7d:73:0f:e6:98:
                    49:84:10:fc:0e:b4:8a:f4:39:c8:d2:ee:63:84:c5:
                    c2:e3:bf:cd:26:9f:78:f4:1d:39:71:d8:4d:14:40:
                    e5:2e:3b:9a:09:87:95:76:60:6a:d7:5f:dc:09:8c:
                    78:2a:39:00:b6:ab:a1:e1:48:91:8a:81:ba:43:7e:
                    8c:7d:17:7e:97:3a:6c:57:e5:a8:af:e4:1e:d9:e7:
                    3b:5c:bd:d7:1b:73:5b:7f:dc:08:6e:3c:44:b1:3a:
                    84:0b:a3:3f:55:73:06:ad:85:d5:9c:30:b1:ea:65:
                    19:d7:f9:4e:33:f1:22:a5:10:14:45:13:c9:5e:19:
                    d3:52:4c:d7:a8:41:99:d5:b9:21:6d:c5:f4:bf:1e:
                    5e:1f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                03:B6:51:BE:11:A9:98:10:D7:A4:02:3D:64:9B:40:73:A3:63:6C:E4
            X509v3 Authority Key Identifier:
                keyid:69:8D:47:BE:DF:84:89:AA:02:D3:DB:46:F9:8B:4F:7A:26:4B:48:0A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aY1Hvt-EiaoC09tG-YtPeiZLSAo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/59c063-27dc-44ce-a60f-b149eb705dcc/1/aY1Hvt-EiaoC09tG-YtPeiZLSAo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/59c063-27dc-44ce-a60f-b149eb705dcc/1/aY1Hvt-EiaoC09tG-YtPeiZLSAo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         d9:5b:7f:05:56:e7:c7:27:cf:8e:0f:59:c5:08:87:ae:75:44:
         cc:4a:75:07:ca:5b:28:80:e9:1e:45:35:23:75:bc:af:28:a9:
         62:d1:c3:74:c7:31:ef:0c:c8:db:ec:32:19:db:ab:a3:ef:5a:
         f2:46:87:e2:61:49:ad:88:26:96:9a:77:5e:d0:e9:f3:4e:0e:
         9e:53:80:62:bb:2f:30:54:75:81:bc:4f:c8:ca:e2:74:f4:da:
         ff:6f:9a:19:38:fb:fb:6f:c5:a8:a8:24:6b:6e:7b:37:06:36:
         34:12:b6:81:1a:ad:c9:3f:9c:70:42:89:b5:75:7b:47:c0:00:
         fb:91:06:fc:8f:50:86:76:35:82:66:73:bb:0b:a8:69:68:d8:
         de:c5:46:cd:a2:45:f1:25:82:ae:2c:97:af:8f:d4:ae:1c:90:
         82:69:2a:91:f1:89:1b:cf:44:43:db:df:95:9d:10:42:2f:9d:
         ae:40:33:5e:88:68:2c:9b:ff:f7:a3:09:44:14:c9:48:16:0e:
         bf:5a:12:b5:57:8b:f0:00:14:df:57:6d:4f:a7:00:0f:93:7a:
         bf:66:ff:fd:7f:45:91:9a:9f:18:fc:96:ba:5f:da:ae:87:74:
         c4:29:5a:5e:cb:9e:43:4a:41:9f:af:8f:fd:a8:ef:d4:df:78:
         c9:63:1c:a4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdY2tnYIkh4k9uyq+CtiYyBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY5OGQ0N2JlZGY4NDg5YWEwMmQzZGI0NmY5OGI0ZjdhMjY0
YjQ4MGEwHhcNMjUwNjEwMDgwMDI2WhcNMjUwNjExMDgwMDI2WjAzMTEwLwYDVQQD
EygwM2I2NTFiZTExYTk5ODEwZDdhNDAyM2Q2NDliNDA3M2EzNjM2Y2U0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnsbBLoCHW8IcY+0k/8VN4be9RXd2
rfCQK5y1ubarcjraQ6Kmst1X0BorYy7+0XHX5ZspjPD5wcNPSg8TQXhujDHPKXOD
qqpwJ54Sul4zjlv1fxwI4oXsmo1y0RbAlx8NPEz0QUMv7dJQtsLxTGQyrQTbfXMP
5phJhBD8DrSK9DnI0u5jhMXC47/NJp949B05cdhNFEDlLjuaCYeVdmBq11/cCYx4
KjkAtquh4UiRioG6Q36MfRd+lzpsV+Wor+Qe2ec7XL3XG3Nbf9wIbjxEsTqEC6M/
VXMGrYXVnDCx6mUZ1/lOM/EipRAURRPJXhnTUkzXqEGZ1bkhbcX0vx5eHwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAO2Ub4RqZgQ16QCPWSbQHOjY2zkMB8GA1UdIwQY
MBaAFGmNR77fhImqAtPbRvmLT3omS0gKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYVkxSHZ0LUVpYW9DMDl0Ry1ZdFBlaVpMU0FvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yy81OWMwNjMtMjdkYy00NGNlLWE2MGYt
YjE0OWViNzA1ZGNjLzEvYVkxSHZ0LUVpYW9DMDl0Ry1ZdFBlaVpMU0FvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yy81OWMwNjMtMjdkYy00NGNlLWE2MGYtYjE0OWViNzA1ZGNj
LzEvYVkxSHZ0LUVpYW9DMDl0Ry1ZdFBlaVpMU0FvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEA2Vt/BVbn
xyfPjg9ZxQiHrnVEzEp1B8pbKIDpHkU1I3W8ryipYtHDdMcx7wzI2+wyGduro+9a
8kaH4mFJrYgmlpp3XtDp804OnlOAYrsvMFR1gbxPyMridPTa/2+aGTj7+2/FqKgk
a257NwY2NBK2gRqtyT+ccEKJtXV7R8AA+5EG/I9QhnY1gmZzuwuoaWjY3sVGzaJF
8SWCriyXr4/UrhyQgmkqkfGJG89EQ9vflZ0QQi+drkAzXohoLJv/96MJRBTJSBYO
v1oStVeL8AAU31dtT6cAD5N6v2b//X9FkZqfGPyWul/arod0xClaXsueQ0pBn6+P
/ajv1N94yWMcpA==
-----END CERTIFICATE-----
Generated at Tue Jun 10 10:55:07 2025 by rpki-client