Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/71/61b236-6f80-4422-84e5-e8666218a5c8/1/HRAqymzxNRE4UpTnfb4nN2jAoEs.mft
File:                     HRAqymzxNRE4UpTnfb4nN2jAoEs.mft (raw, json)
Hash identifier:          8NaBmT8stFbgbovSfmm6uG4BSbCQahIWrGosjfHz0+g=
Subject key identifier:   AD:1A:6A:E2:46:BA:F1:F2:BE:43:48:AB:7F:A9:59:48:26:12:F1:69
Authority key identifier: 1D:10:2A:CA:6C:F1:35:11:38:52:94:E7:7D:BE:27:37:68:C0:A0:4B
Certificate issuer:       /CN=1d102aca6cf13511385294e77dbe273768c0a04b
Certificate serial:       019759EDC7E1BA391D71C4EE95082E1ED409
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HRAqymzxNRE4UpTnfb4nN2jAoEs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/71/61b236-6f80-4422-84e5-e8666218a5c8/1/HRAqymzxNRE4UpTnfb4nN2jAoEs.mft
Manifest number:          0A62
Signing time:             Tue 10 Jun 2025 13:00:44 +0000
Manifest this update:     Tue 10 Jun 2025 13:00:44 +0000
Manifest next update:     Wed 11 Jun 2025 13:00:44 +0000
Files and hashes:         1: HRAqymzxNRE4UpTnfb4nN2jAoEs.crl (hash: Vdm0wpzFiCR/fQmCuwX+EJ9Pbff9SxI1owV1PYFANDE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/71/61b236-6f80-4422-84e5-e8666218a5c8/1/HRAqymzxNRE4UpTnfb4nN2jAoEs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/71/61b236-6f80-4422-84e5-e8666218a5c8/1/HRAqymzxNRE4UpTnfb4nN2jAoEs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/HRAqymzxNRE4UpTnfb4nN2jAoEs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 11 Jun 2025 13:00:44 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:59:ed:c7:e1:ba:39:1d:71:c4:ee:95:08:2e:1e:d4:09
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1d102aca6cf13511385294e77dbe273768c0a04b
        Validity
            Not Before: Jun 10 13:00:44 2025 GMT
            Not After : Jun 11 13:00:44 2025 GMT
        Subject: CN=ad1a6ae246baf1f2be4348ab7fa959482612f169
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f4:76:5b:0b:e1:88:bb:d6:84:af:6c:93:26:b9:
                    a2:cb:2f:54:7a:90:6a:e0:49:53:63:1d:2f:6b:d3:
                    56:98:26:41:70:88:d2:c0:d1:32:9d:49:6b:9b:b8:
                    92:09:30:5a:57:97:07:cb:58:ab:93:23:a8:72:bf:
                    16:04:d2:b8:d1:39:49:56:ff:cb:e5:c5:8f:39:af:
                    08:58:2b:6e:be:31:89:98:2c:73:0c:a0:07:33:93:
                    98:d8:cd:54:a1:f6:73:54:53:5a:e5:88:fe:1a:66:
                    e0:fb:4f:1b:22:f4:a7:25:21:6f:d6:5f:3a:c5:5d:
                    08:1a:07:96:c6:63:3c:26:f0:e2:7e:4d:6b:52:77:
                    d1:4c:ed:07:ac:ac:0f:ec:80:6b:f2:34:5b:c6:35:
                    81:1f:59:18:57:8d:0e:da:33:b5:59:29:46:54:50:
                    13:9c:e0:9f:b0:2b:37:2e:e5:cf:bd:66:14:8e:47:
                    54:b5:7d:cd:f5:4e:fe:16:b0:a0:87:cf:47:4a:14:
                    4a:b8:46:25:db:f4:96:23:95:4e:b2:71:62:93:a2:
                    39:35:5c:50:22:d2:c2:cc:6a:6f:44:b1:0a:e8:f6:
                    72:28:06:af:d8:69:62:bc:66:5b:8f:19:44:76:9e:
                    ca:f5:36:24:b9:9c:50:60:99:16:47:c2:23:09:29:
                    58:61
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AD:1A:6A:E2:46:BA:F1:F2:BE:43:48:AB:7F:A9:59:48:26:12:F1:69
            X509v3 Authority Key Identifier:
                keyid:1D:10:2A:CA:6C:F1:35:11:38:52:94:E7:7D:BE:27:37:68:C0:A0:4B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HRAqymzxNRE4UpTnfb4nN2jAoEs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/71/61b236-6f80-4422-84e5-e8666218a5c8/1/HRAqymzxNRE4UpTnfb4nN2jAoEs.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/71/61b236-6f80-4422-84e5-e8666218a5c8/1/HRAqymzxNRE4UpTnfb4nN2jAoEs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         ba:82:d8:43:e5:64:ca:ab:5f:de:50:de:00:cf:23:df:b9:4d:
         bb:64:92:bc:03:ec:bd:98:27:5d:36:df:7d:a6:e6:8d:5a:8a:
         e3:dd:cf:c3:08:ed:5f:df:83:97:ef:51:2e:0b:07:80:25:df:
         c5:be:e1:22:e4:cb:e1:dc:42:fa:c3:5c:69:44:cb:23:25:c4:
         ec:71:17:27:a0:79:97:76:2a:f1:02:cc:cb:cc:70:f1:b9:27:
         93:80:b9:ba:31:3d:f5:08:65:aa:dc:21:ed:69:0d:cf:dd:7d:
         a7:0a:7e:3f:86:55:0c:b7:98:1b:96:61:44:33:f0:9f:3e:aa:
         68:55:3b:3e:0f:c3:0b:df:ee:2a:91:28:cc:01:cb:b0:c9:0f:
         9b:5e:51:3c:52:41:fe:97:7b:31:e0:3f:ae:d9:fd:fc:ec:30:
         a7:8b:31:db:4d:56:27:e9:e5:af:d5:c7:7a:cc:50:d5:c9:e0:
         68:9d:87:0e:68:f9:fb:71:e8:bb:40:b4:33:1d:4b:71:0f:be:
         77:8f:df:fc:b1:33:ad:af:87:44:3c:5b:f2:3a:fe:12:4d:94:
         e4:f4:6b:c3:cd:99:b7:d7:76:83:5c:0a:4e:70:5f:04:7a:77:
         9c:2b:f3:e0:41:c5:3a:18:c5:f1:e1:fb:24:c0:8f:de:33:4d:
         60:00:01:d8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdZ7cfhujkdccTulQguHtQJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFkMTAyYWNhNmNmMTM1MTEzODUyOTRlNzdkYmUyNzM3Njhj
MGEwNGIwHhcNMjUwNjEwMTMwMDQ0WhcNMjUwNjExMTMwMDQ0WjAzMTEwLwYDVQQD
EyhhZDFhNmFlMjQ2YmFmMWYyYmU0MzQ4YWI3ZmE5NTk0ODI2MTJmMTY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9HZbC+GIu9aEr2yTJrmiyy9UepBq
4ElTYx0va9NWmCZBcIjSwNEynUlrm7iSCTBaV5cHy1irkyOocr8WBNK40TlJVv/L
5cWPOa8IWCtuvjGJmCxzDKAHM5OY2M1UofZzVFNa5Yj+Gmbg+08bIvSnJSFv1l86
xV0IGgeWxmM8JvDifk1rUnfRTO0HrKwP7IBr8jRbxjWBH1kYV40O2jO1WSlGVFAT
nOCfsCs3LuXPvWYUjkdUtX3N9U7+FrCgh89HShRKuEYl2/SWI5VOsnFik6I5NVxQ
ItLCzGpvRLEK6PZyKAav2GlivGZbjxlEdp7K9TYkuZxQYJkWR8IjCSlYYQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFK0aauJGuvHyvkNIq3+pWUgmEvFpMB8GA1UdIwQY
MBaAFB0QKsps8TUROFKU532+JzdowKBLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSFJBcXltenhOUkU0VXBUbmZiNG5OMmpBb0VzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MS82MWIyMzYtNmY4MC00NDIyLTg0ZTUt
ZTg2NjYyMThhNWM4LzEvSFJBcXltenhOUkU0VXBUbmZiNG5OMmpBb0VzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MS82MWIyMzYtNmY4MC00NDIyLTg0ZTUtZTg2NjYyMThhNWM4
LzEvSFJBcXltenhOUkU0VXBUbmZiNG5OMmpBb0VzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAuoLYQ+Vk
yqtf3lDeAM8j37lNu2SSvAPsvZgnXTbffabmjVqK493PwwjtX9+Dl+9RLgsHgCXf
xb7hIuTL4dxC+sNcaUTLIyXE7HEXJ6B5l3Yq8QLMy8xw8bknk4C5ujE99Qhlqtwh
7WkNz919pwp+P4ZVDLeYG5ZhRDPwnz6qaFU7Pg/DC9/uKpEozAHLsMkPm15RPFJB
/pd7MeA/rtn9/Owwp4sx201WJ+nlr9XHesxQ1cngaJ2HDmj5+3Hou0C0Mx1LcQ++
d4/f/LEzra+HRDxb8jr+Ek2U5PRrw82Zt9d2g1wKTnBfBHp3nCvz4EHFOhjF8eH7
JMCP3jNNYAAB2A==
-----END CERTIFICATE-----
Generated at Tue Jun 10 23:45:56 2025 by rpki-client