Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/71/61b236-6f80-4422-84e5-e8666218a5c8/1/HRAqymzxNRE4UpTnfb4nN2jAoEs.mft
File:                     HRAqymzxNRE4UpTnfb4nN2jAoEs.mft (raw, json)
Hash identifier:          3wcte63miyZaY0KU2YaJQ/roi6ffPCZ0V4DCnEDOMtU=
Subject key identifier:   77:F6:19:9B:B7:69:D7:87:8E:4E:D8:F8:16:29:87:AC:1F:62:83:58
Authority key identifier: 1D:10:2A:CA:6C:F1:35:11:38:52:94:E7:7D:BE:27:37:68:C0:A0:4B
Certificate issuer:       /CN=1d102aca6cf13511385294e77dbe273768c0a04b
Certificate serial:       019757FFA617918E51B909A3CE2F54C10703
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HRAqymzxNRE4UpTnfb4nN2jAoEs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/71/61b236-6f80-4422-84e5-e8666218a5c8/1/HRAqymzxNRE4UpTnfb4nN2jAoEs.mft
Manifest number:          0A61
Signing time:             Tue 10 Jun 2025 04:01:01 +0000
Manifest this update:     Tue 10 Jun 2025 04:01:01 +0000
Manifest next update:     Wed 11 Jun 2025 04:01:01 +0000
Files and hashes:         1: HRAqymzxNRE4UpTnfb4nN2jAoEs.crl (hash: X6OTTUfffLm0WlCyAouZCVwR8+M1lIRKgJ6bw4FDBHE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/71/61b236-6f80-4422-84e5-e8666218a5c8/1/HRAqymzxNRE4UpTnfb4nN2jAoEs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/71/61b236-6f80-4422-84e5-e8666218a5c8/1/HRAqymzxNRE4UpTnfb4nN2jAoEs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/HRAqymzxNRE4UpTnfb4nN2jAoEs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 11 Jun 2025 04:01:01 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:57:ff:a6:17:91:8e:51:b9:09:a3:ce:2f:54:c1:07:03
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1d102aca6cf13511385294e77dbe273768c0a04b
        Validity
            Not Before: Jun 10 04:01:01 2025 GMT
            Not After : Jun 11 04:01:01 2025 GMT
        Subject: CN=77f6199bb769d7878e4ed8f8162987ac1f628358
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:91:3d:c3:aa:19:bf:0c:72:24:00:fe:3a:fa:53:
                    41:35:25:d2:23:49:a5:f1:7f:dc:ea:56:56:97:f6:
                    1a:23:bc:c4:e4:28:83:64:f1:24:df:93:f0:d8:f4:
                    18:9b:94:ec:05:25:cb:5d:e2:13:5c:b3:20:57:6c:
                    fd:94:72:f9:e6:7d:40:28:2b:3c:39:99:7c:34:9c:
                    2a:2a:58:9d:84:19:28:21:59:b9:9a:a3:de:32:34:
                    98:c9:df:47:71:6f:24:8e:02:79:35:99:24:5f:28:
                    d5:6d:cd:2c:76:83:22:1b:c0:dd:62:95:5e:a9:77:
                    26:a5:3f:29:5c:4d:72:5d:47:61:7b:4f:9e:65:b9:
                    e6:71:6a:83:e8:48:d3:e1:a8:b1:44:fa:8c:f9:a4:
                    1b:78:1d:76:e1:d1:4b:79:71:89:ec:5d:35:6d:6d:
                    c0:3c:f5:4e:aa:7b:c1:ae:ef:88:88:a8:22:b6:e6:
                    f2:8f:1b:66:a6:c1:9a:8d:5b:5c:d0:3a:e7:d2:a2:
                    07:eb:66:71:a7:fc:c5:1b:7a:52:50:db:ca:c4:f9:
                    11:89:5b:55:29:04:6b:69:01:91:3c:86:f8:1b:d3:
                    7d:02:25:ba:9d:94:6f:56:8a:ec:59:04:26:56:04:
                    1e:3f:81:be:f0:bf:9b:75:51:17:b7:c5:eb:5b:8b:
                    d3:63
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                77:F6:19:9B:B7:69:D7:87:8E:4E:D8:F8:16:29:87:AC:1F:62:83:58
            X509v3 Authority Key Identifier:
                keyid:1D:10:2A:CA:6C:F1:35:11:38:52:94:E7:7D:BE:27:37:68:C0:A0:4B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HRAqymzxNRE4UpTnfb4nN2jAoEs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/71/61b236-6f80-4422-84e5-e8666218a5c8/1/HRAqymzxNRE4UpTnfb4nN2jAoEs.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/71/61b236-6f80-4422-84e5-e8666218a5c8/1/HRAqymzxNRE4UpTnfb4nN2jAoEs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2a:45:b7:e5:ad:6c:b7:f1:4c:a6:eb:05:b5:20:6e:9e:9c:ad:
         e8:81:ee:8c:90:23:ba:5a:fa:c7:7e:39:5e:2e:15:7a:06:31:
         40:e8:5e:57:04:22:89:b1:5f:34:df:2d:59:fa:34:3a:55:8c:
         39:10:0c:04:76:d8:e1:64:46:7d:4f:73:d5:fd:eb:4a:55:07:
         cb:e9:85:cc:4d:b1:80:a4:b6:61:ac:cc:2a:36:79:e1:01:e2:
         59:cb:a7:29:9e:8a:aa:21:d3:65:b6:f7:31:15:15:cd:5a:c0:
         41:26:d2:c8:d0:e3:1c:e5:7c:49:12:58:6d:b4:ab:00:78:da:
         b4:4d:6b:46:8a:33:d5:b7:6d:fc:49:ad:b8:c6:72:62:6a:52:
         a3:85:8f:77:55:80:a4:b0:fd:ac:1d:23:22:ad:25:ff:2a:f2:
         2a:29:aa:28:79:f8:e0:6e:83:bc:4d:23:88:fb:e6:4b:29:e5:
         97:61:19:dc:f5:c9:50:b7:58:b7:df:7a:6d:53:f2:80:70:99:
         f2:cc:12:77:db:6f:92:68:40:fa:c8:43:c7:f6:a4:89:c8:46:
         cd:19:37:8f:e4:99:8f:73:05:6b:b7:e2:9b:75:cb:26:a9:a0:
         00:9c:32:0e:53:28:7b:09:3c:3f:82:9b:49:4e:1b:0c:ef:9f:
         f5:e1:85:52
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdX/6YXkY5RuQmjzi9UwQcDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFkMTAyYWNhNmNmMTM1MTEzODUyOTRlNzdkYmUyNzM3Njhj
MGEwNGIwHhcNMjUwNjEwMDQwMTAxWhcNMjUwNjExMDQwMTAxWjAzMTEwLwYDVQQD
Eyg3N2Y2MTk5YmI3NjlkNzg3OGU0ZWQ4ZjgxNjI5ODdhYzFmNjI4MzU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkT3Dqhm/DHIkAP46+lNBNSXSI0ml
8X/c6lZWl/YaI7zE5CiDZPEk35Pw2PQYm5TsBSXLXeITXLMgV2z9lHL55n1AKCs8
OZl8NJwqKlidhBkoIVm5mqPeMjSYyd9HcW8kjgJ5NZkkXyjVbc0sdoMiG8DdYpVe
qXcmpT8pXE1yXUdhe0+eZbnmcWqD6EjT4aixRPqM+aQbeB124dFLeXGJ7F01bW3A
PPVOqnvBru+IiKgitubyjxtmpsGajVtc0Drn0qIH62Zxp/zFG3pSUNvKxPkRiVtV
KQRraQGRPIb4G9N9AiW6nZRvVorsWQQmVgQeP4G+8L+bdVEXt8XrW4vTYwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHf2GZu3adeHjk7Y+BYph6wfYoNYMB8GA1UdIwQY
MBaAFB0QKsps8TUROFKU532+JzdowKBLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSFJBcXltenhOUkU0VXBUbmZiNG5OMmpBb0VzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MS82MWIyMzYtNmY4MC00NDIyLTg0ZTUt
ZTg2NjYyMThhNWM4LzEvSFJBcXltenhOUkU0VXBUbmZiNG5OMmpBb0VzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MS82MWIyMzYtNmY4MC00NDIyLTg0ZTUtZTg2NjYyMThhNWM4
LzEvSFJBcXltenhOUkU0VXBUbmZiNG5OMmpBb0VzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKkW35a1s
t/FMpusFtSBunpyt6IHujJAjulr6x345Xi4VegYxQOheVwQiibFfNN8tWfo0OlWM
ORAMBHbY4WRGfU9z1f3rSlUHy+mFzE2xgKS2YazMKjZ54QHiWcunKZ6KqiHTZbb3
MRUVzVrAQSbSyNDjHOV8SRJYbbSrAHjatE1rRooz1bdt/EmtuMZyYmpSo4WPd1WA
pLD9rB0jIq0l/yryKimqKHn44G6DvE0jiPvmSynll2EZ3PXJULdYt996bVPygHCZ
8swSd9tvkmhA+shDx/akichGzRk3j+SZj3MFa7fim3XLJqmgAJwyDlMoewk8P4Kb
SU4bDO+f9eGFUg==
-----END CERTIFICATE-----
Generated at Tue Jun 10 16:07:05 2025 by rpki-client