Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/71/61b236-6f80-4422-84e5-e8666218a5c8/1/HRAqymzxNRE4UpTnfb4nN2jAoEs.mft
File:                     HRAqymzxNRE4UpTnfb4nN2jAoEs.mft (raw, json)
Hash identifier:          gCTNp26FRagB3ApXzT6OtLgRdOA4+ui66XEdpLxcy2s=
Subject key identifier:   47:7E:53:42:DB:0A:42:63:E9:D4:30:C5:AB:5D:4A:E3:8A:C7:18:04
Authority key identifier: 1D:10:2A:CA:6C:F1:35:11:38:52:94:E7:7D:BE:27:37:68:C0:A0:4B
Certificate issuer:       /CN=1d102aca6cf13511385294e77dbe273768c0a04b
Certificate serial:       019767731768997559DA17112AA318C7C8E2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HRAqymzxNRE4UpTnfb4nN2jAoEs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/71/61b236-6f80-4422-84e5-e8666218a5c8/1/HRAqymzxNRE4UpTnfb4nN2jAoEs.mft
Manifest number:          0A69
Signing time:             Fri 13 Jun 2025 04:01:25 +0000
Manifest this update:     Fri 13 Jun 2025 04:01:25 +0000
Manifest next update:     Sat 14 Jun 2025 04:01:25 +0000
Files and hashes:         1: HRAqymzxNRE4UpTnfb4nN2jAoEs.crl (hash: d6NhkvE7Zw9avV35jbXfIkDRcXla7riVOmAd6roqmPc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/71/61b236-6f80-4422-84e5-e8666218a5c8/1/HRAqymzxNRE4UpTnfb4nN2jAoEs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/71/61b236-6f80-4422-84e5-e8666218a5c8/1/HRAqymzxNRE4UpTnfb4nN2jAoEs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/HRAqymzxNRE4UpTnfb4nN2jAoEs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 14 Jun 2025 04:01:25 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:67:73:17:68:99:75:59:da:17:11:2a:a3:18:c7:c8:e2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1d102aca6cf13511385294e77dbe273768c0a04b
        Validity
            Not Before: Jun 13 04:01:25 2025 GMT
            Not After : Jun 14 04:01:25 2025 GMT
        Subject: CN=477e5342db0a4263e9d430c5ab5d4ae38ac71804
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:89:64:b2:3b:d7:57:8a:48:97:82:de:8e:9e:9c:
                    a3:56:98:ec:c4:dc:8f:9a:89:f4:33:e3:71:75:4e:
                    7c:80:7d:50:3c:17:f6:8f:9f:fb:4a:e9:2e:ea:8b:
                    e0:4d:62:9a:b7:17:a5:dc:bb:fa:14:2b:2b:75:77:
                    e4:24:f4:1d:28:3e:cd:52:dd:ee:f0:27:ad:da:f0:
                    e9:64:d5:62:23:fa:38:8e:9c:d4:03:c0:6d:a1:de:
                    c2:92:7d:01:d8:ad:a4:63:f8:16:47:7c:56:7c:13:
                    0a:c8:3d:10:34:7b:78:4d:7e:81:a2:7f:a0:64:8e:
                    21:6c:2a:ae:14:81:85:14:33:f7:99:3e:76:40:cf:
                    75:6e:b2:3f:f6:e3:60:cc:38:0f:e0:bc:db:d7:02:
                    02:bc:ba:31:6c:bb:43:31:54:9b:09:07:41:37:57:
                    99:87:71:98:05:97:98:c7:7d:a9:4e:25:8d:1c:45:
                    0b:80:fd:f4:4d:e2:83:9f:41:ad:d2:28:9b:0a:0a:
                    fc:ea:3d:b4:7b:9e:b9:a3:bc:6c:23:22:ce:a2:f4:
                    c6:5d:71:69:4b:9b:cf:ab:bf:80:e8:20:f5:13:5c:
                    cd:9a:88:09:8c:29:3f:d9:a7:ef:c6:4f:78:a0:77:
                    b3:3c:b9:a3:63:ff:a5:95:c1:78:1d:fb:f5:82:16:
                    44:bb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                47:7E:53:42:DB:0A:42:63:E9:D4:30:C5:AB:5D:4A:E3:8A:C7:18:04
            X509v3 Authority Key Identifier:
                keyid:1D:10:2A:CA:6C:F1:35:11:38:52:94:E7:7D:BE:27:37:68:C0:A0:4B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HRAqymzxNRE4UpTnfb4nN2jAoEs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/71/61b236-6f80-4422-84e5-e8666218a5c8/1/HRAqymzxNRE4UpTnfb4nN2jAoEs.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/71/61b236-6f80-4422-84e5-e8666218a5c8/1/HRAqymzxNRE4UpTnfb4nN2jAoEs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         56:d6:5b:5e:80:22:c1:3f:4a:dd:79:a5:58:e7:5b:8c:38:40:
         81:91:f1:6b:2b:ae:dd:c0:0f:8e:7d:d4:cd:98:9f:6e:05:ed:
         93:c8:a2:39:e5:de:85:bf:ff:4e:f8:6d:43:6a:1f:77:76:04:
         a8:e2:bc:1a:13:88:77:bb:69:06:f6:c0:69:6d:fa:a6:40:41:
         0a:c8:1a:01:ca:5c:3a:88:e8:80:d4:d9:94:22:64:fb:24:6b:
         14:c5:b7:d9:1c:0c:fe:34:4b:a1:a4:f8:c0:4b:97:19:e8:b5:
         1c:46:66:69:d3:c7:0d:12:4d:c9:f0:37:25:1d:2c:04:d6:5b:
         a1:3b:ba:d0:aa:b0:2b:ea:97:a1:cd:2b:a8:41:83:54:e4:f4:
         e1:25:33:8e:67:ff:e0:b2:8e:9f:3e:d1:4c:3c:36:e8:d9:8a:
         2b:04:0a:2e:81:52:07:10:13:83:08:f7:d1:ce:6f:8e:ef:ca:
         ae:a3:ae:6c:aa:f9:35:3a:23:56:19:c4:3d:5b:56:37:6e:b9:
         4d:1f:49:b2:74:ee:a7:4d:db:1b:a0:96:4a:5b:cb:65:aa:b8:
         2e:65:11:fa:07:6f:57:b9:69:97:96:11:a6:ee:6f:18:3f:35:
         3c:c8:87:fc:de:85:65:2c:d4:d9:3a:26:31:7a:f7:61:4d:09:
         50:ba:3d:f1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdncxdomXVZ2hcRKqMYx8jiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFkMTAyYWNhNmNmMTM1MTEzODUyOTRlNzdkYmUyNzM3Njhj
MGEwNGIwHhcNMjUwNjEzMDQwMTI1WhcNMjUwNjE0MDQwMTI1WjAzMTEwLwYDVQQD
Eyg0NzdlNTM0MmRiMGE0MjYzZTlkNDMwYzVhYjVkNGFlMzhhYzcxODA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiWSyO9dXikiXgt6OnpyjVpjsxNyP
mon0M+NxdU58gH1QPBf2j5/7Suku6ovgTWKatxel3Lv6FCsrdXfkJPQdKD7NUt3u
8Cet2vDpZNViI/o4jpzUA8Btod7Ckn0B2K2kY/gWR3xWfBMKyD0QNHt4TX6Bon+g
ZI4hbCquFIGFFDP3mT52QM91brI/9uNgzDgP4Lzb1wICvLoxbLtDMVSbCQdBN1eZ
h3GYBZeYx32pTiWNHEULgP30TeKDn0Gt0iibCgr86j20e565o7xsIyLOovTGXXFp
S5vPq7+A6CD1E1zNmogJjCk/2afvxk94oHezPLmjY/+llcF4Hfv1ghZEuwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEd+U0LbCkJj6dQwxatdSuOKxxgEMB8GA1UdIwQY
MBaAFB0QKsps8TUROFKU532+JzdowKBLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSFJBcXltenhOUkU0VXBUbmZiNG5OMmpBb0VzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MS82MWIyMzYtNmY4MC00NDIyLTg0ZTUt
ZTg2NjYyMThhNWM4LzEvSFJBcXltenhOUkU0VXBUbmZiNG5OMmpBb0VzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MS82MWIyMzYtNmY4MC00NDIyLTg0ZTUtZTg2NjYyMThhNWM4
LzEvSFJBcXltenhOUkU0VXBUbmZiNG5OMmpBb0VzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVtZbXoAi
wT9K3XmlWOdbjDhAgZHxayuu3cAPjn3UzZifbgXtk8iiOeXehb//TvhtQ2ofd3YE
qOK8GhOId7tpBvbAaW36pkBBCsgaAcpcOojogNTZlCJk+yRrFMW32RwM/jRLoaT4
wEuXGei1HEZmadPHDRJNyfA3JR0sBNZboTu60KqwK+qXoc0rqEGDVOT04SUzjmf/
4LKOnz7RTDw26NmKKwQKLoFSBxATgwj30c5vju/KrqOubKr5NTojVhnEPVtWN265
TR9JsnTup03bG6CWSlvLZaq4LmUR+gdvV7lpl5YRpu5vGD81PMiH/N6FZSzU2Tom
MXr3YU0JULo98Q==
-----END CERTIFICATE-----
Generated at Fri Jun 13 09:12:19 2025 by rpki-client