Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/49fe06-36f1-411c-85c3-79afd1188d37/1/36U2RiiDKd9mVeJT5WsihIG-lZY.mft
File:                     36U2RiiDKd9mVeJT5WsihIG-lZY.mft (raw, json)
Hash identifier:          67dzJoKpaNP6m4WGuakIGqSvzULQIfnOKfMQrx/0nRU=
Subject key identifier:   46:15:C4:AD:68:A3:C9:9D:CA:25:69:BB:5B:00:93:34:EE:85:1A:CD
Authority key identifier: DF:A5:36:46:28:83:29:DF:66:55:E2:53:E5:6B:22:84:81:BE:95:96
Certificate issuer:       /CN=dfa53646288329df6655e253e56b228481be9596
Certificate serial:       01975234E622E9871ADEE40D0AACFD3392F2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/36U2RiiDKd9mVeJT5WsihIG-lZY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/72/49fe06-36f1-411c-85c3-79afd1188d37/1/36U2RiiDKd9mVeJT5WsihIG-lZY.mft
Manifest number:          0223
Signing time:             Mon 09 Jun 2025 01:01:27 +0000
Manifest this update:     Mon 09 Jun 2025 01:01:27 +0000
Manifest next update:     Tue 10 Jun 2025 01:01:27 +0000
Files and hashes:         1: 36U2RiiDKd9mVeJT5WsihIG-lZY.crl (hash: nJlzQ0atYBh3Lc/mXVFq4JWlXczZ41YvbxppM07+w18=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/72/49fe06-36f1-411c-85c3-79afd1188d37/1/36U2RiiDKd9mVeJT5WsihIG-lZY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/72/49fe06-36f1-411c-85c3-79afd1188d37/1/36U2RiiDKd9mVeJT5WsihIG-lZY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/36U2RiiDKd9mVeJT5WsihIG-lZY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 10 Jun 2025 01:01:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:52:34:e6:22:e9:87:1a:de:e4:0d:0a:ac:fd:33:92:f2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dfa53646288329df6655e253e56b228481be9596
        Validity
            Not Before: Jun  9 01:01:27 2025 GMT
            Not After : Jun 10 01:01:27 2025 GMT
        Subject: CN=4615c4ad68a3c99dca2569bb5b009334ee851acd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:da:2e:e6:80:03:24:74:84:82:75:a0:d6:68:06:
                    dc:c7:db:a7:fb:1c:35:76:f9:b6:db:76:f6:5a:03:
                    87:bf:d0:4c:15:11:a3:00:f0:a7:29:4d:17:0c:65:
                    e9:91:55:43:29:84:a8:2e:c0:87:de:d0:88:c9:4a:
                    d2:e6:5e:a6:bf:42:d8:44:e0:a0:b2:07:c5:d7:0f:
                    15:95:12:20:41:78:28:ac:53:66:85:ec:14:16:c0:
                    0e:5a:be:a5:b7:c8:be:5e:93:e0:1c:e8:b1:34:6a:
                    62:e2:49:95:12:73:63:ff:59:14:74:1a:77:92:8d:
                    59:92:4d:b7:40:79:19:e9:19:1a:35:b7:df:c7:21:
                    5b:d1:b6:7e:6c:d9:72:6e:0f:aa:71:29:b5:76:eb:
                    2d:73:16:fa:45:2d:62:7f:88:af:8a:b5:01:4b:db:
                    83:a5:0d:be:b0:34:ba:0f:67:b0:c4:0b:bd:53:fa:
                    45:35:30:df:13:a3:e2:cf:4b:9a:e1:91:b7:a0:c1:
                    4c:65:f5:5f:ac:c6:1a:ce:43:92:70:3a:fb:18:53:
                    61:25:45:e7:54:8d:6b:d5:31:5d:6f:63:c8:4d:b2:
                    5f:68:90:b3:a6:f9:ba:89:ff:13:68:02:2b:50:bb:
                    61:39:99:50:01:0d:be:56:54:b6:10:dc:95:53:cc:
                    56:ed
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                46:15:C4:AD:68:A3:C9:9D:CA:25:69:BB:5B:00:93:34:EE:85:1A:CD
            X509v3 Authority Key Identifier:
                keyid:DF:A5:36:46:28:83:29:DF:66:55:E2:53:E5:6B:22:84:81:BE:95:96

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/36U2RiiDKd9mVeJT5WsihIG-lZY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/49fe06-36f1-411c-85c3-79afd1188d37/1/36U2RiiDKd9mVeJT5WsihIG-lZY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/72/49fe06-36f1-411c-85c3-79afd1188d37/1/36U2RiiDKd9mVeJT5WsihIG-lZY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         02:80:38:88:af:0c:56:c3:f1:76:48:31:3f:87:d2:ad:a1:d8:
         bd:ce:51:c9:4c:bf:18:cc:66:d7:1a:0b:65:46:dc:38:63:fa:
         3f:28:f0:b7:9b:17:31:17:47:45:f9:88:c8:71:9e:dc:42:34:
         71:eb:0c:a6:ff:e2:a3:68:4b:cf:a1:09:f8:db:f5:29:84:5e:
         25:49:2c:d0:13:02:9a:8c:89:98:35:0c:8b:e2:c5:c3:d3:f2:
         ba:a0:82:b2:2f:96:3a:e7:02:71:9a:b8:84:14:d1:ea:16:33:
         6f:5b:6f:8a:80:2e:05:78:7f:6d:d0:15:09:aa:08:01:9e:56:
         82:d9:9c:e6:62:0c:68:4c:99:e6:62:3a:a6:a2:05:72:b0:8c:
         9b:3b:0b:f2:94:1b:a8:cb:a5:dd:49:79:63:6c:fc:d6:08:58:
         33:30:45:f4:a1:ad:d7:ec:09:0f:bc:9e:97:e6:9c:a8:48:ed:
         9e:d3:07:a1:b5:2c:fc:d3:2f:c5:3c:df:4b:8a:1e:0e:6b:c7:
         73:95:9f:84:05:72:5b:bb:93:77:5a:65:14:1f:e4:65:b6:e2:
         d3:2b:2e:9c:91:c0:d8:7e:ec:d2:a5:35:2c:b5:c7:c8:53:c0:
         13:08:ce:29:12:d3:a8:a5:ee:22:7d:75:7d:43:2a:41:6e:3e:
         10:34:a1:50
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdSNOYi6Yca3uQNCqz9M5LyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRmYTUzNjQ2Mjg4MzI5ZGY2NjU1ZTI1M2U1NmIyMjg0ODFi
ZTk1OTYwHhcNMjUwNjA5MDEwMTI3WhcNMjUwNjEwMDEwMTI3WjAzMTEwLwYDVQQD
Eyg0NjE1YzRhZDY4YTNjOTlkY2EyNTY5YmI1YjAwOTMzNGVlODUxYWNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2i7mgAMkdISCdaDWaAbcx9un+xw1
dvm223b2WgOHv9BMFRGjAPCnKU0XDGXpkVVDKYSoLsCH3tCIyUrS5l6mv0LYROCg
sgfF1w8VlRIgQXgorFNmhewUFsAOWr6lt8i+XpPgHOixNGpi4kmVEnNj/1kUdBp3
ko1Zkk23QHkZ6RkaNbffxyFb0bZ+bNlybg+qcSm1dustcxb6RS1if4ivirUBS9uD
pQ2+sDS6D2ewxAu9U/pFNTDfE6Piz0ua4ZG3oMFMZfVfrMYazkOScDr7GFNhJUXn
VI1r1TFdb2PITbJfaJCzpvm6if8TaAIrULthOZlQAQ2+VlS2ENyVU8xW7QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEYVxK1oo8mdyiVpu1sAkzTuhRrNMB8GA1UdIwQY
MBaAFN+lNkYogynfZlXiU+VrIoSBvpWWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMzZVMlJpaURLZDltVmVKVDVXc2loSUctbFpZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi80OWZlMDYtMzZmMS00MTFjLTg1YzMt
NzlhZmQxMTg4ZDM3LzEvMzZVMlJpaURLZDltVmVKVDVXc2loSUctbFpZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi80OWZlMDYtMzZmMS00MTFjLTg1YzMtNzlhZmQxMTg4ZDM3
LzEvMzZVMlJpaURLZDltVmVKVDVXc2loSUctbFpZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAAoA4iK8M
VsPxdkgxP4fSraHYvc5RyUy/GMxm1xoLZUbcOGP6Pyjwt5sXMRdHRfmIyHGe3EI0
cesMpv/io2hLz6EJ+Nv1KYReJUks0BMCmoyJmDUMi+LFw9PyuqCCsi+WOucCcZq4
hBTR6hYzb1tvioAuBXh/bdAVCaoIAZ5Wgtmc5mIMaEyZ5mI6pqIFcrCMmzsL8pQb
qMul3Ul5Y2z81ghYMzBF9KGt1+wJD7yel+acqEjtntMHobUs/NMvxTzfS4oeDmvH
c5WfhAVyW7uTd1plFB/kZbbi0ysunJHA2H7s0qU1LLXHyFPAEwjOKRLTqKXuIn11
fUMqQW4+EDShUA==
-----END CERTIFICATE-----
Generated at Mon Jun 9 11:23:17 2025 by rpki-client