Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/74/77f194-ff5f-4a23-b882-f4cc25a5453f/1/aDjl4BZgX27c1MlhwZys9YFMeKM.mft
File:                     aDjl4BZgX27c1MlhwZys9YFMeKM.mft (raw, json)
Hash identifier:          nYybhK9/WwYTI5OtrhFOmcUzMMlQvTQjOV1EiHksyYY=
Subject key identifier:   D3:FB:99:07:F0:86:39:E2:65:31:39:CD:96:EE:02:40:BD:C7:59:7B
Authority key identifier: 68:38:E5:E0:16:60:5F:6E:DC:D4:C9:61:C1:9C:AC:F5:81:4C:78:A3
Certificate issuer:       /CN=6838e5e016605f6edcd4c961c19cacf5814c78a3
Certificate serial:       01975C813601BBF5AEF05F0EEF3971025613
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/aDjl4BZgX27c1MlhwZys9YFMeKM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/74/77f194-ff5f-4a23-b882-f4cc25a5453f/1/aDjl4BZgX27c1MlhwZys9YFMeKM.mft
Manifest number:          0FC2
Signing time:             Wed 11 Jun 2025 01:01:01 +0000
Manifest this update:     Wed 11 Jun 2025 01:01:01 +0000
Manifest next update:     Thu 12 Jun 2025 01:01:01 +0000
Files and hashes:         1: aDjl4BZgX27c1MlhwZys9YFMeKM.crl (hash: B7WG2NKEu8FX30hQRLbA2KxVogoYUu5JSpJsMkh+aAw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/74/77f194-ff5f-4a23-b882-f4cc25a5453f/1/aDjl4BZgX27c1MlhwZys9YFMeKM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/74/77f194-ff5f-4a23-b882-f4cc25a5453f/1/aDjl4BZgX27c1MlhwZys9YFMeKM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/aDjl4BZgX27c1MlhwZys9YFMeKM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 11 Jun 2025 20:45:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:5c:81:36:01:bb:f5:ae:f0:5f:0e:ef:39:71:02:56:13
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6838e5e016605f6edcd4c961c19cacf5814c78a3
        Validity
            Not Before: Jun 11 01:01:01 2025 GMT
            Not After : Jun 12 01:01:01 2025 GMT
        Subject: CN=d3fb9907f08639e2653139cd96ee0240bdc7597b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d6:8e:72:c1:7a:3e:9a:88:0d:3d:43:3b:52:cd:
                    55:0a:51:f7:43:94:2e:3f:68:d5:a6:0e:a5:7b:10:
                    e6:10:c5:f5:bf:e8:75:7c:40:0a:14:5d:1d:66:c4:
                    3a:bc:94:9a:1a:85:43:de:6f:04:01:9b:66:4c:5e:
                    cb:e1:ef:7a:7b:33:cd:13:09:a6:4a:ef:23:57:31:
                    54:61:fd:6d:6d:8f:47:5f:55:51:f9:29:49:ea:a6:
                    61:b9:a2:6d:c9:6e:b9:89:df:42:86:7e:93:2b:1f:
                    3b:07:ac:52:bd:9b:4b:a1:e3:fc:d3:b0:bb:b1:fb:
                    3c:f9:25:be:8b:d1:c2:f8:a4:02:18:4b:5f:9e:a2:
                    9a:bd:5f:b4:1a:2e:ec:df:ad:9c:5c:a9:53:00:7b:
                    71:f3:33:e0:0d:a8:37:71:9d:c9:b7:c5:33:d1:9f:
                    cb:74:8f:2b:a5:1e:ca:7c:0d:55:4f:8d:de:40:4b:
                    30:32:be:a5:ea:e0:a4:78:0a:b6:76:79:46:5f:7c:
                    32:3e:f5:da:4d:12:de:d9:53:92:ca:58:49:d3:d6:
                    89:b1:af:eb:d6:8f:47:af:0e:f2:40:17:8d:f5:f4:
                    f8:e2:60:f7:cf:4d:a4:7d:bb:bc:83:fe:a6:df:d3:
                    1a:ca:8d:79:c8:7d:28:f1:f8:88:1f:e3:3a:86:5a:
                    dc:c7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D3:FB:99:07:F0:86:39:E2:65:31:39:CD:96:EE:02:40:BD:C7:59:7B
            X509v3 Authority Key Identifier:
                keyid:68:38:E5:E0:16:60:5F:6E:DC:D4:C9:61:C1:9C:AC:F5:81:4C:78:A3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aDjl4BZgX27c1MlhwZys9YFMeKM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/74/77f194-ff5f-4a23-b882-f4cc25a5453f/1/aDjl4BZgX27c1MlhwZys9YFMeKM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/74/77f194-ff5f-4a23-b882-f4cc25a5453f/1/aDjl4BZgX27c1MlhwZys9YFMeKM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2a:4f:0b:18:f8:a1:0f:09:6c:b6:ed:3f:56:0d:51:f8:c1:a3:
         89:dd:aa:b4:fb:5c:62:d8:c6:46:66:2e:3b:e2:40:27:da:b8:
         98:50:95:74:cc:fc:90:ea:bc:44:8f:f9:63:67:8b:33:a9:36:
         41:24:60:73:68:cf:a3:d7:26:8e:89:8b:74:d3:d5:6b:9f:01:
         c4:94:12:d6:1f:f7:4a:50:59:e7:c7:cb:90:f8:d7:01:e2:80:
         55:47:6b:dc:d5:ad:9c:35:8b:f9:ef:77:60:96:8b:52:8b:64:
         26:51:f1:6f:b8:5a:89:7b:14:19:7d:69:f2:8c:d2:8a:ce:19:
         78:53:4e:15:4f:05:d7:f7:39:05:b4:e2:14:b9:87:3d:0a:1d:
         09:44:b6:37:e3:36:f9:2c:27:c7:fd:4f:4b:3f:41:5d:5a:fa:
         64:a3:8e:bf:84:02:f5:14:89:00:7e:57:a9:8a:db:5c:ee:17:
         57:54:83:5c:79:f3:c9:be:4e:e1:70:73:f2:45:03:9b:ce:b9:
         e1:a9:ce:95:bb:dc:91:19:21:1e:16:df:1f:d5:3a:1f:b7:07:
         03:a8:95:1c:86:d2:e6:10:d4:32:da:0c:f3:aa:f5:8f:56:fc:
         29:2c:ed:f4:74:99:f4:ea:24:29:2e:1b:73:01:25:e2:f7:90:
         31:a2:d1:75
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdcgTYBu/Wu8F8O7zlxAlYTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4MzhlNWUwMTY2MDVmNmVkY2Q0Yzk2MWMxOWNhY2Y1ODE0
Yzc4YTMwHhcNMjUwNjExMDEwMTAxWhcNMjUwNjEyMDEwMTAxWjAzMTEwLwYDVQQD
EyhkM2ZiOTkwN2YwODYzOWUyNjUzMTM5Y2Q5NmVlMDI0MGJkYzc1OTdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1o5ywXo+mogNPUM7Us1VClH3Q5Qu
P2jVpg6lexDmEMX1v+h1fEAKFF0dZsQ6vJSaGoVD3m8EAZtmTF7L4e96ezPNEwmm
Su8jVzFUYf1tbY9HX1VR+SlJ6qZhuaJtyW65id9Chn6TKx87B6xSvZtLoeP807C7
sfs8+SW+i9HC+KQCGEtfnqKavV+0Gi7s362cXKlTAHtx8zPgDag3cZ3Jt8Uz0Z/L
dI8rpR7KfA1VT43eQEswMr6l6uCkeAq2dnlGX3wyPvXaTRLe2VOSylhJ09aJsa/r
1o9Hrw7yQBeN9fT44mD3z02kfbu8g/6m39Mayo15yH0o8fiIH+M6hlrcxwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNP7mQfwhjniZTE5zZbuAkC9x1l7MB8GA1UdIwQY
MBaAFGg45eAWYF9u3NTJYcGcrPWBTHijMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYURqbDRCWmdYMjdjMU1saHdaeXM5WUZNZUtNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NC83N2YxOTQtZmY1Zi00YTIzLWI4ODIt
ZjRjYzI1YTU0NTNmLzEvYURqbDRCWmdYMjdjMU1saHdaeXM5WUZNZUtNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NC83N2YxOTQtZmY1Zi00YTIzLWI4ODItZjRjYzI1YTU0NTNm
LzEvYURqbDRCWmdYMjdjMU1saHdaeXM5WUZNZUtNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKk8LGPih
Dwlstu0/Vg1R+MGjid2qtPtcYtjGRmYuO+JAJ9q4mFCVdMz8kOq8RI/5Y2eLM6k2
QSRgc2jPo9cmjomLdNPVa58BxJQS1h/3SlBZ58fLkPjXAeKAVUdr3NWtnDWL+e93
YJaLUotkJlHxb7haiXsUGX1p8ozSis4ZeFNOFU8F1/c5BbTiFLmHPQodCUS2N+M2
+Swnx/1PSz9BXVr6ZKOOv4QC9RSJAH5XqYrbXO4XV1SDXHnzyb5O4XBz8kUDm865
4anOlbvckRkhHhbfH9U6H7cHA6iVHIbS5hDUMtoM86r1j1b8KSzt9HSZ9OokKS4b
cwEl4veQMaLRdQ==
-----END CERTIFICATE-----
Generated at Wed Jun 11 03:19:19 2025 by rpki-client