Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/c3a343-da82-427a-98c6-ce30d4a398e0/1/pY1Jg8nGO9ihWAA8WF9D2ZTBLcI.mft
File:                     pY1Jg8nGO9ihWAA8WF9D2ZTBLcI.mft (raw, json)
Hash identifier:          8wReCOgMYrtGDaudJJdfgl78BjrYMSIVZFK4bM9nypE=
Subject key identifier:   E9:EC:D0:EB:71:98:08:CB:D2:16:7F:99:40:DF:55:9D:21:14:B6:90
Authority key identifier: A5:8D:49:83:C9:C6:3B:D8:A1:58:00:3C:58:5F:43:D9:94:C1:2D:C2
Certificate issuer:       /CN=a58d4983c9c63bd8a158003c585f43d994c12dc2
Certificate serial:       0197556C4887BFC5AF581EB66603493C3AA9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/pY1Jg8nGO9ihWAA8WF9D2ZTBLcI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/78/c3a343-da82-427a-98c6-ce30d4a398e0/1/pY1Jg8nGO9ihWAA8WF9D2ZTBLcI.mft
Manifest number:          09E1
Signing time:             Mon 09 Jun 2025 16:00:49 +0000
Manifest this update:     Mon 09 Jun 2025 16:00:49 +0000
Manifest next update:     Tue 10 Jun 2025 16:00:49 +0000
Files and hashes:         1: pY1Jg8nGO9ihWAA8WF9D2ZTBLcI.crl (hash: uPMJ9Vl+iSQV/8TIUFJ6tV2BjR/3g91H3hw/81yW4Yc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/78/c3a343-da82-427a-98c6-ce30d4a398e0/1/pY1Jg8nGO9ihWAA8WF9D2ZTBLcI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/78/c3a343-da82-427a-98c6-ce30d4a398e0/1/pY1Jg8nGO9ihWAA8WF9D2ZTBLcI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/pY1Jg8nGO9ihWAA8WF9D2ZTBLcI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 10 Jun 2025 15:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:55:6c:48:87:bf:c5:af:58:1e:b6:66:03:49:3c:3a:a9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a58d4983c9c63bd8a158003c585f43d994c12dc2
        Validity
            Not Before: Jun  9 16:00:49 2025 GMT
            Not After : Jun 10 16:00:49 2025 GMT
        Subject: CN=e9ecd0eb719808cbd2167f9940df559d2114b690
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:b4:fc:44:08:03:00:02:55:6c:52:c4:90:36:
                    86:ec:84:fc:d9:44:3b:aa:7d:cc:c1:80:6c:ee:b6:
                    02:1b:ac:78:df:0c:45:e3:83:5b:ed:be:c1:90:ea:
                    f5:ed:db:7b:46:ea:20:90:b8:04:8c:af:48:66:2b:
                    0b:76:f2:1f:7d:a3:46:1f:be:25:0d:a1:ff:8d:19:
                    1f:db:0e:f3:46:a7:b0:ab:2f:b8:22:a3:ef:15:81:
                    9a:97:b8:50:5c:be:c2:51:a6:6c:00:00:01:ac:26:
                    c0:4c:77:42:7c:33:4e:6a:7c:97:de:d7:3a:62:93:
                    15:0a:a0:98:26:26:0f:12:23:ec:4d:a9:3c:cc:ba:
                    87:76:48:09:88:53:7b:74:53:3d:13:f1:9c:f1:d9:
                    c6:27:ad:f8:05:9e:66:84:6a:83:0d:ab:c8:ca:9e:
                    af:28:62:31:43:5a:34:e9:6e:6a:c5:cb:a6:be:a6:
                    18:cf:ba:4b:65:32:a8:10:7b:7e:c4:af:40:8a:21:
                    ec:26:c4:5c:91:e1:3a:7e:cf:fa:86:0c:42:57:de:
                    35:ef:0d:85:e9:ae:de:bc:23:57:3e:58:af:06:98:
                    9e:0f:3d:7b:95:f8:63:d4:bb:83:08:20:d8:95:e4:
                    c6:ef:bc:8b:93:44:77:27:4c:53:b8:af:1f:31:3b:
                    c6:fb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E9:EC:D0:EB:71:98:08:CB:D2:16:7F:99:40:DF:55:9D:21:14:B6:90
            X509v3 Authority Key Identifier:
                keyid:A5:8D:49:83:C9:C6:3B:D8:A1:58:00:3C:58:5F:43:D9:94:C1:2D:C2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pY1Jg8nGO9ihWAA8WF9D2ZTBLcI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/c3a343-da82-427a-98c6-ce30d4a398e0/1/pY1Jg8nGO9ihWAA8WF9D2ZTBLcI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/78/c3a343-da82-427a-98c6-ce30d4a398e0/1/pY1Jg8nGO9ihWAA8WF9D2ZTBLcI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         25:ec:e4:a3:cb:f0:55:3f:2f:9a:2f:d0:a9:48:bc:cd:14:39:
         07:51:c7:d6:af:29:f1:4a:ac:b7:50:a8:d9:3b:54:b9:d3:5e:
         96:a7:15:ff:7f:53:dc:46:91:c4:20:2e:c4:68:9a:40:4a:76:
         b4:2a:70:ad:a4:d9:7f:1d:ce:69:89:c9:16:f9:a9:60:72:26:
         3a:9b:b8:2b:d7:e9:07:83:39:74:02:02:e8:9f:1e:74:3c:27:
         d0:34:4e:3a:8d:63:ec:44:aa:a2:34:53:1d:47:78:5a:71:1f:
         19:1c:5d:b7:32:26:0b:fb:a4:29:e7:fd:14:00:d0:00:5f:e2:
         8a:6a:7d:84:cf:f8:26:6b:96:65:21:32:6c:c6:89:90:03:91:
         03:a6:76:7b:9a:30:bb:7f:95:fa:cb:cd:7d:98:36:df:d5:5d:
         11:56:b6:f0:18:05:3a:16:e2:10:94:4b:64:c5:ab:d2:cd:3d:
         de:1f:2f:08:79:b5:bb:dc:33:99:b9:50:fd:a7:3f:bb:18:de:
         d0:45:74:14:a5:da:ff:55:b1:6c:47:00:3a:38:04:7a:b2:4f:
         14:5e:1c:f1:6b:11:d4:7d:da:03:b7:0c:fa:18:dd:55:82:20:
         4c:6f:10:6f:b3:14:4e:7f:53:3f:fd:01:88:77:0b:3d:98:ca:
         55:1e:6e:13
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdVbEiHv8WvWB62ZgNJPDqpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1OGQ0OTgzYzljNjNiZDhhMTU4MDAzYzU4NWY0M2Q5OTRj
MTJkYzIwHhcNMjUwNjA5MTYwMDQ5WhcNMjUwNjEwMTYwMDQ5WjAzMTEwLwYDVQQD
EyhlOWVjZDBlYjcxOTgwOGNiZDIxNjdmOTk0MGRmNTU5ZDIxMTRiNjkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtbT8RAgDAAJVbFLEkDaG7IT82UQ7
qn3MwYBs7rYCG6x43wxF44Nb7b7BkOr17dt7RuogkLgEjK9IZisLdvIffaNGH74l
DaH/jRkf2w7zRqewqy+4IqPvFYGal7hQXL7CUaZsAAABrCbATHdCfDNOanyX3tc6
YpMVCqCYJiYPEiPsTak8zLqHdkgJiFN7dFM9E/Gc8dnGJ634BZ5mhGqDDavIyp6v
KGIxQ1o06W5qxcumvqYYz7pLZTKoEHt+xK9AiiHsJsRckeE6fs/6hgxCV9417w2F
6a7evCNXPlivBpieDz17lfhj1LuDCCDYleTG77yLk0R3J0xTuK8fMTvG+wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOns0OtxmAjL0hZ/mUDfVZ0hFLaQMB8GA1UdIwQY
MBaAFKWNSYPJxjvYoVgAPFhfQ9mUwS3CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcFkxSmc4bkdPOWloV0FBOFdGOUQyWlRCTGNJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC9jM2EzNDMtZGE4Mi00MjdhLTk4YzYt
Y2UzMGQ0YTM5OGUwLzEvcFkxSmc4bkdPOWloV0FBOFdGOUQyWlRCTGNJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC9jM2EzNDMtZGE4Mi00MjdhLTk4YzYtY2UzMGQ0YTM5OGUw
LzEvcFkxSmc4bkdPOWloV0FBOFdGOUQyWlRCTGNJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJezko8vw
VT8vmi/QqUi8zRQ5B1HH1q8p8Uqst1Co2TtUudNelqcV/39T3EaRxCAuxGiaQEp2
tCpwraTZfx3OaYnJFvmpYHImOpu4K9fpB4M5dAIC6J8edDwn0DROOo1j7ESqojRT
HUd4WnEfGRxdtzImC/ukKef9FADQAF/iimp9hM/4JmuWZSEybMaJkAORA6Z2e5ow
u3+V+svNfZg239VdEVa28BgFOhbiEJRLZMWr0s093h8vCHm1u9wzmblQ/ac/uxje
0EV0FKXa/1WxbEcAOjgEerJPFF4c8WsR1H3aA7cM+hjdVYIgTG8Qb7MUTn9TP/0B
iHcLPZjKVR5uEw==
-----END CERTIFICATE-----
Generated at Mon Jun 9 21:13:59 2025 by rpki-client