Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/c3a343-da82-427a-98c6-ce30d4a398e0/1/pY1Jg8nGO9ihWAA8WF9D2ZTBLcI.mft
File:                     pY1Jg8nGO9ihWAA8WF9D2ZTBLcI.mft (raw, json)
Hash identifier:          1b/j/uBQwXf1LgdlDDyxAhDqJTNq4PFWvXbzAdUKsk8=
Subject key identifier:   55:F4:F6:63:D3:CF:8B:B1:DD:DE:E1:5F:E3:F5:CF:33:FB:E4:54:1B
Authority key identifier: A5:8D:49:83:C9:C6:3B:D8:A1:58:00:3C:58:5F:43:D9:94:C1:2D:C2
Certificate issuer:       /CN=a58d4983c9c63bd8a158003c585f43d994c12dc2
Certificate serial:       01976E86D64C369B8A1B42B2CCF748E2C00A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/pY1Jg8nGO9ihWAA8WF9D2ZTBLcI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/78/c3a343-da82-427a-98c6-ce30d4a398e0/1/pY1Jg8nGO9ihWAA8WF9D2ZTBLcI.mft
Manifest number:          09EE
Signing time:             Sat 14 Jun 2025 13:00:19 +0000
Manifest this update:     Sat 14 Jun 2025 13:00:19 +0000
Manifest next update:     Sun 15 Jun 2025 13:00:19 +0000
Files and hashes:         1: pY1Jg8nGO9ihWAA8WF9D2ZTBLcI.crl (hash: LuCzkhKysYsPseeE3hbhat2LGXYzpUeVv9O8GKXXpcA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/78/c3a343-da82-427a-98c6-ce30d4a398e0/1/pY1Jg8nGO9ihWAA8WF9D2ZTBLcI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/78/c3a343-da82-427a-98c6-ce30d4a398e0/1/pY1Jg8nGO9ihWAA8WF9D2ZTBLcI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/pY1Jg8nGO9ihWAA8WF9D2ZTBLcI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 15 Jun 2025 12:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:6e:86:d6:4c:36:9b:8a:1b:42:b2:cc:f7:48:e2:c0:0a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a58d4983c9c63bd8a158003c585f43d994c12dc2
        Validity
            Not Before: Jun 14 13:00:19 2025 GMT
            Not After : Jun 15 13:00:19 2025 GMT
        Subject: CN=55f4f663d3cf8bb1dddee15fe3f5cf33fbe4541b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c7:52:6e:00:57:a1:43:ca:55:b1:46:97:8b:c0:
                    5c:8c:5e:99:de:cd:8b:6a:a9:54:9f:30:55:4b:c5:
                    6d:44:45:e2:d8:de:ef:57:31:23:2d:c2:25:3e:d7:
                    d0:82:d6:77:b5:4a:e9:83:18:27:12:5d:5a:eb:62:
                    ee:cd:15:c0:b0:c0:31:b2:43:a2:6e:58:e0:9e:10:
                    4b:fa:87:00:f6:04:9f:0f:79:d1:47:b4:61:ca:9c:
                    f2:47:35:a6:36:bc:6d:da:ab:b7:79:1a:68:7d:b3:
                    8a:bb:5e:b8:da:40:1b:11:b8:75:5c:54:9b:77:ce:
                    92:7a:23:c3:9f:81:da:95:ec:e4:66:e8:46:84:44:
                    cd:79:e6:c0:df:61:f8:db:7c:6f:84:d6:ac:63:f2:
                    2b:2f:89:e5:66:c7:45:2c:02:43:13:f5:a0:ca:af:
                    05:cb:01:5e:53:05:40:61:45:1c:ca:fc:94:6b:66:
                    0f:3a:81:7b:1a:ae:23:ca:86:c8:75:f3:24:5e:3a:
                    a9:16:4d:50:da:8c:eb:c3:70:19:41:54:91:29:3b:
                    20:63:f4:02:d7:58:87:69:e5:5e:9b:53:19:ee:87:
                    93:68:ca:90:68:ad:3e:b4:51:1b:35:98:96:06:4a:
                    3c:0a:99:e0:32:68:dc:1f:21:ea:00:7e:11:65:07:
                    94:99
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                55:F4:F6:63:D3:CF:8B:B1:DD:DE:E1:5F:E3:F5:CF:33:FB:E4:54:1B
            X509v3 Authority Key Identifier:
                keyid:A5:8D:49:83:C9:C6:3B:D8:A1:58:00:3C:58:5F:43:D9:94:C1:2D:C2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pY1Jg8nGO9ihWAA8WF9D2ZTBLcI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/c3a343-da82-427a-98c6-ce30d4a398e0/1/pY1Jg8nGO9ihWAA8WF9D2ZTBLcI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/78/c3a343-da82-427a-98c6-ce30d4a398e0/1/pY1Jg8nGO9ihWAA8WF9D2ZTBLcI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         65:1f:4c:8a:98:06:37:1d:e7:d5:0b:09:5e:6b:3c:70:68:ff:
         63:bc:81:48:9b:6a:ef:65:7e:a7:0f:2a:fd:6b:bd:5c:cd:3b:
         08:0e:3f:13:bc:e8:48:0e:81:1c:52:2f:00:dc:10:93:48:2c:
         97:a8:e1:e9:dc:a9:6c:1f:06:1f:f2:dd:01:e2:90:ad:80:ba:
         0a:b7:ef:38:8e:2b:1e:c3:c6:f8:c2:b7:f5:a9:85:a0:7b:45:
         4a:21:e7:64:cf:a7:fb:5e:b0:df:3a:e4:62:d6:1a:ef:51:9b:
         ed:5a:49:fd:0a:0e:f3:5c:3e:c9:57:99:69:ea:a5:ed:9f:48:
         53:dc:9a:dc:a4:3a:0b:f8:05:b3:8c:d3:f4:1c:63:09:90:32:
         66:91:02:4f:80:a4:3e:c3:47:24:ff:00:fa:2f:70:a4:09:05:
         6d:ea:0e:87:ee:c0:0f:a6:9d:f8:15:4c:76:f2:28:ba:db:db:
         8e:24:88:d8:e7:1d:d4:8e:9a:bf:40:3d:da:64:05:cf:2c:59:
         5f:01:76:2b:f2:bc:96:d9:8f:18:01:89:0a:4d:86:16:4d:52:
         41:2e:52:52:3b:06:ab:f0:52:94:d2:a9:71:36:71:9a:6e:4b:
         e9:dd:e5:6c:94:dc:a3:bf:5c:df:13:2e:e0:24:c2:63:53:c3:
         7c:04:eb:3b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZduhtZMNpuKG0KyzPdI4sAKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1OGQ0OTgzYzljNjNiZDhhMTU4MDAzYzU4NWY0M2Q5OTRj
MTJkYzIwHhcNMjUwNjE0MTMwMDE5WhcNMjUwNjE1MTMwMDE5WjAzMTEwLwYDVQQD
Eyg1NWY0ZjY2M2QzY2Y4YmIxZGRkZWUxNWZlM2Y1Y2YzM2ZiZTQ1NDFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx1JuAFehQ8pVsUaXi8BcjF6Z3s2L
aqlUnzBVS8VtREXi2N7vVzEjLcIlPtfQgtZ3tUrpgxgnEl1a62LuzRXAsMAxskOi
bljgnhBL+ocA9gSfD3nRR7RhypzyRzWmNrxt2qu3eRpofbOKu1642kAbEbh1XFSb
d86SeiPDn4HalezkZuhGhETNeebA32H423xvhNasY/IrL4nlZsdFLAJDE/Wgyq8F
ywFeUwVAYUUcyvyUa2YPOoF7Gq4jyobIdfMkXjqpFk1Q2ozrw3AZQVSRKTsgY/QC
11iHaeVem1MZ7oeTaMqQaK0+tFEbNZiWBko8CpngMmjcHyHqAH4RZQeUmQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFX09mPTz4ux3d7hX+P1zzP75FQbMB8GA1UdIwQY
MBaAFKWNSYPJxjvYoVgAPFhfQ9mUwS3CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcFkxSmc4bkdPOWloV0FBOFdGOUQyWlRCTGNJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC9jM2EzNDMtZGE4Mi00MjdhLTk4YzYt
Y2UzMGQ0YTM5OGUwLzEvcFkxSmc4bkdPOWloV0FBOFdGOUQyWlRCTGNJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC9jM2EzNDMtZGE4Mi00MjdhLTk4YzYtY2UzMGQ0YTM5OGUw
LzEvcFkxSmc4bkdPOWloV0FBOFdGOUQyWlRCTGNJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZR9MipgG
Nx3n1QsJXms8cGj/Y7yBSJtq72V+pw8q/Wu9XM07CA4/E7zoSA6BHFIvANwQk0gs
l6jh6dypbB8GH/LdAeKQrYC6CrfvOI4rHsPG+MK39amFoHtFSiHnZM+n+16w3zrk
YtYa71Gb7VpJ/QoO81w+yVeZaeql7Z9IU9ya3KQ6C/gFs4zT9BxjCZAyZpECT4Ck
PsNHJP8A+i9wpAkFbeoOh+7AD6ad+BVMdvIoutvbjiSI2Ocd1I6av0A92mQFzyxZ
XwF2K/K8ltmPGAGJCk2GFk1SQS5SUjsGq/BSlNKpcTZxmm5L6d3lbJTco79c3xMu
4CTCY1PDfATrOw==
-----END CERTIFICATE-----
Generated at Sat Jun 14 22:14:45 2025 by rpki-client