Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/83/123b25-fee4-490b-be00-0b8a792c1b9d/1/96wXOfUp2vTMczgkibgFl-ugf0E.mft
File:                     96wXOfUp2vTMczgkibgFl-ugf0E.mft (raw, json)
Hash identifier:          J8188J0Tk41ixxPC1E5I3K6Q4U6dRE96TY2UGU+m1zc=
Subject key identifier:   5C:6C:41:BE:E4:DF:57:57:71:38:90:EE:8D:B0:D0:8A:8D:35:B7:FA
Authority key identifier: F7:AC:17:39:F5:29:DA:F4:CC:73:38:24:89:B8:05:97:EB:A0:7F:41
Certificate issuer:       /CN=f7ac1739f529daf4cc73382489b80597eba07f41
Certificate serial:       019758A49119A1CD4354CA917671C24FC445
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/96wXOfUp2vTMczgkibgFl-ugf0E.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/83/123b25-fee4-490b-be00-0b8a792c1b9d/1/96wXOfUp2vTMczgkibgFl-ugf0E.mft
Manifest number:          07BD
Signing time:             Tue 10 Jun 2025 07:01:09 +0000
Manifest this update:     Tue 10 Jun 2025 07:01:09 +0000
Manifest next update:     Wed 11 Jun 2025 07:01:09 +0000
Files and hashes:         1: 96wXOfUp2vTMczgkibgFl-ugf0E.crl (hash: 2MdJyi0qGVLPo+920ovan1ZRGziwivB7eAMDGjgkJtE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/83/123b25-fee4-490b-be00-0b8a792c1b9d/1/96wXOfUp2vTMczgkibgFl-ugf0E.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/83/123b25-fee4-490b-be00-0b8a792c1b9d/1/96wXOfUp2vTMczgkibgFl-ugf0E.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/96wXOfUp2vTMczgkibgFl-ugf0E.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 11 Jun 2025 07:01:09 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:58:a4:91:19:a1:cd:43:54:ca:91:76:71:c2:4f:c4:45
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f7ac1739f529daf4cc73382489b80597eba07f41
        Validity
            Not Before: Jun 10 07:01:09 2025 GMT
            Not After : Jun 11 07:01:09 2025 GMT
        Subject: CN=5c6c41bee4df5757713890ee8db0d08a8d35b7fa
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:5d:29:90:12:d7:57:4f:ee:5a:3e:3b:39:d1:
                    fe:ab:c1:92:a0:95:a9:f1:47:e8:3a:86:a4:46:1f:
                    3c:a3:f7:6e:59:ce:ee:53:94:8d:3b:ed:67:08:9e:
                    e8:b3:e3:be:63:dc:44:85:fb:57:b1:8a:19:45:d2:
                    78:50:92:71:48:e8:38:ae:0e:92:ee:f5:14:0c:5b:
                    03:16:96:07:a8:57:d2:f5:c1:2f:fc:27:3a:b0:26:
                    89:92:a0:11:6c:ee:c7:a6:df:f2:fa:8b:e4:68:1b:
                    58:e4:61:c0:c7:9c:9a:98:7e:a9:21:8d:60:2d:b5:
                    89:b3:8c:c5:68:e7:12:f2:0b:d4:91:7b:18:43:01:
                    b8:15:6d:e6:b8:4a:c9:06:dd:b3:76:a7:c2:b7:09:
                    cf:43:b4:9f:1d:f0:07:5b:56:c9:72:99:3a:b9:f0:
                    de:a1:9d:e8:4f:bc:af:40:e0:8e:7d:d9:4c:15:04:
                    bf:8d:7e:ab:42:a8:1f:c6:46:62:d3:24:67:86:b8:
                    94:b8:ae:ca:32:e7:71:12:01:1f:71:dc:00:52:47:
                    7f:ce:fa:60:00:32:4e:65:ee:c5:84:68:19:41:f3:
                    72:5d:79:fa:cb:e4:9e:93:d8:a8:43:3d:0e:a8:51:
                    e4:48:f1:97:50:da:35:97:ed:66:01:84:01:83:4f:
                    41:75
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5C:6C:41:BE:E4:DF:57:57:71:38:90:EE:8D:B0:D0:8A:8D:35:B7:FA
            X509v3 Authority Key Identifier:
                keyid:F7:AC:17:39:F5:29:DA:F4:CC:73:38:24:89:B8:05:97:EB:A0:7F:41

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/96wXOfUp2vTMczgkibgFl-ugf0E.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/83/123b25-fee4-490b-be00-0b8a792c1b9d/1/96wXOfUp2vTMczgkibgFl-ugf0E.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/83/123b25-fee4-490b-be00-0b8a792c1b9d/1/96wXOfUp2vTMczgkibgFl-ugf0E.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         17:0a:ba:22:6f:8e:b2:24:b6:cc:45:d2:35:0e:35:c3:23:a1:
         76:2e:35:3d:05:28:0a:87:4c:44:9c:a3:e1:66:c4:26:8e:43:
         9a:68:f1:e2:c0:b9:ca:cb:45:e9:2c:8d:c3:42:60:36:31:10:
         46:62:c2:40:89:7c:40:e5:83:42:db:72:be:47:2c:73:61:b3:
         9b:b3:b7:ad:ca:2d:d9:82:3a:2a:ff:53:bf:8c:7b:3a:11:42:
         95:a3:83:a3:cc:76:ea:25:48:0c:e9:ab:83:ba:dc:cb:d0:01:
         b1:15:15:37:0e:5f:3f:1f:e6:64:6d:75:72:c0:71:25:a3:23:
         ee:2a:53:5b:9e:17:58:b8:04:0f:99:e2:62:45:25:28:82:ac:
         5f:4f:18:ff:19:88:7a:70:24:d1:d5:62:db:62:3e:5a:61:a0:
         4e:bc:f5:4c:85:62:a1:e3:78:7f:63:92:4f:26:d1:14:7c:f4:
         40:b7:c6:bb:60:a2:bf:ff:f5:21:a8:dc:0e:4e:dc:89:70:11:
         87:be:c3:9a:fb:07:58:c4:e3:a7:8e:23:a3:91:41:86:16:6a:
         2a:2f:05:3b:da:2d:f1:5a:17:8c:a7:c2:1e:28:a0:0a:36:d1:
         a5:5c:00:b8:c2:a7:d9:40:31:0d:4e:55:12:a7:f3:38:24:52:
         d4:0d:87:1e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdYpJEZoc1DVMqRdnHCT8RFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY3YWMxNzM5ZjUyOWRhZjRjYzczMzgyNDg5YjgwNTk3ZWJh
MDdmNDEwHhcNMjUwNjEwMDcwMTA5WhcNMjUwNjExMDcwMTA5WjAzMTEwLwYDVQQD
Eyg1YzZjNDFiZWU0ZGY1NzU3NzEzODkwZWU4ZGIwZDA4YThkMzViN2ZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr10pkBLXV0/uWj47OdH+q8GSoJWp
8UfoOoakRh88o/duWc7uU5SNO+1nCJ7os+O+Y9xEhftXsYoZRdJ4UJJxSOg4rg6S
7vUUDFsDFpYHqFfS9cEv/Cc6sCaJkqARbO7Hpt/y+ovkaBtY5GHAx5yamH6pIY1g
LbWJs4zFaOcS8gvUkXsYQwG4FW3muErJBt2zdqfCtwnPQ7SfHfAHW1bJcpk6ufDe
oZ3oT7yvQOCOfdlMFQS/jX6rQqgfxkZi0yRnhriUuK7KMudxEgEfcdwAUkd/zvpg
ADJOZe7FhGgZQfNyXXn6y+Sek9ioQz0OqFHkSPGXUNo1l+1mAYQBg09BdQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFxsQb7k31dXcTiQ7o2w0IqNNbf6MB8GA1UdIwQY
MBaAFPesFzn1Kdr0zHM4JIm4BZfroH9BMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOTZ3WE9mVXAydlRNY3pna2liZ0ZsLXVnZjBFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84My8xMjNiMjUtZmVlNC00OTBiLWJlMDAt
MGI4YTc5MmMxYjlkLzEvOTZ3WE9mVXAydlRNY3pna2liZ0ZsLXVnZjBFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84My8xMjNiMjUtZmVlNC00OTBiLWJlMDAtMGI4YTc5MmMxYjlk
LzEvOTZ3WE9mVXAydlRNY3pna2liZ0ZsLXVnZjBFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAFwq6Im+O
siS2zEXSNQ41wyOhdi41PQUoCodMRJyj4WbEJo5Dmmjx4sC5ystF6SyNw0JgNjEQ
RmLCQIl8QOWDQttyvkcsc2Gzm7O3rcot2YI6Kv9Tv4x7OhFClaODo8x26iVIDOmr
g7rcy9ABsRUVNw5fPx/mZG11csBxJaMj7ipTW54XWLgED5niYkUlKIKsX08Y/xmI
enAk0dVi22I+WmGgTrz1TIVioeN4f2OSTybRFHz0QLfGu2Civ//1IajcDk7ciXAR
h77DmvsHWMTjp44jo5FBhhZqKi8FO9ot8VoXjKfCHiigCjbRpVwAuMKn2UAxDU5V
EqfzOCRS1A2HHg==
-----END CERTIFICATE-----
Generated at Tue Jun 10 13:52:51 2025 by rpki-client