Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/c5c8be-7db9-4057-a807-39e357384ae4/1/raavh7Q2lN05mUwOMhQwaHVRny4.mft
File:                     raavh7Q2lN05mUwOMhQwaHVRny4.mft (raw, json)
Hash identifier:          ttw0nFpzZEAnvGfIitmHc2Q5GIxlNjCBqQzBswaQd2U=
Subject key identifier:   14:D5:C2:B4:F0:95:02:E4:68:2F:65:6C:4D:CA:17:55:E6:79:0A:33
Authority key identifier: AD:A6:AF:87:B4:36:94:DD:39:99:4C:0E:32:14:30:68:75:51:9F:2E
Certificate issuer:       /CN=ada6af87b43694dd39994c0e3214306875519f2e
Certificate serial:       019761709EACC1F982FB69B70D35E4CE62D0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/raavh7Q2lN05mUwOMhQwaHVRny4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/c5c8be-7db9-4057-a807-39e357384ae4/1/raavh7Q2lN05mUwOMhQwaHVRny4.mft
Manifest number:          0AE5
Signing time:             Thu 12 Jun 2025 00:00:59 +0000
Manifest this update:     Thu 12 Jun 2025 00:00:59 +0000
Manifest next update:     Fri 13 Jun 2025 00:00:59 +0000
Files and hashes:         1: raavh7Q2lN05mUwOMhQwaHVRny4.crl (hash: XKlkUZH0nQzW9rC83BTXw2DUhFK9lYnxEq/bk/33tpQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/8a/c5c8be-7db9-4057-a807-39e357384ae4/1/raavh7Q2lN05mUwOMhQwaHVRny4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/8a/c5c8be-7db9-4057-a807-39e357384ae4/1/raavh7Q2lN05mUwOMhQwaHVRny4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/raavh7Q2lN05mUwOMhQwaHVRny4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 13 Jun 2025 00:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:61:70:9e:ac:c1:f9:82:fb:69:b7:0d:35:e4:ce:62:d0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ada6af87b43694dd39994c0e3214306875519f2e
        Validity
            Not Before: Jun 12 00:00:59 2025 GMT
            Not After : Jun 13 00:00:59 2025 GMT
        Subject: CN=14d5c2b4f09502e4682f656c4dca1755e6790a33
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:cc:3b:17:d3:82:0d:50:b3:6f:08:67:b7:be:
                    61:e7:2a:68:c7:89:36:76:7a:7f:00:31:db:65:f7:
                    4c:ac:23:34:19:bb:95:02:4a:49:8d:e6:47:02:1c:
                    cb:a7:48:99:cc:d4:50:fe:39:e6:15:2b:2a:19:99:
                    64:6d:64:c9:d8:52:67:8e:16:8a:45:73:fc:0c:1f:
                    5b:23:08:cd:d9:83:f8:73:e1:6a:ce:9f:e6:d6:0b:
                    c5:2d:ba:f9:d9:a9:f3:06:1f:d6:03:63:31:ff:b4:
                    97:08:5e:15:de:d3:6a:a8:a3:d5:7f:dd:98:c3:de:
                    4c:25:46:7a:0b:2a:da:a3:b4:70:58:d4:f8:ee:25:
                    20:35:a4:2a:b8:e3:e5:dd:66:68:54:3a:ef:31:73:
                    15:2f:95:3b:35:e7:2e:a3:03:0f:d7:8a:0f:79:c3:
                    3e:1e:18:42:de:33:9b:4c:fc:d9:ef:7d:18:30:5d:
                    fb:18:d5:3b:5d:62:15:6e:e0:6d:4e:3f:b6:a5:b4:
                    23:9d:a8:f9:17:9d:29:45:0b:63:fc:c8:fb:cc:43:
                    6a:7d:85:93:32:b5:1f:1e:c4:40:7b:c7:51:cb:96:
                    5b:07:9a:63:12:ea:87:10:19:73:f9:0d:1e:d6:43:
                    ee:46:09:f4:c5:9b:47:4a:d2:d6:e1:a0:0a:f9:de:
                    4c:87
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                14:D5:C2:B4:F0:95:02:E4:68:2F:65:6C:4D:CA:17:55:E6:79:0A:33
            X509v3 Authority Key Identifier:
                keyid:AD:A6:AF:87:B4:36:94:DD:39:99:4C:0E:32:14:30:68:75:51:9F:2E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/raavh7Q2lN05mUwOMhQwaHVRny4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/c5c8be-7db9-4057-a807-39e357384ae4/1/raavh7Q2lN05mUwOMhQwaHVRny4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/c5c8be-7db9-4057-a807-39e357384ae4/1/raavh7Q2lN05mUwOMhQwaHVRny4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         8b:95:c7:30:db:91:ff:a2:95:c7:e7:a9:e8:cf:53:2a:aa:50:
         fd:bf:fe:83:97:60:50:16:49:87:48:13:e1:86:78:5e:e1:c9:
         65:e7:15:11:40:54:16:69:33:31:27:69:a1:a5:09:16:97:2a:
         39:5b:3d:93:ab:c3:2f:b1:38:b5:32:58:62:98:8c:b0:b5:ad:
         a2:b0:d9:aa:88:5a:a3:bf:48:14:9a:1d:cd:80:27:4d:32:c1:
         6a:d7:ae:27:8a:54:4c:47:20:84:74:60:94:be:85:85:ed:ea:
         be:6f:18:d8:81:df:b9:35:58:d2:62:2e:09:c9:17:7d:50:5a:
         be:f1:6b:51:3f:16:e3:3c:5c:d3:9c:87:aa:f4:a2:d7:e8:2b:
         5d:f5:3d:23:e0:10:72:1e:57:f6:90:ba:ff:d2:d4:93:7d:a5:
         05:35:72:d7:bb:a3:cf:7d:5b:b3:59:83:99:42:8b:7c:bc:4d:
         ad:d3:19:f1:3c:49:e5:62:f9:ef:8f:5d:ee:a9:7e:16:12:fc:
         58:d0:d8:2f:19:e4:b5:12:74:f4:09:25:83:4c:7d:43:0f:c6:
         72:bb:0b:46:c8:9d:6f:6a:91:fc:18:c2:10:5c:44:70:64:b8:
         44:73:70:ef:19:b6:be:4e:b2:78:eb:c5:20:d8:bb:87:7f:4c:
         04:1a:a4:ee
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdhcJ6swfmC+2m3DTXkzmLQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFkYTZhZjg3YjQzNjk0ZGQzOTk5NGMwZTMyMTQzMDY4NzU1
MTlmMmUwHhcNMjUwNjEyMDAwMDU5WhcNMjUwNjEzMDAwMDU5WjAzMTEwLwYDVQQD
EygxNGQ1YzJiNGYwOTUwMmU0NjgyZjY1NmM0ZGNhMTc1NWU2NzkwYTMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvMw7F9OCDVCzbwhnt75h5ypox4k2
dnp/ADHbZfdMrCM0GbuVAkpJjeZHAhzLp0iZzNRQ/jnmFSsqGZlkbWTJ2FJnjhaK
RXP8DB9bIwjN2YP4c+Fqzp/m1gvFLbr52anzBh/WA2Mx/7SXCF4V3tNqqKPVf92Y
w95MJUZ6Cyrao7RwWNT47iUgNaQquOPl3WZoVDrvMXMVL5U7NecuowMP14oPecM+
HhhC3jObTPzZ730YMF37GNU7XWIVbuBtTj+2pbQjnaj5F50pRQtj/Mj7zENqfYWT
MrUfHsRAe8dRy5ZbB5pjEuqHEBlz+Q0e1kPuRgn0xZtHStLW4aAK+d5MhwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBTVwrTwlQLkaC9lbE3KF1XmeQozMB8GA1UdIwQY
MBaAFK2mr4e0NpTdOZlMDjIUMGh1UZ8uMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcmFhdmg3UTJsTjA1bVV3T01oUXdhSFZSbnk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS9jNWM4YmUtN2RiOS00MDU3LWE4MDct
MzllMzU3Mzg0YWU0LzEvcmFhdmg3UTJsTjA1bVV3T01oUXdhSFZSbnk0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS9jNWM4YmUtN2RiOS00MDU3LWE4MDctMzllMzU3Mzg0YWU0
LzEvcmFhdmg3UTJsTjA1bVV3T01oUXdhSFZSbnk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAi5XHMNuR
/6KVx+ep6M9TKqpQ/b/+g5dgUBZJh0gT4YZ4XuHJZecVEUBUFmkzMSdpoaUJFpcq
OVs9k6vDL7E4tTJYYpiMsLWtorDZqohao79IFJodzYAnTTLBateuJ4pUTEcghHRg
lL6Fhe3qvm8Y2IHfuTVY0mIuCckXfVBavvFrUT8W4zxc05yHqvSi1+grXfU9I+AQ
ch5X9pC6/9LUk32lBTVy17ujz31bs1mDmUKLfLxNrdMZ8TxJ5WL5749d7ql+FhL8
WNDYLxnktRJ09Aklg0x9Qw/GcrsLRsidb2qR/BjCEFxEcGS4RHNw7xm2vk6yeOvF
INi7h39MBBqk7g==
-----END CERTIFICATE-----
Generated at Thu Jun 12 08:34:55 2025 by rpki-client