Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/91/f60d31-c748-4eb7-b781-098d3bd0b951/1/rh967y8S0HaqitWli8uNyvPwvUw.mft
File:                     rh967y8S0HaqitWli8uNyvPwvUw.mft (raw, json)
Hash identifier:          bHD3bA2I6rwm/YmtCoEnEptSehpgIJc98d4BHIGSOFk=
Subject key identifier:   44:F6:4D:87:B9:11:ED:3D:BA:84:BB:AB:5D:4A:98:7A:19:C5:BF:14
Authority key identifier: AE:1F:7A:EF:2F:12:D0:76:AA:8A:D5:A5:8B:CB:8D:CA:F3:F0:BD:4C
Certificate issuer:       /CN=ae1f7aef2f12d076aa8ad5a58bcb8dcaf3f0bd4c
Certificate serial:       01976FD1131EE5FFFAE7E278E2434A750E90
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/rh967y8S0HaqitWli8uNyvPwvUw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/91/f60d31-c748-4eb7-b781-098d3bd0b951/1/rh967y8S0HaqitWli8uNyvPwvUw.mft
Manifest number:          10DF
Signing time:             Sat 14 Jun 2025 19:01:02 +0000
Manifest this update:     Sat 14 Jun 2025 19:01:02 +0000
Manifest next update:     Sun 15 Jun 2025 19:01:02 +0000
Files and hashes:         1: rh967y8S0HaqitWli8uNyvPwvUw.crl (hash: NYHydgUlRSiAFJmUELhOAPS7eq8650+6/UqWiCqHS3I=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/91/f60d31-c748-4eb7-b781-098d3bd0b951/1/rh967y8S0HaqitWli8uNyvPwvUw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/91/f60d31-c748-4eb7-b781-098d3bd0b951/1/rh967y8S0HaqitWli8uNyvPwvUw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/rh967y8S0HaqitWli8uNyvPwvUw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 15 Jun 2025 12:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:6f:d1:13:1e:e5:ff:fa:e7:e2:78:e2:43:4a:75:0e:90
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ae1f7aef2f12d076aa8ad5a58bcb8dcaf3f0bd4c
        Validity
            Not Before: Jun 14 19:01:02 2025 GMT
            Not After : Jun 15 19:01:02 2025 GMT
        Subject: CN=44f64d87b911ed3dba84bbab5d4a987a19c5bf14
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a9:ab:34:cd:6d:a2:fa:34:54:05:6c:ab:b5:d6:
                    c2:ce:87:5a:f7:84:66:d8:ea:a3:8c:32:2a:f3:d6:
                    33:4d:70:61:03:30:c6:d8:eb:f8:2b:07:b4:4b:77:
                    00:4f:b2:b4:76:6d:f3:91:51:29:c8:fc:c9:cc:31:
                    f3:4b:f2:61:a9:b4:07:b4:6e:f0:7f:fa:88:33:6b:
                    7b:c9:e6:3a:32:7b:dd:c2:54:fd:9c:46:dd:81:9b:
                    2c:74:d6:c7:e8:c5:23:35:9e:e2:0d:3c:70:2f:df:
                    fe:82:36:3e:c3:74:ce:13:bd:f9:79:7f:b3:73:45:
                    e6:e2:88:44:6b:6b:18:70:4b:ed:d4:d0:70:2d:1f:
                    fa:66:5b:e8:bb:84:b5:93:e1:13:2f:b2:bb:b2:cd:
                    00:d9:e3:cb:40:5b:61:1d:e3:95:59:89:c6:4f:7e:
                    dd:0b:50:ba:f7:16:b8:c1:0f:8e:c6:ba:f3:02:36:
                    8f:f0:8c:28:2c:d8:39:69:cc:54:37:91:9a:62:d6:
                    86:b4:37:24:c4:e3:9a:b1:19:71:33:e8:f0:4e:9b:
                    fa:1a:71:f4:21:a4:f1:22:bd:32:ea:f2:92:23:e8:
                    58:1b:da:b0:63:a2:bf:f8:ea:9f:7a:e0:31:3c:a1:
                    ad:22:18:8a:7a:e3:c9:6d:1a:79:f8:fb:0a:d2:ab:
                    45:23
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                44:F6:4D:87:B9:11:ED:3D:BA:84:BB:AB:5D:4A:98:7A:19:C5:BF:14
            X509v3 Authority Key Identifier:
                keyid:AE:1F:7A:EF:2F:12:D0:76:AA:8A:D5:A5:8B:CB:8D:CA:F3:F0:BD:4C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rh967y8S0HaqitWli8uNyvPwvUw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/91/f60d31-c748-4eb7-b781-098d3bd0b951/1/rh967y8S0HaqitWli8uNyvPwvUw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/91/f60d31-c748-4eb7-b781-098d3bd0b951/1/rh967y8S0HaqitWli8uNyvPwvUw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         43:5a:a6:62:46:fd:fd:96:2d:57:d3:67:be:3c:5b:b2:30:ba:
         5a:51:4b:0c:8c:c3:ac:03:75:18:89:60:1d:91:d6:83:ba:67:
         22:3e:ec:8a:56:9a:03:9b:65:0a:3c:48:af:ab:4d:7a:41:5c:
         d6:b4:0c:c3:c6:8d:6b:9b:3b:8b:83:f3:b0:7b:7b:39:a7:80:
         47:2a:8f:38:8b:46:df:e9:63:e0:81:b1:69:0c:ca:87:25:d3:
         e8:88:ea:7d:51:30:d6:d8:8d:ab:ed:97:10:51:27:42:16:b9:
         9c:29:79:0c:07:3f:ff:e2:9a:aa:a8:b8:11:10:8e:1e:f3:02:
         84:f4:56:0d:73:cd:2a:ce:5a:80:d6:92:13:07:5c:5b:25:e4:
         7c:ff:21:2f:a1:81:54:2c:e1:7e:a4:cf:42:c0:8c:43:bc:4d:
         6c:56:dd:d5:8c:9b:80:01:f9:77:c0:33:4f:94:80:52:2f:df:
         66:00:93:09:0a:b2:08:3a:c0:00:cd:3c:d3:26:a6:de:de:67:
         78:b9:44:47:8c:25:95:72:53:10:42:02:4c:6d:48:60:17:98:
         cb:b6:b4:1f:66:7d:b0:0b:bf:7c:22:27:b0:5e:25:0c:39:14:
         bc:d0:bd:3e:c9:c6:16:22:be:77:23:17:94:f0:9e:f2:fb:18:
         c4:82:81:8a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdv0RMe5f/65+J44kNKdQ6QMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFlMWY3YWVmMmYxMmQwNzZhYThhZDVhNThiY2I4ZGNhZjNm
MGJkNGMwHhcNMjUwNjE0MTkwMTAyWhcNMjUwNjE1MTkwMTAyWjAzMTEwLwYDVQQD
Eyg0NGY2NGQ4N2I5MTFlZDNkYmE4NGJiYWI1ZDRhOTg3YTE5YzViZjE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqas0zW2i+jRUBWyrtdbCzoda94Rm
2OqjjDIq89YzTXBhAzDG2Ov4Kwe0S3cAT7K0dm3zkVEpyPzJzDHzS/JhqbQHtG7w
f/qIM2t7yeY6MnvdwlT9nEbdgZssdNbH6MUjNZ7iDTxwL9/+gjY+w3TOE735eX+z
c0Xm4ohEa2sYcEvt1NBwLR/6Zlvou4S1k+ETL7K7ss0A2ePLQFthHeOVWYnGT37d
C1C69xa4wQ+OxrrzAjaP8IwoLNg5acxUN5GaYtaGtDckxOOasRlxM+jwTpv6GnH0
IaTxIr0y6vKSI+hYG9qwY6K/+OqfeuAxPKGtIhiKeuPJbRp5+PsK0qtFIwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFET2TYe5Ee09uoS7q11KmHoZxb8UMB8GA1UdIwQY
MBaAFK4feu8vEtB2qorVpYvLjcrz8L1MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcmg5Njd5OFMwSGFxaXRXbGk4dU55dlB3dlV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MS9mNjBkMzEtYzc0OC00ZWI3LWI3ODEt
MDk4ZDNiZDBiOTUxLzEvcmg5Njd5OFMwSGFxaXRXbGk4dU55dlB3dlV3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MS9mNjBkMzEtYzc0OC00ZWI3LWI3ODEtMDk4ZDNiZDBiOTUx
LzEvcmg5Njd5OFMwSGFxaXRXbGk4dU55dlB3dlV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQ1qmYkb9
/ZYtV9NnvjxbsjC6WlFLDIzDrAN1GIlgHZHWg7pnIj7silaaA5tlCjxIr6tNekFc
1rQMw8aNa5s7i4PzsHt7OaeARyqPOItG3+lj4IGxaQzKhyXT6IjqfVEw1tiNq+2X
EFEnQha5nCl5DAc//+Kaqqi4ERCOHvMChPRWDXPNKs5agNaSEwdcWyXkfP8hL6GB
VCzhfqTPQsCMQ7xNbFbd1YybgAH5d8AzT5SAUi/fZgCTCQqyCDrAAM080yam3t5n
eLlER4wllXJTEEICTG1IYBeYy7a0H2Z9sAu/fCInsF4lDDkUvNC9PsnGFiK+dyMX
lPCe8vsYxIKBig==
-----END CERTIFICATE-----
Generated at Sat Jun 14 22:21:38 2025 by rpki-client