Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/98/1bafe1-6996-4dcf-8752-d540e8b13f7d/1/XzoD6voEyDkjvYaTJGGFDfX3gUY.mft
File:                     XzoD6voEyDkjvYaTJGGFDfX3gUY.mft (raw, json)
Hash identifier:          dvSqdMCNW4/2CZ5P0fYtYOa0xidUzn1+feNZo+1Rwps=
Subject key identifier:   92:A4:B7:9F:3F:0C:59:DC:61:35:24:DE:81:B5:0F:ED:60:F4:1A:95
Authority key identifier: 5F:3A:03:EA:FA:04:C8:39:23:BD:86:93:24:61:85:0D:F5:F7:81:46
Certificate issuer:       /CN=5f3a03eafa04c83923bd86932461850df5f78146
Certificate serial:       01975F1407E706BFFF3AC27BB0AC5B0AD64D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/XzoD6voEyDkjvYaTJGGFDfX3gUY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/98/1bafe1-6996-4dcf-8752-d540e8b13f7d/1/XzoD6voEyDkjvYaTJGGFDfX3gUY.mft
Manifest number:          11E2
Signing time:             Wed 11 Jun 2025 13:00:37 +0000
Manifest this update:     Wed 11 Jun 2025 13:00:37 +0000
Manifest next update:     Thu 12 Jun 2025 13:00:37 +0000
Files and hashes:         1: XzoD6voEyDkjvYaTJGGFDfX3gUY.crl (hash: 9HZ57E/iPyyyHv21pxWLI7c9ooGYTgsk0uqHB3xZmkA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/98/1bafe1-6996-4dcf-8752-d540e8b13f7d/1/XzoD6voEyDkjvYaTJGGFDfX3gUY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/98/1bafe1-6996-4dcf-8752-d540e8b13f7d/1/XzoD6voEyDkjvYaTJGGFDfX3gUY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/XzoD6voEyDkjvYaTJGGFDfX3gUY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 12 Jun 2025 13:00:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:5f:14:07:e7:06:bf:ff:3a:c2:7b:b0:ac:5b:0a:d6:4d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5f3a03eafa04c83923bd86932461850df5f78146
        Validity
            Not Before: Jun 11 13:00:37 2025 GMT
            Not After : Jun 12 13:00:37 2025 GMT
        Subject: CN=92a4b79f3f0c59dc613524de81b50fed60f41a95
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:97:05:1c:15:85:90:75:d2:b4:d9:76:e8:9f:
                    05:f4:c9:a9:13:36:09:0c:29:69:b8:c7:e6:5f:d8:
                    ba:61:6c:2f:91:14:37:89:35:0c:10:a0:2a:a7:67:
                    10:9d:15:f7:e4:8a:c6:ec:3b:bd:42:d9:5f:d8:59:
                    34:69:cd:e0:06:e6:c3:0d:f0:55:cc:f9:d9:c8:3b:
                    df:ef:25:cf:48:08:bd:6f:3f:11:2d:60:0c:3c:9b:
                    d7:00:7b:da:04:e0:62:a9:a1:d6:74:8d:75:95:25:
                    18:b1:51:24:55:4e:d0:59:f2:47:a6:0e:3b:a1:84:
                    87:9b:bd:98:33:03:5b:35:8b:26:9c:95:c7:e8:a6:
                    9c:34:ae:74:b7:ee:4d:a3:c9:ed:10:33:bc:f9:6a:
                    31:4c:d6:17:74:c2:63:22:87:58:30:04:4f:14:30:
                    08:aa:fe:51:d2:6f:26:aa:af:db:9a:0a:c9:79:26:
                    84:0d:25:b3:15:40:23:94:fb:9c:d2:5a:2c:30:8d:
                    10:0e:51:09:50:3c:a1:91:fa:d0:aa:d9:c2:d5:eb:
                    ac:8e:c6:f8:4d:a3:41:55:7e:b3:40:a1:9f:a5:ca:
                    c9:ca:88:35:e1:9d:7e:ed:d3:c0:90:74:a5:ac:b5:
                    53:8c:af:1a:0a:04:b0:5d:b7:16:13:8a:ec:76:ec:
                    0b:8b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                92:A4:B7:9F:3F:0C:59:DC:61:35:24:DE:81:B5:0F:ED:60:F4:1A:95
            X509v3 Authority Key Identifier:
                keyid:5F:3A:03:EA:FA:04:C8:39:23:BD:86:93:24:61:85:0D:F5:F7:81:46

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XzoD6voEyDkjvYaTJGGFDfX3gUY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/98/1bafe1-6996-4dcf-8752-d540e8b13f7d/1/XzoD6voEyDkjvYaTJGGFDfX3gUY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/98/1bafe1-6996-4dcf-8752-d540e8b13f7d/1/XzoD6voEyDkjvYaTJGGFDfX3gUY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         76:c7:c4:ac:48:cb:fb:d9:21:3e:f5:af:71:0e:db:bd:c8:ef:
         c6:89:23:48:f7:58:16:5e:16:dc:1e:a1:bd:9b:73:07:d4:4d:
         a8:04:2f:5d:ab:55:13:f8:37:6e:d5:f0:b2:48:54:04:88:51:
         c2:93:de:f0:14:fe:4d:c6:99:6c:85:e6:bb:b3:86:da:ba:f3:
         8f:a6:a9:3f:cc:1f:57:b4:68:ba:6e:55:c2:39:63:21:61:d4:
         4d:18:a1:1c:06:05:c7:fc:fe:91:6b:24:9f:db:02:55:4a:12:
         6e:52:37:3f:08:7e:0e:a2:ad:e1:1b:27:ac:84:9a:fe:f1:d4:
         3f:0f:c6:e0:8a:bb:df:7c:8f:53:33:ff:6b:30:cd:b8:f3:10:
         47:ec:42:94:8f:9e:5b:4b:6a:14:8c:8d:24:43:b6:6f:60:e3:
         01:9f:59:32:6f:13:ed:94:d8:df:19:71:b9:4a:8b:00:35:72:
         a4:db:34:f6:5e:76:5c:6a:a0:8a:c7:93:6e:7b:4f:74:37:a7:
         51:52:10:70:b2:a3:3f:97:39:4c:75:ad:04:28:72:82:29:bc:
         9b:bf:da:6d:8f:07:b8:3b:d7:71:bf:f5:50:a9:43:b9:a6:a3:
         bf:6e:5b:4f:d5:2d:55:14:c8:8d:63:61:4b:80:52:56:bf:43:
         9b:e3:38:ff
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdfFAfnBr//OsJ7sKxbCtZNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVmM2EwM2VhZmEwNGM4MzkyM2JkODY5MzI0NjE4NTBkZjVm
NzgxNDYwHhcNMjUwNjExMTMwMDM3WhcNMjUwNjEyMTMwMDM3WjAzMTEwLwYDVQQD
Eyg5MmE0Yjc5ZjNmMGM1OWRjNjEzNTI0ZGU4MWI1MGZlZDYwZjQxYTk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqpcFHBWFkHXStNl26J8F9MmpEzYJ
DClpuMfmX9i6YWwvkRQ3iTUMEKAqp2cQnRX35IrG7Du9Qtlf2Fk0ac3gBubDDfBV
zPnZyDvf7yXPSAi9bz8RLWAMPJvXAHvaBOBiqaHWdI11lSUYsVEkVU7QWfJHpg47
oYSHm72YMwNbNYsmnJXH6KacNK50t+5No8ntEDO8+WoxTNYXdMJjIodYMARPFDAI
qv5R0m8mqq/bmgrJeSaEDSWzFUAjlPuc0losMI0QDlEJUDyhkfrQqtnC1eusjsb4
TaNBVX6zQKGfpcrJyog14Z1+7dPAkHSlrLVTjK8aCgSwXbcWE4rsduwLiwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJKkt58/DFncYTUk3oG1D+1g9BqVMB8GA1UdIwQY
MBaAFF86A+r6BMg5I72GkyRhhQ3194FGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHpvRDZ2b0V5RGtqdllhVEpHR0ZEZlgzZ1VZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OC8xYmFmZTEtNjk5Ni00ZGNmLTg3NTIt
ZDU0MGU4YjEzZjdkLzEvWHpvRDZ2b0V5RGtqdllhVEpHR0ZEZlgzZ1VZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OC8xYmFmZTEtNjk5Ni00ZGNmLTg3NTItZDU0MGU4YjEzZjdk
LzEvWHpvRDZ2b0V5RGtqdllhVEpHR0ZEZlgzZ1VZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAdsfErEjL
+9khPvWvcQ7bvcjvxokjSPdYFl4W3B6hvZtzB9RNqAQvXatVE/g3btXwskhUBIhR
wpPe8BT+TcaZbIXmu7OG2rrzj6apP8wfV7Roum5VwjljIWHUTRihHAYFx/z+kWsk
n9sCVUoSblI3Pwh+DqKt4RsnrISa/vHUPw/G4Iq733yPUzP/azDNuPMQR+xClI+e
W0tqFIyNJEO2b2DjAZ9ZMm8T7ZTY3xlxuUqLADVypNs09l52XGqgiseTbntPdDen
UVIQcLKjP5c5THWtBChygim8m7/abY8HuDvXcb/1UKlDuaajv25bT9UtVRTIjWNh
S4BSVr9Dm+M4/w==
-----END CERTIFICATE-----
Generated at Wed Jun 11 20:41:24 2025 by rpki-client