Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9e/d6a648-2286-429f-98fa-884e81a1786a/1/3k_14NZGWzwsc6LG4Q5WovpzFic.mft
File:                     3k_14NZGWzwsc6LG4Q5WovpzFic.mft (raw, json)
Hash identifier:          MGYVF1gOf9Gj2e9MEpoEHQYSV5xnbPEjjX41AifhbNU=
Subject key identifier:   7A:67:42:03:E8:03:AE:2D:DF:A7:2C:5F:B3:F8:84:E5:98:1B:60:79
Authority key identifier: DE:4F:F5:E0:D6:46:5B:3C:2C:73:A2:C6:E1:0E:56:A2:FA:73:16:27
Certificate issuer:       /CN=de4ff5e0d6465b3c2c73a2c6e10e56a2fa731627
Certificate serial:       01976AAA65D1D7217AC245D33027595B5B84
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3k_14NZGWzwsc6LG4Q5WovpzFic.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/9e/d6a648-2286-429f-98fa-884e81a1786a/1/3k_14NZGWzwsc6LG4Q5WovpzFic.mft
Manifest number:          0D26
Signing time:             Fri 13 Jun 2025 19:00:41 +0000
Manifest this update:     Fri 13 Jun 2025 19:00:41 +0000
Manifest next update:     Sat 14 Jun 2025 19:00:41 +0000
Files and hashes:         1: 3k_14NZGWzwsc6LG4Q5WovpzFic.crl (hash: 8I6I2P6Umi3Xr2xJgyVWfmaDrqpAcoGVSbZ/GXjt4lc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/9e/d6a648-2286-429f-98fa-884e81a1786a/1/3k_14NZGWzwsc6LG4Q5WovpzFic.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/9e/d6a648-2286-429f-98fa-884e81a1786a/1/3k_14NZGWzwsc6LG4Q5WovpzFic.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3k_14NZGWzwsc6LG4Q5WovpzFic.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 14 Jun 2025 16:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:6a:aa:65:d1:d7:21:7a:c2:45:d3:30:27:59:5b:5b:84
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=de4ff5e0d6465b3c2c73a2c6e10e56a2fa731627
        Validity
            Not Before: Jun 13 19:00:41 2025 GMT
            Not After : Jun 14 19:00:41 2025 GMT
        Subject: CN=7a674203e803ae2ddfa72c5fb3f884e5981b6079
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:fd:93:75:9e:85:10:ed:14:c8:8c:9d:90:01:
                    ce:41:ed:35:84:ef:dc:c3:bb:47:37:6d:83:fc:de:
                    a9:4d:b3:fa:12:3d:aa:24:52:ac:a8:65:15:d6:24:
                    1e:ca:50:d7:90:a1:94:7b:d3:10:30:81:5f:77:bd:
                    4c:61:9e:31:b3:33:83:fc:2a:a3:ce:e4:71:2d:e3:
                    34:d8:7c:6d:23:0d:05:4c:85:92:5a:3c:8a:ae:9b:
                    2f:3a:94:c6:db:b8:1f:70:72:09:2e:7c:24:2d:7e:
                    9b:b6:8d:b0:ef:58:94:de:b5:59:12:7b:90:20:86:
                    27:a1:24:b8:f0:f2:ac:d7:0b:81:65:44:35:47:04:
                    d6:90:a9:72:24:6f:b9:92:14:46:b6:2d:c5:b3:fd:
                    6e:c3:41:7a:21:9c:91:bb:87:a6:6a:74:d5:fa:d8:
                    a5:e9:2e:ef:e4:ef:bf:60:e5:f2:27:3d:41:cd:16:
                    75:84:fd:95:84:e1:08:e8:c8:3e:cd:8e:61:8a:ee:
                    0a:d4:4f:7d:3e:8c:bd:71:d1:00:03:67:4b:00:55:
                    a7:f0:75:a8:1a:ce:9c:a0:8e:b3:1d:11:78:e3:58:
                    32:48:d1:71:9d:8e:76:c4:38:82:ca:93:61:6b:2a:
                    f6:03:6d:c2:4f:d9:bd:da:80:ef:22:ca:f9:eb:6f:
                    fd:c7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7A:67:42:03:E8:03:AE:2D:DF:A7:2C:5F:B3:F8:84:E5:98:1B:60:79
            X509v3 Authority Key Identifier:
                keyid:DE:4F:F5:E0:D6:46:5B:3C:2C:73:A2:C6:E1:0E:56:A2:FA:73:16:27

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3k_14NZGWzwsc6LG4Q5WovpzFic.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/d6a648-2286-429f-98fa-884e81a1786a/1/3k_14NZGWzwsc6LG4Q5WovpzFic.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/d6a648-2286-429f-98fa-884e81a1786a/1/3k_14NZGWzwsc6LG4Q5WovpzFic.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1c:9a:67:6a:04:27:74:29:ce:a1:0d:82:78:6b:ff:6c:06:b9:
         1f:ab:3b:0b:8c:95:e8:2d:5a:27:38:97:a9:2f:4e:0c:14:7c:
         d2:bc:97:d8:71:96:81:09:db:48:68:46:a0:c2:f9:17:12:6b:
         d4:a2:19:4f:42:b5:91:f5:c6:6b:8a:b0:f0:77:c9:d3:6a:b3:
         04:cd:1b:3d:0f:14:e7:47:a2:c8:8f:dc:2d:64:9a:dc:a4:9e:
         73:b3:dc:79:43:c7:63:f7:97:f2:c1:ba:aa:fc:35:b0:fd:da:
         18:cc:dd:ad:6e:ae:78:48:dc:5a:5c:8e:6a:0d:c7:68:2d:97:
         66:7a:45:df:0d:87:24:67:5c:81:44:77:21:0e:98:54:e2:fc:
         30:93:e3:bb:67:2b:f1:a6:e0:29:46:35:1a:09:b8:fa:96:b5:
         cd:48:ef:a5:a7:1a:62:9f:74:9d:a8:2f:16:78:d2:d3:f6:14:
         99:9e:ec:57:26:b4:50:52:e8:13:01:fd:16:99:b6:b0:71:0d:
         02:ce:2f:ae:9f:2d:c5:2a:ec:8d:2c:c9:cb:bc:f2:ed:5a:01:
         1c:3a:ea:ab:1e:3a:6b:c6:d0:98:cb:0e:70:2c:e7:c6:2a:d7:
         f3:c8:92:24:1f:19:0d:f0:d1:fa:ab:a7:1e:1d:c8:3c:19:47:
         e0:d1:ff:ea
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdqqmXR1yF6wkXTMCdZW1uEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRlNGZmNWUwZDY0NjViM2MyYzczYTJjNmUxMGU1NmEyZmE3
MzE2MjcwHhcNMjUwNjEzMTkwMDQxWhcNMjUwNjE0MTkwMDQxWjAzMTEwLwYDVQQD
Eyg3YTY3NDIwM2U4MDNhZTJkZGZhNzJjNWZiM2Y4ODRlNTk4MWI2MDc5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsv2TdZ6FEO0UyIydkAHOQe01hO/c
w7tHN22D/N6pTbP6Ej2qJFKsqGUV1iQeylDXkKGUe9MQMIFfd71MYZ4xszOD/Cqj
zuRxLeM02HxtIw0FTIWSWjyKrpsvOpTG27gfcHIJLnwkLX6bto2w71iU3rVZEnuQ
IIYnoSS48PKs1wuBZUQ1RwTWkKlyJG+5khRGti3Fs/1uw0F6IZyRu4emanTV+til
6S7v5O+/YOXyJz1BzRZ1hP2VhOEI6Mg+zY5hiu4K1E99Poy9cdEAA2dLAFWn8HWo
Gs6coI6zHRF441gySNFxnY52xDiCypNhayr2A23CT9m92oDvIsr562/9xwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHpnQgPoA64t36csX7P4hOWYG2B5MB8GA1UdIwQY
MBaAFN5P9eDWRls8LHOixuEOVqL6cxYnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2tfMTROWkdXendzYzZMRzRRNVdvdnB6RmljLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZS9kNmE2NDgtMjI4Ni00MjlmLTk4ZmEt
ODg0ZTgxYTE3ODZhLzEvM2tfMTROWkdXendzYzZMRzRRNVdvdnB6RmljLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZS9kNmE2NDgtMjI4Ni00MjlmLTk4ZmEtODg0ZTgxYTE3ODZh
LzEvM2tfMTROWkdXendzYzZMRzRRNVdvdnB6RmljLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHJpnagQn
dCnOoQ2CeGv/bAa5H6s7C4yV6C1aJziXqS9ODBR80ryX2HGWgQnbSGhGoML5FxJr
1KIZT0K1kfXGa4qw8HfJ02qzBM0bPQ8U50eiyI/cLWSa3KSec7PceUPHY/eX8sG6
qvw1sP3aGMzdrW6ueEjcWlyOag3HaC2XZnpF3w2HJGdcgUR3IQ6YVOL8MJPju2cr
8abgKUY1Ggm4+pa1zUjvpacaYp90nagvFnjS0/YUmZ7sVya0UFLoEwH9Fpm2sHEN
As4vrp8txSrsjSzJy7zy7VoBHDrqqx46a8bQmMsOcCznxirX88iSJB8ZDfDR+qun
Hh3IPBlH4NH/6g==
-----END CERTIFICATE-----
Generated at Fri Jun 13 21:25:59 2025 by rpki-client