Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9e/d6a648-2286-429f-98fa-884e81a1786a/1/3k_14NZGWzwsc6LG4Q5WovpzFic.mft
File:                     3k_14NZGWzwsc6LG4Q5WovpzFic.mft (raw, json)
Hash identifier:          Jm8eNh0Q9rMgLOJdz4oyORljfj06TOmxHLokLeDVNR8=
Subject key identifier:   12:0C:75:E1:D7:87:E6:2D:E2:48:CA:A4:C8:A5:61:BE:04:3B:EE:05
Authority key identifier: DE:4F:F5:E0:D6:46:5B:3C:2C:73:A2:C6:E1:0E:56:A2:FA:73:16:27
Certificate issuer:       /CN=de4ff5e0d6465b3c2c73a2c6e10e56a2fa731627
Certificate serial:       019766CD4B661254AD0CA9977EF26A654F5E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3k_14NZGWzwsc6LG4Q5WovpzFic.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/9e/d6a648-2286-429f-98fa-884e81a1786a/1/3k_14NZGWzwsc6LG4Q5WovpzFic.mft
Manifest number:          0D24
Signing time:             Fri 13 Jun 2025 01:00:19 +0000
Manifest this update:     Fri 13 Jun 2025 01:00:19 +0000
Manifest next update:     Sat 14 Jun 2025 01:00:19 +0000
Files and hashes:         1: 3k_14NZGWzwsc6LG4Q5WovpzFic.crl (hash: SCSWewxXs0+u5UO07u6DVBMii17+b6GbdZbf0Awe0XY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/9e/d6a648-2286-429f-98fa-884e81a1786a/1/3k_14NZGWzwsc6LG4Q5WovpzFic.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/9e/d6a648-2286-429f-98fa-884e81a1786a/1/3k_14NZGWzwsc6LG4Q5WovpzFic.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3k_14NZGWzwsc6LG4Q5WovpzFic.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 14 Jun 2025 01:00:19 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:66:cd:4b:66:12:54:ad:0c:a9:97:7e:f2:6a:65:4f:5e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=de4ff5e0d6465b3c2c73a2c6e10e56a2fa731627
        Validity
            Not Before: Jun 13 01:00:19 2025 GMT
            Not After : Jun 14 01:00:19 2025 GMT
        Subject: CN=120c75e1d787e62de248caa4c8a561be043bee05
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ca:52:cb:6f:83:c0:6b:f2:7d:5c:af:59:78:c7:
                    a8:f7:22:ef:4d:b7:44:0c:9f:3d:67:d8:69:bf:59:
                    9f:b4:08:90:ce:f3:66:7a:3b:a3:56:67:b5:8a:ff:
                    06:9d:29:a7:a2:90:94:63:ef:6a:40:7a:b4:bb:93:
                    5f:a8:e1:cc:13:92:7d:52:79:b2:90:82:43:b8:e1:
                    04:d6:ce:f7:a3:e2:27:fc:6b:0c:b8:05:ec:c7:33:
                    d6:9a:29:c9:51:62:a2:d2:47:83:9d:3b:25:e5:c5:
                    c5:87:c1:df:05:10:ac:85:54:2a:df:c8:23:e4:91:
                    c5:27:be:0a:e0:5f:7b:e9:7d:20:d5:41:a6:5b:c0:
                    af:4d:33:5c:7b:4e:2e:8d:f5:d8:3f:89:65:1b:82:
                    94:63:fe:9c:34:2c:c8:ad:dc:f9:55:81:99:c5:8a:
                    eb:ca:f4:72:c4:e7:50:dc:ca:59:c3:0f:1d:1f:a1:
                    55:5b:8e:b7:8e:53:38:bd:6f:27:ac:1e:7f:f3:0f:
                    ca:61:93:fc:a7:ee:f5:78:92:b6:ac:50:89:89:2d:
                    88:83:21:d7:9e:f5:d8:06:2d:25:06:ed:97:6f:4f:
                    8a:63:7d:e5:60:9d:20:87:44:3b:ba:5e:37:c3:9b:
                    30:b3:68:c7:69:d9:3f:0b:cd:ea:6c:9e:f9:34:25:
                    c4:a9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                12:0C:75:E1:D7:87:E6:2D:E2:48:CA:A4:C8:A5:61:BE:04:3B:EE:05
            X509v3 Authority Key Identifier:
                keyid:DE:4F:F5:E0:D6:46:5B:3C:2C:73:A2:C6:E1:0E:56:A2:FA:73:16:27

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3k_14NZGWzwsc6LG4Q5WovpzFic.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/d6a648-2286-429f-98fa-884e81a1786a/1/3k_14NZGWzwsc6LG4Q5WovpzFic.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/d6a648-2286-429f-98fa-884e81a1786a/1/3k_14NZGWzwsc6LG4Q5WovpzFic.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a0:45:b9:25:48:13:cc:4b:41:3c:9e:26:80:e0:bd:d8:18:40:
         e2:e9:7f:9c:ad:52:30:98:ea:04:a4:a3:11:bf:6e:31:b6:ff:
         4a:c2:6e:4e:9d:a2:9b:c2:c4:6d:33:a7:ef:e9:5d:27:93:a7:
         56:bd:b1:a6:dc:2d:ab:95:8a:c2:20:16:d0:06:9f:29:0e:50:
         74:78:06:1f:d2:2b:fa:8f:58:8f:26:e9:17:ad:2b:da:5f:e9:
         cf:0c:04:d3:a2:ff:a2:65:fc:ca:5d:4d:a5:4b:df:83:c8:26:
         88:c5:f3:73:13:6b:05:d0:ef:dc:41:bb:07:ea:f1:c6:11:75:
         4a:60:f4:5f:0b:89:98:8f:97:a0:d8:b6:78:e0:96:29:53:27:
         e5:07:d0:f1:8f:aa:84:f3:3b:4e:b8:1e:8d:49:b5:13:f7:66:
         f9:b2:9e:ac:49:74:80:94:dd:f3:49:24:a8:03:b4:57:09:2c:
         f3:ea:a8:72:a6:79:c9:53:16:8b:80:65:b9:e6:2a:d9:1e:33:
         31:7c:f8:90:b9:48:bf:d9:15:b7:85:e8:05:57:75:77:79:81:
         57:a1:31:16:8f:69:57:6e:57:f1:7f:db:1e:9d:39:52:73:ea:
         e4:58:f9:66:66:6e:96:30:53:00:d2:f9:0d:bf:63:5a:44:25:
         2f:ae:5a:a0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdmzUtmElStDKmXfvJqZU9eMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRlNGZmNWUwZDY0NjViM2MyYzczYTJjNmUxMGU1NmEyZmE3
MzE2MjcwHhcNMjUwNjEzMDEwMDE5WhcNMjUwNjE0MDEwMDE5WjAzMTEwLwYDVQQD
EygxMjBjNzVlMWQ3ODdlNjJkZTI0OGNhYTRjOGE1NjFiZTA0M2JlZTA1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAylLLb4PAa/J9XK9ZeMeo9yLvTbdE
DJ89Z9hpv1mftAiQzvNmejujVme1iv8GnSmnopCUY+9qQHq0u5NfqOHME5J9Unmy
kIJDuOEE1s73o+In/GsMuAXsxzPWminJUWKi0keDnTsl5cXFh8HfBRCshVQq38gj
5JHFJ74K4F976X0g1UGmW8CvTTNce04ujfXYP4llG4KUY/6cNCzIrdz5VYGZxYrr
yvRyxOdQ3MpZww8dH6FVW463jlM4vW8nrB5/8w/KYZP8p+71eJK2rFCJiS2IgyHX
nvXYBi0lBu2Xb0+KY33lYJ0gh0Q7ul43w5sws2jHadk/C83qbJ75NCXEqQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBIMdeHXh+Yt4kjKpMilYb4EO+4FMB8GA1UdIwQY
MBaAFN5P9eDWRls8LHOixuEOVqL6cxYnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2tfMTROWkdXendzYzZMRzRRNVdvdnB6RmljLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZS9kNmE2NDgtMjI4Ni00MjlmLTk4ZmEt
ODg0ZTgxYTE3ODZhLzEvM2tfMTROWkdXendzYzZMRzRRNVdvdnB6RmljLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZS9kNmE2NDgtMjI4Ni00MjlmLTk4ZmEtODg0ZTgxYTE3ODZh
LzEvM2tfMTROWkdXendzYzZMRzRRNVdvdnB6RmljLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAoEW5JUgT
zEtBPJ4mgOC92BhA4ul/nK1SMJjqBKSjEb9uMbb/SsJuTp2im8LEbTOn7+ldJ5On
Vr2xptwtq5WKwiAW0AafKQ5QdHgGH9Ir+o9YjybpF60r2l/pzwwE06L/omX8yl1N
pUvfg8gmiMXzcxNrBdDv3EG7B+rxxhF1SmD0XwuJmI+XoNi2eOCWKVMn5QfQ8Y+q
hPM7TrgejUm1E/dm+bKerEl0gJTd80kkqAO0Vwks8+qocqZ5yVMWi4BlueYq2R4z
MXz4kLlIv9kVt4XoBVd1d3mBV6ExFo9pV25X8X/bHp05UnPq5Fj5ZmZuljBTANL5
Db9jWkQlL65aoA==
-----END CERTIFICATE-----
Generated at Fri Jun 13 09:10:24 2025 by rpki-client