Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/39d226-72bf-490e-9f16-073fbbe111e5/1/dXFLWBraGW41UcCM52JDvgWLROs.mft
File:                     dXFLWBraGW41UcCM52JDvgWLROs.mft (raw, json)
Hash identifier:          9jLzBP+FFMJdylLfclLuIyVLgawG6Rixl3PCf2F2UzQ=
Subject key identifier:   41:CF:F5:41:BA:20:85:CB:65:7E:DC:38:49:09:DF:04:01:75:80:3D
Authority key identifier: 75:71:4B:58:1A:DA:19:6E:35:51:C0:8C:E7:62:43:BE:05:8B:44:EB
Certificate issuer:       /CN=75714b581ada196e3551c08ce76243be058b44eb
Certificate serial:       0197643A56A9414E29293F8465045D3447F1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/dXFLWBraGW41UcCM52JDvgWLROs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b0/39d226-72bf-490e-9f16-073fbbe111e5/1/dXFLWBraGW41UcCM52JDvgWLROs.mft
Manifest number:          1587
Signing time:             Thu 12 Jun 2025 13:00:34 +0000
Manifest this update:     Thu 12 Jun 2025 13:00:34 +0000
Manifest next update:     Fri 13 Jun 2025 13:00:34 +0000
Files and hashes:         1: dXFLWBraGW41UcCM52JDvgWLROs.crl (hash: OzIt4mKlmDb7fIHLF7WwK+GA2qseiCi563wyljiu9Bo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b0/39d226-72bf-490e-9f16-073fbbe111e5/1/dXFLWBraGW41UcCM52JDvgWLROs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b0/39d226-72bf-490e-9f16-073fbbe111e5/1/dXFLWBraGW41UcCM52JDvgWLROs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/dXFLWBraGW41UcCM52JDvgWLROs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 13 Jun 2025 13:00:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:64:3a:56:a9:41:4e:29:29:3f:84:65:04:5d:34:47:f1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=75714b581ada196e3551c08ce76243be058b44eb
        Validity
            Not Before: Jun 12 13:00:34 2025 GMT
            Not After : Jun 13 13:00:34 2025 GMT
        Subject: CN=41cff541ba2085cb657edc384909df040175803d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f7:aa:ba:79:2b:38:4e:c1:a4:7f:ac:27:41:89:
                    ef:c1:59:00:48:44:cb:7c:54:63:d7:d2:c8:27:f6:
                    4a:fd:ea:24:61:d5:8a:b9:f2:73:1f:c4:ab:cd:8b:
                    da:a2:ab:b5:ec:11:81:be:26:5c:b2:73:6e:f5:0d:
                    93:a2:be:b1:71:14:ff:e5:f0:0e:8e:26:c0:92:ca:
                    6c:a2:52:bf:1f:55:10:8a:5d:96:e2:98:33:69:43:
                    e2:fd:bc:7d:11:88:d8:a8:70:c4:57:06:ad:e5:b5:
                    ac:ed:04:27:8e:f9:4a:23:8d:a8:55:f7:a2:97:4d:
                    89:e5:c2:a7:bb:d4:23:11:f8:7b:42:54:90:5f:0b:
                    a7:af:9d:64:8a:f4:ed:d1:b4:e0:b8:dd:65:55:cd:
                    f4:0b:87:ac:2b:8b:90:7e:a5:90:15:d9:7e:0f:ef:
                    d1:71:67:67:47:e4:49:21:20:41:ff:b8:ca:b7:85:
                    66:4d:de:f0:e4:1d:5f:9c:80:8c:ee:4e:3c:44:35:
                    0f:f8:62:4f:e1:9c:e2:ff:f4:d6:7b:ef:c0:0b:26:
                    73:a3:0d:e0:e1:db:1e:70:6b:c4:b4:1d:c8:b0:5f:
                    ac:89:36:10:30:14:9b:73:8b:90:28:9e:33:63:e7:
                    7c:4a:66:25:26:33:e8:49:09:b9:2b:ff:f4:4e:ab:
                    ff:a9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                41:CF:F5:41:BA:20:85:CB:65:7E:DC:38:49:09:DF:04:01:75:80:3D
            X509v3 Authority Key Identifier:
                keyid:75:71:4B:58:1A:DA:19:6E:35:51:C0:8C:E7:62:43:BE:05:8B:44:EB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dXFLWBraGW41UcCM52JDvgWLROs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/39d226-72bf-490e-9f16-073fbbe111e5/1/dXFLWBraGW41UcCM52JDvgWLROs.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/39d226-72bf-490e-9f16-073fbbe111e5/1/dXFLWBraGW41UcCM52JDvgWLROs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         ee:5f:69:88:d7:dd:63:94:68:01:a7:12:8c:46:85:9f:a2:d4:
         24:95:f2:65:71:12:46:04:e7:b5:7d:86:33:2c:bc:29:95:22:
         4a:5b:e6:1b:72:13:e0:51:34:de:f3:a2:4e:75:ba:0c:4d:76:
         87:62:4c:bc:22:64:45:46:23:03:cc:62:10:52:e0:48:bc:34:
         48:85:15:81:25:b7:da:dc:b6:b0:5c:6c:e5:58:08:d3:27:c2:
         56:e6:50:d7:c7:88:e3:f1:0e:03:ea:53:a3:37:3e:8a:f1:ab:
         f4:11:e9:9f:86:1c:cf:8b:c5:b3:3c:af:68:aa:7c:91:e9:f1:
         65:a7:d6:44:2d:61:2a:8a:63:01:45:73:c4:e5:59:a8:72:3e:
         22:48:60:b4:8f:e6:21:5e:cd:60:92:47:b2:99:46:47:bc:e4:
         d2:00:b4:20:7a:2c:49:f6:4a:17:1c:e0:c4:d9:cb:8f:f8:01:
         5a:07:b2:e8:a1:13:4a:d3:bd:fd:ff:75:b0:e3:8f:07:aa:ab:
         43:98:cb:5d:84:f8:b7:02:bd:c7:c0:f9:5f:18:a0:1f:d2:4a:
         bf:16:f0:cf:e4:84:54:20:e7:c1:9c:b0:0e:e0:0f:61:d7:5c:
         bf:39:c9:df:86:6f:de:da:cb:b2:ef:c0:1d:4e:c7:3a:15:fe:
         ce:cd:c1:5d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdkOlapQU4pKT+EZQRdNEfxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1NzE0YjU4MWFkYTE5NmUzNTUxYzA4Y2U3NjI0M2JlMDU4
YjQ0ZWIwHhcNMjUwNjEyMTMwMDM0WhcNMjUwNjEzMTMwMDM0WjAzMTEwLwYDVQQD
Eyg0MWNmZjU0MWJhMjA4NWNiNjU3ZWRjMzg0OTA5ZGYwNDAxNzU4MDNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA96q6eSs4TsGkf6wnQYnvwVkASETL
fFRj19LIJ/ZK/eokYdWKufJzH8SrzYvaoqu17BGBviZcsnNu9Q2Tor6xcRT/5fAO
jibAkspsolK/H1UQil2W4pgzaUPi/bx9EYjYqHDEVwat5bWs7QQnjvlKI42oVfei
l02J5cKnu9QjEfh7QlSQXwunr51kivTt0bTguN1lVc30C4esK4uQfqWQFdl+D+/R
cWdnR+RJISBB/7jKt4VmTd7w5B1fnICM7k48RDUP+GJP4Zzi//TWe+/ACyZzow3g
4dsecGvEtB3IsF+siTYQMBSbc4uQKJ4zY+d8SmYlJjPoSQm5K//0Tqv/qQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEHP9UG6IIXLZX7cOEkJ3wQBdYA9MB8GA1UdIwQY
MBaAFHVxS1ga2hluNVHAjOdiQ74Fi0TrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZFhGTFdCcmFHVzQxVWNDTTUySkR2Z1dMUk9zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC8zOWQyMjYtNzJiZi00OTBlLTlmMTYt
MDczZmJiZTExMWU1LzEvZFhGTFdCcmFHVzQxVWNDTTUySkR2Z1dMUk9zLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC8zOWQyMjYtNzJiZi00OTBlLTlmMTYtMDczZmJiZTExMWU1
LzEvZFhGTFdCcmFHVzQxVWNDTTUySkR2Z1dMUk9zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEA7l9piNfd
Y5RoAacSjEaFn6LUJJXyZXESRgTntX2GMyy8KZUiSlvmG3IT4FE03vOiTnW6DE12
h2JMvCJkRUYjA8xiEFLgSLw0SIUVgSW32ty2sFxs5VgI0yfCVuZQ18eI4/EOA+pT
ozc+ivGr9BHpn4Ycz4vFszyvaKp8kenxZafWRC1hKopjAUVzxOVZqHI+IkhgtI/m
IV7NYJJHsplGR7zk0gC0IHosSfZKFxzgxNnLj/gBWgey6KETStO9/f91sOOPB6qr
Q5jLXYT4twK9x8D5XxigH9JKvxbwz+SEVCDnwZywDuAPYddcvznJ34Zv3trLsu/A
HU7HOhX+zs3BXQ==
-----END CERTIFICATE-----
Generated at Thu Jun 12 15:59:14 2025 by rpki-client