Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/b95866-7096-4bad-b509-077d52eab70d/1/KsN4tjvKSHwy6M6BL0-F18bvh2Y.mft
File:                     KsN4tjvKSHwy6M6BL0-F18bvh2Y.mft (raw, json)
Hash identifier:          NC1WB//+ct47m0XdFiwxSw2w7ojgNnBsVmRoWkEO8PM=
Subject key identifier:   14:AA:7C:AD:B2:09:A9:C3:A0:1A:F3:EF:35:B6:94:23:07:18:E0:F5
Authority key identifier: 2A:C3:78:B6:3B:CA:48:7C:32:E8:CE:81:2F:4F:85:D7:C6:EF:87:66
Certificate issuer:       /CN=2ac378b63bca487c32e8ce812f4f85d7c6ef8766
Certificate serial:       01975CEEF63E4CE12C48E658D2AB5CCF4DCB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/KsN4tjvKSHwy6M6BL0-F18bvh2Y.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b0/b95866-7096-4bad-b509-077d52eab70d/1/KsN4tjvKSHwy6M6BL0-F18bvh2Y.mft
Manifest number:          0717
Signing time:             Wed 11 Jun 2025 03:00:53 +0000
Manifest this update:     Wed 11 Jun 2025 03:00:53 +0000
Manifest next update:     Thu 12 Jun 2025 03:00:53 +0000
Files and hashes:         1: KsN4tjvKSHwy6M6BL0-F18bvh2Y.crl (hash: 3I7ZBSZVJDpsZRaHFvch2+ljctBU7rHSi31tWrPH/N4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b0/b95866-7096-4bad-b509-077d52eab70d/1/KsN4tjvKSHwy6M6BL0-F18bvh2Y.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b0/b95866-7096-4bad-b509-077d52eab70d/1/KsN4tjvKSHwy6M6BL0-F18bvh2Y.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/KsN4tjvKSHwy6M6BL0-F18bvh2Y.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 12 Jun 2025 03:00:53 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:5c:ee:f6:3e:4c:e1:2c:48:e6:58:d2:ab:5c:cf:4d:cb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2ac378b63bca487c32e8ce812f4f85d7c6ef8766
        Validity
            Not Before: Jun 11 03:00:53 2025 GMT
            Not After : Jun 12 03:00:53 2025 GMT
        Subject: CN=14aa7cadb209a9c3a01af3ef35b694230718e0f5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ce:b8:40:b5:9b:12:52:c1:fc:26:dc:c2:92:fa:
                    55:6b:b8:07:95:5d:31:09:49:84:d6:a0:15:7b:35:
                    4d:91:4f:2b:d7:e6:9b:e3:f3:6c:b3:06:36:45:6e:
                    63:ea:65:ad:0a:ec:29:dc:83:3c:be:04:2e:7a:2a:
                    91:ec:b5:d4:3f:fe:8d:11:7b:c7:51:59:e2:5a:0e:
                    37:4d:33:21:0e:2e:27:7a:e7:e2:37:8e:de:f0:5c:
                    23:cc:88:a2:69:45:59:83:01:84:34:8f:ce:e4:c6:
                    30:a5:56:22:c8:51:0a:67:63:0e:56:63:f0:8d:a1:
                    2b:72:1c:90:a9:67:d0:79:4f:05:5d:ed:5b:b7:e6:
                    4e:4c:12:de:c9:7f:42:76:66:02:3b:d2:46:32:fd:
                    ba:d3:03:d4:83:f6:84:5a:25:2a:86:ff:db:40:e6:
                    e8:5f:f6:00:ab:9c:39:7e:a4:11:ae:a6:53:f8:8a:
                    36:c9:4b:97:85:2e:4c:1b:22:3f:21:6c:7d:ea:ca:
                    7e:b6:f0:01:3c:18:03:9f:f9:8a:aa:6f:90:51:94:
                    8c:0b:98:bb:1e:3a:87:fd:0f:71:52:53:48:77:68:
                    fe:ac:6a:68:82:88:f9:36:cd:03:b8:af:78:59:86:
                    63:63:63:ed:04:a0:fc:fd:b5:3a:55:28:67:02:86:
                    3a:d7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                14:AA:7C:AD:B2:09:A9:C3:A0:1A:F3:EF:35:B6:94:23:07:18:E0:F5
            X509v3 Authority Key Identifier:
                keyid:2A:C3:78:B6:3B:CA:48:7C:32:E8:CE:81:2F:4F:85:D7:C6:EF:87:66

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KsN4tjvKSHwy6M6BL0-F18bvh2Y.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/b95866-7096-4bad-b509-077d52eab70d/1/KsN4tjvKSHwy6M6BL0-F18bvh2Y.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/b95866-7096-4bad-b509-077d52eab70d/1/KsN4tjvKSHwy6M6BL0-F18bvh2Y.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2f:b2:d4:f0:91:d5:aa:a9:87:3c:2f:71:64:4f:d2:d7:07:0a:
         bc:bf:44:d3:e8:4c:57:bd:2d:1e:bc:83:8d:e2:a7:aa:8a:ac:
         18:3d:f3:53:b3:13:4f:89:21:bf:32:c0:0d:b0:bc:d3:a1:f5:
         c1:a9:51:d5:78:a1:8f:d4:ca:8a:af:7f:9e:1a:75:0f:15:c3:
         0c:a9:5b:99:48:87:e7:4c:48:96:93:3e:ec:92:01:dc:9d:8d:
         7f:1d:f7:56:9b:31:69:ae:83:7d:8b:21:f9:d8:53:80:8b:62:
         bb:e6:88:10:6f:aa:b0:67:c6:8d:3e:59:f2:f2:d6:e5:67:fb:
         f6:7f:80:59:35:62:87:ae:b4:e4:03:98:52:15:43:30:81:7f:
         3f:44:2e:a1:df:6d:ce:e2:b5:96:ee:79:1b:5d:51:f3:d5:14:
         34:8a:cd:a7:43:5b:d3:5d:83:b3:a8:84:0c:ff:d1:77:62:9a:
         e3:c8:17:fb:c7:62:37:b8:9a:83:25:3b:70:d2:06:a0:6f:1c:
         f4:94:54:23:77:ff:84:80:f6:2e:ae:b6:d9:ec:ab:5a:a0:8d:
         19:63:89:03:df:98:84:39:7b:79:6e:d8:eb:af:ef:9c:26:2c:
         1b:a1:28:f0:a9:d2:7b:cf:80:99:f3:4f:32:46:a0:c1:50:9b:
         90:57:8c:98
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdc7vY+TOEsSOZY0qtcz03LMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhYzM3OGI2M2JjYTQ4N2MzMmU4Y2U4MTJmNGY4NWQ3YzZl
Zjg3NjYwHhcNMjUwNjExMDMwMDUzWhcNMjUwNjEyMDMwMDUzWjAzMTEwLwYDVQQD
EygxNGFhN2NhZGIyMDlhOWMzYTAxYWYzZWYzNWI2OTQyMzA3MThlMGY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzrhAtZsSUsH8JtzCkvpVa7gHlV0x
CUmE1qAVezVNkU8r1+ab4/NsswY2RW5j6mWtCuwp3IM8vgQueiqR7LXUP/6NEXvH
UVniWg43TTMhDi4neufiN47e8FwjzIiiaUVZgwGENI/O5MYwpVYiyFEKZ2MOVmPw
jaErchyQqWfQeU8FXe1bt+ZOTBLeyX9CdmYCO9JGMv260wPUg/aEWiUqhv/bQObo
X/YAq5w5fqQRrqZT+Io2yUuXhS5MGyI/IWx96sp+tvABPBgDn/mKqm+QUZSMC5i7
HjqH/Q9xUlNId2j+rGpogoj5Ns0DuK94WYZjY2PtBKD8/bU6VShnAoY61wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBSqfK2yCanDoBrz7zW2lCMHGOD1MB8GA1UdIwQY
MBaAFCrDeLY7ykh8MujOgS9PhdfG74dmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3NONHRqdktTSHd5Nk02QkwwLUYxOGJ2aDJZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC9iOTU4NjYtNzA5Ni00YmFkLWI1MDkt
MDc3ZDUyZWFiNzBkLzEvS3NONHRqdktTSHd5Nk02QkwwLUYxOGJ2aDJZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC9iOTU4NjYtNzA5Ni00YmFkLWI1MDktMDc3ZDUyZWFiNzBk
LzEvS3NONHRqdktTSHd5Nk02QkwwLUYxOGJ2aDJZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAL7LU8JHV
qqmHPC9xZE/S1wcKvL9E0+hMV70tHryDjeKnqoqsGD3zU7MTT4khvzLADbC806H1
walR1Xihj9TKiq9/nhp1DxXDDKlbmUiH50xIlpM+7JIB3J2Nfx33Vpsxaa6DfYsh
+dhTgItiu+aIEG+qsGfGjT5Z8vLW5Wf79n+AWTVih6605AOYUhVDMIF/P0Quod9t
zuK1lu55G11R89UUNIrNp0Nb012Ds6iEDP/Rd2Ka48gX+8diN7iagyU7cNIGoG8c
9JRUI3f/hID2Lq622eyrWqCNGWOJA9+YhDl7eW7Y66/vnCYsG6Eo8KnSe8+AmfNP
MkagwVCbkFeMmA==
-----END CERTIFICATE-----
Generated at Wed Jun 11 11:54:32 2025 by rpki-client