Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/b95866-7096-4bad-b509-077d52eab70d/1/KsN4tjvKSHwy6M6BL0-F18bvh2Y.mft
File:                     KsN4tjvKSHwy6M6BL0-F18bvh2Y.mft (raw, json)
Hash identifier:          bQqEu2mHFl729czTu0c9F4LpiWMrKdxQ+h/1Q9lc4lU=
Subject key identifier:   CD:A9:00:FE:D5:E4:46:FC:5E:CC:40:CE:3B:0F:9F:C4:C0:8F:3C:3A
Authority key identifier: 2A:C3:78:B6:3B:CA:48:7C:32:E8:CE:81:2F:4F:85:D7:C6:EF:87:66
Certificate issuer:       /CN=2ac378b63bca487c32e8ce812f4f85d7c6ef8766
Certificate serial:       019764A850431D30C2C9DB655E2759471C33
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/KsN4tjvKSHwy6M6BL0-F18bvh2Y.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b0/b95866-7096-4bad-b509-077d52eab70d/1/KsN4tjvKSHwy6M6BL0-F18bvh2Y.mft
Manifest number:          071B
Signing time:             Thu 12 Jun 2025 15:00:41 +0000
Manifest this update:     Thu 12 Jun 2025 15:00:41 +0000
Manifest next update:     Fri 13 Jun 2025 15:00:41 +0000
Files and hashes:         1: KsN4tjvKSHwy6M6BL0-F18bvh2Y.crl (hash: 1/b6y6gmWvi+5+MV4fIQUhGTi2YrGkmnUZ0pemGGw6c=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b0/b95866-7096-4bad-b509-077d52eab70d/1/KsN4tjvKSHwy6M6BL0-F18bvh2Y.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b0/b95866-7096-4bad-b509-077d52eab70d/1/KsN4tjvKSHwy6M6BL0-F18bvh2Y.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/KsN4tjvKSHwy6M6BL0-F18bvh2Y.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 13 Jun 2025 13:55:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:64:a8:50:43:1d:30:c2:c9:db:65:5e:27:59:47:1c:33
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2ac378b63bca487c32e8ce812f4f85d7c6ef8766
        Validity
            Not Before: Jun 12 15:00:41 2025 GMT
            Not After : Jun 13 15:00:41 2025 GMT
        Subject: CN=cda900fed5e446fc5ecc40ce3b0f9fc4c08f3c3a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:aa:6a:22:d1:86:54:af:42:89:5d:3e:70:2f:
                    10:9e:bd:b4:c8:4b:89:d0:e6:09:b0:56:af:fc:a8:
                    93:e5:06:93:68:92:17:3a:02:bd:70:16:38:7a:67:
                    50:1a:eb:fc:ec:af:1d:a5:4f:7c:5a:ca:03:b1:c7:
                    6b:02:eb:3a:d0:af:3b:46:9a:9e:b6:82:ea:23:0b:
                    fa:c4:a4:51:ab:e4:ed:0e:b2:fd:34:cf:65:51:e5:
                    ba:2c:c1:1a:42:23:02:77:23:e0:59:8c:33:ef:23:
                    83:61:ce:21:7d:72:14:78:fe:ee:cc:04:a8:2c:01:
                    9c:fb:dc:68:f3:65:fb:b2:57:9b:76:27:2e:ce:67:
                    fa:f9:f5:9e:e4:f4:0c:e6:5c:40:36:38:96:7a:3c:
                    5d:d2:e4:40:d3:d0:da:09:53:ab:e7:5e:27:ea:da:
                    52:43:03:05:d1:05:e2:0f:6d:b7:1d:48:d3:9e:cf:
                    18:59:4e:05:0e:ab:da:f8:a2:f7:d7:b8:82:1a:c9:
                    14:7d:e6:7c:4e:7e:1c:75:d5:4e:2d:66:f9:fc:40:
                    37:11:f8:6a:fd:6f:3b:e7:6d:ea:dc:25:89:14:d4:
                    67:a5:19:c9:b0:ac:e5:e9:2a:fc:7d:02:31:74:92:
                    3a:f6:9a:b0:0f:68:47:95:f3:9d:1c:cc:5b:d7:28:
                    31:b9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CD:A9:00:FE:D5:E4:46:FC:5E:CC:40:CE:3B:0F:9F:C4:C0:8F:3C:3A
            X509v3 Authority Key Identifier:
                keyid:2A:C3:78:B6:3B:CA:48:7C:32:E8:CE:81:2F:4F:85:D7:C6:EF:87:66

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KsN4tjvKSHwy6M6BL0-F18bvh2Y.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/b95866-7096-4bad-b509-077d52eab70d/1/KsN4tjvKSHwy6M6BL0-F18bvh2Y.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/b95866-7096-4bad-b509-077d52eab70d/1/KsN4tjvKSHwy6M6BL0-F18bvh2Y.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2c:a6:32:3b:af:ea:89:6e:b7:1a:d3:c6:1b:b4:85:5a:3c:ef:
         46:4e:c2:7d:8e:cf:fd:19:3e:86:20:18:c6:e9:ba:ac:4f:e0:
         2a:f6:fe:a8:ee:35:2f:e7:bf:b3:8b:60:5f:fe:96:6c:eb:c0:
         28:5e:80:86:4b:d7:e5:8f:4f:38:5a:e9:36:e2:59:56:ce:5c:
         a8:f0:76:67:33:fb:a1:99:24:49:d3:5b:dd:75:2b:00:08:df:
         62:7d:7b:98:78:43:4d:59:7f:49:f5:1c:f4:c8:d5:36:b1:dd:
         03:25:2a:a9:66:82:7f:c5:7f:9d:16:3f:03:f7:d2:45:12:b0:
         f8:2c:f2:83:13:1f:aa:a3:89:da:e1:1c:e4:a7:3e:56:de:75:
         6f:5f:90:4a:3a:3b:46:1e:82:0d:34:bc:95:2b:2e:97:32:67:
         a0:0f:c1:b4:06:e5:b2:33:88:8b:a6:11:5f:d1:33:36:f8:de:
         1c:9f:56:d8:86:ef:74:75:74:de:b9:15:35:12:74:54:6f:22:
         ae:cf:cf:62:0b:f2:b1:1a:52:27:b5:01:dc:09:65:98:85:8b:
         96:2b:93:a1:ef:1b:e8:35:73:d5:f4:17:4c:c7:6a:6a:a0:40:
         4c:86:91:ab:07:eb:0d:eb:61:8b:0a:16:88:2a:7d:2f:64:ce:
         84:d1:6e:3f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdkqFBDHTDCydtlXidZRxwzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhYzM3OGI2M2JjYTQ4N2MzMmU4Y2U4MTJmNGY4NWQ3YzZl
Zjg3NjYwHhcNMjUwNjEyMTUwMDQxWhcNMjUwNjEzMTUwMDQxWjAzMTEwLwYDVQQD
EyhjZGE5MDBmZWQ1ZTQ0NmZjNWVjYzQwY2UzYjBmOWZjNGMwOGYzYzNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApapqItGGVK9CiV0+cC8Qnr20yEuJ
0OYJsFav/KiT5QaTaJIXOgK9cBY4emdQGuv87K8dpU98WsoDscdrAus60K87Rpqe
toLqIwv6xKRRq+TtDrL9NM9lUeW6LMEaQiMCdyPgWYwz7yODYc4hfXIUeP7uzASo
LAGc+9xo82X7slebdicuzmf6+fWe5PQM5lxANjiWejxd0uRA09DaCVOr514n6tpS
QwMF0QXiD223HUjTns8YWU4FDqva+KL317iCGskUfeZ8Tn4cddVOLWb5/EA3Efhq
/W87523q3CWJFNRnpRnJsKzl6Sr8fQIxdJI69pqwD2hHlfOdHMxb1ygxuQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFM2pAP7V5Eb8XsxAzjsPn8TAjzw6MB8GA1UdIwQY
MBaAFCrDeLY7ykh8MujOgS9PhdfG74dmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3NONHRqdktTSHd5Nk02QkwwLUYxOGJ2aDJZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC9iOTU4NjYtNzA5Ni00YmFkLWI1MDkt
MDc3ZDUyZWFiNzBkLzEvS3NONHRqdktTSHd5Nk02QkwwLUYxOGJ2aDJZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC9iOTU4NjYtNzA5Ni00YmFkLWI1MDktMDc3ZDUyZWFiNzBk
LzEvS3NONHRqdktTSHd5Nk02QkwwLUYxOGJ2aDJZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALKYyO6/q
iW63GtPGG7SFWjzvRk7CfY7P/Rk+hiAYxum6rE/gKvb+qO41L+e/s4tgX/6WbOvA
KF6AhkvX5Y9POFrpNuJZVs5cqPB2ZzP7oZkkSdNb3XUrAAjfYn17mHhDTVl/SfUc
9MjVNrHdAyUqqWaCf8V/nRY/A/fSRRKw+CzygxMfqqOJ2uEc5Kc+Vt51b1+QSjo7
Rh6CDTS8lSsulzJnoA/BtAblsjOIi6YRX9EzNvjeHJ9W2IbvdHV03rkVNRJ0VG8i
rs/PYgvysRpSJ7UB3AllmIWLliuToe8b6DVz1fQXTMdqaqBATIaRqwfrDethiwoW
iCp9L2TOhNFuPw==
-----END CERTIFICATE-----
Generated at Thu Jun 12 20:29:17 2025 by rpki-client