Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/680992-38da-498f-a349-94227293c88e/1/gErnaxl1-0qMurIgcYnu0gIy_18.mft
File:                     gErnaxl1-0qMurIgcYnu0gIy_18.mft (raw, json)
Hash identifier:          U6EE/64Q98ZnIu6RZLsuKo4Gt3nEBFC3XZ1Ek6AuFkk=
Subject key identifier:   14:46:EE:E1:90:0D:01:0F:26:75:AB:E9:3C:6F:89:46:89:BE:02:8C
Authority key identifier: 80:4A:E7:6B:19:75:FB:4A:8C:BA:B2:20:71:89:EE:D2:02:32:FF:5F
Certificate issuer:       /CN=804ae76b1975fb4a8cbab2207189eed20232ff5f
Certificate serial:       01975C499E6E538CD866DDD8F4E1E7BB256D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/gErnaxl1-0qMurIgcYnu0gIy_18.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b4/680992-38da-498f-a349-94227293c88e/1/gErnaxl1-0qMurIgcYnu0gIy_18.mft
Manifest number:          03C7
Signing time:             Wed 11 Jun 2025 00:00:17 +0000
Manifest this update:     Wed 11 Jun 2025 00:00:17 +0000
Manifest next update:     Thu 12 Jun 2025 00:00:17 +0000
Files and hashes:         1: gErnaxl1-0qMurIgcYnu0gIy_18.crl (hash: omnYnllR48/6yTXfaIhTPO0b09UdoNr+O7Fv718AXBo=)
                          2: v3oDa-WSUoJp1kuV1a6fLuRGHQ0.roa (hash: Y4h5O4hQh1m1aEWNf7XMnqa6q5Txb+8pJ/1S7VkKt/4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b4/680992-38da-498f-a349-94227293c88e/1/gErnaxl1-0qMurIgcYnu0gIy_18.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b4/680992-38da-498f-a349-94227293c88e/1/gErnaxl1-0qMurIgcYnu0gIy_18.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/gErnaxl1-0qMurIgcYnu0gIy_18.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 11 Jun 2025 20:45:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:5c:49:9e:6e:53:8c:d8:66:dd:d8:f4:e1:e7:bb:25:6d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=804ae76b1975fb4a8cbab2207189eed20232ff5f
        Validity
            Not Before: Jun 11 00:00:17 2025 GMT
            Not After : Jun 12 00:00:17 2025 GMT
        Subject: CN=1446eee1900d010f2675abe93c6f894689be028c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:96:61:21:00:6b:1e:0f:c0:5c:8e:3d:30:56:8b:
                    99:42:e4:d7:35:ab:8e:a0:22:68:37:7b:ab:4a:34:
                    4b:7a:f2:2d:69:ff:19:78:86:c6:28:e1:0d:e8:00:
                    59:77:6a:19:19:91:1f:9a:f4:70:1a:e5:3c:46:64:
                    7f:2e:fc:19:e3:ad:25:a2:2f:91:9c:97:81:99:82:
                    40:19:05:0e:74:7b:f0:16:b4:2d:65:a5:b9:21:ec:
                    45:02:88:e7:8b:13:86:61:b4:af:ad:25:b3:0d:78:
                    4b:e7:c9:f1:61:53:68:44:48:43:b3:46:10:e5:81:
                    b0:57:9e:70:35:ef:2c:84:e3:6d:a5:45:37:e0:e0:
                    00:9a:3b:50:20:cd:45:11:1b:10:d6:71:1c:30:0e:
                    19:4f:56:3c:31:0e:c3:b3:05:94:70:e8:d3:f6:93:
                    9b:38:03:90:d1:59:87:06:17:d9:be:4f:60:81:d7:
                    df:74:db:e6:4f:e9:7d:0f:c8:47:07:3b:ff:d3:f4:
                    ea:d2:96:c1:f3:76:a4:c5:4d:d9:92:a3:2c:5b:52:
                    0d:0f:2b:c4:6c:84:b4:ba:1e:1a:d6:0e:ae:2b:08:
                    3a:1f:83:0d:61:4a:ba:45:9e:9e:dd:21:2e:ba:c5:
                    ef:ef:83:14:e2:be:0c:ec:2e:f4:49:37:a4:e1:ca:
                    6d:31
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                14:46:EE:E1:90:0D:01:0F:26:75:AB:E9:3C:6F:89:46:89:BE:02:8C
            X509v3 Authority Key Identifier:
                keyid:80:4A:E7:6B:19:75:FB:4A:8C:BA:B2:20:71:89:EE:D2:02:32:FF:5F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gErnaxl1-0qMurIgcYnu0gIy_18.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/680992-38da-498f-a349-94227293c88e/1/gErnaxl1-0qMurIgcYnu0gIy_18.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/680992-38da-498f-a349-94227293c88e/1/gErnaxl1-0qMurIgcYnu0gIy_18.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5c:dd:72:a3:6d:a8:68:36:2a:7d:77:5f:7c:74:ab:0b:53:a6:
         10:11:c4:c0:b9:04:2a:3b:5d:82:cf:b4:78:79:87:53:4d:dc:
         12:06:5f:22:1e:5b:b0:62:82:9e:31:8c:6e:4e:d8:8c:c1:64:
         8f:ab:c8:cc:a3:ae:e7:cd:ef:78:d1:74:0f:ae:30:5f:94:fc:
         0c:6c:57:cc:bd:bf:61:77:9b:5a:ec:6f:46:f5:30:27:35:02:
         f8:59:2b:3f:91:80:db:ce:b5:32:3b:1d:44:3f:db:13:d6:66:
         0b:99:f8:13:b4:d1:bb:ae:59:aa:3b:ba:75:91:56:2a:1f:73:
         01:56:3a:19:85:df:10:fd:0b:29:75:7c:34:45:3d:e2:75:da:
         d8:39:a5:02:7b:4b:e2:87:fb:42:aa:14:19:98:c2:16:5e:49:
         d0:86:f7:f3:88:89:e1:bb:cf:95:41:75:1c:93:e1:f1:08:6d:
         05:60:a8:0b:14:07:29:4f:9e:b5:4e:e0:aa:32:61:93:55:4c:
         21:05:ee:ce:db:39:11:52:34:f2:0d:0e:10:50:4e:17:0d:89:
         e8:cc:5a:2b:62:45:ec:9e:3d:bd:f1:fe:58:0c:cb:72:48:d6:
         49:a7:d2:76:9d:50:8e:67:94:82:79:93:6d:14:ef:15:fe:b2:
         3c:c0:7c:79
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdcSZ5uU4zYZt3Y9OHnuyVtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgwNGFlNzZiMTk3NWZiNGE4Y2JhYjIyMDcxODllZWQyMDIz
MmZmNWYwHhcNMjUwNjExMDAwMDE3WhcNMjUwNjEyMDAwMDE3WjAzMTEwLwYDVQQD
EygxNDQ2ZWVlMTkwMGQwMTBmMjY3NWFiZTkzYzZmODk0Njg5YmUwMjhjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlmEhAGseD8Bcjj0wVouZQuTXNauO
oCJoN3urSjRLevItaf8ZeIbGKOEN6ABZd2oZGZEfmvRwGuU8RmR/LvwZ460loi+R
nJeBmYJAGQUOdHvwFrQtZaW5IexFAojnixOGYbSvrSWzDXhL58nxYVNoREhDs0YQ
5YGwV55wNe8shONtpUU34OAAmjtQIM1FERsQ1nEcMA4ZT1Y8MQ7DswWUcOjT9pOb
OAOQ0VmHBhfZvk9ggdffdNvmT+l9D8hHBzv/0/Tq0pbB83akxU3ZkqMsW1INDyvE
bIS0uh4a1g6uKwg6H4MNYUq6RZ6e3SEuusXv74MU4r4M7C70STek4cptMQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBRG7uGQDQEPJnWr6TxviUaJvgKMMB8GA1UdIwQY
MBaAFIBK52sZdftKjLqyIHGJ7tICMv9fMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ0VybmF4bDEtMHFNdXJJZ2NZbnUwZ0l5XzE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC82ODA5OTItMzhkYS00OThmLWEzNDkt
OTQyMjcyOTNjODhlLzEvZ0VybmF4bDEtMHFNdXJJZ2NZbnUwZ0l5XzE4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNC82ODA5OTItMzhkYS00OThmLWEzNDktOTQyMjcyOTNjODhl
LzEvZ0VybmF4bDEtMHFNdXJJZ2NZbnUwZ0l5XzE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXN1yo22o
aDYqfXdffHSrC1OmEBHEwLkEKjtdgs+0eHmHU03cEgZfIh5bsGKCnjGMbk7YjMFk
j6vIzKOu583veNF0D64wX5T8DGxXzL2/YXebWuxvRvUwJzUC+FkrP5GA2861Mjsd
RD/bE9ZmC5n4E7TRu65Zqju6dZFWKh9zAVY6GYXfEP0LKXV8NEU94nXa2DmlAntL
4of7QqoUGZjCFl5J0Ib384iJ4bvPlUF1HJPh8QhtBWCoCxQHKU+etU7gqjJhk1VM
IQXuzts5EVI08g0OEFBOFw2J6MxaK2JF7J49vfH+WAzLckjWSafSdp1QjmeUgnmT
bRTvFf6yPMB8eQ==
-----END CERTIFICATE-----
Generated at Wed Jun 11 06:23:27 2025 by rpki-client