Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/15ad08-0fd0-4000-9662-cc78af4e8016/1/0dtKfR5qv_vNp4v8MxJQ3Ra-PeA.mft
File:                     0dtKfR5qv_vNp4v8MxJQ3Ra-PeA.mft (raw, json)
Hash identifier:          TheOYgtqu81kz/GCtrGVGGo/zXPTrbSuGEsF4cQqOCM=
Subject key identifier:   1B:DC:FD:7F:FF:30:E1:59:80:A4:D5:E4:1F:D5:90:AB:71:33:BB:A0
Authority key identifier: D1:DB:4A:7D:1E:6A:BF:FB:CD:A7:8B:FC:33:12:50:DD:16:BE:3D:E0
Certificate issuer:       /CN=d1db4a7d1e6abffbcda78bfc331250dd16be3de0
Certificate serial:       01975A5C3F2900BA662B3A7319FC3069E993
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/0dtKfR5qv_vNp4v8MxJQ3Ra-PeA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b6/15ad08-0fd0-4000-9662-cc78af4e8016/1/0dtKfR5qv_vNp4v8MxJQ3Ra-PeA.mft
Manifest number:          0C2F
Signing time:             Tue 10 Jun 2025 15:01:24 +0000
Manifest this update:     Tue 10 Jun 2025 15:01:24 +0000
Manifest next update:     Wed 11 Jun 2025 15:01:24 +0000
Files and hashes:         1: 0dtKfR5qv_vNp4v8MxJQ3Ra-PeA.crl (hash: nFWGW4zl/aC+ON2I9F1IXuJCRjuS2EZCDe4/+8SQ3F8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b6/15ad08-0fd0-4000-9662-cc78af4e8016/1/0dtKfR5qv_vNp4v8MxJQ3Ra-PeA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b6/15ad08-0fd0-4000-9662-cc78af4e8016/1/0dtKfR5qv_vNp4v8MxJQ3Ra-PeA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/0dtKfR5qv_vNp4v8MxJQ3Ra-PeA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 11 Jun 2025 14:55:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:5a:5c:3f:29:00:ba:66:2b:3a:73:19:fc:30:69:e9:93
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d1db4a7d1e6abffbcda78bfc331250dd16be3de0
        Validity
            Not Before: Jun 10 15:01:24 2025 GMT
            Not After : Jun 11 15:01:24 2025 GMT
        Subject: CN=1bdcfd7fff30e15980a4d5e41fd590ab7133bba0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cc:ab:b5:c5:37:43:5d:d2:1b:0f:a0:f9:53:e2:
                    ec:5d:06:35:e4:47:33:c5:f9:fc:3b:f2:dc:59:ec:
                    e4:be:b0:d0:8e:7b:8c:f3:d5:a3:92:cc:33:dd:4d:
                    fa:05:66:e0:4d:b2:76:66:79:56:e3:3c:7b:54:e9:
                    74:f4:ef:72:3a:c3:a8:ff:32:80:9f:e4:5f:bd:d0:
                    27:c6:05:a2:c4:ba:ea:46:f5:7e:4a:3e:c2:24:33:
                    07:0d:5e:34:07:bb:26:7d:e7:20:06:fa:95:f9:db:
                    ec:3e:13:3d:0d:c9:da:a1:93:3f:f3:37:6b:66:20:
                    88:6e:e4:4e:78:e7:fb:e9:15:71:9e:69:c2:b2:f4:
                    1a:94:68:1f:d0:de:73:bc:6a:48:13:53:6d:dc:e4:
                    25:36:8a:68:e5:af:43:ab:a2:aa:c6:29:1e:1c:70:
                    ed:f5:57:d2:2d:c1:35:95:fd:a6:c5:5c:ba:ce:58:
                    c0:a9:7a:8c:75:92:99:fb:96:ab:fd:d0:2f:84:03:
                    4d:3b:56:bb:93:2d:7b:4a:fe:5c:04:5b:ff:82:c2:
                    31:ad:c6:ec:d5:e1:b3:97:2d:5e:60:14:ba:d4:4e:
                    bf:1d:4c:88:88:66:e0:0c:6f:32:c8:f8:02:95:e9:
                    65:00:da:be:96:34:79:97:39:87:da:8e:33:53:88:
                    28:b7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1B:DC:FD:7F:FF:30:E1:59:80:A4:D5:E4:1F:D5:90:AB:71:33:BB:A0
            X509v3 Authority Key Identifier:
                keyid:D1:DB:4A:7D:1E:6A:BF:FB:CD:A7:8B:FC:33:12:50:DD:16:BE:3D:E0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0dtKfR5qv_vNp4v8MxJQ3Ra-PeA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/15ad08-0fd0-4000-9662-cc78af4e8016/1/0dtKfR5qv_vNp4v8MxJQ3Ra-PeA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/15ad08-0fd0-4000-9662-cc78af4e8016/1/0dtKfR5qv_vNp4v8MxJQ3Ra-PeA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5f:42:45:9b:3c:2a:91:08:68:a9:52:93:b9:92:18:91:dc:a1:
         2a:d5:5f:0c:14:8d:2d:9e:91:46:1b:73:ec:d5:d3:55:62:58:
         98:d3:8c:7f:c1:c5:29:1e:21:73:88:55:bf:d8:ea:06:5e:1a:
         c2:9f:b8:39:30:c8:36:b2:77:8c:97:30:23:e9:45:9c:31:c6:
         ee:ea:57:c5:7d:b9:9e:d1:23:4f:da:1e:db:68:77:b0:78:b7:
         7d:1a:0b:c3:02:18:50:a7:ae:cc:dc:75:09:e3:ae:b6:25:47:
         6b:f8:e7:ee:75:26:76:45:5e:f1:04:c2:7b:8d:18:95:e5:95:
         18:90:90:de:8f:b9:6e:dd:87:41:f2:34:f7:a1:7c:78:2c:85:
         3f:32:41:0d:0a:52:f7:87:2e:85:3d:fb:ec:d8:df:ab:61:82:
         63:17:22:1c:4e:8e:71:70:8c:3b:52:6d:46:ec:27:35:fb:74:
         56:57:96:6c:c0:3e:d2:7e:2a:1f:69:53:44:b0:f2:48:47:06:
         3c:e8:e7:4d:d7:97:e7:3a:22:ac:ba:99:df:ba:3a:54:f9:81:
         b7:34:20:9e:0e:ba:54:8b:62:3f:33:bb:50:d9:d1:10:25:75:
         74:99:5b:07:c5:b4:d6:6e:6f:12:07:a4:40:a1:ea:11:43:0a:
         17:4b:58:a7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdaXD8pALpmKzpzGfwwaemTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQxZGI0YTdkMWU2YWJmZmJjZGE3OGJmYzMzMTI1MGRkMTZi
ZTNkZTAwHhcNMjUwNjEwMTUwMTI0WhcNMjUwNjExMTUwMTI0WjAzMTEwLwYDVQQD
EygxYmRjZmQ3ZmZmMzBlMTU5ODBhNGQ1ZTQxZmQ1OTBhYjcxMzNiYmEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzKu1xTdDXdIbD6D5U+LsXQY15Ecz
xfn8O/LcWezkvrDQjnuM89Wjkswz3U36BWbgTbJ2ZnlW4zx7VOl09O9yOsOo/zKA
n+RfvdAnxgWixLrqRvV+Sj7CJDMHDV40B7smfecgBvqV+dvsPhM9DcnaoZM/8zdr
ZiCIbuROeOf76RVxnmnCsvQalGgf0N5zvGpIE1Nt3OQlNopo5a9Dq6KqxikeHHDt
9VfSLcE1lf2mxVy6zljAqXqMdZKZ+5ar/dAvhANNO1a7ky17Sv5cBFv/gsIxrcbs
1eGzly1eYBS61E6/HUyIiGbgDG8yyPgClellANq+ljR5lzmH2o4zU4gotwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBvc/X//MOFZgKTV5B/VkKtxM7ugMB8GA1UdIwQY
MBaAFNHbSn0ear/7zaeL/DMSUN0Wvj3gMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMGR0S2ZSNXF2X3ZOcDR2OE14SlEzUmEtUGVBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNi8xNWFkMDgtMGZkMC00MDAwLTk2NjIt
Y2M3OGFmNGU4MDE2LzEvMGR0S2ZSNXF2X3ZOcDR2OE14SlEzUmEtUGVBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNi8xNWFkMDgtMGZkMC00MDAwLTk2NjItY2M3OGFmNGU4MDE2
LzEvMGR0S2ZSNXF2X3ZOcDR2OE14SlEzUmEtUGVBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAX0JFmzwq
kQhoqVKTuZIYkdyhKtVfDBSNLZ6RRhtz7NXTVWJYmNOMf8HFKR4hc4hVv9jqBl4a
wp+4OTDINrJ3jJcwI+lFnDHG7upXxX25ntEjT9oe22h3sHi3fRoLwwIYUKeuzNx1
CeOutiVHa/jn7nUmdkVe8QTCe40YleWVGJCQ3o+5bt2HQfI096F8eCyFPzJBDQpS
94cuhT377Njfq2GCYxciHE6OcXCMO1JtRuwnNft0VleWbMA+0n4qH2lTRLDySEcG
POjnTdeX5zoirLqZ37o6VPmBtzQgng66VItiPzO7UNnRECV1dJlbB8W01m5vEgek
QKHqEUMKF0tYpw==
-----END CERTIFICATE-----
Generated at Tue Jun 10 21:06:52 2025 by rpki-client