Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/26c68c-0482-4b62-b2af-4855366edfef/1/dZI-xUbfNx0J5oxrBgJeoxJhI0o.mft
File:                     dZI-xUbfNx0J5oxrBgJeoxJhI0o.mft (raw, json)
Hash identifier:          3NCRI8Qr7iN48kynkzURSRZUo60/dYCCntFjYT1AAds=
Subject key identifier:   60:B2:48:AB:81:2F:3D:83:57:DF:2B:5B:EF:A9:84:E4:21:51:7D:4E
Authority key identifier: 75:92:3E:C5:46:DF:37:1D:09:E6:8C:6B:06:02:5E:A3:12:61:23:4A
Certificate issuer:       /CN=75923ec546df371d09e68c6b06025ea31261234a
Certificate serial:       019754232271F3D6F53A9BA2E828C721EC9F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/dZI-xUbfNx0J5oxrBgJeoxJhI0o.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bd/26c68c-0482-4b62-b2af-4855366edfef/1/dZI-xUbfNx0J5oxrBgJeoxJhI0o.mft
Manifest number:          157F
Signing time:             Mon 09 Jun 2025 10:01:17 +0000
Manifest this update:     Mon 09 Jun 2025 10:01:17 +0000
Manifest next update:     Tue 10 Jun 2025 10:01:17 +0000
Files and hashes:         1: dZI-xUbfNx0J5oxrBgJeoxJhI0o.crl (hash: 1wzIxRtGILtkb9NcJVraZQxfkEZJ07GcxvKDAOEjUb8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/bd/26c68c-0482-4b62-b2af-4855366edfef/1/dZI-xUbfNx0J5oxrBgJeoxJhI0o.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/bd/26c68c-0482-4b62-b2af-4855366edfef/1/dZI-xUbfNx0J5oxrBgJeoxJhI0o.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/dZI-xUbfNx0J5oxrBgJeoxJhI0o.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 10 Jun 2025 06:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:54:23:22:71:f3:d6:f5:3a:9b:a2:e8:28:c7:21:ec:9f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=75923ec546df371d09e68c6b06025ea31261234a
        Validity
            Not Before: Jun  9 10:01:17 2025 GMT
            Not After : Jun 10 10:01:17 2025 GMT
        Subject: CN=60b248ab812f3d8357df2b5befa984e421517d4e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:ac:f9:2c:da:47:18:db:c3:b0:28:1f:29:ed:
                    d2:35:6c:51:ef:1f:56:97:9f:d5:68:72:54:dc:c2:
                    0f:50:d4:1b:db:6b:bb:d6:1f:5b:81:d4:40:66:e4:
                    f8:59:1e:ef:04:6e:3c:8a:70:c0:de:05:e9:29:6c:
                    50:f6:1e:cb:f5:95:ac:57:94:9a:19:65:15:88:66:
                    2e:37:4e:a9:5d:d0:9e:ca:bd:23:31:92:99:97:69:
                    51:85:5c:42:18:cf:b1:fb:a5:6e:f3:ed:f0:fd:2c:
                    43:06:1c:4c:bf:f8:76:13:f8:89:b2:88:53:af:56:
                    b8:c3:f1:20:b6:7c:e6:fb:89:37:81:03:0a:8e:07:
                    9a:cb:3b:f6:7f:66:bb:10:ca:c8:5f:95:41:ab:16:
                    28:d3:99:bc:5b:d7:e8:aa:b9:e3:f7:11:9a:50:94:
                    00:37:2b:bc:08:40:37:15:8b:3e:ba:ba:e0:02:8a:
                    06:9e:d1:ee:59:4f:b4:4a:ad:d5:bd:a5:79:8a:c4:
                    67:02:11:a2:29:53:42:b9:1f:5f:30:da:bb:49:79:
                    e1:7a:31:6a:5e:32:d2:5c:1b:7f:25:58:39:52:f1:
                    1c:bc:16:08:4c:1d:2c:b6:cc:49:5c:17:69:88:b3:
                    fa:c6:d1:f6:84:79:7d:2d:31:b1:8a:5f:65:86:88:
                    85:d9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                60:B2:48:AB:81:2F:3D:83:57:DF:2B:5B:EF:A9:84:E4:21:51:7D:4E
            X509v3 Authority Key Identifier:
                keyid:75:92:3E:C5:46:DF:37:1D:09:E6:8C:6B:06:02:5E:A3:12:61:23:4A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dZI-xUbfNx0J5oxrBgJeoxJhI0o.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/26c68c-0482-4b62-b2af-4855366edfef/1/dZI-xUbfNx0J5oxrBgJeoxJhI0o.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/26c68c-0482-4b62-b2af-4855366edfef/1/dZI-xUbfNx0J5oxrBgJeoxJhI0o.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         25:98:11:f5:81:a1:b5:05:5e:10:4c:c9:82:85:95:15:33:38:
         76:4c:56:cf:d5:ae:96:29:46:73:11:ea:d5:33:cb:8e:90:24:
         92:74:48:77:df:ab:58:97:e6:7e:67:46:c6:fe:df:e4:ab:cc:
         7e:a9:5f:17:f3:0a:45:f1:c4:67:94:ff:15:2e:68:ab:34:fc:
         c1:0a:65:53:ca:e4:00:ff:3f:a7:53:17:36:8d:18:fc:3d:1e:
         c9:7d:0c:e5:53:d1:2b:ed:68:8a:0a:46:38:95:78:44:cb:30:
         bb:a9:16:33:fa:d6:4b:00:14:5e:8b:7f:86:2f:c1:bf:60:b2:
         8a:f6:3b:cb:af:3e:3c:89:d0:4a:ca:b1:da:f7:57:26:e8:bd:
         87:5d:18:2c:e6:b9:dd:45:5f:1e:1a:94:db:3b:eb:c0:5c:72:
         3e:6e:01:e2:85:ba:20:8a:1e:f3:99:61:8b:ef:67:1a:32:35:
         1f:2e:a9:7c:72:b6:5e:b6:c1:e3:f7:8b:cf:94:d3:48:e5:36:
         a7:4b:4e:f3:c0:c7:8a:e5:16:ab:78:f6:e6:64:63:c8:79:9f:
         72:ef:80:3b:1a:7f:e9:ee:d7:46:cc:88:79:43:cb:3a:9d:e2:
         38:6b:b5:51:bd:26:fa:c3:ae:89:2c:70:00:61:ad:68:d0:e0:
         f6:ca:cb:51
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdUIyJx89b1Opui6CjHIeyfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1OTIzZWM1NDZkZjM3MWQwOWU2OGM2YjA2MDI1ZWEzMTI2
MTIzNGEwHhcNMjUwNjA5MTAwMTE3WhcNMjUwNjEwMTAwMTE3WjAzMTEwLwYDVQQD
Eyg2MGIyNDhhYjgxMmYzZDgzNTdkZjJiNWJlZmE5ODRlNDIxNTE3ZDRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApaz5LNpHGNvDsCgfKe3SNWxR7x9W
l5/VaHJU3MIPUNQb22u71h9bgdRAZuT4WR7vBG48inDA3gXpKWxQ9h7L9ZWsV5Sa
GWUViGYuN06pXdCeyr0jMZKZl2lRhVxCGM+x+6Vu8+3w/SxDBhxMv/h2E/iJsohT
r1a4w/Egtnzm+4k3gQMKjgeayzv2f2a7EMrIX5VBqxYo05m8W9foqrnj9xGaUJQA
Nyu8CEA3FYs+urrgAooGntHuWU+0Sq3VvaV5isRnAhGiKVNCuR9fMNq7SXnhejFq
XjLSXBt/JVg5UvEcvBYITB0stsxJXBdpiLP6xtH2hHl9LTGxil9lhoiF2QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGCySKuBLz2DV98rW++phOQhUX1OMB8GA1UdIwQY
MBaAFHWSPsVG3zcdCeaMawYCXqMSYSNKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZFpJLXhVYmZOeDBKNW94ckJnSmVveEpoSTBvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZC8yNmM2OGMtMDQ4Mi00YjYyLWIyYWYt
NDg1NTM2NmVkZmVmLzEvZFpJLXhVYmZOeDBKNW94ckJnSmVveEpoSTBvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZC8yNmM2OGMtMDQ4Mi00YjYyLWIyYWYtNDg1NTM2NmVkZmVm
LzEvZFpJLXhVYmZOeDBKNW94ckJnSmVveEpoSTBvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJZgR9YGh
tQVeEEzJgoWVFTM4dkxWz9WulilGcxHq1TPLjpAkknRId9+rWJfmfmdGxv7f5KvM
fqlfF/MKRfHEZ5T/FS5oqzT8wQplU8rkAP8/p1MXNo0Y/D0eyX0M5VPRK+1oigpG
OJV4RMswu6kWM/rWSwAUXot/hi/Bv2CyivY7y68+PInQSsqx2vdXJui9h10YLOa5
3UVfHhqU2zvrwFxyPm4B4oW6IIoe85lhi+9nGjI1Hy6pfHK2XrbB4/eLz5TTSOU2
p0tO88DHiuUWq3j25mRjyHmfcu+AOxp/6e7XRsyIeUPLOp3iOGu1Ub0m+sOuiSxw
AGGtaNDg9srLUQ==
-----END CERTIFICATE-----
Generated at Mon Jun 9 15:45:30 2025 by rpki-client