Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/e42336-eb77-4540-be41-55fd6dc1a1d8/1/n0XrWiiMaO1g29m4fk6CBsqckz8.mft
File:                     n0XrWiiMaO1g29m4fk6CBsqckz8.mft (raw, json)
Hash identifier:          MCH4EYSdWZZrk9sdDzVyb5Gq8NsEaRTgp0CJVtGzTfI=
Subject key identifier:   B2:74:25:F5:A3:E7:6D:13:92:8E:DA:DD:14:FA:CA:EE:B0:3B:9C:E6
Authority key identifier: 9F:45:EB:5A:28:8C:68:ED:60:DB:D9:B8:7E:4E:82:06:CA:9C:93:3F
Certificate issuer:       /CN=9f45eb5a288c68ed60dbd9b87e4e8206ca9c933f
Certificate serial:       019761A7C6DC2AFE4FD7B055678BE583764F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/n0XrWiiMaO1g29m4fk6CBsqckz8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bf/e42336-eb77-4540-be41-55fd6dc1a1d8/1/n0XrWiiMaO1g29m4fk6CBsqckz8.mft
Manifest number:          0F63
Signing time:             Thu 12 Jun 2025 01:01:14 +0000
Manifest this update:     Thu 12 Jun 2025 01:01:14 +0000
Manifest next update:     Fri 13 Jun 2025 01:01:14 +0000
Files and hashes:         1: n0XrWiiMaO1g29m4fk6CBsqckz8.crl (hash: uZpw40BzdtdQwX62i84EtrO6MZF9rS6Qjg+WdBhGe5I=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/bf/e42336-eb77-4540-be41-55fd6dc1a1d8/1/n0XrWiiMaO1g29m4fk6CBsqckz8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/bf/e42336-eb77-4540-be41-55fd6dc1a1d8/1/n0XrWiiMaO1g29m4fk6CBsqckz8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/n0XrWiiMaO1g29m4fk6CBsqckz8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 13 Jun 2025 00:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:61:a7:c6:dc:2a:fe:4f:d7:b0:55:67:8b:e5:83:76:4f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9f45eb5a288c68ed60dbd9b87e4e8206ca9c933f
        Validity
            Not Before: Jun 12 01:01:14 2025 GMT
            Not After : Jun 13 01:01:14 2025 GMT
        Subject: CN=b27425f5a3e76d13928edadd14facaeeb03b9ce6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9e:d3:34:0a:95:07:66:d5:0a:88:c4:c7:eb:0b:
                    e2:b4:a0:07:25:c2:6b:9d:f8:9b:12:20:1e:d2:63:
                    9d:0b:c9:38:c0:bc:5e:b0:6b:b0:82:e3:fb:d7:3f:
                    41:fd:1a:fa:d5:f7:35:67:92:7a:06:86:a9:62:69:
                    26:06:4e:e6:74:46:b2:0e:35:c0:7b:05:98:11:4f:
                    9b:6a:8b:a7:ca:8d:05:7b:1d:59:15:93:b7:5f:8e:
                    63:18:e6:d4:2c:97:3d:3b:cc:87:a5:1a:9c:64:b0:
                    95:f5:61:d4:3b:a5:e5:20:97:a1:c3:66:6e:a6:e0:
                    47:2a:7f:28:e6:cd:4a:d4:0e:b8:8c:8c:e8:d9:b2:
                    59:73:06:66:98:b0:da:68:b1:f6:b3:58:b4:fa:2c:
                    a9:29:1f:58:b4:a3:2b:89:1a:a7:fd:67:7e:a1:3f:
                    f9:74:9c:e8:90:1f:bd:ff:8f:43:f4:14:b1:f7:cc:
                    88:63:e5:59:e0:e2:c2:71:9a:61:68:9d:66:a0:a8:
                    ee:39:64:ff:ac:15:20:cb:d9:42:ff:bd:fe:a0:b5:
                    87:13:0c:4d:76:2a:17:e4:8d:69:da:cf:5c:f0:8d:
                    55:cf:cb:04:80:a6:bc:5c:49:34:9a:40:92:e5:9d:
                    cf:46:83:35:fa:03:77:a1:c2:f9:57:e2:93:b4:9a:
                    4b:33
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B2:74:25:F5:A3:E7:6D:13:92:8E:DA:DD:14:FA:CA:EE:B0:3B:9C:E6
            X509v3 Authority Key Identifier:
                keyid:9F:45:EB:5A:28:8C:68:ED:60:DB:D9:B8:7E:4E:82:06:CA:9C:93:3F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/n0XrWiiMaO1g29m4fk6CBsqckz8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/e42336-eb77-4540-be41-55fd6dc1a1d8/1/n0XrWiiMaO1g29m4fk6CBsqckz8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/e42336-eb77-4540-be41-55fd6dc1a1d8/1/n0XrWiiMaO1g29m4fk6CBsqckz8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         69:27:c0:4c:5f:d5:d3:87:93:1d:d5:8b:89:6e:c9:35:51:ee:
         e0:85:55:47:d1:b6:d9:27:e9:11:88:0f:b0:25:bc:5d:64:7c:
         32:e7:84:55:d3:76:5c:b0:b7:87:d6:d8:1f:ec:3a:6a:b2:67:
         e5:46:d7:a5:36:76:ad:9a:d7:18:e2:72:c8:54:62:0f:e2:2e:
         91:74:2c:87:0a:29:21:6c:60:20:3a:9d:ff:c2:74:68:c3:55:
         66:2b:3c:f2:2c:11:e8:09:e0:03:8d:c9:5d:cc:f4:40:ed:81:
         c8:4b:01:98:ed:71:55:b5:83:33:4f:34:a7:aa:40:fd:56:e0:
         40:e5:c0:08:70:13:96:26:c1:e1:74:72:27:36:39:47:03:cf:
         d1:8a:d5:95:dc:21:e2:a9:55:c2:29:c4:01:5e:bc:6f:db:a0:
         7e:b3:cc:bd:bc:5f:f4:09:66:8f:f2:80:39:96:12:4b:30:5c:
         d6:54:1e:6a:09:07:83:4a:7f:72:d0:30:d4:02:d3:45:05:61:
         d0:d9:dd:3b:81:b6:69:f6:01:25:1c:c6:00:38:7c:45:ce:c7:
         98:0a:9f:ef:4f:48:d6:04:07:4d:99:de:b4:de:77:8c:37:01:
         f0:82:ae:03:f7:60:0c:03:33:08:04:41:a6:48:f4:f5:7d:d5:
         f3:67:e4:ce
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdhp8bcKv5P17BVZ4vlg3ZPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlmNDVlYjVhMjg4YzY4ZWQ2MGRiZDliODdlNGU4MjA2Y2E5
YzkzM2YwHhcNMjUwNjEyMDEwMTE0WhcNMjUwNjEzMDEwMTE0WjAzMTEwLwYDVQQD
EyhiMjc0MjVmNWEzZTc2ZDEzOTI4ZWRhZGQxNGZhY2FlZWIwM2I5Y2U2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAntM0CpUHZtUKiMTH6wvitKAHJcJr
nfibEiAe0mOdC8k4wLxesGuwguP71z9B/Rr61fc1Z5J6BoapYmkmBk7mdEayDjXA
ewWYEU+baounyo0Fex1ZFZO3X45jGObULJc9O8yHpRqcZLCV9WHUO6XlIJehw2Zu
puBHKn8o5s1K1A64jIzo2bJZcwZmmLDaaLH2s1i0+iypKR9YtKMriRqn/Wd+oT/5
dJzokB+9/49D9BSx98yIY+VZ4OLCcZphaJ1moKjuOWT/rBUgy9lC/73+oLWHEwxN
dioX5I1p2s9c8I1Vz8sEgKa8XEk0mkCS5Z3PRoM1+gN3ocL5V+KTtJpLMwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLJ0JfWj520Tko7a3RT6yu6wO5zmMB8GA1UdIwQY
MBaAFJ9F61oojGjtYNvZuH5OggbKnJM/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbjBYcldpaU1hTzFnMjltNGZrNkNCc3Fja3o4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi9lNDIzMzYtZWI3Ny00NTQwLWJlNDEt
NTVmZDZkYzFhMWQ4LzEvbjBYcldpaU1hTzFnMjltNGZrNkNCc3Fja3o4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZi9lNDIzMzYtZWI3Ny00NTQwLWJlNDEtNTVmZDZkYzFhMWQ4
LzEvbjBYcldpaU1hTzFnMjltNGZrNkNCc3Fja3o4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAaSfATF/V
04eTHdWLiW7JNVHu4IVVR9G22SfpEYgPsCW8XWR8MueEVdN2XLC3h9bYH+w6arJn
5UbXpTZ2rZrXGOJyyFRiD+IukXQshwopIWxgIDqd/8J0aMNVZis88iwR6AngA43J
Xcz0QO2ByEsBmO1xVbWDM080p6pA/VbgQOXACHATlibB4XRyJzY5RwPP0YrVldwh
4qlVwinEAV68b9ugfrPMvbxf9Almj/KAOZYSSzBc1lQeagkHg0p/ctAw1ALTRQVh
0NndO4G2afYBJRzGADh8Rc7HmAqf709I1gQHTZnetN53jDcB8IKuA/dgDAMzCARB
pkj09X3V82fkzg==
-----END CERTIFICATE-----
Generated at Thu Jun 12 09:25:17 2025 by rpki-client