Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cc/c25444-2671-4ad2-9050-baa59ece2b63/1/ew1GxYIsrZJT6lOhAPPZNiJK5oc.mft
File:                     ew1GxYIsrZJT6lOhAPPZNiJK5oc.mft (raw, json)
Hash identifier:          8FF6NVdjK8knv0BZwGFWXpwkcaLIFV5iCrVy5Ne4szQ=
Subject key identifier:   0C:B9:71:A2:0B:1D:E2:18:90:ED:76:BD:6D:49:26:FB:37:23:F8:4D
Authority key identifier: 7B:0D:46:C5:82:2C:AD:92:53:EA:53:A1:00:F3:D9:36:22:4A:E6:87
Certificate issuer:       /CN=7b0d46c5822cad9253ea53a100f3d936224ae687
Certificate serial:       01975948C87D8886A0D9264EEB197A08BA85
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ew1GxYIsrZJT6lOhAPPZNiJK5oc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/cc/c25444-2671-4ad2-9050-baa59ece2b63/1/ew1GxYIsrZJT6lOhAPPZNiJK5oc.mft
Manifest number:          03B5
Signing time:             Tue 10 Jun 2025 10:00:31 +0000
Manifest this update:     Tue 10 Jun 2025 10:00:31 +0000
Manifest next update:     Wed 11 Jun 2025 10:00:31 +0000
Files and hashes:         1: ew1GxYIsrZJT6lOhAPPZNiJK5oc.crl (hash: G3EZEw30sDQ9D6NIjkYYFbBSJvhWz+qB0wrP4fDw46Q=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/cc/c25444-2671-4ad2-9050-baa59ece2b63/1/ew1GxYIsrZJT6lOhAPPZNiJK5oc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/cc/c25444-2671-4ad2-9050-baa59ece2b63/1/ew1GxYIsrZJT6lOhAPPZNiJK5oc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ew1GxYIsrZJT6lOhAPPZNiJK5oc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 11 Jun 2025 10:00:31 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:59:48:c8:7d:88:86:a0:d9:26:4e:eb:19:7a:08:ba:85
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7b0d46c5822cad9253ea53a100f3d936224ae687
        Validity
            Not Before: Jun 10 10:00:31 2025 GMT
            Not After : Jun 11 10:00:31 2025 GMT
        Subject: CN=0cb971a20b1de21890ed76bd6d4926fb3723f84d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:07:dc:44:1b:72:fe:b3:89:ba:aa:13:3b:17:
                    9c:cc:f0:66:b8:bf:c6:b2:77:23:f1:13:42:ec:b3:
                    2e:f1:f7:8d:e7:df:7a:f2:3b:9b:6d:6f:97:ac:2f:
                    56:53:10:cc:15:93:33:8d:ce:60:25:b5:69:83:35:
                    53:86:1a:80:e8:66:09:ae:7d:30:fc:f0:d4:c2:78:
                    eb:57:4d:84:e3:c4:4d:4a:5d:fc:e0:c9:a6:ee:c9:
                    42:74:75:f5:1d:61:d3:45:d5:75:f2:ed:03:5b:f9:
                    75:24:0b:fa:e7:ac:2f:ed:88:c5:14:5d:74:12:e1:
                    e3:f4:11:55:2c:b6:6f:8c:2d:ca:8f:ba:a3:0e:8e:
                    7b:ae:28:3a:5e:13:6c:1d:fa:72:5f:a0:78:9e:2e:
                    de:0d:1b:11:9c:42:9d:d6:38:bd:aa:90:8e:43:62:
                    ec:30:4c:e6:89:8f:ff:18:b9:14:e4:60:42:0c:95:
                    c0:d7:5e:44:89:76:98:46:4a:6e:a0:e2:dd:07:b6:
                    68:82:fb:97:d2:c8:a9:af:5a:ee:2c:dc:93:13:eb:
                    b8:63:60:81:75:77:58:e7:98:7c:c0:ec:c6:50:86:
                    9e:80:11:e2:4a:08:fa:fb:70:f4:ea:cd:a1:2e:5f:
                    8a:4e:86:ca:86:c9:37:bf:a1:be:15:0b:e9:11:09:
                    dd:6f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0C:B9:71:A2:0B:1D:E2:18:90:ED:76:BD:6D:49:26:FB:37:23:F8:4D
            X509v3 Authority Key Identifier:
                keyid:7B:0D:46:C5:82:2C:AD:92:53:EA:53:A1:00:F3:D9:36:22:4A:E6:87

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ew1GxYIsrZJT6lOhAPPZNiJK5oc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/c25444-2671-4ad2-9050-baa59ece2b63/1/ew1GxYIsrZJT6lOhAPPZNiJK5oc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/c25444-2671-4ad2-9050-baa59ece2b63/1/ew1GxYIsrZJT6lOhAPPZNiJK5oc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1e:f1:7a:f1:be:36:fc:ce:53:3f:72:c3:4d:f7:f5:d2:76:27:
         07:32:99:93:be:5c:16:9e:99:83:2b:51:67:4c:80:28:d7:ff:
         ba:6f:2d:20:57:7f:e7:05:e6:98:76:04:1b:c6:06:46:70:06:
         98:d5:26:d9:af:76:24:ee:b0:78:1c:f4:87:8e:31:ed:fe:ca:
         a9:23:39:bd:58:ae:75:dd:b2:33:85:01:ea:34:70:0f:42:14:
         1c:4d:27:34:ab:3e:47:0c:d0:2e:40:48:01:bf:ca:69:c6:5a:
         56:06:37:36:a6:2f:3a:c7:38:88:2d:d7:09:e1:4e:91:84:e6:
         63:c1:e1:d2:8b:8d:72:69:86:5f:15:52:5a:14:a3:3f:a3:77:
         be:51:75:59:01:da:2a:04:0a:5b:a9:7c:91:a9:71:49:24:db:
         d4:95:7a:3c:5f:68:8a:0b:56:8c:c4:2b:99:b5:76:ad:54:85:
         f5:80:b6:26:c7:28:1f:24:b0:13:b4:36:b8:aa:90:48:52:6c:
         fd:e4:3f:b4:63:85:5a:bd:bf:e1:6f:6d:3d:07:10:00:63:da:
         dc:da:e1:2a:cd:24:3f:ba:2c:3c:b8:27:fc:cb:48:85:c6:52:
         91:11:9b:ba:38:5f:52:5e:2c:7f:94:c4:62:8c:1c:d0:fb:d9:
         60:68:47:2d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdZSMh9iIag2SZO6xl6CLqFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdiMGQ0NmM1ODIyY2FkOTI1M2VhNTNhMTAwZjNkOTM2MjI0
YWU2ODcwHhcNMjUwNjEwMTAwMDMxWhcNMjUwNjExMTAwMDMxWjAzMTEwLwYDVQQD
EygwY2I5NzFhMjBiMWRlMjE4OTBlZDc2YmQ2ZDQ5MjZmYjM3MjNmODRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAswfcRBty/rOJuqoTOxeczPBmuL/G
sncj8RNC7LMu8feN59968jubbW+XrC9WUxDMFZMzjc5gJbVpgzVThhqA6GYJrn0w
/PDUwnjrV02E48RNSl384Mmm7slCdHX1HWHTRdV18u0DW/l1JAv656wv7YjFFF10
EuHj9BFVLLZvjC3Kj7qjDo57rig6XhNsHfpyX6B4ni7eDRsRnEKd1ji9qpCOQ2Ls
MEzmiY//GLkU5GBCDJXA115EiXaYRkpuoOLdB7ZogvuX0sipr1ruLNyTE+u4Y2CB
dXdY55h8wOzGUIaegBHiSgj6+3D06s2hLl+KTobKhsk3v6G+FQvpEQndbwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAy5caILHeIYkO12vW1JJvs3I/hNMB8GA1UdIwQY
MBaAFHsNRsWCLK2SU+pToQDz2TYiSuaHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZXcxR3hZSXNyWkpUNmxPaEFQUFpOaUpLNW9jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYy9jMjU0NDQtMjY3MS00YWQyLTkwNTAt
YmFhNTllY2UyYjYzLzEvZXcxR3hZSXNyWkpUNmxPaEFQUFpOaUpLNW9jLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYy9jMjU0NDQtMjY3MS00YWQyLTkwNTAtYmFhNTllY2UyYjYz
LzEvZXcxR3hZSXNyWkpUNmxPaEFQUFpOaUpLNW9jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHvF68b42
/M5TP3LDTff10nYnBzKZk75cFp6ZgytRZ0yAKNf/um8tIFd/5wXmmHYEG8YGRnAG
mNUm2a92JO6weBz0h44x7f7KqSM5vViudd2yM4UB6jRwD0IUHE0nNKs+RwzQLkBI
Ab/KacZaVgY3NqYvOsc4iC3XCeFOkYTmY8Hh0ouNcmmGXxVSWhSjP6N3vlF1WQHa
KgQKW6l8kalxSSTb1JV6PF9oigtWjMQrmbV2rVSF9YC2JscoHySwE7Q2uKqQSFJs
/eQ/tGOFWr2/4W9tPQcQAGPa3NrhKs0kP7osPLgn/MtIhcZSkRGbujhfUl4sf5TE
Yowc0PvZYGhHLQ==
-----END CERTIFICATE-----
Generated at Tue Jun 10 19:04:18 2025 by rpki-client