Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/ffc00d-3316-4286-8932-cc60a5fdeeb2/1/uH9ej-619ec7CXtmZX7tjbl0pA4.mft
File:                     uH9ej-619ec7CXtmZX7tjbl0pA4.mft (raw, json)
Hash identifier:          ZFkt4GGhIYS4p+PBSpiDRkehAxEWHTpm9G7SpPkIolU=
Subject key identifier:   67:6F:27:AC:8C:61:75:55:A9:4A:4C:8E:E0:1D:77:04:AF:CA:E1:2B
Authority key identifier: B8:7F:5E:8F:EE:B5:F5:E7:3B:09:7B:66:65:7E:ED:8D:B9:74:A4:0E
Certificate issuer:       /CN=b87f5e8feeb5f5e73b097b66657eed8db974a40e
Certificate serial:       0197696166B4B041E29F6F699AF3AA340F52
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/uH9ej-619ec7CXtmZX7tjbl0pA4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d9/ffc00d-3316-4286-8932-cc60a5fdeeb2/1/uH9ej-619ec7CXtmZX7tjbl0pA4.mft
Manifest number:          0D6A
Signing time:             Fri 13 Jun 2025 13:01:20 +0000
Manifest this update:     Fri 13 Jun 2025 13:01:20 +0000
Manifest next update:     Sat 14 Jun 2025 13:01:20 +0000
Files and hashes:         1: uH9ej-619ec7CXtmZX7tjbl0pA4.crl (hash: 7DQE8hKbsC2HHLh8H/9KOCmkNYRbVa8TB3DiTj5tC/g=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d9/ffc00d-3316-4286-8932-cc60a5fdeeb2/1/uH9ej-619ec7CXtmZX7tjbl0pA4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d9/ffc00d-3316-4286-8932-cc60a5fdeeb2/1/uH9ej-619ec7CXtmZX7tjbl0pA4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/uH9ej-619ec7CXtmZX7tjbl0pA4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 14 Jun 2025 13:01:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:69:61:66:b4:b0:41:e2:9f:6f:69:9a:f3:aa:34:0f:52
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b87f5e8feeb5f5e73b097b66657eed8db974a40e
        Validity
            Not Before: Jun 13 13:01:20 2025 GMT
            Not After : Jun 14 13:01:20 2025 GMT
        Subject: CN=676f27ac8c617555a94a4c8ee01d7704afcae12b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:87:c5:10:d0:19:0b:e9:42:90:e3:80:0e:28:
                    3c:3c:3b:ab:ee:10:f5:56:74:39:93:9e:0b:fd:0c:
                    1a:43:42:f3:3e:ec:fb:0a:35:ed:3c:99:8c:49:88:
                    4d:84:d4:85:ba:5d:a4:be:18:f5:20:fc:9b:03:7b:
                    a8:08:4d:33:c9:62:08:bf:cc:5f:7f:57:7f:6a:ef:
                    de:39:e8:af:46:e3:1d:c7:7c:b0:61:9f:76:16:68:
                    3b:27:6c:f3:05:f0:a3:aa:6a:38:80:4c:cd:97:7b:
                    1b:26:95:07:82:82:41:ef:0d:24:68:5d:7d:69:a1:
                    0e:86:aa:97:bb:23:2c:d0:66:96:53:47:f1:1e:03:
                    18:8c:de:6a:c3:52:c1:d7:71:1e:68:fa:e4:9c:e1:
                    83:44:ec:8f:95:f5:d0:1d:aa:21:df:14:7b:d3:47:
                    e4:d1:29:0c:1a:7e:0e:ec:45:2b:60:de:d4:25:81:
                    1f:e2:99:c3:e6:7c:bb:39:c3:7d:ab:62:2e:0d:40:
                    3f:aa:ab:06:96:b2:97:d3:e3:08:ec:68:b8:8d:da:
                    32:6a:53:bd:30:8a:f9:76:56:8b:a8:7c:dc:45:25:
                    82:01:94:98:01:21:02:3d:01:b4:72:ee:22:fd:9a:
                    78:11:08:20:99:f2:c2:70:e7:8f:34:5d:81:39:99:
                    fd:3d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                67:6F:27:AC:8C:61:75:55:A9:4A:4C:8E:E0:1D:77:04:AF:CA:E1:2B
            X509v3 Authority Key Identifier:
                keyid:B8:7F:5E:8F:EE:B5:F5:E7:3B:09:7B:66:65:7E:ED:8D:B9:74:A4:0E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uH9ej-619ec7CXtmZX7tjbl0pA4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/ffc00d-3316-4286-8932-cc60a5fdeeb2/1/uH9ej-619ec7CXtmZX7tjbl0pA4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/ffc00d-3316-4286-8932-cc60a5fdeeb2/1/uH9ej-619ec7CXtmZX7tjbl0pA4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0f:11:23:4c:4a:7b:ec:fe:89:a0:96:0c:26:14:d5:f5:c8:a2:
         34:94:89:e1:f2:4a:83:81:6a:db:d5:c7:ba:a4:8e:30:33:0c:
         1a:e3:0b:e7:23:8a:fe:e0:87:9c:8d:ff:c1:d6:72:94:2a:d7:
         21:65:c5:28:3b:74:39:37:f5:47:a9:c3:fd:76:dd:44:09:0d:
         72:f0:ce:e7:12:a4:ef:99:0a:de:58:ba:3a:cd:9b:c7:85:9b:
         9d:a1:72:85:4b:95:41:fa:9d:b3:a2:4e:2a:76:e5:44:f2:1c:
         46:1d:0d:82:ef:18:a4:89:65:10:ea:90:93:44:c2:04:ef:d4:
         06:dc:2f:bd:64:a9:45:c0:26:ba:a8:ef:e6:de:ec:4a:da:45:
         11:71:ef:8f:78:5a:c2:cb:ad:3d:3d:a6:10:00:23:f5:8e:59:
         fd:09:cd:a7:21:27:1a:f9:44:b2:3f:c8:cd:c8:22:d9:46:26:
         31:ff:38:4b:de:22:67:f5:e4:03:df:d9:6c:54:e1:b5:b9:98:
         68:13:dc:5f:5e:ee:cd:55:fe:07:d8:7f:ea:42:7f:3d:91:7c:
         85:5d:d6:9c:6f:4f:ac:d6:85:2b:78:52:11:6f:88:fd:56:51:
         7c:e1:80:9c:ce:df:b5:66:6b:06:4b:89:2e:6b:60:b6:1f:22:
         49:1f:59:ee
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdpYWa0sEHin29pmvOqNA9SMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI4N2Y1ZThmZWViNWY1ZTczYjA5N2I2NjY1N2VlZDhkYjk3
NGE0MGUwHhcNMjUwNjEzMTMwMTIwWhcNMjUwNjE0MTMwMTIwWjAzMTEwLwYDVQQD
Eyg2NzZmMjdhYzhjNjE3NTU1YTk0YTRjOGVlMDFkNzcwNGFmY2FlMTJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwYfFENAZC+lCkOOADig8PDur7hD1
VnQ5k54L/QwaQ0LzPuz7CjXtPJmMSYhNhNSFul2kvhj1IPybA3uoCE0zyWIIv8xf
f1d/au/eOeivRuMdx3ywYZ92Fmg7J2zzBfCjqmo4gEzNl3sbJpUHgoJB7w0kaF19
aaEOhqqXuyMs0GaWU0fxHgMYjN5qw1LB13EeaPrknOGDROyPlfXQHaoh3xR700fk
0SkMGn4O7EUrYN7UJYEf4pnD5ny7OcN9q2IuDUA/qqsGlrKX0+MI7Gi4jdoyalO9
MIr5dlaLqHzcRSWCAZSYASECPQG0cu4i/Zp4EQggmfLCcOePNF2BOZn9PQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGdvJ6yMYXVVqUpMjuAddwSvyuErMB8GA1UdIwQY
MBaAFLh/Xo/utfXnOwl7ZmV+7Y25dKQOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdUg5ZWotNjE5ZWM3Q1h0bVpYN3RqYmwwcEE0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS9mZmMwMGQtMzMxNi00Mjg2LTg5MzIt
Y2M2MGE1ZmRlZWIyLzEvdUg5ZWotNjE5ZWM3Q1h0bVpYN3RqYmwwcEE0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS9mZmMwMGQtMzMxNi00Mjg2LTg5MzItY2M2MGE1ZmRlZWIy
LzEvdUg5ZWotNjE5ZWM3Q1h0bVpYN3RqYmwwcEE0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADxEjTEp7
7P6JoJYMJhTV9ciiNJSJ4fJKg4Fq29XHuqSOMDMMGuML5yOK/uCHnI3/wdZylCrX
IWXFKDt0OTf1R6nD/XbdRAkNcvDO5xKk75kK3li6Os2bx4WbnaFyhUuVQfqds6JO
KnblRPIcRh0Ngu8YpIllEOqQk0TCBO/UBtwvvWSpRcAmuqjv5t7sStpFEXHvj3ha
wsutPT2mEAAj9Y5Z/QnNpyEnGvlEsj/Izcgi2UYmMf84S94iZ/XkA9/ZbFThtbmY
aBPcX17uzVX+B9h/6kJ/PZF8hV3WnG9PrNaFK3hSEW+I/VZRfOGAnM7ftWZrBkuJ
Lmtgth8iSR9Z7g==
-----END CERTIFICATE-----
Generated at Fri Jun 13 21:49:17 2025 by rpki-client