Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/ffc00d-3316-4286-8932-cc60a5fdeeb2/1/uH9ej-619ec7CXtmZX7tjbl0pA4.mft
File:                     uH9ej-619ec7CXtmZX7tjbl0pA4.mft (raw, json)
Hash identifier:          cJr1P952VBT9pnDpH5EXRNd2PeIgw1mvONImP18G7ps=
Subject key identifier:   11:87:B1:3B:FE:36:53:3D:27:D5:F5:E2:28:C0:F6:84:77:30:26:03
Authority key identifier: B8:7F:5E:8F:EE:B5:F5:E7:3B:09:7B:66:65:7E:ED:8D:B9:74:A4:0E
Certificate issuer:       /CN=b87f5e8feeb5f5e73b097b66657eed8db974a40e
Certificate serial:       019754237EDF2A15382FD448894D0B7CC491
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/uH9ej-619ec7CXtmZX7tjbl0pA4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d9/ffc00d-3316-4286-8932-cc60a5fdeeb2/1/uH9ej-619ec7CXtmZX7tjbl0pA4.mft
Manifest number:          0D5F
Signing time:             Mon 09 Jun 2025 10:01:41 +0000
Manifest this update:     Mon 09 Jun 2025 10:01:41 +0000
Manifest next update:     Tue 10 Jun 2025 10:01:41 +0000
Files and hashes:         1: uH9ej-619ec7CXtmZX7tjbl0pA4.crl (hash: I0R/ADEQXpZGOkK+R42XE0itIaRNjJ2umUmsYa/kXwg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d9/ffc00d-3316-4286-8932-cc60a5fdeeb2/1/uH9ej-619ec7CXtmZX7tjbl0pA4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d9/ffc00d-3316-4286-8932-cc60a5fdeeb2/1/uH9ej-619ec7CXtmZX7tjbl0pA4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/uH9ej-619ec7CXtmZX7tjbl0pA4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 10 Jun 2025 10:01:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:54:23:7e:df:2a:15:38:2f:d4:48:89:4d:0b:7c:c4:91
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b87f5e8feeb5f5e73b097b66657eed8db974a40e
        Validity
            Not Before: Jun  9 10:01:41 2025 GMT
            Not After : Jun 10 10:01:41 2025 GMT
        Subject: CN=1187b13bfe36533d27d5f5e228c0f68477302603
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:2c:01:1d:49:f6:99:69:19:54:1a:c7:23:33:
                    d2:36:96:a2:e6:aa:20:49:a3:44:1a:b4:eb:f7:f8:
                    25:fc:66:f7:2b:ac:be:25:66:b9:de:dc:cd:04:08:
                    2d:68:ee:06:a0:50:0c:a7:64:0f:6c:ae:72:b6:f8:
                    66:aa:33:20:3f:3d:d3:dd:3d:d2:86:2c:fc:67:b6:
                    57:af:f2:37:7d:ab:b8:6d:d6:cb:0a:4f:33:e2:a4:
                    56:73:6a:22:f7:f4:5f:e0:4e:75:41:bf:bd:30:96:
                    94:fa:89:b0:b4:17:a8:49:03:8a:20:d4:04:05:a1:
                    b8:44:4e:5f:16:5a:c8:33:e8:f6:c9:ee:33:82:57:
                    9f:1f:d5:7d:3b:38:b0:86:ae:b6:4b:c4:e5:6b:3d:
                    f5:dd:0c:80:b0:7b:08:6f:7c:29:e9:75:12:9a:53:
                    a5:07:94:61:af:7a:21:05:7f:68:00:fa:42:3f:1c:
                    df:c2:27:52:ee:99:ff:61:6e:88:4a:74:7e:3d:72:
                    66:b1:04:ae:8c:c5:1b:36:cd:f6:77:7b:9f:4b:bb:
                    41:d8:c4:92:fe:d3:7f:e5:09:30:dc:b7:fe:23:7e:
                    1c:b5:1a:d4:00:46:59:c2:9f:f3:03:ce:9c:19:eb:
                    e4:a9:e2:1f:28:15:10:ec:85:ab:0a:a5:31:3e:d6:
                    ed:19
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                11:87:B1:3B:FE:36:53:3D:27:D5:F5:E2:28:C0:F6:84:77:30:26:03
            X509v3 Authority Key Identifier:
                keyid:B8:7F:5E:8F:EE:B5:F5:E7:3B:09:7B:66:65:7E:ED:8D:B9:74:A4:0E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uH9ej-619ec7CXtmZX7tjbl0pA4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/ffc00d-3316-4286-8932-cc60a5fdeeb2/1/uH9ej-619ec7CXtmZX7tjbl0pA4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/ffc00d-3316-4286-8932-cc60a5fdeeb2/1/uH9ej-619ec7CXtmZX7tjbl0pA4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         60:e5:97:ad:e6:84:a5:4f:e8:8c:b9:14:06:1c:db:96:e1:ed:
         b7:00:43:a4:80:69:2b:49:c7:bf:42:a5:62:0f:67:ea:4d:4f:
         2d:92:24:5a:54:a4:6c:16:42:42:7e:e4:40:34:52:d0:23:dd:
         14:b4:b0:9e:c4:2f:14:37:2e:95:82:c2:43:8f:1b:d9:ae:05:
         43:40:a3:c6:9a:42:7c:84:6e:ab:52:4f:f9:48:5a:98:87:37:
         93:9d:4e:33:57:d9:10:e3:22:ff:b5:24:79:0b:f2:0d:04:58:
         a0:73:0a:14:c7:7b:e8:60:21:f2:59:45:7b:dc:e9:87:48:54:
         0c:bb:30:d3:46:7a:26:7e:31:a3:db:20:5a:f9:3d:27:69:1c:
         58:c5:66:a8:46:a4:97:a2:74:34:16:fe:01:dd:62:75:00:c8:
         35:84:20:69:13:af:65:06:f8:2f:f5:e8:7a:19:30:fe:6e:69:
         c5:77:d1:a5:b6:13:14:91:7e:a4:1b:6d:4e:54:cc:a6:02:23:
         c5:f6:fa:9c:e2:8f:42:c3:37:11:74:91:91:0a:05:04:9f:4d:
         70:8d:fb:07:9e:a2:62:b4:53:2c:30:8c:ed:f0:63:13:52:a4:
         50:4c:c6:14:b8:5c:0f:da:c4:d5:80:36:c1:7e:0e:1e:32:70:
         c5:94:ca:f5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdUI37fKhU4L9RIiU0LfMSRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI4N2Y1ZThmZWViNWY1ZTczYjA5N2I2NjY1N2VlZDhkYjk3
NGE0MGUwHhcNMjUwNjA5MTAwMTQxWhcNMjUwNjEwMTAwMTQxWjAzMTEwLwYDVQQD
EygxMTg3YjEzYmZlMzY1MzNkMjdkNWY1ZTIyOGMwZjY4NDc3MzAyNjAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuywBHUn2mWkZVBrHIzPSNpai5qog
SaNEGrTr9/gl/Gb3K6y+JWa53tzNBAgtaO4GoFAMp2QPbK5ytvhmqjMgPz3T3T3S
hiz8Z7ZXr/I3fau4bdbLCk8z4qRWc2oi9/Rf4E51Qb+9MJaU+omwtBeoSQOKINQE
BaG4RE5fFlrIM+j2ye4zglefH9V9Oziwhq62S8Tlaz313QyAsHsIb3wp6XUSmlOl
B5Rhr3ohBX9oAPpCPxzfwidS7pn/YW6ISnR+PXJmsQSujMUbNs32d3ufS7tB2MSS
/tN/5Qkw3Lf+I34ctRrUAEZZwp/zA86cGevkqeIfKBUQ7IWrCqUxPtbtGQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBGHsTv+NlM9J9X14ijA9oR3MCYDMB8GA1UdIwQY
MBaAFLh/Xo/utfXnOwl7ZmV+7Y25dKQOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdUg5ZWotNjE5ZWM3Q1h0bVpYN3RqYmwwcEE0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS9mZmMwMGQtMzMxNi00Mjg2LTg5MzIt
Y2M2MGE1ZmRlZWIyLzEvdUg5ZWotNjE5ZWM3Q1h0bVpYN3RqYmwwcEE0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS9mZmMwMGQtMzMxNi00Mjg2LTg5MzItY2M2MGE1ZmRlZWIy
LzEvdUg5ZWotNjE5ZWM3Q1h0bVpYN3RqYmwwcEE0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYOWXreaE
pU/ojLkUBhzbluHttwBDpIBpK0nHv0KlYg9n6k1PLZIkWlSkbBZCQn7kQDRS0CPd
FLSwnsQvFDculYLCQ48b2a4FQ0CjxppCfIRuq1JP+UhamIc3k51OM1fZEOMi/7Uk
eQvyDQRYoHMKFMd76GAh8llFe9zph0hUDLsw00Z6Jn4xo9sgWvk9J2kcWMVmqEak
l6J0NBb+Ad1idQDINYQgaROvZQb4L/Xoehkw/m5pxXfRpbYTFJF+pBttTlTMpgIj
xfb6nOKPQsM3EXSRkQoFBJ9NcI37B56iYrRTLDCM7fBjE1KkUEzGFLhcD9rE1YA2
wX4OHjJwxZTK9Q==
-----END CERTIFICATE-----
Generated at Mon Jun 9 19:22:20 2025 by rpki-client