Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/ffc00d-3316-4286-8932-cc60a5fdeeb2/1/uH9ej-619ec7CXtmZX7tjbl0pA4.mft
File:                     uH9ej-619ec7CXtmZX7tjbl0pA4.mft (raw, json)
Hash identifier:          QXhDJf2BMP/JfexmS9ucHikXPR54oE81l8wiLrVLFqY=
Subject key identifier:   64:12:6E:2C:4D:A1:8E:F0:B9:63:50:0C:10:80:C9:AB:52:53:35:B3
Authority key identifier: B8:7F:5E:8F:EE:B5:F5:E7:3B:09:7B:66:65:7E:ED:8D:B9:74:A4:0E
Certificate issuer:       /CN=b87f5e8feeb5f5e73b097b66657eed8db974a40e
Certificate serial:       019759EDB742CD90D41F35943F696D68897D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/uH9ej-619ec7CXtmZX7tjbl0pA4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d9/ffc00d-3316-4286-8932-cc60a5fdeeb2/1/uH9ej-619ec7CXtmZX7tjbl0pA4.mft
Manifest number:          0D62
Signing time:             Tue 10 Jun 2025 13:00:40 +0000
Manifest this update:     Tue 10 Jun 2025 13:00:40 +0000
Manifest next update:     Wed 11 Jun 2025 13:00:40 +0000
Files and hashes:         1: uH9ej-619ec7CXtmZX7tjbl0pA4.crl (hash: p0YBpgWejnu2RwwByBawSjJql+WjGAwWdkUr0495IYk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d9/ffc00d-3316-4286-8932-cc60a5fdeeb2/1/uH9ej-619ec7CXtmZX7tjbl0pA4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d9/ffc00d-3316-4286-8932-cc60a5fdeeb2/1/uH9ej-619ec7CXtmZX7tjbl0pA4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/uH9ej-619ec7CXtmZX7tjbl0pA4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 11 Jun 2025 13:00:40 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:59:ed:b7:42:cd:90:d4:1f:35:94:3f:69:6d:68:89:7d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b87f5e8feeb5f5e73b097b66657eed8db974a40e
        Validity
            Not Before: Jun 10 13:00:40 2025 GMT
            Not After : Jun 11 13:00:40 2025 GMT
        Subject: CN=64126e2c4da18ef0b963500c1080c9ab525335b3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:98:db:35:48:7d:7d:b6:b3:0b:bc:c2:97:8f:
                    ab:68:cf:09:24:e4:3e:67:66:c3:f7:4d:62:16:10:
                    01:80:73:dd:f4:a0:f5:fc:da:3f:eb:ca:30:93:5d:
                    d0:80:c7:d6:4f:bc:c7:e1:95:a4:84:e8:d0:a4:db:
                    40:7f:c2:81:92:67:97:d0:16:13:d8:42:51:91:f1:
                    ab:f0:29:46:cb:18:47:95:95:dc:ec:de:4b:cf:52:
                    db:6a:88:b0:61:33:c7:d0:24:23:0e:5d:0c:68:76:
                    41:01:0e:26:cf:4c:3c:e4:12:e9:45:48:b4:a7:0d:
                    ae:c3:c5:8d:76:dd:12:e4:67:45:eb:0e:73:f9:c4:
                    2f:69:75:18:8e:47:3f:5d:91:58:08:1e:bf:66:1b:
                    38:1b:88:77:3c:89:40:a0:54:8a:b7:6f:a6:79:e9:
                    8b:55:c7:95:79:60:e1:5f:34:15:26:53:db:f5:0f:
                    b6:c8:e2:fd:96:d7:ae:43:ef:73:73:f3:22:9e:89:
                    73:84:bc:bc:0d:5e:71:e2:ce:4b:77:44:a0:47:60:
                    c0:bd:ca:28:92:a6:b4:20:32:79:25:fb:db:bd:fa:
                    87:88:51:ee:2b:56:62:73:e5:1c:90:b8:54:43:dc:
                    e3:23:40:53:dd:cd:26:ca:de:07:08:a9:78:c5:2b:
                    0f:4b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                64:12:6E:2C:4D:A1:8E:F0:B9:63:50:0C:10:80:C9:AB:52:53:35:B3
            X509v3 Authority Key Identifier:
                keyid:B8:7F:5E:8F:EE:B5:F5:E7:3B:09:7B:66:65:7E:ED:8D:B9:74:A4:0E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uH9ej-619ec7CXtmZX7tjbl0pA4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/ffc00d-3316-4286-8932-cc60a5fdeeb2/1/uH9ej-619ec7CXtmZX7tjbl0pA4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/ffc00d-3316-4286-8932-cc60a5fdeeb2/1/uH9ej-619ec7CXtmZX7tjbl0pA4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         00:f8:f4:65:69:57:9d:01:f5:61:5c:b5:17:7a:89:62:21:9c:
         5c:e0:7e:ee:49:26:6c:98:ed:ec:74:47:63:f6:af:36:57:3a:
         f1:37:e6:96:5c:8b:4a:7b:29:9e:eb:03:f0:3e:22:90:15:72:
         58:31:41:fa:46:e8:2a:a7:49:47:75:ba:8f:69:4c:b3:c4:a0:
         f7:d2:61:74:95:6b:39:74:3b:ed:1f:26:c4:79:11:9b:23:ba:
         cf:5a:34:a2:94:be:db:b7:9f:b0:c1:4a:76:23:a1:2d:7d:7c:
         5e:cf:da:24:45:b2:3d:ef:a5:52:56:0a:69:72:db:a9:40:7d:
         29:be:67:b9:f3:45:22:07:f4:88:18:c6:53:2e:23:af:44:ee:
         4d:6e:d0:1f:ae:39:c7:65:a6:1b:b7:fe:fa:53:f0:ec:4c:f6:
         b4:bf:52:18:b0:6f:32:da:ca:6f:78:fe:34:c9:a7:0e:b0:2b:
         98:2b:7a:3b:da:0c:26:4d:94:90:98:82:5c:fd:50:10:df:dc:
         46:13:48:53:ca:68:47:c0:06:c6:9f:93:99:03:1d:3f:91:02:
         74:a0:6c:fd:a2:c2:6c:87:2a:74:d2:70:a4:c6:82:b7:04:d8:
         46:80:93:75:98:1b:8a:48:e8:49:f9:d6:1b:cd:a2:00:e2:3e:
         f8:f8:32:fd
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdZ7bdCzZDUHzWUP2ltaIl9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI4N2Y1ZThmZWViNWY1ZTczYjA5N2I2NjY1N2VlZDhkYjk3
NGE0MGUwHhcNMjUwNjEwMTMwMDQwWhcNMjUwNjExMTMwMDQwWjAzMTEwLwYDVQQD
Eyg2NDEyNmUyYzRkYTE4ZWYwYjk2MzUwMGMxMDgwYzlhYjUyNTMzNWIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApZjbNUh9fbazC7zCl4+raM8JJOQ+
Z2bD901iFhABgHPd9KD1/No/68owk13QgMfWT7zH4ZWkhOjQpNtAf8KBkmeX0BYT
2EJRkfGr8ClGyxhHlZXc7N5Lz1LbaoiwYTPH0CQjDl0MaHZBAQ4mz0w85BLpRUi0
pw2uw8WNdt0S5GdF6w5z+cQvaXUYjkc/XZFYCB6/Zhs4G4h3PIlAoFSKt2+meemL
VceVeWDhXzQVJlPb9Q+2yOL9lteuQ+9zc/MinolzhLy8DV5x4s5Ld0SgR2DAvcoo
kqa0IDJ5JfvbvfqHiFHuK1Zic+UckLhUQ9zjI0BT3c0myt4HCKl4xSsPSwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGQSbixNoY7wuWNQDBCAyatSUzWzMB8GA1UdIwQY
MBaAFLh/Xo/utfXnOwl7ZmV+7Y25dKQOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdUg5ZWotNjE5ZWM3Q1h0bVpYN3RqYmwwcEE0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS9mZmMwMGQtMzMxNi00Mjg2LTg5MzIt
Y2M2MGE1ZmRlZWIyLzEvdUg5ZWotNjE5ZWM3Q1h0bVpYN3RqYmwwcEE0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS9mZmMwMGQtMzMxNi00Mjg2LTg5MzItY2M2MGE1ZmRlZWIy
LzEvdUg5ZWotNjE5ZWM3Q1h0bVpYN3RqYmwwcEE0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAAPj0ZWlX
nQH1YVy1F3qJYiGcXOB+7kkmbJjt7HRHY/avNlc68TfmllyLSnspnusD8D4ikBVy
WDFB+kboKqdJR3W6j2lMs8Sg99JhdJVrOXQ77R8mxHkRmyO6z1o0opS+27efsMFK
diOhLX18Xs/aJEWyPe+lUlYKaXLbqUB9Kb5nufNFIgf0iBjGUy4jr0TuTW7QH645
x2WmG7f++lPw7Ez2tL9SGLBvMtrKb3j+NMmnDrArmCt6O9oMJk2UkJiCXP1QEN/c
RhNIU8poR8AGxp+TmQMdP5ECdKBs/aLCbIcqdNJwpMaCtwTYRoCTdZgbikjoSfnW
G82iAOI++Pgy/Q==
-----END CERTIFICATE-----
Generated at Tue Jun 10 17:53:09 2025 by rpki-client