Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/25c947-8534-4341-ad6e-7da8dbaea94a/1/mEL3HQwjZ4gu9HCLIGtLbimjezM.mft
File:                     mEL3HQwjZ4gu9HCLIGtLbimjezM.mft (raw, json)
Hash identifier:          m8nbdqKBd/GFo5FDVJu+pkaFMV91SWZVSmRgKOLg974=
Subject key identifier:   B9:20:65:4D:2F:D9:37:85:B0:B4:7D:C4:C6:04:15:9B:BF:06:37:BC
Authority key identifier: 98:42:F7:1D:0C:23:67:88:2E:F4:70:8B:20:6B:4B:6E:29:A3:7B:33
Certificate issuer:       /CN=9842f71d0c2367882ef4708b206b4b6e29a37b33
Certificate serial:       0197542393A245511F558165995948F7524F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/mEL3HQwjZ4gu9HCLIGtLbimjezM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/da/25c947-8534-4341-ad6e-7da8dbaea94a/1/mEL3HQwjZ4gu9HCLIGtLbimjezM.mft
Manifest number:          1217
Signing time:             Mon 09 Jun 2025 10:01:46 +0000
Manifest this update:     Mon 09 Jun 2025 10:01:46 +0000
Manifest next update:     Tue 10 Jun 2025 10:01:46 +0000
Files and hashes:         1: mEL3HQwjZ4gu9HCLIGtLbimjezM.crl (hash: p8NCQM9qT9AFe3fKya/ry/DttQoBlxBBgSQoL8h5DpI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/da/25c947-8534-4341-ad6e-7da8dbaea94a/1/mEL3HQwjZ4gu9HCLIGtLbimjezM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/da/25c947-8534-4341-ad6e-7da8dbaea94a/1/mEL3HQwjZ4gu9HCLIGtLbimjezM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/mEL3HQwjZ4gu9HCLIGtLbimjezM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 10 Jun 2025 02:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:54:23:93:a2:45:51:1f:55:81:65:99:59:48:f7:52:4f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9842f71d0c2367882ef4708b206b4b6e29a37b33
        Validity
            Not Before: Jun  9 10:01:46 2025 GMT
            Not After : Jun 10 10:01:46 2025 GMT
        Subject: CN=b920654d2fd93785b0b47dc4c604159bbf0637bc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d0:e5:c4:5f:16:40:46:93:38:5a:da:15:1d:f2:
                    a9:48:e0:8a:66:fd:4e:e1:79:89:27:0f:84:c0:b5:
                    b8:8f:fd:ab:1e:ee:81:f5:4b:91:bf:0d:51:bf:92:
                    89:77:16:dd:52:19:b7:bc:b6:be:2e:e6:de:af:0b:
                    16:6a:cc:9b:dc:56:9a:83:94:90:23:47:08:56:22:
                    69:d0:47:a8:32:4f:11:28:db:2e:3c:3a:30:eb:08:
                    3c:6a:40:f6:ad:a2:cd:e9:f5:ea:ff:ab:53:68:0d:
                    34:9e:6a:ba:57:9f:c0:69:44:23:1a:f9:43:7e:9c:
                    d3:52:ce:e4:ac:4b:ab:55:e0:2c:1c:69:3c:d2:68:
                    36:97:35:47:4b:b6:86:da:45:51:82:dd:cc:12:c5:
                    ee:ac:74:e4:e9:96:0f:01:8a:32:98:aa:77:82:aa:
                    07:15:aa:3f:b0:0c:ee:fd:f7:c2:88:0f:e5:ac:2c:
                    86:30:15:b0:a0:c9:19:c9:7b:b3:7d:72:2a:d3:6c:
                    ea:55:08:3f:4d:2d:98:33:9c:97:4b:8a:0b:e2:43:
                    4e:75:88:19:bf:95:79:df:8a:f8:97:74:58:ae:49:
                    d2:82:9d:ff:31:ff:24:92:b9:f4:1a:f8:8c:ce:9d:
                    29:0e:c6:5f:fb:2e:c3:05:e3:9b:31:de:82:95:13:
                    fe:cf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B9:20:65:4D:2F:D9:37:85:B0:B4:7D:C4:C6:04:15:9B:BF:06:37:BC
            X509v3 Authority Key Identifier:
                keyid:98:42:F7:1D:0C:23:67:88:2E:F4:70:8B:20:6B:4B:6E:29:A3:7B:33

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mEL3HQwjZ4gu9HCLIGtLbimjezM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/25c947-8534-4341-ad6e-7da8dbaea94a/1/mEL3HQwjZ4gu9HCLIGtLbimjezM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/da/25c947-8534-4341-ad6e-7da8dbaea94a/1/mEL3HQwjZ4gu9HCLIGtLbimjezM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         8a:8b:e5:ac:8e:97:3a:5a:f4:a8:87:b8:67:88:0d:6b:f3:41:
         38:78:ab:42:27:07:95:1d:7b:ae:50:ea:06:db:7f:93:19:aa:
         27:3e:06:85:ab:cc:e7:d8:59:71:55:17:74:c4:6c:8f:aa:74:
         3e:e7:a9:66:5e:bd:43:cc:0e:d7:e3:c5:4f:5d:6e:36:43:c4:
         d3:3e:19:dc:7c:3d:93:72:7d:76:90:e9:76:ae:3c:17:81:93:
         15:aa:7b:b4:cf:4c:b2:fa:8c:73:50:a9:bc:c6:f7:83:9a:74:
         7a:b6:0b:1e:5f:0d:d0:5c:8e:df:84:2f:bc:54:48:ef:dc:fa:
         31:4b:35:70:37:72:ca:5d:6c:56:2a:fa:6d:37:f4:29:8f:54:
         62:52:9f:60:44:25:a1:b6:32:50:42:19:d9:7f:2e:e7:c3:27:
         1c:6a:3c:dc:df:3d:f0:8d:0a:c4:a3:85:27:86:fb:13:79:0b:
         70:b8:48:83:22:cf:3f:bd:5e:29:bd:d1:7f:63:c8:73:f1:d4:
         47:33:13:56:3e:ab:28:3e:a9:ad:1e:97:5d:c8:54:fd:c6:4c:
         1f:b9:37:b6:cb:cf:1e:30:45:3e:65:7f:99:0b:6f:aa:67:2f:
         f9:aa:2b:b1:8e:f1:56:12:63:2f:25:a8:74:47:52:7d:c2:4a:
         04:2f:d9:5e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdUI5OiRVEfVYFlmVlI91JPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4NDJmNzFkMGMyMzY3ODgyZWY0NzA4YjIwNmI0YjZlMjlh
MzdiMzMwHhcNMjUwNjA5MTAwMTQ2WhcNMjUwNjEwMTAwMTQ2WjAzMTEwLwYDVQQD
EyhiOTIwNjU0ZDJmZDkzNzg1YjBiNDdkYzRjNjA0MTU5YmJmMDYzN2JjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0OXEXxZARpM4WtoVHfKpSOCKZv1O
4XmJJw+EwLW4j/2rHu6B9UuRvw1Rv5KJdxbdUhm3vLa+LuberwsWasyb3Faag5SQ
I0cIViJp0EeoMk8RKNsuPDow6wg8akD2raLN6fXq/6tTaA00nmq6V5/AaUQjGvlD
fpzTUs7krEurVeAsHGk80mg2lzVHS7aG2kVRgt3MEsXurHTk6ZYPAYoymKp3gqoH
Fao/sAzu/ffCiA/lrCyGMBWwoMkZyXuzfXIq02zqVQg/TS2YM5yXS4oL4kNOdYgZ
v5V534r4l3RYrknSgp3/Mf8kkrn0GviMzp0pDsZf+y7DBeObMd6ClRP+zwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLkgZU0v2TeFsLR9xMYEFZu/Bje8MB8GA1UdIwQY
MBaAFJhC9x0MI2eILvRwiyBrS24po3szMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbUVMM0hRd2paNGd1OUhDTElHdExiaW1qZXpNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS8yNWM5NDctODUzNC00MzQxLWFkNmUt
N2RhOGRiYWVhOTRhLzEvbUVMM0hRd2paNGd1OUhDTElHdExiaW1qZXpNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYS8yNWM5NDctODUzNC00MzQxLWFkNmUtN2RhOGRiYWVhOTRh
LzEvbUVMM0hRd2paNGd1OUhDTElHdExiaW1qZXpNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAiovlrI6X
Olr0qIe4Z4gNa/NBOHirQicHlR17rlDqBtt/kxmqJz4GhavM59hZcVUXdMRsj6p0
PuepZl69Q8wO1+PFT11uNkPE0z4Z3Hw9k3J9dpDpdq48F4GTFap7tM9MsvqMc1Cp
vMb3g5p0erYLHl8N0FyO34QvvFRI79z6MUs1cDdyyl1sVir6bTf0KY9UYlKfYEQl
obYyUEIZ2X8u58MnHGo83N898I0KxKOFJ4b7E3kLcLhIgyLPP71eKb3Rf2PIc/HU
RzMTVj6rKD6prR6XXchU/cZMH7k3tsvPHjBFPmV/mQtvqmcv+aorsY7xVhJjLyWo
dEdSfcJKBC/ZXg==
-----END CERTIFICATE-----
Generated at Mon Jun 9 12:42:06 2025 by rpki-client