Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/9773dc-d8e8-480d-98f2-c00cbc1492bf/1/0phnd6RO0JQPKaeVx19Fpi9EuzM.mft
File:                     0phnd6RO0JQPKaeVx19Fpi9EuzM.mft (raw, json)
Hash identifier:          aYBbwnuVn6CqDGHdIRRTKqP3TGq5i7Dj5vUhSNGLcEA=
Subject key identifier:   C3:50:94:9E:2A:5B:A1:52:EE:AD:61:7F:FA:A0:65:C6:05:B4:58:3A
Authority key identifier: D2:98:67:77:A4:4E:D0:94:0F:29:A7:95:C7:5F:45:A6:2F:44:BB:33
Certificate issuer:       /CN=d2986777a44ed0940f29a795c75f45a62f44bb33
Certificate serial:       019759EDFB863834B8E28F936C2C3BA5845B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/0phnd6RO0JQPKaeVx19Fpi9EuzM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/da/9773dc-d8e8-480d-98f2-c00cbc1492bf/1/0phnd6RO0JQPKaeVx19Fpi9EuzM.mft
Manifest number:          056F
Signing time:             Tue 10 Jun 2025 13:00:58 +0000
Manifest this update:     Tue 10 Jun 2025 13:00:58 +0000
Manifest next update:     Wed 11 Jun 2025 13:00:58 +0000
Files and hashes:         1: 0phnd6RO0JQPKaeVx19Fpi9EuzM.crl (hash: a+RRnSy9DQHnwInXuMzZ5h5ChU8XEwKGSiEoa1AWm5U=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/da/9773dc-d8e8-480d-98f2-c00cbc1492bf/1/0phnd6RO0JQPKaeVx19Fpi9EuzM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/da/9773dc-d8e8-480d-98f2-c00cbc1492bf/1/0phnd6RO0JQPKaeVx19Fpi9EuzM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/0phnd6RO0JQPKaeVx19Fpi9EuzM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 11 Jun 2025 13:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:59:ed:fb:86:38:34:b8:e2:8f:93:6c:2c:3b:a5:84:5b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d2986777a44ed0940f29a795c75f45a62f44bb33
        Validity
            Not Before: Jun 10 13:00:58 2025 GMT
            Not After : Jun 11 13:00:58 2025 GMT
        Subject: CN=c350949e2a5ba152eead617ffaa065c605b4583a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:00:32:b8:b5:a4:e3:fc:e8:84:8a:8e:8a:e0:
                    af:6d:1e:bd:9c:c4:3e:d3:dc:05:39:0e:6b:04:fc:
                    47:b9:94:00:29:c7:c4:a5:8f:76:6e:f5:cd:cf:97:
                    29:28:63:00:1a:f2:64:0d:9a:a9:22:fb:84:7b:f7:
                    d0:21:5c:d5:52:f6:02:3d:93:e0:56:2e:1c:8d:67:
                    20:dc:cb:3f:a4:40:5e:cd:6c:d1:48:fe:79:6b:15:
                    38:e6:7d:0b:b2:d4:14:22:89:68:46:dd:7d:44:7f:
                    38:10:94:b2:9d:35:e9:b0:5b:3e:35:89:04:97:67:
                    b7:42:37:47:40:42:44:0e:b4:97:b6:5e:99:34:6c:
                    b2:0b:c4:04:d8:23:cc:65:cb:d5:98:bf:a4:03:89:
                    31:7c:0a:40:78:35:d7:94:59:d2:f2:11:ce:ab:a9:
                    50:55:dc:6d:b0:3f:50:a6:7a:eb:28:37:92:87:67:
                    b3:13:38:c8:73:92:71:3e:d6:af:95:89:1a:c4:a2:
                    b1:c5:ea:fb:ca:c8:8a:d2:b4:88:c6:f4:1a:05:0a:
                    09:8f:39:85:e5:13:50:dc:1c:f8:a0:9d:82:fe:12:
                    32:76:e9:15:9e:31:c5:07:12:78:ee:bb:c7:83:17:
                    e1:6e:9a:22:91:12:87:d1:17:ac:96:21:97:10:43:
                    bd:7f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C3:50:94:9E:2A:5B:A1:52:EE:AD:61:7F:FA:A0:65:C6:05:B4:58:3A
            X509v3 Authority Key Identifier:
                keyid:D2:98:67:77:A4:4E:D0:94:0F:29:A7:95:C7:5F:45:A6:2F:44:BB:33

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0phnd6RO0JQPKaeVx19Fpi9EuzM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/9773dc-d8e8-480d-98f2-c00cbc1492bf/1/0phnd6RO0JQPKaeVx19Fpi9EuzM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/da/9773dc-d8e8-480d-98f2-c00cbc1492bf/1/0phnd6RO0JQPKaeVx19Fpi9EuzM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         ba:90:29:b6:de:20:29:31:7a:07:63:76:82:e7:0f:80:17:ea:
         53:a2:a5:91:3a:99:a1:61:c7:95:fe:8a:08:50:2a:93:cc:c0:
         af:ac:e0:e9:9f:73:bf:bb:f7:24:66:89:25:e6:91:65:55:fd:
         98:f8:ec:94:a5:02:b7:bc:ae:05:3d:bc:5e:b0:b3:1d:4b:df:
         0e:44:56:2c:5c:87:22:d6:f6:0c:95:88:c1:b1:bf:3d:ca:00:
         79:fe:a6:93:34:a0:16:54:c8:1d:69:cc:bf:c5:0f:cb:5d:a9:
         ad:8a:d4:47:ff:2b:75:e6:4b:67:2c:93:d3:f1:8b:4a:30:7e:
         b3:f2:c7:50:d8:78:3b:69:ef:9b:99:29:3d:4c:5a:70:67:c0:
         99:54:e6:a0:92:bb:0d:0a:b8:44:4e:5b:77:5a:ff:bc:b9:87:
         b7:56:8b:be:8e:4e:50:2b:ec:54:15:85:9a:02:90:db:4b:00:
         26:3b:87:4b:15:de:b8:cc:63:68:10:c6:58:9a:0f:ce:83:c8:
         ae:c5:53:40:5b:53:03:6e:63:7c:4c:85:a1:9c:d7:46:cf:24:
         c9:04:ff:5d:33:e1:fe:f1:48:bb:71:e7:dd:f1:cb:73:c6:74:
         0c:9b:b4:fa:ec:4a:b0:d6:cb:fe:35:5a:6d:51:81:54:99:9c:
         9a:c3:83:07
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdZ7fuGODS44o+TbCw7pYRbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyOTg2Nzc3YTQ0ZWQwOTQwZjI5YTc5NWM3NWY0NWE2MmY0
NGJiMzMwHhcNMjUwNjEwMTMwMDU4WhcNMjUwNjExMTMwMDU4WjAzMTEwLwYDVQQD
EyhjMzUwOTQ5ZTJhNWJhMTUyZWVhZDYxN2ZmYWEwNjVjNjA1YjQ1ODNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqgAyuLWk4/zohIqOiuCvbR69nMQ+
09wFOQ5rBPxHuZQAKcfEpY92bvXNz5cpKGMAGvJkDZqpIvuEe/fQIVzVUvYCPZPg
Vi4cjWcg3Ms/pEBezWzRSP55axU45n0LstQUIoloRt19RH84EJSynTXpsFs+NYkE
l2e3QjdHQEJEDrSXtl6ZNGyyC8QE2CPMZcvVmL+kA4kxfApAeDXXlFnS8hHOq6lQ
VdxtsD9QpnrrKDeSh2ezEzjIc5JxPtavlYkaxKKxxer7ysiK0rSIxvQaBQoJjzmF
5RNQ3Bz4oJ2C/hIydukVnjHFBxJ47rvHgxfhbpoikRKH0ResliGXEEO9fwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMNQlJ4qW6FS7q1hf/qgZcYFtFg6MB8GA1UdIwQY
MBaAFNKYZ3ekTtCUDymnlcdfRaYvRLszMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMHBobmQ2Uk8wSlFQS2FlVngxOUZwaTlFdXpNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS85NzczZGMtZDhlOC00ODBkLTk4ZjIt
YzAwY2JjMTQ5MmJmLzEvMHBobmQ2Uk8wSlFQS2FlVngxOUZwaTlFdXpNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYS85NzczZGMtZDhlOC00ODBkLTk4ZjItYzAwY2JjMTQ5MmJm
LzEvMHBobmQ2Uk8wSlFQS2FlVngxOUZwaTlFdXpNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAupAptt4g
KTF6B2N2gucPgBfqU6KlkTqZoWHHlf6KCFAqk8zAr6zg6Z9zv7v3JGaJJeaRZVX9
mPjslKUCt7yuBT28XrCzHUvfDkRWLFyHItb2DJWIwbG/PcoAef6mkzSgFlTIHWnM
v8UPy12prYrUR/8rdeZLZyyT0/GLSjB+s/LHUNh4O2nvm5kpPUxacGfAmVTmoJK7
DQq4RE5bd1r/vLmHt1aLvo5OUCvsVBWFmgKQ20sAJjuHSxXeuMxjaBDGWJoPzoPI
rsVTQFtTA25jfEyFoZzXRs8kyQT/XTPh/vFIu3Hn3fHLc8Z0DJu0+uxKsNbL/jVa
bVGBVJmcmsODBw==
-----END CERTIFICATE-----
Generated at Tue Jun 10 21:05:04 2025 by rpki-client