Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/de/4c84cd-0bf1-43a3-b442-65bd4224cdb9/1/0sAfMj0dJYn5qbRi_nDzawn6xjI.mft
File:                     0sAfMj0dJYn5qbRi_nDzawn6xjI.mft (raw, json)
Hash identifier:          vPg43R1lY9oWo+fPHlUzXXPg4kc0pVkURXiakXUd7kg=
Subject key identifier:   8A:F6:E4:20:27:C2:05:EE:8C:6E:AF:4D:86:B2:5B:56:A6:B8:1A:E7
Authority key identifier: D2:C0:1F:32:3D:1D:25:89:F9:A9:B4:62:FE:70:F3:6B:09:FA:C6:32
Certificate issuer:       /CN=d2c01f323d1d2589f9a9b462fe70f36b09fac632
Certificate serial:       019764A8196D45D067A38BBA783614B9A597
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/0sAfMj0dJYn5qbRi_nDzawn6xjI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/de/4c84cd-0bf1-43a3-b442-65bd4224cdb9/1/0sAfMj0dJYn5qbRi_nDzawn6xjI.mft
Manifest number:          05B7
Signing time:             Thu 12 Jun 2025 15:00:27 +0000
Manifest this update:     Thu 12 Jun 2025 15:00:27 +0000
Manifest next update:     Fri 13 Jun 2025 15:00:27 +0000
Files and hashes:         1: 0sAfMj0dJYn5qbRi_nDzawn6xjI.crl (hash: X2IMdr+MvC1+XwXwM3ad5CDVwIwMMvj1fBoG2PE0Ie4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/de/4c84cd-0bf1-43a3-b442-65bd4224cdb9/1/0sAfMj0dJYn5qbRi_nDzawn6xjI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/de/4c84cd-0bf1-43a3-b442-65bd4224cdb9/1/0sAfMj0dJYn5qbRi_nDzawn6xjI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/0sAfMj0dJYn5qbRi_nDzawn6xjI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 13 Jun 2025 13:55:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:64:a8:19:6d:45:d0:67:a3:8b:ba:78:36:14:b9:a5:97
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d2c01f323d1d2589f9a9b462fe70f36b09fac632
        Validity
            Not Before: Jun 12 15:00:27 2025 GMT
            Not After : Jun 13 15:00:27 2025 GMT
        Subject: CN=8af6e42027c205ee8c6eaf4d86b25b56a6b81ae7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d5:15:21:b3:26:f6:1e:92:9a:d9:d3:de:a3:d3:
                    2c:d8:21:d7:e2:87:43:35:64:ac:de:22:4d:f0:20:
                    bc:3e:74:8c:69:6f:0c:50:a7:09:a4:c3:65:ba:45:
                    71:48:8e:90:04:ba:70:4f:d9:39:33:7d:b8:76:17:
                    ee:09:a3:16:87:17:49:0b:c2:43:a4:4a:9a:dc:4f:
                    6f:07:d4:7a:9d:67:b3:bb:a4:36:e5:a5:2d:42:40:
                    7c:a6:3a:76:c7:fc:72:a4:93:46:16:88:38:ee:75:
                    4a:18:51:cf:30:a2:87:72:3e:cf:04:aa:62:7a:af:
                    33:bd:8c:30:1d:c0:70:90:ad:e8:72:31:30:59:b4:
                    c1:f1:dd:fd:ea:84:01:92:a4:82:e0:bb:ac:09:95:
                    c8:2e:89:55:cd:2d:c8:8a:87:cd:b3:8e:82:86:35:
                    bc:34:a2:72:b9:eb:da:e6:e8:21:e4:3c:46:ba:45:
                    b7:77:aa:ed:93:eb:c5:c4:34:49:96:89:86:06:61:
                    30:c5:80:2b:f7:ea:b4:36:95:72:8a:26:18:80:c4:
                    28:e8:eb:e6:f9:f0:eb:c4:05:9b:0d:4e:32:a5:c5:
                    4b:d1:86:7c:90:fd:fa:e7:b8:f2:8c:5b:84:0e:3c:
                    8a:21:8b:25:a3:ef:08:20:6f:6e:27:43:66:e2:ac:
                    15:1d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8A:F6:E4:20:27:C2:05:EE:8C:6E:AF:4D:86:B2:5B:56:A6:B8:1A:E7
            X509v3 Authority Key Identifier:
                keyid:D2:C0:1F:32:3D:1D:25:89:F9:A9:B4:62:FE:70:F3:6B:09:FA:C6:32

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0sAfMj0dJYn5qbRi_nDzawn6xjI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/de/4c84cd-0bf1-43a3-b442-65bd4224cdb9/1/0sAfMj0dJYn5qbRi_nDzawn6xjI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/de/4c84cd-0bf1-43a3-b442-65bd4224cdb9/1/0sAfMj0dJYn5qbRi_nDzawn6xjI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2c:f2:1c:35:b8:1d:d8:e6:8d:2b:7e:57:ce:68:ea:f1:c6:1e:
         ba:08:c8:91:bf:56:eb:52:d7:c7:02:c2:c5:05:20:ef:36:2e:
         78:88:4b:92:7e:6f:c2:fb:0f:7a:79:27:21:d7:e3:fe:f2:fb:
         ac:93:65:4f:0d:3c:e6:ad:48:e1:56:5f:d5:c4:f0:37:0b:96:
         5f:69:f5:89:73:65:df:6d:54:82:9f:b2:a6:d5:6c:64:45:a6:
         1f:0f:a2:15:c7:a6:44:18:d2:9e:ce:cf:fd:28:88:1f:23:c0:
         1d:fa:0c:89:74:aa:ff:5b:65:1b:08:c3:4a:84:93:62:e6:bd:
         39:7a:ef:0c:42:9a:52:b7:5a:e5:c3:18:cb:7e:49:20:02:b1:
         0d:48:63:0d:35:36:77:71:46:05:11:23:ca:7f:37:d0:0c:25:
         e4:af:6a:ce:94:00:e4:06:38:2d:a6:1f:d8:a2:af:b9:f0:d6:
         6e:9d:d0:4c:04:6f:58:ee:6f:d6:4e:ea:27:73:43:ee:52:17:
         bf:7e:84:af:c8:60:8b:32:18:f5:93:8c:9b:f0:0b:7c:74:c0:
         88:8c:0b:e0:10:aa:53:c1:60:2c:1f:4f:f5:53:b5:9d:fc:87:
         fe:a8:c6:d4:a6:e2:25:d8:c3:69:50:59:89:74:79:91:ca:e1:
         1f:81:5d:c2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdkqBltRdBno4u6eDYUuaWXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyYzAxZjMyM2QxZDI1ODlmOWE5YjQ2MmZlNzBmMzZiMDlm
YWM2MzIwHhcNMjUwNjEyMTUwMDI3WhcNMjUwNjEzMTUwMDI3WjAzMTEwLwYDVQQD
Eyg4YWY2ZTQyMDI3YzIwNWVlOGM2ZWFmNGQ4NmIyNWI1NmE2YjgxYWU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1RUhsyb2HpKa2dPeo9Ms2CHX4odD
NWSs3iJN8CC8PnSMaW8MUKcJpMNlukVxSI6QBLpwT9k5M324dhfuCaMWhxdJC8JD
pEqa3E9vB9R6nWezu6Q25aUtQkB8pjp2x/xypJNGFog47nVKGFHPMKKHcj7PBKpi
eq8zvYwwHcBwkK3ocjEwWbTB8d396oQBkqSC4LusCZXILolVzS3IiofNs46ChjW8
NKJyueva5ugh5DxGukW3d6rtk+vFxDRJlomGBmEwxYAr9+q0NpVyiiYYgMQo6Ovm
+fDrxAWbDU4ypcVL0YZ8kP3657jyjFuEDjyKIYslo+8IIG9uJ0Nm4qwVHQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIr25CAnwgXujG6vTYayW1amuBrnMB8GA1UdIwQY
MBaAFNLAHzI9HSWJ+am0Yv5w82sJ+sYyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMHNBZk1qMGRKWW41cWJSaV9uRHphd242eGpJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZS80Yzg0Y2QtMGJmMS00M2EzLWI0NDIt
NjViZDQyMjRjZGI5LzEvMHNBZk1qMGRKWW41cWJSaV9uRHphd242eGpJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZS80Yzg0Y2QtMGJmMS00M2EzLWI0NDItNjViZDQyMjRjZGI5
LzEvMHNBZk1qMGRKWW41cWJSaV9uRHphd242eGpJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALPIcNbgd
2OaNK35Xzmjq8cYeugjIkb9W61LXxwLCxQUg7zYueIhLkn5vwvsPenknIdfj/vL7
rJNlTw085q1I4VZf1cTwNwuWX2n1iXNl321Ugp+yptVsZEWmHw+iFcemRBjSns7P
/SiIHyPAHfoMiXSq/1tlGwjDSoSTYua9OXrvDEKaUrda5cMYy35JIAKxDUhjDTU2
d3FGBREjyn830Awl5K9qzpQA5AY4LaYf2KKvufDWbp3QTARvWO5v1k7qJ3ND7lIX
v36Er8hgizIY9ZOMm/ALfHTAiIwL4BCqU8FgLB9P9VO1nfyH/qjG1KbiJdjDaVBZ
iXR5kcrhH4Fdwg==
-----END CERTIFICATE-----
Generated at Thu Jun 12 21:47:12 2025 by rpki-client