Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/de/4c84cd-0bf1-43a3-b442-65bd4224cdb9/1/0sAfMj0dJYn5qbRi_nDzawn6xjI.mft
File:                     0sAfMj0dJYn5qbRi_nDzawn6xjI.mft (raw, json)
Hash identifier:          7wRkqpvoBAaJLAETIP+uuDZlb2DjF+xeCFlaZTm1o7U=
Subject key identifier:   95:D8:5A:36:3E:DC:7D:4B:34:60:85:B8:03:56:9D:62:78:A5:7B:2C
Authority key identifier: D2:C0:1F:32:3D:1D:25:89:F9:A9:B4:62:FE:70:F3:6B:09:FA:C6:32
Certificate issuer:       /CN=d2c01f323d1d2589f9a9b462fe70f36b09fac632
Certificate serial:       019762B9E5341651A361FCC924DCD7EEC563
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/0sAfMj0dJYn5qbRi_nDzawn6xjI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/de/4c84cd-0bf1-43a3-b442-65bd4224cdb9/1/0sAfMj0dJYn5qbRi_nDzawn6xjI.mft
Manifest number:          05B6
Signing time:             Thu 12 Jun 2025 06:00:39 +0000
Manifest this update:     Thu 12 Jun 2025 06:00:39 +0000
Manifest next update:     Fri 13 Jun 2025 06:00:39 +0000
Files and hashes:         1: 0sAfMj0dJYn5qbRi_nDzawn6xjI.crl (hash: IOJqdY2GOoJnr/ON5lQmH//BulGoZ9qkqPh7OR0Ite4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/de/4c84cd-0bf1-43a3-b442-65bd4224cdb9/1/0sAfMj0dJYn5qbRi_nDzawn6xjI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/de/4c84cd-0bf1-43a3-b442-65bd4224cdb9/1/0sAfMj0dJYn5qbRi_nDzawn6xjI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/0sAfMj0dJYn5qbRi_nDzawn6xjI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 13 Jun 2025 06:00:39 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:62:b9:e5:34:16:51:a3:61:fc:c9:24:dc:d7:ee:c5:63
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d2c01f323d1d2589f9a9b462fe70f36b09fac632
        Validity
            Not Before: Jun 12 06:00:39 2025 GMT
            Not After : Jun 13 06:00:39 2025 GMT
        Subject: CN=95d85a363edc7d4b346085b803569d6278a57b2c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a4:3d:d0:3d:35:4b:f1:13:e1:cb:d5:58:8a:c6:
                    86:6a:3e:77:bf:09:09:6c:02:1f:0b:0f:63:cb:c3:
                    53:f3:a5:67:4f:79:9e:84:2f:2d:62:60:6c:b3:0e:
                    69:c4:e2:8c:e1:24:f4:8b:6d:5f:c6:ab:0c:57:61:
                    9d:e7:75:e9:f0:11:1b:73:7d:ed:0e:9e:a7:63:1e:
                    47:67:0f:bd:8e:ba:c0:82:66:fa:8b:4b:7a:da:be:
                    53:03:99:3e:cf:de:f8:7e:a2:16:44:5e:a3:49:3f:
                    67:a6:d1:67:23:df:df:25:96:24:53:b2:a5:3b:c8:
                    f7:d0:13:b0:56:e6:77:30:4d:f2:21:9c:17:59:33:
                    eb:c3:13:07:df:db:1b:53:20:65:8d:71:21:9c:69:
                    b6:c1:d8:a7:e5:6a:fd:c4:f6:21:d6:df:5d:fd:77:
                    6a:46:67:4a:1d:94:46:b5:2d:cc:a7:1c:f0:1f:b1:
                    d3:54:12:57:17:32:0c:2b:5b:5f:1d:2e:e8:11:4b:
                    95:6d:e6:e5:fa:24:09:ed:86:69:6b:e8:77:84:52:
                    83:78:d1:54:8e:fe:65:e7:2e:14:19:48:77:c6:1c:
                    7e:9d:4b:70:03:e3:44:48:6a:4b:a8:51:9a:9f:1f:
                    3f:9a:40:3b:f3:34:a1:93:79:ba:1c:a3:6f:2d:19:
                    70:47
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                95:D8:5A:36:3E:DC:7D:4B:34:60:85:B8:03:56:9D:62:78:A5:7B:2C
            X509v3 Authority Key Identifier:
                keyid:D2:C0:1F:32:3D:1D:25:89:F9:A9:B4:62:FE:70:F3:6B:09:FA:C6:32

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0sAfMj0dJYn5qbRi_nDzawn6xjI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/de/4c84cd-0bf1-43a3-b442-65bd4224cdb9/1/0sAfMj0dJYn5qbRi_nDzawn6xjI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/de/4c84cd-0bf1-43a3-b442-65bd4224cdb9/1/0sAfMj0dJYn5qbRi_nDzawn6xjI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         57:dc:73:12:f8:94:89:a3:4d:93:d3:f4:c0:7e:22:f9:36:d1:
         34:49:87:99:28:9e:a2:b1:26:55:9d:16:fd:2e:d7:d6:b2:3c:
         a2:f7:d7:47:ee:fc:bd:b1:22:13:27:9c:8f:7a:37:63:23:c7:
         f2:db:d1:ec:c6:be:90:f4:bc:39:22:10:82:51:d9:e2:cf:5f:
         b3:eb:65:64:e6:36:d0:19:5a:1f:41:74:d2:c5:04:38:38:9a:
         31:cb:5e:23:ea:41:8c:16:86:8c:89:26:e4:47:fc:23:63:f2:
         28:3d:bd:6b:aa:67:41:57:25:6d:ae:5f:68:20:6b:45:cd:6f:
         52:aa:ab:ad:2a:0e:54:75:ab:87:45:06:ca:95:ca:60:94:cf:
         e3:ca:03:dd:5e:da:2c:86:df:01:be:6b:12:32:cc:8c:35:8c:
         c0:30:8a:6b:cf:70:f3:0e:99:39:5d:ca:1b:79:42:14:1e:b3:
         c2:d1:16:a7:ae:f7:1f:4d:a6:5d:c5:b8:d0:8d:3a:26:01:38:
         d5:29:68:92:67:e4:2d:25:8f:e9:e1:4f:e1:30:0a:41:af:c9:
         5d:9f:1e:1b:3c:b3:6d:ad:d1:fe:a8:b6:ce:7c:43:48:4f:bb:
         3e:2c:78:12:72:53:a3:17:c6:10:09:1d:c1:5c:0f:44:82:ca:
         df:bb:f6:f2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdiueU0FlGjYfzJJNzX7sVjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyYzAxZjMyM2QxZDI1ODlmOWE5YjQ2MmZlNzBmMzZiMDlm
YWM2MzIwHhcNMjUwNjEyMDYwMDM5WhcNMjUwNjEzMDYwMDM5WjAzMTEwLwYDVQQD
Eyg5NWQ4NWEzNjNlZGM3ZDRiMzQ2MDg1YjgwMzU2OWQ2Mjc4YTU3YjJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApD3QPTVL8RPhy9VYisaGaj53vwkJ
bAIfCw9jy8NT86VnT3mehC8tYmBssw5pxOKM4ST0i21fxqsMV2Gd53Xp8BEbc33t
Dp6nYx5HZw+9jrrAgmb6i0t62r5TA5k+z974fqIWRF6jST9nptFnI9/fJZYkU7Kl
O8j30BOwVuZ3ME3yIZwXWTPrwxMH39sbUyBljXEhnGm2wdin5Wr9xPYh1t9d/Xdq
RmdKHZRGtS3MpxzwH7HTVBJXFzIMK1tfHS7oEUuVbebl+iQJ7YZpa+h3hFKDeNFU
jv5l5y4UGUh3xhx+nUtwA+NESGpLqFGanx8/mkA78zShk3m6HKNvLRlwRwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJXYWjY+3H1LNGCFuANWnWJ4pXssMB8GA1UdIwQY
MBaAFNLAHzI9HSWJ+am0Yv5w82sJ+sYyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMHNBZk1qMGRKWW41cWJSaV9uRHphd242eGpJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZS80Yzg0Y2QtMGJmMS00M2EzLWI0NDIt
NjViZDQyMjRjZGI5LzEvMHNBZk1qMGRKWW41cWJSaV9uRHphd242eGpJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZS80Yzg0Y2QtMGJmMS00M2EzLWI0NDItNjViZDQyMjRjZGI5
LzEvMHNBZk1qMGRKWW41cWJSaV9uRHphd242eGpJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAV9xzEviU
iaNNk9P0wH4i+TbRNEmHmSieorEmVZ0W/S7X1rI8ovfXR+78vbEiEyecj3o3YyPH
8tvR7Ma+kPS8OSIQglHZ4s9fs+tlZOY20BlaH0F00sUEODiaMcteI+pBjBaGjIkm
5Ef8I2PyKD29a6pnQVclba5faCBrRc1vUqqrrSoOVHWrh0UGypXKYJTP48oD3V7a
LIbfAb5rEjLMjDWMwDCKa89w8w6ZOV3KG3lCFB6zwtEWp673H02mXcW40I06JgE4
1SlokmfkLSWP6eFP4TAKQa/JXZ8eGzyzba3R/qi2znxDSE+7Pix4EnJToxfGEAkd
wVwPRILK37v28g==
-----END CERTIFICATE-----
Generated at Thu Jun 12 12:41:21 2025 by rpki-client