Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/de/4c84cd-0bf1-43a3-b442-65bd4224cdb9/1/0sAfMj0dJYn5qbRi_nDzawn6xjI.mft
File:                     0sAfMj0dJYn5qbRi_nDzawn6xjI.mft (raw, json)
Hash identifier:          cG9TCavI2mPY/tsI3TRfgsdF252OiIyNqz/2C9iGfaQ=
Subject key identifier:   E7:D6:20:3B:56:D0:F1:DF:26:EF:EE:AE:8B:43:C5:17:59:03:36:D9
Authority key identifier: D2:C0:1F:32:3D:1D:25:89:F9:A9:B4:62:FE:70:F3:6B:09:FA:C6:32
Certificate issuer:       /CN=d2c01f323d1d2589f9a9b462fe70f36b09fac632
Certificate serial:       01976696ADF95F398DABD3F25823EAA595D1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/0sAfMj0dJYn5qbRi_nDzawn6xjI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/de/4c84cd-0bf1-43a3-b442-65bd4224cdb9/1/0sAfMj0dJYn5qbRi_nDzawn6xjI.mft
Manifest number:          05B8
Signing time:             Fri 13 Jun 2025 00:00:40 +0000
Manifest this update:     Fri 13 Jun 2025 00:00:40 +0000
Manifest next update:     Sat 14 Jun 2025 00:00:40 +0000
Files and hashes:         1: 0sAfMj0dJYn5qbRi_nDzawn6xjI.crl (hash: I57ZyKLO/LWJMSK3PQCXzemixnIH5KAgkLBLf40Jbpc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/de/4c84cd-0bf1-43a3-b442-65bd4224cdb9/1/0sAfMj0dJYn5qbRi_nDzawn6xjI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/de/4c84cd-0bf1-43a3-b442-65bd4224cdb9/1/0sAfMj0dJYn5qbRi_nDzawn6xjI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/0sAfMj0dJYn5qbRi_nDzawn6xjI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 13 Jun 2025 22:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:66:96:ad:f9:5f:39:8d:ab:d3:f2:58:23:ea:a5:95:d1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d2c01f323d1d2589f9a9b462fe70f36b09fac632
        Validity
            Not Before: Jun 13 00:00:40 2025 GMT
            Not After : Jun 14 00:00:40 2025 GMT
        Subject: CN=e7d6203b56d0f1df26efeeae8b43c517590336d9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:6d:3c:5f:01:11:bd:cc:82:e6:02:b8:22:a0:
                    79:f1:67:7d:cb:cb:5d:a2:e1:1f:78:2f:15:9f:73:
                    0e:d2:be:01:44:bd:49:4a:1b:4b:34:35:72:51:07:
                    5d:f8:cd:e7:4e:c7:dc:15:e8:33:c5:88:a5:c3:9f:
                    e8:60:7f:7e:57:80:74:76:31:31:94:7b:40:72:4f:
                    7d:88:9b:c7:93:50:ba:2f:7d:e6:b5:26:fc:95:63:
                    7c:5f:2e:e2:46:2c:93:82:31:8f:e9:ed:75:22:ae:
                    db:ea:9f:78:6c:c2:39:b0:1d:cc:4d:28:9c:0d:a5:
                    8c:38:e6:81:a8:63:01:85:10:d6:82:68:93:d5:6c:
                    27:54:e1:f4:f5:b3:b2:7a:9d:9c:5c:c5:85:82:44:
                    10:1e:d9:84:71:fd:cf:3a:fe:2e:cd:e4:ca:30:25:
                    e6:84:25:a1:b7:fc:b2:10:d4:ab:4c:a1:23:23:ca:
                    36:1b:bb:36:d0:83:f6:54:d2:28:04:1c:ab:90:c3:
                    c2:74:c7:37:1b:7b:69:94:5a:86:a2:ba:2d:f5:1a:
                    05:91:1f:0e:96:d4:c4:1c:22:2d:da:ed:d4:0d:4b:
                    4d:85:89:6c:27:d6:ad:8a:91:b9:2c:6e:58:a2:0c:
                    20:6f:00:96:f7:42:25:e0:09:4d:0c:f2:f7:b5:ea:
                    6e:c9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E7:D6:20:3B:56:D0:F1:DF:26:EF:EE:AE:8B:43:C5:17:59:03:36:D9
            X509v3 Authority Key Identifier:
                keyid:D2:C0:1F:32:3D:1D:25:89:F9:A9:B4:62:FE:70:F3:6B:09:FA:C6:32

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0sAfMj0dJYn5qbRi_nDzawn6xjI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/de/4c84cd-0bf1-43a3-b442-65bd4224cdb9/1/0sAfMj0dJYn5qbRi_nDzawn6xjI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/de/4c84cd-0bf1-43a3-b442-65bd4224cdb9/1/0sAfMj0dJYn5qbRi_nDzawn6xjI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4f:6d:c2:07:73:10:c0:8b:2a:17:07:19:c1:95:de:b7:de:1a:
         a4:8d:bf:1a:85:24:49:b6:ac:5c:0e:04:53:51:dd:49:a0:c7:
         57:38:bb:bf:71:0d:3b:40:70:2e:fb:7b:f3:08:22:1e:59:61:
         36:3b:85:8f:7b:c4:45:43:cb:dd:5b:ad:76:3b:f9:70:c9:e9:
         58:d1:29:2b:25:a2:61:63:c8:c3:f3:53:8b:b0:78:4e:64:8c:
         b0:43:30:4d:aa:c9:2f:50:30:5a:c8:68:c4:cf:3c:51:06:02:
         18:a8:7e:4c:42:90:51:69:04:a6:9c:2f:d3:7f:d6:08:9b:3d:
         32:25:17:31:31:fc:cc:2e:40:fc:65:e3:52:e4:1c:dc:d8:ed:
         cf:d6:57:1e:c7:21:6a:a8:07:d3:61:3d:f6:e8:18:f2:11:4d:
         43:2f:3a:af:cd:75:91:3e:33:7c:30:d7:77:8d:1c:57:09:0f:
         1e:be:4d:86:20:d1:b6:87:bf:20:16:79:b9:c5:b4:6d:b1:3b:
         ce:39:ab:6c:73:4b:71:d0:49:cf:e4:7c:2c:32:13:8c:4b:74:
         bb:5b:4e:b9:12:6f:8c:6f:c0:91:a9:90:74:57:46:1b:33:7f:
         67:e0:a4:c6:77:28:bb:f3:98:5e:8a:f8:d7:42:36:fc:85:b8:
         b4:dc:b9:c9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdmlq35XzmNq9PyWCPqpZXRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyYzAxZjMyM2QxZDI1ODlmOWE5YjQ2MmZlNzBmMzZiMDlm
YWM2MzIwHhcNMjUwNjEzMDAwMDQwWhcNMjUwNjE0MDAwMDQwWjAzMTEwLwYDVQQD
EyhlN2Q2MjAzYjU2ZDBmMWRmMjZlZmVlYWU4YjQzYzUxNzU5MDMzNmQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt208XwERvcyC5gK4IqB58Wd9y8td
ouEfeC8Vn3MO0r4BRL1JShtLNDVyUQdd+M3nTsfcFegzxYilw5/oYH9+V4B0djEx
lHtAck99iJvHk1C6L33mtSb8lWN8Xy7iRiyTgjGP6e11Iq7b6p94bMI5sB3MTSic
DaWMOOaBqGMBhRDWgmiT1WwnVOH09bOyep2cXMWFgkQQHtmEcf3POv4uzeTKMCXm
hCWht/yyENSrTKEjI8o2G7s20IP2VNIoBByrkMPCdMc3G3tplFqGorot9RoFkR8O
ltTEHCIt2u3UDUtNhYlsJ9atipG5LG5YogwgbwCW90Il4AlNDPL3tepuyQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOfWIDtW0PHfJu/urotDxRdZAzbZMB8GA1UdIwQY
MBaAFNLAHzI9HSWJ+am0Yv5w82sJ+sYyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMHNBZk1qMGRKWW41cWJSaV9uRHphd242eGpJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZS80Yzg0Y2QtMGJmMS00M2EzLWI0NDIt
NjViZDQyMjRjZGI5LzEvMHNBZk1qMGRKWW41cWJSaV9uRHphd242eGpJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZS80Yzg0Y2QtMGJmMS00M2EzLWI0NDItNjViZDQyMjRjZGI5
LzEvMHNBZk1qMGRKWW41cWJSaV9uRHphd242eGpJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAT23CB3MQ
wIsqFwcZwZXet94apI2/GoUkSbasXA4EU1HdSaDHVzi7v3ENO0BwLvt78wgiHllh
NjuFj3vERUPL3Vutdjv5cMnpWNEpKyWiYWPIw/NTi7B4TmSMsEMwTarJL1AwWsho
xM88UQYCGKh+TEKQUWkEppwv03/WCJs9MiUXMTH8zC5A/GXjUuQc3Njtz9ZXHsch
aqgH02E99ugY8hFNQy86r811kT4zfDDXd40cVwkPHr5NhiDRtoe/IBZ5ucW0bbE7
zjmrbHNLcdBJz+R8LDITjEt0u1tOuRJvjG/AkamQdFdGGzN/Z+Ckxncou/OYXor4
10I2/IW4tNy5yQ==
-----END CERTIFICATE-----
Generated at Fri Jun 13 01:44:30 2025 by rpki-client