Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/de/4c84cd-0bf1-43a3-b442-65bd4224cdb9/1/0sAfMj0dJYn5qbRi_nDzawn6xjI.mft
File:                     0sAfMj0dJYn5qbRi_nDzawn6xjI.mft (raw, json)
Hash identifier:          SjN6MLxpu27L3HfXrUKFlBrV1VxdPQIc4MseI1zNs7k=
Subject key identifier:   3B:6A:26:E1:A6:DB:7C:76:70:84:29:E9:E5:D3:F7:E6:26:D1:AF:66
Authority key identifier: D2:C0:1F:32:3D:1D:25:89:F9:A9:B4:62:FE:70:F3:6B:09:FA:C6:32
Certificate issuer:       /CN=d2c01f323d1d2589f9a9b462fe70f36b09fac632
Certificate serial:       019760CBA5446A6BA3957F5B3085FB836A75
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/0sAfMj0dJYn5qbRi_nDzawn6xjI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/de/4c84cd-0bf1-43a3-b442-65bd4224cdb9/1/0sAfMj0dJYn5qbRi_nDzawn6xjI.mft
Manifest number:          05B5
Signing time:             Wed 11 Jun 2025 21:00:48 +0000
Manifest this update:     Wed 11 Jun 2025 21:00:48 +0000
Manifest next update:     Thu 12 Jun 2025 21:00:48 +0000
Files and hashes:         1: 0sAfMj0dJYn5qbRi_nDzawn6xjI.crl (hash: lwUGuj3X/XZC14m5sk0aNKK3Vehj5T53pbbkbhSZ0II=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/de/4c84cd-0bf1-43a3-b442-65bd4224cdb9/1/0sAfMj0dJYn5qbRi_nDzawn6xjI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/de/4c84cd-0bf1-43a3-b442-65bd4224cdb9/1/0sAfMj0dJYn5qbRi_nDzawn6xjI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/0sAfMj0dJYn5qbRi_nDzawn6xjI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 12 Jun 2025 21:00:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:60:cb:a5:44:6a:6b:a3:95:7f:5b:30:85:fb:83:6a:75
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d2c01f323d1d2589f9a9b462fe70f36b09fac632
        Validity
            Not Before: Jun 11 21:00:48 2025 GMT
            Not After : Jun 12 21:00:48 2025 GMT
        Subject: CN=3b6a26e1a6db7c76708429e9e5d3f7e626d1af66
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cf:42:15:97:04:63:51:47:99:37:6e:ae:e4:79:
                    6a:79:f4:bc:a0:0e:4b:0e:5c:6b:c9:c4:59:36:fd:
                    ae:45:1c:29:37:11:88:9b:63:02:da:46:8d:41:2c:
                    dc:81:d8:eb:42:58:ea:4e:38:18:8b:5b:dd:c7:4d:
                    d0:59:36:e0:32:6e:da:16:da:d6:12:f2:25:31:3a:
                    ae:e1:82:28:57:52:a1:f3:6b:78:2f:c8:85:cc:1e:
                    8f:d9:46:28:84:16:b3:4b:9a:c2:c1:e9:3c:32:13:
                    0c:fa:82:8a:4a:8c:bd:68:e9:2f:e5:f8:e2:60:fb:
                    63:95:fe:d2:88:ef:24:47:16:d6:83:9e:02:33:27:
                    8c:55:0f:2e:48:d6:01:1b:7f:d4:00:3e:45:21:b1:
                    35:f6:c7:77:67:73:a5:b1:85:f2:b1:18:dd:d8:29:
                    f8:73:0b:0e:28:d4:22:89:67:e5:9c:b6:a3:1d:19:
                    07:12:08:81:a3:ff:59:e6:98:0e:a8:90:41:8e:cb:
                    24:6b:4a:1a:99:05:42:29:f5:bb:98:ca:6c:b6:59:
                    ba:d2:3a:29:25:af:b3:fc:f9:1e:2e:41:73:93:cb:
                    87:c2:da:16:cc:a4:27:30:e4:ca:1a:d4:8f:42:62:
                    06:69:ec:43:bd:5b:3a:2b:a4:57:1d:4f:42:42:9b:
                    00:7f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3B:6A:26:E1:A6:DB:7C:76:70:84:29:E9:E5:D3:F7:E6:26:D1:AF:66
            X509v3 Authority Key Identifier:
                keyid:D2:C0:1F:32:3D:1D:25:89:F9:A9:B4:62:FE:70:F3:6B:09:FA:C6:32

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0sAfMj0dJYn5qbRi_nDzawn6xjI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/de/4c84cd-0bf1-43a3-b442-65bd4224cdb9/1/0sAfMj0dJYn5qbRi_nDzawn6xjI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/de/4c84cd-0bf1-43a3-b442-65bd4224cdb9/1/0sAfMj0dJYn5qbRi_nDzawn6xjI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5f:8b:21:56:72:70:cf:b9:b9:94:4b:73:0c:36:a0:2b:73:cc:
         77:a4:24:95:49:67:ee:b4:d6:ba:a8:a7:fa:42:dc:e9:3c:bd:
         97:b0:3d:5b:ad:37:c7:8e:65:5c:a4:e6:e4:0c:62:30:55:72:
         74:a3:1f:f2:1d:11:0d:b5:db:20:d5:7e:a5:ad:9b:6c:09:08:
         b1:e2:0d:06:bf:41:9b:0e:73:14:13:35:e8:3c:34:f7:d1:80:
         c0:bd:7e:48:9b:0d:50:ae:b4:d0:ad:54:f4:e1:87:4b:0e:82:
         c6:d3:bb:34:3e:33:72:7c:2b:f0:66:78:6d:f9:f2:8a:49:65:
         6f:4a:4d:4b:06:ce:c7:f8:4c:03:4e:a4:85:f8:92:a5:0a:f0:
         26:8c:8b:ef:db:ee:2f:c3:3e:f9:86:b2:48:fb:91:1c:4e:9e:
         f6:16:ba:4b:c3:36:40:fb:43:ad:1a:b7:78:63:ac:d8:1b:a2:
         ff:2c:69:99:5a:a1:9d:79:59:f9:cd:89:5c:fb:85:a4:39:8d:
         8b:a9:fe:a4:fb:99:a2:b2:24:7d:41:0d:70:75:6c:6b:53:53:
         4c:b7:b8:5e:9d:46:31:59:c6:8a:2c:51:5d:42:20:5b:d9:82:
         d8:e6:2c:f7:92:fe:14:d7:0f:7c:2c:c7:3d:bb:22:5d:f2:52:
         21:13:f3:df
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdgy6VEamujlX9bMIX7g2p1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyYzAxZjMyM2QxZDI1ODlmOWE5YjQ2MmZlNzBmMzZiMDlm
YWM2MzIwHhcNMjUwNjExMjEwMDQ4WhcNMjUwNjEyMjEwMDQ4WjAzMTEwLwYDVQQD
EygzYjZhMjZlMWE2ZGI3Yzc2NzA4NDI5ZTllNWQzZjdlNjI2ZDFhZjY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz0IVlwRjUUeZN26u5HlqefS8oA5L
DlxrycRZNv2uRRwpNxGIm2MC2kaNQSzcgdjrQljqTjgYi1vdx03QWTbgMm7aFtrW
EvIlMTqu4YIoV1Kh82t4L8iFzB6P2UYohBazS5rCwek8MhMM+oKKSoy9aOkv5fji
YPtjlf7SiO8kRxbWg54CMyeMVQ8uSNYBG3/UAD5FIbE19sd3Z3OlsYXysRjd2Cn4
cwsOKNQiiWflnLajHRkHEgiBo/9Z5pgOqJBBjsska0oamQVCKfW7mMpstlm60jop
Ja+z/PkeLkFzk8uHwtoWzKQnMOTKGtSPQmIGaexDvVs6K6RXHU9CQpsAfwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDtqJuGm23x2cIQp6eXT9+Ym0a9mMB8GA1UdIwQY
MBaAFNLAHzI9HSWJ+am0Yv5w82sJ+sYyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMHNBZk1qMGRKWW41cWJSaV9uRHphd242eGpJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZS80Yzg0Y2QtMGJmMS00M2EzLWI0NDIt
NjViZDQyMjRjZGI5LzEvMHNBZk1qMGRKWW41cWJSaV9uRHphd242eGpJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZS80Yzg0Y2QtMGJmMS00M2EzLWI0NDItNjViZDQyMjRjZGI5
LzEvMHNBZk1qMGRKWW41cWJSaV9uRHphd242eGpJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAX4shVnJw
z7m5lEtzDDagK3PMd6QklUln7rTWuqin+kLc6Ty9l7A9W603x45lXKTm5AxiMFVy
dKMf8h0RDbXbINV+pa2bbAkIseINBr9Bmw5zFBM16Dw099GAwL1+SJsNUK600K1U
9OGHSw6CxtO7ND4zcnwr8GZ4bfnyikllb0pNSwbOx/hMA06khfiSpQrwJoyL79vu
L8M++YaySPuRHE6e9ha6S8M2QPtDrRq3eGOs2Bui/yxpmVqhnXlZ+c2JXPuFpDmN
i6n+pPuZorIkfUENcHVsa1NTTLe4Xp1GMVnGiixRXUIgW9mC2OYs95L+FNcPfCzH
PbsiXfJSIRPz3w==
-----END CERTIFICATE-----
Generated at Thu Jun 12 04:05:35 2025 by rpki-client