Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e8/cbe8e7-5a78-4558-9951-84accecc51f0/1/Ay05zpG-hnz1zhtgCdUmLCi2Ugk.mft
File:                     Ay05zpG-hnz1zhtgCdUmLCi2Ugk.mft (raw, json)
Hash identifier:          Tcu0E58LmnsdC3IMfbJ385VGwqgaJP1wip42bU4SoW8=
Subject key identifier:   07:BF:43:4E:14:46:F1:1B:39:5F:63:9D:84:FB:D0:91:28:08:35:98
Authority key identifier: 03:2D:39:CE:91:BE:86:7C:F5:CE:1B:60:09:D5:26:2C:28:B6:52:09
Certificate issuer:       /CN=032d39ce91be867cf5ce1b6009d5262c28b65209
Certificate serial:       0197575A34E70026B9A23AA60404AB29D793
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Ay05zpG-hnz1zhtgCdUmLCi2Ugk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e8/cbe8e7-5a78-4558-9951-84accecc51f0/1/Ay05zpG-hnz1zhtgCdUmLCi2Ugk.mft
Manifest number:          1580
Signing time:             Tue 10 Jun 2025 01:00:18 +0000
Manifest this update:     Tue 10 Jun 2025 01:00:18 +0000
Manifest next update:     Wed 11 Jun 2025 01:00:18 +0000
Files and hashes:         1: Ay05zpG-hnz1zhtgCdUmLCi2Ugk.crl (hash: uzf15XHvnPIsyUy+PBn/5GVCBz0GZVcFJrsn8cJ+VNU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e8/cbe8e7-5a78-4558-9951-84accecc51f0/1/Ay05zpG-hnz1zhtgCdUmLCi2Ugk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e8/cbe8e7-5a78-4558-9951-84accecc51f0/1/Ay05zpG-hnz1zhtgCdUmLCi2Ugk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Ay05zpG-hnz1zhtgCdUmLCi2Ugk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 10 Jun 2025 19:25:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:57:5a:34:e7:00:26:b9:a2:3a:a6:04:04:ab:29:d7:93
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=032d39ce91be867cf5ce1b6009d5262c28b65209
        Validity
            Not Before: Jun 10 01:00:18 2025 GMT
            Not After : Jun 11 01:00:18 2025 GMT
        Subject: CN=07bf434e1446f11b395f639d84fbd09128083598
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d6:73:68:26:e1:29:fd:9f:05:cd:82:21:62:14:
                    b0:ad:2f:1e:dc:23:93:a0:11:f2:b8:b7:f4:d3:76:
                    2b:78:db:36:fb:02:4e:68:7a:59:05:c1:82:b6:3a:
                    ef:8b:a6:e4:18:2f:85:8d:3b:8a:22:13:2e:b3:39:
                    87:c1:45:7c:61:bd:db:5a:ca:c8:b6:00:93:2a:cd:
                    85:8b:57:d0:08:41:10:e5:14:e0:1d:83:63:91:1a:
                    5f:68:94:e9:71:f8:48:ac:54:db:df:2f:83:d4:20:
                    46:04:14:78:e6:c1:9b:1f:3d:3e:5d:c8:80:ae:56:
                    2f:a7:3e:2d:a4:fe:17:43:dc:cb:5d:18:fc:db:a1:
                    92:89:c1:31:dd:6e:1b:c6:85:a7:91:e8:78:88:70:
                    41:c4:fe:24:99:76:f0:00:75:fc:44:e5:63:42:a4:
                    d4:40:be:90:cb:ad:cf:5b:6f:a7:73:4f:b4:ad:f2:
                    5a:c9:57:c2:70:4b:28:1c:8c:96:39:d0:05:11:3d:
                    e3:20:82:10:e8:14:1f:e6:92:f4:67:b1:15:03:43:
                    a4:cd:b3:37:de:1c:1b:9f:a8:34:f5:52:eb:fd:f3:
                    b5:94:f8:fa:da:f7:f1:fe:a2:cd:67:46:a5:26:2e:
                    f9:16:e8:f7:2c:2d:d6:97:6d:9b:1e:03:86:37:11:
                    62:a1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                07:BF:43:4E:14:46:F1:1B:39:5F:63:9D:84:FB:D0:91:28:08:35:98
            X509v3 Authority Key Identifier:
                keyid:03:2D:39:CE:91:BE:86:7C:F5:CE:1B:60:09:D5:26:2C:28:B6:52:09

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ay05zpG-hnz1zhtgCdUmLCi2Ugk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/cbe8e7-5a78-4558-9951-84accecc51f0/1/Ay05zpG-hnz1zhtgCdUmLCi2Ugk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/cbe8e7-5a78-4558-9951-84accecc51f0/1/Ay05zpG-hnz1zhtgCdUmLCi2Ugk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         ab:01:01:d7:b2:a6:5c:1c:5e:3b:d0:8b:98:6c:1b:34:7c:c5:
         aa:31:89:7b:df:c0:11:a8:8a:4a:e8:be:41:8a:2a:30:25:de:
         b3:cf:ff:50:76:21:ad:3d:97:ae:11:57:73:44:bd:01:e8:13:
         9a:94:25:b0:66:54:43:57:e7:b5:cc:43:e9:1e:14:d8:d9:1e:
         80:d7:d4:20:d1:5d:74:b1:4c:11:a6:79:80:30:cc:98:ad:c6:
         9a:e8:7f:06:b4:4e:e3:73:54:fd:1c:8d:c3:35:0e:b0:f5:5f:
         4c:44:da:53:ea:c5:51:61:a9:1a:f7:50:d8:52:98:2b:41:90:
         77:6b:ab:67:93:20:6f:19:ff:3f:44:0b:36:f7:6c:a9:6b:5c:
         8a:dc:68:35:87:3e:72:6c:91:e0:68:d8:01:e3:f6:03:df:c3:
         ca:76:a0:c2:3d:00:c1:9a:76:ea:7c:e6:fc:8e:1d:08:c6:f6:
         2b:d8:69:bb:c6:1f:9a:28:76:6a:da:77:e1:5f:43:98:a1:2f:
         78:35:bc:6b:8f:a4:c8:02:0d:c7:ef:78:82:f1:dc:b3:cb:83:
         0f:58:3e:3d:3c:58:47:3b:fe:9d:45:ab:e6:3e:d5:a7:f1:4b:
         7f:11:b1:ed:a8:92:a9:d8:7c:28:91:eb:40:0d:59:17:09:d5:
         db:9c:a7:fa
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdXWjTnACa5ojqmBASrKdeTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAzMmQzOWNlOTFiZTg2N2NmNWNlMWI2MDA5ZDUyNjJjMjhi
NjUyMDkwHhcNMjUwNjEwMDEwMDE4WhcNMjUwNjExMDEwMDE4WjAzMTEwLwYDVQQD
EygwN2JmNDM0ZTE0NDZmMTFiMzk1ZjYzOWQ4NGZiZDA5MTI4MDgzNTk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1nNoJuEp/Z8FzYIhYhSwrS8e3COT
oBHyuLf003YreNs2+wJOaHpZBcGCtjrvi6bkGC+FjTuKIhMuszmHwUV8Yb3bWsrI
tgCTKs2Fi1fQCEEQ5RTgHYNjkRpfaJTpcfhIrFTb3y+D1CBGBBR45sGbHz0+XciA
rlYvpz4tpP4XQ9zLXRj826GSicEx3W4bxoWnkeh4iHBBxP4kmXbwAHX8ROVjQqTU
QL6Qy63PW2+nc0+0rfJayVfCcEsoHIyWOdAFET3jIIIQ6BQf5pL0Z7EVA0OkzbM3
3hwbn6g09VLr/fO1lPj62vfx/qLNZ0alJi75Fuj3LC3Wl22bHgOGNxFioQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAe/Q04URvEbOV9jnYT70JEoCDWYMB8GA1UdIwQY
MBaAFAMtOc6RvoZ89c4bYAnVJiwotlIJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQXkwNXpwRy1obnoxemh0Z0NkVW1MQ2kyVWdrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOC9jYmU4ZTctNWE3OC00NTU4LTk5NTEt
ODRhY2NlY2M1MWYwLzEvQXkwNXpwRy1obnoxemh0Z0NkVW1MQ2kyVWdrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOC9jYmU4ZTctNWE3OC00NTU4LTk5NTEtODRhY2NlY2M1MWYw
LzEvQXkwNXpwRy1obnoxemh0Z0NkVW1MQ2kyVWdrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAqwEB17Km
XBxeO9CLmGwbNHzFqjGJe9/AEaiKSui+QYoqMCXes8//UHYhrT2XrhFXc0S9AegT
mpQlsGZUQ1fntcxD6R4U2NkegNfUINFddLFMEaZ5gDDMmK3Gmuh/BrRO43NU/RyN
wzUOsPVfTETaU+rFUWGpGvdQ2FKYK0GQd2urZ5Mgbxn/P0QLNvdsqWtcitxoNYc+
cmyR4GjYAeP2A9/Dynagwj0AwZp26nzm/I4dCMb2K9hpu8Yfmih2atp34V9DmKEv
eDW8a4+kyAINx+94gvHcs8uDD1g+PTxYRzv+nUWr5j7Vp/FLfxGx7aiSqdh8KJHr
QA1ZFwnV25yn+g==
-----END CERTIFICATE-----
Generated at Tue Jun 10 05:28:46 2025 by rpki-client