Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e8/cbe8e7-5a78-4558-9951-84accecc51f0/1/Ay05zpG-hnz1zhtgCdUmLCi2Ugk.mft
File:                     Ay05zpG-hnz1zhtgCdUmLCi2Ugk.mft (raw, json)
Hash identifier:          uIzs9asJ5/OWCivB2hMW7lfhJezrENTP7LUno5OCeuE=
Subject key identifier:   E6:E4:BA:2E:AB:D0:B8:F7:E4:F4:D0:A9:B2:7A:A0:85:A4:A5:BF:06
Authority key identifier: 03:2D:39:CE:91:BE:86:7C:F5:CE:1B:60:09:D5:26:2C:28:B6:52:09
Certificate issuer:       /CN=032d39ce91be867cf5ce1b6009d5262c28b65209
Certificate serial:       01976C98C9183708CA671288897D32A703E8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Ay05zpG-hnz1zhtgCdUmLCi2Ugk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e8/cbe8e7-5a78-4558-9951-84accecc51f0/1/Ay05zpG-hnz1zhtgCdUmLCi2Ugk.mft
Manifest number:          158B
Signing time:             Sat 14 Jun 2025 04:00:41 +0000
Manifest this update:     Sat 14 Jun 2025 04:00:41 +0000
Manifest next update:     Sun 15 Jun 2025 04:00:41 +0000
Files and hashes:         1: Ay05zpG-hnz1zhtgCdUmLCi2Ugk.crl (hash: GLQyHaIyUh9FJ7M5ZrKEOTxig0JnY9+RRHZI/FFbxdQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e8/cbe8e7-5a78-4558-9951-84accecc51f0/1/Ay05zpG-hnz1zhtgCdUmLCi2Ugk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e8/cbe8e7-5a78-4558-9951-84accecc51f0/1/Ay05zpG-hnz1zhtgCdUmLCi2Ugk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Ay05zpG-hnz1zhtgCdUmLCi2Ugk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 15 Jun 2025 04:00:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:6c:98:c9:18:37:08:ca:67:12:88:89:7d:32:a7:03:e8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=032d39ce91be867cf5ce1b6009d5262c28b65209
        Validity
            Not Before: Jun 14 04:00:41 2025 GMT
            Not After : Jun 15 04:00:41 2025 GMT
        Subject: CN=e6e4ba2eabd0b8f7e4f4d0a9b27aa085a4a5bf06
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:97:a3:6b:f3:91:2d:0f:f3:9a:ef:47:53:57:d5:
                    fc:02:47:48:09:fa:f1:0e:7b:24:8b:b5:35:ef:7e:
                    8a:47:dc:09:85:37:40:3f:8d:f9:c2:fe:6f:3a:bb:
                    7f:8e:87:f1:cf:e4:33:d6:b2:69:41:92:42:48:bc:
                    19:44:21:bb:da:de:51:03:88:da:bf:8c:38:be:02:
                    10:ed:ba:05:7a:cb:24:4b:fc:77:68:8c:cf:7f:fa:
                    1c:fa:3d:f7:66:0c:a9:54:ea:05:13:48:59:90:35:
                    36:73:99:e2:b9:67:5d:fa:ff:07:5b:e1:cf:60:48:
                    40:1b:c3:2a:10:df:82:e5:6c:41:03:e9:d0:d1:6d:
                    4a:cc:c9:5f:a1:25:96:c6:67:5c:30:e2:e7:68:ec:
                    ba:f9:47:d7:18:79:59:d2:20:b2:96:e1:95:a9:ec:
                    af:65:09:1c:e6:51:ea:a5:8c:ec:15:d2:0e:14:b2:
                    c7:c5:88:6d:60:c1:5d:81:99:4f:eb:a7:10:67:f3:
                    67:89:d1:c3:93:b9:10:9e:ae:59:a4:4a:54:71:07:
                    59:70:0a:4e:cd:97:74:5d:c0:31:01:b5:d5:5a:92:
                    b7:24:a1:b2:41:bd:9d:49:9d:b1:24:55:44:d4:5f:
                    9b:a3:73:c3:14:48:37:09:f0:eb:51:37:44:55:39:
                    99:49
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E6:E4:BA:2E:AB:D0:B8:F7:E4:F4:D0:A9:B2:7A:A0:85:A4:A5:BF:06
            X509v3 Authority Key Identifier:
                keyid:03:2D:39:CE:91:BE:86:7C:F5:CE:1B:60:09:D5:26:2C:28:B6:52:09

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ay05zpG-hnz1zhtgCdUmLCi2Ugk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/cbe8e7-5a78-4558-9951-84accecc51f0/1/Ay05zpG-hnz1zhtgCdUmLCi2Ugk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/cbe8e7-5a78-4558-9951-84accecc51f0/1/Ay05zpG-hnz1zhtgCdUmLCi2Ugk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         52:f2:ff:34:fd:de:dc:c6:f0:f1:4a:24:8b:b1:19:11:82:fc:
         46:b2:a7:d4:27:1e:af:80:5d:36:d6:23:07:14:16:04:83:af:
         5a:45:38:11:7e:18:fb:c5:c7:c2:59:dc:2c:4d:54:73:e5:7a:
         54:ec:aa:0f:04:02:76:57:82:b4:86:3c:03:81:65:50:9c:11:
         51:55:24:d6:ed:61:0a:05:55:60:dc:e2:9e:f7:31:c5:3a:c3:
         50:a6:58:c7:82:2c:5c:64:fb:ed:2b:9b:59:3e:80:c3:11:be:
         b5:9f:05:b7:59:6b:7c:dd:d4:58:8f:a0:22:0f:7f:54:91:f6:
         f4:f1:f5:9d:f6:32:af:1a:92:99:cd:0b:d5:d8:a6:31:f7:9d:
         cc:99:52:3c:ee:58:01:75:d4:b3:14:f5:1a:15:bc:03:af:ff:
         e8:0e:38:54:89:bb:b8:2c:8e:0a:6b:ca:c0:e4:42:5a:be:00:
         cb:e7:6e:f8:c0:92:63:fd:f0:bc:8f:14:b3:4f:4c:57:f6:85:
         fc:47:b0:5e:3a:7e:5d:6d:ed:31:95:23:2f:db:a5:c6:31:a3:
         45:af:38:7d:60:4b:d8:79:48:38:65:a7:45:62:b5:4c:79:e1:
         04:e8:c9:60:58:d5:cb:d0:2f:4c:62:3b:fe:ca:24:6c:67:a8:
         96:4f:f6:ad
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdsmMkYNwjKZxKIiX0ypwPoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAzMmQzOWNlOTFiZTg2N2NmNWNlMWI2MDA5ZDUyNjJjMjhi
NjUyMDkwHhcNMjUwNjE0MDQwMDQxWhcNMjUwNjE1MDQwMDQxWjAzMTEwLwYDVQQD
EyhlNmU0YmEyZWFiZDBiOGY3ZTRmNGQwYTliMjdhYTA4NWE0YTViZjA2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl6Nr85EtD/Oa70dTV9X8AkdICfrx
Dnski7U1736KR9wJhTdAP435wv5vOrt/jofxz+Qz1rJpQZJCSLwZRCG72t5RA4ja
v4w4vgIQ7boFesskS/x3aIzPf/oc+j33ZgypVOoFE0hZkDU2c5niuWdd+v8HW+HP
YEhAG8MqEN+C5WxBA+nQ0W1KzMlfoSWWxmdcMOLnaOy6+UfXGHlZ0iCyluGVqeyv
ZQkc5lHqpYzsFdIOFLLHxYhtYMFdgZlP66cQZ/NnidHDk7kQnq5ZpEpUcQdZcApO
zZd0XcAxAbXVWpK3JKGyQb2dSZ2xJFVE1F+bo3PDFEg3CfDrUTdEVTmZSQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFObkui6r0Lj35PTQqbJ6oIWkpb8GMB8GA1UdIwQY
MBaAFAMtOc6RvoZ89c4bYAnVJiwotlIJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQXkwNXpwRy1obnoxemh0Z0NkVW1MQ2kyVWdrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOC9jYmU4ZTctNWE3OC00NTU4LTk5NTEt
ODRhY2NlY2M1MWYwLzEvQXkwNXpwRy1obnoxemh0Z0NkVW1MQ2kyVWdrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOC9jYmU4ZTctNWE3OC00NTU4LTk5NTEtODRhY2NlY2M1MWYw
LzEvQXkwNXpwRy1obnoxemh0Z0NkVW1MQ2kyVWdrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAUvL/NP3e
3Mbw8Uoki7EZEYL8RrKn1Ccer4BdNtYjBxQWBIOvWkU4EX4Y+8XHwlncLE1Uc+V6
VOyqDwQCdleCtIY8A4FlUJwRUVUk1u1hCgVVYNzinvcxxTrDUKZYx4IsXGT77Sub
WT6AwxG+tZ8Ft1lrfN3UWI+gIg9/VJH29PH1nfYyrxqSmc0L1dimMfedzJlSPO5Y
AXXUsxT1GhW8A6//6A44VIm7uCyOCmvKwORCWr4Ay+du+MCSY/3wvI8Us09MV/aF
/EewXjp+XW3tMZUjL9ulxjGjRa84fWBL2HlIOGWnRWK1THnhBOjJYFjVy9AvTGI7
/sokbGeolk/2rQ==
-----END CERTIFICATE-----
Generated at Sat Jun 14 13:55:41 2025 by rpki-client