Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/299caa-8ccd-49c1-9029-8804dad780a1/1/ZM8e6QZTt7gU1rVFlJvZTd4PxqE.mft
File:                     ZM8e6QZTt7gU1rVFlJvZTd4PxqE.mft (raw, json)
Hash identifier:          xymHmSYWsKeUYTp+1v/gwtxsMb8K5nZu7wDdeh1zNwU=
Subject key identifier:   CB:E0:76:68:B3:AC:A0:52:5E:EE:29:AE:56:53:78:CB:22:40:BD:D6
Authority key identifier: 64:CF:1E:E9:06:53:B7:B8:14:D6:B5:45:94:9B:D9:4D:DE:0F:C6:A1
Certificate issuer:       /CN=64cf1ee90653b7b814d6b545949bd94dde0fc6a1
Certificate serial:       01975BA554F277C07A1D952F36955C9C3E02
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ZM8e6QZTt7gU1rVFlJvZTd4PxqE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e9/299caa-8ccd-49c1-9029-8804dad780a1/1/ZM8e6QZTt7gU1rVFlJvZTd4PxqE.mft
Manifest number:          0108
Signing time:             Tue 10 Jun 2025 21:00:51 +0000
Manifest this update:     Tue 10 Jun 2025 21:00:51 +0000
Manifest next update:     Wed 11 Jun 2025 21:00:51 +0000
Files and hashes:         1: ZM8e6QZTt7gU1rVFlJvZTd4PxqE.crl (hash: Bi7fFq9T5N6HePfja28ixJKzgbFV9bcMa8gVTzGU/+w=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e9/299caa-8ccd-49c1-9029-8804dad780a1/1/ZM8e6QZTt7gU1rVFlJvZTd4PxqE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e9/299caa-8ccd-49c1-9029-8804dad780a1/1/ZM8e6QZTt7gU1rVFlJvZTd4PxqE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ZM8e6QZTt7gU1rVFlJvZTd4PxqE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 11 Jun 2025 20:45:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:5b:a5:54:f2:77:c0:7a:1d:95:2f:36:95:5c:9c:3e:02
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=64cf1ee90653b7b814d6b545949bd94dde0fc6a1
        Validity
            Not Before: Jun 10 21:00:51 2025 GMT
            Not After : Jun 11 21:00:51 2025 GMT
        Subject: CN=cbe07668b3aca0525eee29ae565378cb2240bdd6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:eb:14:21:81:d0:8a:e9:9a:1d:89:a2:2a:f0:c3:
                    5c:4d:eb:9a:ca:b9:70:20:fc:77:e9:45:24:7f:69:
                    08:1e:14:18:e8:85:60:fa:9f:36:a8:a3:37:1f:2a:
                    cd:6f:01:3b:c8:22:0b:45:d2:82:0b:7e:30:83:ac:
                    f3:50:2b:72:23:fe:5f:da:88:db:99:80:ad:9b:e9:
                    d4:f1:ed:5f:64:7c:33:18:44:30:20:df:e1:02:f4:
                    b3:aa:71:ab:55:c6:a2:eb:71:75:87:85:c3:fb:8f:
                    03:65:a8:96:29:89:d5:ef:52:e1:35:c9:8b:cf:a0:
                    66:30:b5:3b:5c:47:02:3e:cc:3d:01:6d:a3:e3:38:
                    5f:f5:94:99:21:89:b0:23:ee:5c:f1:51:68:ec:bd:
                    83:a0:53:9e:52:b2:d6:11:25:84:4e:8d:7e:e3:51:
                    ab:6a:8b:9e:21:41:1e:47:5e:05:2f:c3:09:b0:7a:
                    be:10:69:b1:2e:20:39:49:b5:6b:d0:9b:c5:19:d4:
                    bf:bf:53:93:32:2b:9e:34:50:4c:47:44:c7:31:18:
                    f9:b1:29:cb:d3:47:b6:58:75:ec:70:9e:d3:4b:3c:
                    10:af:b6:e9:69:a5:a6:a9:8e:f7:85:f4:51:3a:74:
                    73:10:67:e6:42:57:4d:f2:a7:9e:6d:29:64:e1:09:
                    20:f7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CB:E0:76:68:B3:AC:A0:52:5E:EE:29:AE:56:53:78:CB:22:40:BD:D6
            X509v3 Authority Key Identifier:
                keyid:64:CF:1E:E9:06:53:B7:B8:14:D6:B5:45:94:9B:D9:4D:DE:0F:C6:A1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZM8e6QZTt7gU1rVFlJvZTd4PxqE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/299caa-8ccd-49c1-9029-8804dad780a1/1/ZM8e6QZTt7gU1rVFlJvZTd4PxqE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/299caa-8ccd-49c1-9029-8804dad780a1/1/ZM8e6QZTt7gU1rVFlJvZTd4PxqE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0d:00:32:e9:cf:e3:4c:76:4d:4f:57:fc:4f:92:c4:02:b4:1b:
         28:a6:af:f1:43:5b:c8:bc:37:04:76:13:c4:95:b5:48:1a:04:
         a8:91:91:c7:ce:70:64:d7:22:30:dd:5d:18:76:e0:2b:a9:44:
         7d:93:fd:08:e3:26:a8:50:33:f8:11:79:e7:92:1f:09:5b:5d:
         24:db:e4:a3:99:88:b4:e4:7c:69:03:a1:29:89:30:f3:10:6e:
         8e:4c:f6:22:01:bb:b3:bd:da:b0:2e:68:60:6b:bc:57:4e:e9:
         0f:d2:2c:66:2c:2b:65:a1:92:08:84:5f:8b:e8:73:51:d0:ff:
         0e:94:68:8b:16:ac:35:d9:52:88:d4:15:cd:ef:45:bb:27:68:
         d7:ba:e0:f5:61:16:30:7e:12:bb:86:39:d2:a9:4d:3e:9e:ec:
         32:15:a9:d1:88:77:1a:3c:75:c4:5f:d2:75:49:ea:f8:0d:5a:
         2b:cf:60:1f:df:86:03:f1:53:1d:72:02:35:dc:35:d1:4c:f8:
         10:5d:21:a4:05:84:1f:ff:7a:67:68:4d:c2:e7:f4:df:64:41:
         2a:42:74:60:56:58:37:02:8f:2f:cb:f6:46:ba:50:ac:2a:14:
         8f:e9:be:50:39:16:ba:20:27:2a:d1:71:92:a7:c5:98:e9:20:
         b3:76:19:09
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdbpVTyd8B6HZUvNpVcnD4CMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY0Y2YxZWU5MDY1M2I3YjgxNGQ2YjU0NTk0OWJkOTRkZGUw
ZmM2YTEwHhcNMjUwNjEwMjEwMDUxWhcNMjUwNjExMjEwMDUxWjAzMTEwLwYDVQQD
EyhjYmUwNzY2OGIzYWNhMDUyNWVlZTI5YWU1NjUzNzhjYjIyNDBiZGQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6xQhgdCK6ZodiaIq8MNcTeuayrlw
IPx36UUkf2kIHhQY6IVg+p82qKM3HyrNbwE7yCILRdKCC34wg6zzUCtyI/5f2ojb
mYCtm+nU8e1fZHwzGEQwIN/hAvSzqnGrVcai63F1h4XD+48DZaiWKYnV71LhNcmL
z6BmMLU7XEcCPsw9AW2j4zhf9ZSZIYmwI+5c8VFo7L2DoFOeUrLWESWETo1+41Gr
aoueIUEeR14FL8MJsHq+EGmxLiA5SbVr0JvFGdS/v1OTMiueNFBMR0THMRj5sSnL
00e2WHXscJ7TSzwQr7bpaaWmqY73hfRROnRzEGfmQldN8qeebSlk4Qkg9wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMvgdmizrKBSXu4prlZTeMsiQL3WMB8GA1UdIwQY
MBaAFGTPHukGU7e4FNa1RZSb2U3eD8ahMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWk04ZTZRWlR0N2dVMXJWRmxKdlpUZDRQeHFFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOS8yOTljYWEtOGNjZC00OWMxLTkwMjkt
ODgwNGRhZDc4MGExLzEvWk04ZTZRWlR0N2dVMXJWRmxKdlpUZDRQeHFFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOS8yOTljYWEtOGNjZC00OWMxLTkwMjktODgwNGRhZDc4MGEx
LzEvWk04ZTZRWlR0N2dVMXJWRmxKdlpUZDRQeHFFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADQAy6c/j
THZNT1f8T5LEArQbKKav8UNbyLw3BHYTxJW1SBoEqJGRx85wZNciMN1dGHbgK6lE
fZP9COMmqFAz+BF555IfCVtdJNvko5mItOR8aQOhKYkw8xBujkz2IgG7s73asC5o
YGu8V07pD9IsZiwrZaGSCIRfi+hzUdD/DpRoixasNdlSiNQVze9Fuydo17rg9WEW
MH4Su4Y50qlNPp7sMhWp0Yh3Gjx1xF/SdUnq+A1aK89gH9+GA/FTHXICNdw10Uz4
EF0hpAWEH/96Z2hNwuf032RBKkJ0YFZYNwKPL8v2RrpQrCoUj+m+UDkWuiAnKtFx
kqfFmOkgs3YZCQ==
-----END CERTIFICATE-----
Generated at Wed Jun 11 03:00:50 2025 by rpki-client