Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/2cdb3d-ab43-4526-8357-c0243a3bdafb/1/dgf2ne5DrAHX3-rKm3aiQOpu82Y.mft
File:                     dgf2ne5DrAHX3-rKm3aiQOpu82Y.mft (raw, json)
Hash identifier:          RRN1BkTJfVqG6ygtvahXoeWtzbe6UfK/25zt0+4YUjg=
Subject key identifier:   9A:16:96:42:78:A9:5A:60:37:49:A6:3B:D5:2F:AC:FC:F5:78:1C:D5
Authority key identifier: 76:07:F6:9D:EE:43:AC:01:D7:DF:EA:CA:9B:76:A2:40:EA:6E:F3:66
Certificate issuer:       /CN=7607f69dee43ac01d7dfeaca9b76a240ea6ef366
Certificate serial:       0197696130DBC5969C7B297785579804CE92
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/dgf2ne5DrAHX3-rKm3aiQOpu82Y.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ea/2cdb3d-ab43-4526-8357-c0243a3bdafb/1/dgf2ne5DrAHX3-rKm3aiQOpu82Y.mft
Manifest number:          03B8
Signing time:             Fri 13 Jun 2025 13:01:06 +0000
Manifest this update:     Fri 13 Jun 2025 13:01:06 +0000
Manifest next update:     Sat 14 Jun 2025 13:01:06 +0000
Files and hashes:         1: dgf2ne5DrAHX3-rKm3aiQOpu82Y.crl (hash: nXAYy4PWATVNmEel+9tez3WTqLF38JBavgu2xZ+TsUA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ea/2cdb3d-ab43-4526-8357-c0243a3bdafb/1/dgf2ne5DrAHX3-rKm3aiQOpu82Y.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ea/2cdb3d-ab43-4526-8357-c0243a3bdafb/1/dgf2ne5DrAHX3-rKm3aiQOpu82Y.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/dgf2ne5DrAHX3-rKm3aiQOpu82Y.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 14 Jun 2025 13:01:06 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:69:61:30:db:c5:96:9c:7b:29:77:85:57:98:04:ce:92
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7607f69dee43ac01d7dfeaca9b76a240ea6ef366
        Validity
            Not Before: Jun 13 13:01:06 2025 GMT
            Not After : Jun 14 13:01:06 2025 GMT
        Subject: CN=9a16964278a95a603749a63bd52facfcf5781cd5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9e:1c:72:18:91:05:1d:42:96:29:a8:fd:a5:72:
                    22:a5:11:09:d8:94:46:3e:67:3a:be:ba:21:c5:b4:
                    27:c6:51:74:19:c7:44:dc:b2:c3:54:7b:39:43:75:
                    4d:80:cb:bc:d1:2a:0b:f3:4d:de:d3:c3:e2:0b:23:
                    b4:0d:87:da:ed:e6:74:69:49:fb:37:a4:e9:1b:36:
                    59:50:f4:0a:f7:40:0a:49:d7:1b:5e:8b:d6:23:4e:
                    1f:20:e2:73:6c:24:f1:dd:50:d0:56:77:ee:f9:6a:
                    b6:d2:5e:16:8f:b6:16:79:69:82:f5:00:29:29:51:
                    f8:cb:43:ec:af:7b:4f:9c:31:33:a8:00:8a:02:5f:
                    55:3f:0d:74:7d:78:90:88:cd:3d:2c:d1:d2:37:b6:
                    e7:1d:b5:d2:be:cd:e4:39:1a:ca:42:3f:af:21:7c:
                    2b:a0:f9:40:90:11:5d:ce:1c:1b:8e:da:07:ba:fa:
                    84:01:4d:63:57:40:0b:56:d4:00:e5:fa:d7:85:33:
                    4f:a0:33:e0:37:84:c4:28:90:0b:5e:78:0b:fe:fe:
                    d2:da:4c:1d:c6:71:4f:4e:09:4b:b9:9b:99:09:8f:
                    35:18:14:9c:d4:0c:68:93:97:63:4b:13:3d:3c:72:
                    d9:1a:11:99:d2:3c:01:6d:bf:c9:ec:33:c1:ba:fc:
                    5c:e1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9A:16:96:42:78:A9:5A:60:37:49:A6:3B:D5:2F:AC:FC:F5:78:1C:D5
            X509v3 Authority Key Identifier:
                keyid:76:07:F6:9D:EE:43:AC:01:D7:DF:EA:CA:9B:76:A2:40:EA:6E:F3:66

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dgf2ne5DrAHX3-rKm3aiQOpu82Y.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/2cdb3d-ab43-4526-8357-c0243a3bdafb/1/dgf2ne5DrAHX3-rKm3aiQOpu82Y.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/2cdb3d-ab43-4526-8357-c0243a3bdafb/1/dgf2ne5DrAHX3-rKm3aiQOpu82Y.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         24:1d:d1:2f:7d:20:ee:1b:01:0a:1b:c5:48:16:67:6b:0c:b6:
         15:c8:da:96:e4:48:4c:81:97:87:29:73:aa:e1:e2:ce:b3:36:
         4a:51:f6:70:2b:eb:12:90:40:36:02:92:a4:3b:3a:17:cf:a0:
         cb:4e:a0:02:5d:a3:d6:fa:82:3b:a3:96:a2:cf:98:65:a5:f0:
         83:7d:db:90:1b:10:c7:54:51:5c:e6:f1:e2:58:92:04:2a:46:
         5f:5e:00:c3:b9:fb:d0:3d:f3:88:ce:8b:42:9e:ac:f6:4f:d3:
         ba:7d:9f:b6:85:3f:95:33:fe:5e:ea:92:f4:d6:0a:38:98:3e:
         dc:67:40:37:63:ac:ae:1e:2b:c7:c6:84:ae:74:5e:a7:5e:3e:
         64:bc:81:14:f7:3d:a8:e5:d1:c0:b6:7c:c3:dc:60:05:30:50:
         89:ef:4b:89:2c:88:28:70:12:3b:52:ce:33:de:27:41:8b:5a:
         a2:cb:36:fd:8f:bf:56:73:b4:e0:70:0e:93:5a:12:0a:62:a9:
         de:e3:f5:42:d0:cd:75:40:d4:c1:2a:7f:ed:96:3f:16:0b:0c:
         d8:71:ea:37:f6:66:9b:28:1f:5b:97:b4:6a:9c:d1:da:27:90:
         4c:4e:ff:d9:c8:bd:b3:7c:9e:63:1e:c2:be:8c:8c:75:33:36:
         6b:a2:3c:a3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdpYTDbxZaceyl3hVeYBM6SMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc2MDdmNjlkZWU0M2FjMDFkN2RmZWFjYTliNzZhMjQwZWE2
ZWYzNjYwHhcNMjUwNjEzMTMwMTA2WhcNMjUwNjE0MTMwMTA2WjAzMTEwLwYDVQQD
Eyg5YTE2OTY0Mjc4YTk1YTYwMzc0OWE2M2JkNTJmYWNmY2Y1NzgxY2Q1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnhxyGJEFHUKWKaj9pXIipREJ2JRG
Pmc6vrohxbQnxlF0GcdE3LLDVHs5Q3VNgMu80SoL803e08PiCyO0DYfa7eZ0aUn7
N6TpGzZZUPQK90AKSdcbXovWI04fIOJzbCTx3VDQVnfu+Wq20l4Wj7YWeWmC9QAp
KVH4y0Psr3tPnDEzqACKAl9VPw10fXiQiM09LNHSN7bnHbXSvs3kORrKQj+vIXwr
oPlAkBFdzhwbjtoHuvqEAU1jV0ALVtQA5frXhTNPoDPgN4TEKJALXngL/v7S2kwd
xnFPTglLuZuZCY81GBSc1Axok5djSxM9PHLZGhGZ0jwBbb/J7DPBuvxc4QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJoWlkJ4qVpgN0mmO9UvrPz1eBzVMB8GA1UdIwQY
MBaAFHYH9p3uQ6wB19/qypt2okDqbvNmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZGdmMm5lNURyQUhYMy1yS20zYWlRT3B1ODJZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYS8yY2RiM2QtYWI0My00NTI2LTgzNTct
YzAyNDNhM2JkYWZiLzEvZGdmMm5lNURyQUhYMy1yS20zYWlRT3B1ODJZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYS8yY2RiM2QtYWI0My00NTI2LTgzNTctYzAyNDNhM2JkYWZi
LzEvZGdmMm5lNURyQUhYMy1yS20zYWlRT3B1ODJZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJB3RL30g
7hsBChvFSBZnawy2FcjaluRITIGXhylzquHizrM2SlH2cCvrEpBANgKSpDs6F8+g
y06gAl2j1vqCO6OWos+YZaXwg33bkBsQx1RRXObx4liSBCpGX14Aw7n70D3ziM6L
Qp6s9k/Tun2ftoU/lTP+XuqS9NYKOJg+3GdAN2Osrh4rx8aErnRep14+ZLyBFPc9
qOXRwLZ8w9xgBTBQie9LiSyIKHASO1LOM94nQYtaoss2/Y+/VnO04HAOk1oSCmKp
3uP1QtDNdUDUwSp/7ZY/FgsM2HHqN/ZmmygfW5e0apzR2ieQTE7/2ci9s3yeYx7C
voyMdTM2a6I8ow==
-----END CERTIFICATE-----
Generated at Fri Jun 13 22:13:21 2025 by rpki-client