Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/2cdb3d-ab43-4526-8357-c0243a3bdafb/1/dgf2ne5DrAHX3-rKm3aiQOpu82Y.mft
File:                     dgf2ne5DrAHX3-rKm3aiQOpu82Y.mft (raw, json)
Hash identifier:          3eGZbkQUkqJVpNWg6xgwIf9PUXLvns30981LfIEKlMo=
Subject key identifier:   99:1F:19:9F:B9:F8:E7:7D:FC:7C:B8:BC:BF:80:16:A1:33:0F:86:7D
Authority key identifier: 76:07:F6:9D:EE:43:AC:01:D7:DF:EA:CA:9B:76:A2:40:EA:6E:F3:66
Certificate issuer:       /CN=7607f69dee43ac01d7dfeaca9b76a240ea6ef366
Certificate serial:       01976D3E69A5B46DA39721681CE8ED4E094E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/dgf2ne5DrAHX3-rKm3aiQOpu82Y.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ea/2cdb3d-ab43-4526-8357-c0243a3bdafb/1/dgf2ne5DrAHX3-rKm3aiQOpu82Y.mft
Manifest number:          03BA
Signing time:             Sat 14 Jun 2025 07:01:36 +0000
Manifest this update:     Sat 14 Jun 2025 07:01:36 +0000
Manifest next update:     Sun 15 Jun 2025 07:01:36 +0000
Files and hashes:         1: dgf2ne5DrAHX3-rKm3aiQOpu82Y.crl (hash: Y+HaoTaU/3aIKcrlDgUY1yT2WdqVLQ9kOuPLZS99WVE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ea/2cdb3d-ab43-4526-8357-c0243a3bdafb/1/dgf2ne5DrAHX3-rKm3aiQOpu82Y.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ea/2cdb3d-ab43-4526-8357-c0243a3bdafb/1/dgf2ne5DrAHX3-rKm3aiQOpu82Y.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/dgf2ne5DrAHX3-rKm3aiQOpu82Y.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 15 Jun 2025 07:01:36 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:6d:3e:69:a5:b4:6d:a3:97:21:68:1c:e8:ed:4e:09:4e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7607f69dee43ac01d7dfeaca9b76a240ea6ef366
        Validity
            Not Before: Jun 14 07:01:36 2025 GMT
            Not After : Jun 15 07:01:36 2025 GMT
        Subject: CN=991f199fb9f8e77dfc7cb8bcbf8016a1330f867d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:db:66:58:4b:6a:fc:fc:4d:52:fc:95:c6:28:a5:
                    21:c7:e2:7d:ba:33:af:6f:a8:6f:6c:f5:b7:e2:fc:
                    02:4c:c3:cf:65:32:53:b7:fc:df:e6:5e:e3:88:7a:
                    cd:02:62:fc:42:cf:8e:f8:c6:5a:e2:42:a7:4a:69:
                    a8:e9:4a:a3:44:15:d1:9b:b4:68:c6:c5:59:2f:99:
                    ce:3f:f8:6f:40:54:26:7d:bf:49:51:6b:6d:57:39:
                    68:33:75:ab:5e:d8:14:78:da:87:32:89:67:e8:49:
                    e3:a5:2c:a3:85:88:fc:f0:ab:f8:a9:18:9a:d6:8b:
                    2a:9c:38:b3:32:46:ab:b3:6c:13:60:3a:d3:4a:09:
                    8d:d7:af:c6:df:54:08:9d:fb:e6:ce:9b:43:32:a5:
                    41:6e:50:5b:83:6f:c8:9b:db:41:bb:fc:cc:f1:7c:
                    e9:5c:d0:d9:84:e5:89:ac:9c:85:61:2f:db:38:7e:
                    f1:38:18:b0:43:7d:be:6b:93:81:1a:b4:de:1e:53:
                    54:1c:f5:25:d8:89:27:3f:dc:03:7f:85:4f:e3:45:
                    8c:27:e1:76:2f:fb:9f:c3:6d:85:87:88:89:40:8a:
                    25:a8:99:ac:0c:d9:84:7b:ed:76:e5:85:a9:4d:14:
                    8c:44:ec:67:79:c4:10:8a:d0:21:d7:a2:96:46:37:
                    0a:c7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                99:1F:19:9F:B9:F8:E7:7D:FC:7C:B8:BC:BF:80:16:A1:33:0F:86:7D
            X509v3 Authority Key Identifier:
                keyid:76:07:F6:9D:EE:43:AC:01:D7:DF:EA:CA:9B:76:A2:40:EA:6E:F3:66

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dgf2ne5DrAHX3-rKm3aiQOpu82Y.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/2cdb3d-ab43-4526-8357-c0243a3bdafb/1/dgf2ne5DrAHX3-rKm3aiQOpu82Y.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/2cdb3d-ab43-4526-8357-c0243a3bdafb/1/dgf2ne5DrAHX3-rKm3aiQOpu82Y.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a5:97:ab:2a:e4:9e:b3:7e:e9:3e:30:23:89:3a:2d:39:4f:63:
         33:9f:f2:19:95:c1:e4:16:73:91:9b:2e:d2:21:7f:83:63:33:
         05:3f:3d:1e:d2:d3:32:d1:67:5f:b6:44:a6:fb:11:47:b9:0e:
         81:e3:76:7f:75:4e:5b:31:0a:71:2a:2c:e8:3c:27:cb:b7:e9:
         e7:8e:e9:6e:92:36:c7:ef:d1:ea:93:76:50:28:3b:b2:b1:32:
         2a:8f:0c:89:76:30:23:09:33:dc:2c:77:bb:da:8c:86:80:2d:
         cb:62:17:39:e0:61:dc:1c:aa:db:69:b9:0a:dc:84:53:db:e3:
         3f:09:be:ea:d1:70:76:8f:ea:08:28:72:ec:24:30:70:30:bb:
         09:78:a0:85:02:9f:7a:59:5b:6e:19:20:46:f3:5a:2e:0d:76:
         8b:b0:10:6c:37:90:46:05:57:e2:6c:45:d9:0b:c2:54:da:c4:
         b2:66:36:10:1b:18:b9:fb:cc:90:36:64:cb:34:a6:80:0f:44:
         45:a2:ad:ea:3e:4f:0d:2b:64:ce:38:a2:e0:ea:a1:cd:27:d6:
         ed:2a:61:3b:5f:e6:8f:3b:3b:23:4e:13:b2:34:b3:d5:40:b7:
         e1:65:a5:87:28:aa:41:dc:fc:f7:11:f2:63:99:47:8a:02:85:
         74:dd:30:7b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdtPmmltG2jlyFoHOjtTglOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc2MDdmNjlkZWU0M2FjMDFkN2RmZWFjYTliNzZhMjQwZWE2
ZWYzNjYwHhcNMjUwNjE0MDcwMTM2WhcNMjUwNjE1MDcwMTM2WjAzMTEwLwYDVQQD
Eyg5OTFmMTk5ZmI5ZjhlNzdkZmM3Y2I4YmNiZjgwMTZhMTMzMGY4NjdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA22ZYS2r8/E1S/JXGKKUhx+J9ujOv
b6hvbPW34vwCTMPPZTJTt/zf5l7jiHrNAmL8Qs+O+MZa4kKnSmmo6UqjRBXRm7Ro
xsVZL5nOP/hvQFQmfb9JUWttVzloM3WrXtgUeNqHMoln6EnjpSyjhYj88Kv4qRia
1osqnDizMkars2wTYDrTSgmN16/G31QInfvmzptDMqVBblBbg2/Im9tBu/zM8Xzp
XNDZhOWJrJyFYS/bOH7xOBiwQ32+a5OBGrTeHlNUHPUl2IknP9wDf4VP40WMJ+F2
L/ufw22Fh4iJQIolqJmsDNmEe+125YWpTRSMROxnecQQitAh16KWRjcKxwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJkfGZ+5+Od9/Hy4vL+AFqEzD4Z9MB8GA1UdIwQY
MBaAFHYH9p3uQ6wB19/qypt2okDqbvNmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZGdmMm5lNURyQUhYMy1yS20zYWlRT3B1ODJZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYS8yY2RiM2QtYWI0My00NTI2LTgzNTct
YzAyNDNhM2JkYWZiLzEvZGdmMm5lNURyQUhYMy1yS20zYWlRT3B1ODJZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYS8yY2RiM2QtYWI0My00NTI2LTgzNTctYzAyNDNhM2JkYWZi
LzEvZGdmMm5lNURyQUhYMy1yS20zYWlRT3B1ODJZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEApZerKuSe
s37pPjAjiTotOU9jM5/yGZXB5BZzkZsu0iF/g2MzBT89HtLTMtFnX7ZEpvsRR7kO
geN2f3VOWzEKcSos6Dwny7fp547pbpI2x+/R6pN2UCg7srEyKo8MiXYwIwkz3Cx3
u9qMhoAty2IXOeBh3Byq22m5CtyEU9vjPwm+6tFwdo/qCChy7CQwcDC7CXighQKf
ellbbhkgRvNaLg12i7AQbDeQRgVX4mxF2QvCVNrEsmY2EBsYufvMkDZkyzSmgA9E
RaKt6j5PDStkzjii4OqhzSfW7SphO1/mjzs7I04TsjSz1UC34WWlhyiqQdz89xHy
Y5lHigKFdN0wew==
-----END CERTIFICATE-----
Generated at Sat Jun 14 14:37:28 2025 by rpki-client