Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/c24cbe-3375-44c3-ba63-c964220bae80/1/XN8wGsAVJtCM3sJCzFoUAUH7FT0.mft
File:                     XN8wGsAVJtCM3sJCzFoUAUH7FT0.mft (raw, json)
Hash identifier:          UX06qlmM1dgjKn3kdt3HG34rWhoSKWhdqZ/KctrAYdA=
Subject key identifier:   43:55:B6:53:EC:4F:18:EA:51:17:77:3A:FE:A8:C4:10:4B:D8:EC:F8
Authority key identifier: 5C:DF:30:1A:C0:15:26:D0:8C:DE:C2:42:CC:5A:14:01:41:FB:15:3D
Certificate issuer:       /CN=5cdf301ac01526d08cdec242cc5a140141fb153d
Certificate serial:       019768F2EFD4CCBDE1D425FB4C1AA149D455
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/XN8wGsAVJtCM3sJCzFoUAUH7FT0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ea/c24cbe-3375-44c3-ba63-c964220bae80/1/XN8wGsAVJtCM3sJCzFoUAUH7FT0.mft
Manifest number:          01B1
Signing time:             Fri 13 Jun 2025 11:00:40 +0000
Manifest this update:     Fri 13 Jun 2025 11:00:40 +0000
Manifest next update:     Sat 14 Jun 2025 11:00:40 +0000
Files and hashes:         1: XN8wGsAVJtCM3sJCzFoUAUH7FT0.crl (hash: 82WHjxO6Te01nrUA+vKVWDDMqHvvQQTcNiCPyMXVviQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ea/c24cbe-3375-44c3-ba63-c964220bae80/1/XN8wGsAVJtCM3sJCzFoUAUH7FT0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ea/c24cbe-3375-44c3-ba63-c964220bae80/1/XN8wGsAVJtCM3sJCzFoUAUH7FT0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/XN8wGsAVJtCM3sJCzFoUAUH7FT0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 14 Jun 2025 07:00:18 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:68:f2:ef:d4:cc:bd:e1:d4:25:fb:4c:1a:a1:49:d4:55
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5cdf301ac01526d08cdec242cc5a140141fb153d
        Validity
            Not Before: Jun 13 11:00:40 2025 GMT
            Not After : Jun 14 11:00:40 2025 GMT
        Subject: CN=4355b653ec4f18ea5117773afea8c4104bd8ecf8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dc:1d:52:39:12:71:75:15:8b:f5:15:87:2d:0d:
                    98:76:08:1d:ab:17:a1:14:7d:83:3a:5b:93:64:2a:
                    f7:fe:12:7f:28:12:17:d1:73:81:2d:f3:0d:0a:b5:
                    97:54:1b:be:1b:c1:28:4a:b6:83:4c:d0:72:cd:58:
                    75:67:47:99:5f:e1:95:5c:2a:15:4c:74:30:d2:b8:
                    d3:a2:5c:55:22:d2:d8:c6:09:6d:dc:43:9b:ac:4a:
                    3d:7c:b5:fb:7f:5a:e2:4b:d5:d7:be:75:1a:7c:0c:
                    15:e3:3f:03:e2:f1:47:fa:1f:8a:83:a6:b0:61:98:
                    d4:12:7f:c7:ad:78:db:72:25:f2:73:d8:aa:39:62:
                    b3:45:bd:ac:28:5d:d3:8f:e5:bb:af:7e:19:d1:a6:
                    29:db:68:52:95:70:48:7a:c8:ab:ea:22:bb:1b:5f:
                    8c:89:53:48:5d:8a:32:3a:39:58:01:8a:54:55:6e:
                    03:29:2e:4d:64:da:d3:74:f5:29:71:15:96:9b:78:
                    bb:03:35:66:7f:9f:f9:75:f2:6a:b2:55:aa:a1:d0:
                    d8:2b:a1:20:4e:43:02:93:c7:d7:a5:90:a5:de:97:
                    a0:5d:88:cd:87:34:8f:19:43:f0:d3:c7:de:d0:40:
                    31:a5:cf:18:3a:43:4d:cc:fd:6b:0f:c8:62:68:64:
                    7a:63
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                43:55:B6:53:EC:4F:18:EA:51:17:77:3A:FE:A8:C4:10:4B:D8:EC:F8
            X509v3 Authority Key Identifier:
                keyid:5C:DF:30:1A:C0:15:26:D0:8C:DE:C2:42:CC:5A:14:01:41:FB:15:3D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XN8wGsAVJtCM3sJCzFoUAUH7FT0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/c24cbe-3375-44c3-ba63-c964220bae80/1/XN8wGsAVJtCM3sJCzFoUAUH7FT0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/c24cbe-3375-44c3-ba63-c964220bae80/1/XN8wGsAVJtCM3sJCzFoUAUH7FT0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         56:c9:00:6b:19:a8:1e:bd:2f:40:46:12:67:d7:93:b3:c9:ce:
         47:78:2b:cf:1f:56:0c:01:8e:88:d3:a7:4f:9f:06:10:41:0c:
         13:b1:26:31:6f:73:1f:e2:23:e4:b9:48:8c:47:83:cd:cf:f2:
         df:8c:d1:ef:52:6a:a5:64:a7:4d:b9:99:7b:59:24:13:8f:2f:
         e1:e2:8e:2e:24:80:b1:c3:38:7e:36:96:90:bd:04:05:a8:b6:
         a7:c9:4e:6b:03:7f:65:c3:98:54:b6:09:86:c5:e8:13:08:34:
         28:c6:e7:3f:dd:eb:a9:e9:88:24:a5:39:d1:a5:ec:10:b6:bc:
         5c:9a:c1:d6:f3:05:e7:44:3c:3d:12:d6:1d:d7:aa:55:65:67:
         47:ee:81:16:f3:36:41:3f:b2:5c:28:44:af:56:90:2a:86:36:
         2f:62:c7:78:66:4c:d5:67:17:59:b4:dd:d3:c7:eb:52:fd:bd:
         62:0a:a4:48:8a:cb:23:67:23:2d:d5:ba:a6:47:bb:f4:e4:8a:
         7e:fd:75:18:37:e7:b6:05:f5:1d:93:5b:83:bf:68:b7:1c:b0:
         91:01:32:2e:bf:59:1d:74:29:e0:61:26:1e:f4:92:1b:20:43:
         b1:48:63:a2:6d:79:99:12:59:28:fd:81:b3:ac:e9:54:19:f3:
         2e:16:de:4c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdo8u/UzL3h1CX7TBqhSdRVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVjZGYzMDFhYzAxNTI2ZDA4Y2RlYzI0MmNjNWExNDAxNDFm
YjE1M2QwHhcNMjUwNjEzMTEwMDQwWhcNMjUwNjE0MTEwMDQwWjAzMTEwLwYDVQQD
Eyg0MzU1YjY1M2VjNGYxOGVhNTExNzc3M2FmZWE4YzQxMDRiZDhlY2Y4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3B1SORJxdRWL9RWHLQ2Ydggdqxeh
FH2DOluTZCr3/hJ/KBIX0XOBLfMNCrWXVBu+G8EoSraDTNByzVh1Z0eZX+GVXCoV
THQw0rjTolxVItLYxglt3EObrEo9fLX7f1riS9XXvnUafAwV4z8D4vFH+h+Kg6aw
YZjUEn/HrXjbciXyc9iqOWKzRb2sKF3Tj+W7r34Z0aYp22hSlXBIesir6iK7G1+M
iVNIXYoyOjlYAYpUVW4DKS5NZNrTdPUpcRWWm3i7AzVmf5/5dfJqslWqodDYK6Eg
TkMCk8fXpZCl3pegXYjNhzSPGUPw08fe0EAxpc8YOkNNzP1rD8hiaGR6YwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFENVtlPsTxjqURd3Ov6oxBBL2Oz4MB8GA1UdIwQY
MBaAFFzfMBrAFSbQjN7CQsxaFAFB+xU9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWE44d0dzQVZKdENNM3NKQ3pGb1VBVUg3RlQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYS9jMjRjYmUtMzM3NS00NGMzLWJhNjMt
Yzk2NDIyMGJhZTgwLzEvWE44d0dzQVZKdENNM3NKQ3pGb1VBVUg3RlQwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYS9jMjRjYmUtMzM3NS00NGMzLWJhNjMtYzk2NDIyMGJhZTgw
LzEvWE44d0dzQVZKdENNM3NKQ3pGb1VBVUg3RlQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVskAaxmo
Hr0vQEYSZ9eTs8nOR3grzx9WDAGOiNOnT58GEEEME7EmMW9zH+Ij5LlIjEeDzc/y
34zR71JqpWSnTbmZe1kkE48v4eKOLiSAscM4fjaWkL0EBai2p8lOawN/ZcOYVLYJ
hsXoEwg0KMbnP93rqemIJKU50aXsELa8XJrB1vMF50Q8PRLWHdeqVWVnR+6BFvM2
QT+yXChEr1aQKoY2L2LHeGZM1WcXWbTd08frUv29YgqkSIrLI2cjLdW6pke79OSK
fv11GDfntgX1HZNbg79otxywkQEyLr9ZHXQp4GEmHvSSGyBDsUhjom15mRJZKP2B
s6zpVBnzLhbeTA==
-----END CERTIFICATE-----
Generated at Fri Jun 13 17:14:08 2025 by rpki-client