Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/5bbd32-a540-4708-9925-c71f17afc749/1/3HO-OHr1UpcM9i9pUX4_PJwS0vY.mft
File:                     3HO-OHr1UpcM9i9pUX4_PJwS0vY.mft (raw, json)
Hash identifier:          pnElhWnlDOjmVIbxWhHqrLe4fWAxjZnxdqmgFnkwKSA=
Subject key identifier:   23:DB:0C:EE:FC:1F:50:03:2D:46:4F:87:42:53:D8:5B:06:0E:1E:15
Authority key identifier: DC:73:BE:38:7A:F5:52:97:0C:F6:2F:69:51:7E:3F:3C:9C:12:D2:F6
Certificate issuer:       /CN=dc73be387af552970cf62f69517e3f3c9c12d2f6
Certificate serial:       019758DB13C58AC99B0033E5EB4BDBA68E20
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3HO-OHr1UpcM9i9pUX4_PJwS0vY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f0/5bbd32-a540-4708-9925-c71f17afc749/1/3HO-OHr1UpcM9i9pUX4_PJwS0vY.mft
Manifest number:          0E86
Signing time:             Tue 10 Jun 2025 08:00:41 +0000
Manifest this update:     Tue 10 Jun 2025 08:00:41 +0000
Manifest next update:     Wed 11 Jun 2025 08:00:41 +0000
Files and hashes:         1: 3HO-OHr1UpcM9i9pUX4_PJwS0vY.crl (hash: UBPT1r95tryw6EhAAhDfEVlrDHLcQn0v+VDJAa63s+Q=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f0/5bbd32-a540-4708-9925-c71f17afc749/1/3HO-OHr1UpcM9i9pUX4_PJwS0vY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f0/5bbd32-a540-4708-9925-c71f17afc749/1/3HO-OHr1UpcM9i9pUX4_PJwS0vY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3HO-OHr1UpcM9i9pUX4_PJwS0vY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 11 Jun 2025 08:00:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:58:db:13:c5:8a:c9:9b:00:33:e5:eb:4b:db:a6:8e:20
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dc73be387af552970cf62f69517e3f3c9c12d2f6
        Validity
            Not Before: Jun 10 08:00:41 2025 GMT
            Not After : Jun 11 08:00:41 2025 GMT
        Subject: CN=23db0ceefc1f50032d464f874253d85b060e1e15
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:d5:1a:34:81:d5:d6:2f:3a:b4:79:d3:3e:a4:
                    8a:8e:52:6f:bb:02:9a:7b:2a:02:3e:e9:3b:58:ff:
                    0e:38:01:2f:96:4b:41:bd:1f:62:3b:76:9b:35:c2:
                    f8:90:e2:a1:04:6e:67:3b:22:23:d1:89:7e:30:9d:
                    a4:34:92:3e:58:a5:8a:6d:39:cc:db:da:e9:69:5a:
                    6f:f9:40:bc:06:73:c4:9b:87:26:cd:ae:8c:47:c9:
                    f6:72:13:74:76:67:e4:d8:29:3d:b1:ff:cd:7d:3a:
                    5c:07:69:cc:7b:e1:81:ff:eb:df:01:c5:d5:ab:30:
                    ef:be:bd:c9:d2:03:67:59:01:6c:7a:b7:6f:5f:be:
                    21:e0:d9:79:c9:33:d5:f8:0b:a3:82:ba:4f:25:04:
                    8d:6f:86:ef:9a:32:9d:01:f1:e3:3c:77:b4:97:39:
                    4b:5b:48:d9:0c:03:77:70:2d:e4:7b:58:cc:c4:99:
                    e8:85:6e:42:76:54:6d:4f:af:69:f8:5a:cb:44:82:
                    01:ef:9c:a9:4d:17:a0:5e:31:14:d8:33:d2:2e:1d:
                    bf:9a:5e:5a:a5:9a:81:6f:37:dd:6f:84:06:94:db:
                    85:55:57:ec:f2:ed:ca:6b:8e:a6:bd:8b:55:6d:9f:
                    72:07:45:15:ab:81:35:60:48:9a:89:f5:b4:97:28:
                    3d:a7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                23:DB:0C:EE:FC:1F:50:03:2D:46:4F:87:42:53:D8:5B:06:0E:1E:15
            X509v3 Authority Key Identifier:
                keyid:DC:73:BE:38:7A:F5:52:97:0C:F6:2F:69:51:7E:3F:3C:9C:12:D2:F6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3HO-OHr1UpcM9i9pUX4_PJwS0vY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/5bbd32-a540-4708-9925-c71f17afc749/1/3HO-OHr1UpcM9i9pUX4_PJwS0vY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/5bbd32-a540-4708-9925-c71f17afc749/1/3HO-OHr1UpcM9i9pUX4_PJwS0vY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2e:40:9e:d7:0f:16:fb:d6:ae:13:a7:e9:61:b8:92:f0:05:c2:
         8b:83:e5:ed:90:c1:e0:cd:d3:54:40:41:31:c5:95:68:30:69:
         04:7b:30:45:11:73:99:13:d4:46:ce:0c:64:2e:59:7b:65:53:
         4d:da:59:6c:be:0e:0a:1d:eb:dd:10:93:4d:ec:ab:b6:5a:6e:
         a6:7f:aa:86:80:ef:5e:76:17:a8:cd:9f:8f:c3:50:cd:6e:21:
         16:df:b9:70:2c:5a:26:d7:2c:d7:7e:6e:43:27:39:a7:ab:19:
         ef:02:85:46:12:ee:77:15:80:6b:7a:5f:47:a8:ae:03:d9:ee:
         a4:30:33:95:bd:18:c5:6a:ad:a6:29:1c:df:64:e0:a8:7e:a4:
         df:a0:2c:cd:9d:ed:cd:27:53:a5:1a:0b:f5:50:c3:92:6c:ff:
         67:21:22:77:39:b9:c2:1c:8b:6b:e8:12:ec:59:ed:29:f4:34:
         f3:85:29:4b:d3:ac:27:22:ce:47:c1:30:8f:bd:a6:a9:55:08:
         2e:d2:04:e6:fa:51:f4:d3:2a:41:c3:1f:7d:cb:34:82:cf:9d:
         67:b5:52:52:92:e3:60:f5:e3:c2:48:c2:12:16:e3:a3:49:5c:
         a2:eb:16:47:6a:17:45:b7:1d:02:71:dd:ea:81:07:d2:d8:11:
         c6:e3:e9:d9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdY2xPFismbADPl60vbpo4gMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjNzNiZTM4N2FmNTUyOTcwY2Y2MmY2OTUxN2UzZjNjOWMx
MmQyZjYwHhcNMjUwNjEwMDgwMDQxWhcNMjUwNjExMDgwMDQxWjAzMTEwLwYDVQQD
EygyM2RiMGNlZWZjMWY1MDAzMmQ0NjRmODc0MjUzZDg1YjA2MGUxZTE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw9UaNIHV1i86tHnTPqSKjlJvuwKa
eyoCPuk7WP8OOAEvlktBvR9iO3abNcL4kOKhBG5nOyIj0Yl+MJ2kNJI+WKWKbTnM
29rpaVpv+UC8BnPEm4cmza6MR8n2chN0dmfk2Ck9sf/NfTpcB2nMe+GB/+vfAcXV
qzDvvr3J0gNnWQFserdvX74h4Nl5yTPV+AujgrpPJQSNb4bvmjKdAfHjPHe0lzlL
W0jZDAN3cC3ke1jMxJnohW5CdlRtT69p+FrLRIIB75ypTRegXjEU2DPSLh2/ml5a
pZqBbzfdb4QGlNuFVVfs8u3Ka46mvYtVbZ9yB0UVq4E1YEiaifW0lyg9pwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCPbDO78H1ADLUZPh0JT2FsGDh4VMB8GA1UdIwQY
MBaAFNxzvjh69VKXDPYvaVF+PzycEtL2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM0hPLU9IcjFVcGNNOWk5cFVYNF9QSndTMHZZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC81YmJkMzItYTU0MC00NzA4LTk5MjUt
YzcxZjE3YWZjNzQ5LzEvM0hPLU9IcjFVcGNNOWk5cFVYNF9QSndTMHZZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC81YmJkMzItYTU0MC00NzA4LTk5MjUtYzcxZjE3YWZjNzQ5
LzEvM0hPLU9IcjFVcGNNOWk5cFVYNF9QSndTMHZZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALkCe1w8W
+9auE6fpYbiS8AXCi4Pl7ZDB4M3TVEBBMcWVaDBpBHswRRFzmRPURs4MZC5Ze2VT
TdpZbL4OCh3r3RCTTeyrtlpupn+qhoDvXnYXqM2fj8NQzW4hFt+5cCxaJtcs135u
Qyc5p6sZ7wKFRhLudxWAa3pfR6iuA9nupDAzlb0YxWqtpikc32TgqH6k36AszZ3t
zSdTpRoL9VDDkmz/ZyEidzm5whyLa+gS7FntKfQ084UpS9OsJyLOR8Ewj72mqVUI
LtIE5vpR9NMqQcMffcs0gs+dZ7VSUpLjYPXjwkjCEhbjo0lcousWR2oXRbcdAnHd
6oEH0tgRxuPp2Q==
-----END CERTIFICATE-----
Generated at Tue Jun 10 12:46:40 2025 by rpki-client