Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/5bbd32-a540-4708-9925-c71f17afc749/1/3HO-OHr1UpcM9i9pUX4_PJwS0vY.mft
File:                     3HO-OHr1UpcM9i9pUX4_PJwS0vY.mft (raw, json)
Hash identifier:          Z58UDLdNhYO69CvHEligyiQMNB/GOSUTSZkvH69Qmig=
Subject key identifier:   57:C4:BF:64:3E:6E:20:0E:6F:7C:4F:9D:15:4F:C2:E3:0E:05:31:93
Authority key identifier: DC:73:BE:38:7A:F5:52:97:0C:F6:2F:69:51:7E:3F:3C:9C:12:D2:F6
Certificate issuer:       /CN=dc73be387af552970cf62f69517e3f3c9c12d2f6
Certificate serial:       019754FE1B9E26EF802FBB50CE162104A60A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3HO-OHr1UpcM9i9pUX4_PJwS0vY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f0/5bbd32-a540-4708-9925-c71f17afc749/1/3HO-OHr1UpcM9i9pUX4_PJwS0vY.mft
Manifest number:          0E84
Signing time:             Mon 09 Jun 2025 14:00:28 +0000
Manifest this update:     Mon 09 Jun 2025 14:00:28 +0000
Manifest next update:     Tue 10 Jun 2025 14:00:28 +0000
Files and hashes:         1: 3HO-OHr1UpcM9i9pUX4_PJwS0vY.crl (hash: mL+JvYSAQLlb8++ZHlwnzX2X/6X9dtAKpQm/LaR/CeU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f0/5bbd32-a540-4708-9925-c71f17afc749/1/3HO-OHr1UpcM9i9pUX4_PJwS0vY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f0/5bbd32-a540-4708-9925-c71f17afc749/1/3HO-OHr1UpcM9i9pUX4_PJwS0vY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3HO-OHr1UpcM9i9pUX4_PJwS0vY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 10 Jun 2025 11:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:54:fe:1b:9e:26:ef:80:2f:bb:50:ce:16:21:04:a6:0a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dc73be387af552970cf62f69517e3f3c9c12d2f6
        Validity
            Not Before: Jun  9 14:00:28 2025 GMT
            Not After : Jun 10 14:00:28 2025 GMT
        Subject: CN=57c4bf643e6e200e6f7c4f9d154fc2e30e053193
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cf:ac:c7:c5:02:1d:f0:8e:96:69:ac:b0:ff:1d:
                    8e:fb:49:1d:71:d6:b3:7a:d6:fa:8f:d6:bb:61:67:
                    0a:46:f2:c3:79:6f:e5:5d:60:86:ae:b7:f6:18:67:
                    a0:63:00:7d:72:64:81:61:56:d0:a1:99:aa:bc:a7:
                    3b:a5:e2:07:ea:fd:bb:1f:6c:11:b1:95:08:d9:1d:
                    2e:71:87:43:b5:33:62:e5:c1:d3:66:a9:c8:78:c9:
                    61:4b:62:ca:08:d5:de:80:70:80:1c:77:ac:fe:f5:
                    5b:84:f5:ae:7c:45:91:6a:06:be:7a:2b:6a:80:d0:
                    6e:e9:75:6c:d8:e2:a1:a3:f2:5d:37:23:01:a4:c6:
                    78:81:e9:50:ca:40:ba:36:2d:5a:0d:2c:2e:f4:b7:
                    e0:68:8f:c4:13:7d:1c:01:82:ee:82:b0:81:3c:ef:
                    8f:a4:0f:57:b1:0c:f8:1b:27:56:6a:f3:1b:24:39:
                    2b:b2:da:24:6a:4b:ca:2b:68:1e:ff:21:19:b0:12:
                    79:cd:da:c9:e5:d3:ba:73:d9:f4:fe:91:62:ad:4d:
                    f4:9f:cd:5f:5e:99:64:d4:d2:c1:16:0b:d5:3e:b8:
                    57:cd:22:cf:36:ec:61:94:13:8d:45:36:ef:dd:82:
                    94:1e:eb:55:d2:d2:00:4c:1a:ba:57:5a:40:78:b0:
                    b5:27
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                57:C4:BF:64:3E:6E:20:0E:6F:7C:4F:9D:15:4F:C2:E3:0E:05:31:93
            X509v3 Authority Key Identifier:
                keyid:DC:73:BE:38:7A:F5:52:97:0C:F6:2F:69:51:7E:3F:3C:9C:12:D2:F6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3HO-OHr1UpcM9i9pUX4_PJwS0vY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/5bbd32-a540-4708-9925-c71f17afc749/1/3HO-OHr1UpcM9i9pUX4_PJwS0vY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/5bbd32-a540-4708-9925-c71f17afc749/1/3HO-OHr1UpcM9i9pUX4_PJwS0vY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         64:ee:63:80:69:0a:35:41:84:3b:c7:b1:c3:bc:76:60:f0:60:
         e4:83:c6:23:04:a5:60:32:6f:7f:38:23:2b:99:ff:b6:49:d1:
         e1:b9:c0:cd:40:9b:51:05:ae:43:3f:b9:ad:e6:70:75:ed:8c:
         54:7c:4a:58:7b:39:e2:0a:5e:d0:81:2f:41:42:32:ce:60:3b:
         19:c2:26:00:d5:b1:c7:ea:c8:24:00:6d:81:80:fd:07:15:16:
         69:9a:04:ff:ac:d3:94:bb:6f:1d:44:6a:65:41:34:63:32:53:
         c9:1c:af:b9:68:53:cd:2d:4f:c4:48:8c:0e:e4:2d:fd:fb:4b:
         60:f5:60:ed:dd:cf:98:85:a9:ab:ef:91:3c:ff:34:ff:fe:68:
         5a:19:3f:4c:cd:60:b1:55:d6:36:01:f1:11:b4:2a:cd:61:21:
         d0:99:0d:55:49:c1:96:9e:d3:b0:6a:12:39:50:e2:13:dc:9f:
         25:85:e8:a4:7b:f9:16:5f:18:21:08:f4:1a:e5:b0:f8:2a:3a:
         e4:c0:07:64:cf:e1:c3:ee:a6:a0:63:ae:0f:ba:8c:29:c5:e1:
         2a:2b:eb:d1:bc:e3:15:24:4b:8e:7e:c2:94:50:2b:05:d3:62:
         40:29:59:4b:25:17:b7:fb:9f:a9:5a:7e:c0:49:7a:66:bd:de:
         1c:5e:1d:98
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdU/hueJu+AL7tQzhYhBKYKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjNzNiZTM4N2FmNTUyOTcwY2Y2MmY2OTUxN2UzZjNjOWMx
MmQyZjYwHhcNMjUwNjA5MTQwMDI4WhcNMjUwNjEwMTQwMDI4WjAzMTEwLwYDVQQD
Eyg1N2M0YmY2NDNlNmUyMDBlNmY3YzRmOWQxNTRmYzJlMzBlMDUzMTkzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz6zHxQId8I6Waayw/x2O+0kdcdaz
etb6j9a7YWcKRvLDeW/lXWCGrrf2GGegYwB9cmSBYVbQoZmqvKc7peIH6v27H2wR
sZUI2R0ucYdDtTNi5cHTZqnIeMlhS2LKCNXegHCAHHes/vVbhPWufEWRaga+eitq
gNBu6XVs2OKho/JdNyMBpMZ4gelQykC6Ni1aDSwu9LfgaI/EE30cAYLugrCBPO+P
pA9XsQz4GydWavMbJDkrstokakvKK2ge/yEZsBJ5zdrJ5dO6c9n0/pFirU30n81f
Xplk1NLBFgvVPrhXzSLPNuxhlBONRTbv3YKUHutV0tIATBq6V1pAeLC1JwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFfEv2Q+biAOb3xPnRVPwuMOBTGTMB8GA1UdIwQY
MBaAFNxzvjh69VKXDPYvaVF+PzycEtL2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM0hPLU9IcjFVcGNNOWk5cFVYNF9QSndTMHZZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC81YmJkMzItYTU0MC00NzA4LTk5MjUt
YzcxZjE3YWZjNzQ5LzEvM0hPLU9IcjFVcGNNOWk5cFVYNF9QSndTMHZZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC81YmJkMzItYTU0MC00NzA4LTk5MjUtYzcxZjE3YWZjNzQ5
LzEvM0hPLU9IcjFVcGNNOWk5cFVYNF9QSndTMHZZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZO5jgGkK
NUGEO8exw7x2YPBg5IPGIwSlYDJvfzgjK5n/tknR4bnAzUCbUQWuQz+5reZwde2M
VHxKWHs54gpe0IEvQUIyzmA7GcImANWxx+rIJABtgYD9BxUWaZoE/6zTlLtvHURq
ZUE0YzJTyRyvuWhTzS1PxEiMDuQt/ftLYPVg7d3PmIWpq++RPP80//5oWhk/TM1g
sVXWNgHxEbQqzWEh0JkNVUnBlp7TsGoSOVDiE9yfJYXopHv5Fl8YIQj0GuWw+Co6
5MAHZM/hw+6moGOuD7qMKcXhKivr0bzjFSRLjn7ClFArBdNiQClZSyUXt/ufqVp+
wEl6Zr3eHF4dmA==
-----END CERTIFICATE-----
Generated at Mon Jun 9 20:39:27 2025 by rpki-client