Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f9/34404a-4132-4e83-8e46-390e935beda3/1/Xf04PhaNLsn7w5DqjZmkuvfsO1s.mft
File:                     Xf04PhaNLsn7w5DqjZmkuvfsO1s.mft (raw, json)
Hash identifier:          KhUgNAUb44PbQ8u3ASMod5IwrNixfptijA0dZMXymXY=
Subject key identifier:   0D:62:D4:DA:C0:B7:DE:97:A0:47:10:78:45:96:CA:B7:5E:A2:23:F3
Authority key identifier: 5D:FD:38:3E:16:8D:2E:C9:FB:C3:90:EA:8D:99:A4:BA:F7:EC:3B:5B
Certificate issuer:       /CN=5dfd383e168d2ec9fbc390ea8d99a4baf7ec3b5b
Certificate serial:       0197526B8E76B3AB3E38379032B060A54D9F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Xf04PhaNLsn7w5DqjZmkuvfsO1s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f9/34404a-4132-4e83-8e46-390e935beda3/1/Xf04PhaNLsn7w5DqjZmkuvfsO1s.mft
Manifest number:          1A
Signing time:             Mon 09 Jun 2025 02:01:09 +0000
Manifest this update:     Mon 09 Jun 2025 02:01:09 +0000
Manifest next update:     Tue 10 Jun 2025 02:01:09 +0000
Files and hashes:         1: Xf04PhaNLsn7w5DqjZmkuvfsO1s.crl (hash: CnFPQcVXduk+ws7QFQHUGK2rFoj5vlTTgE8ok3OV2kA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f9/34404a-4132-4e83-8e46-390e935beda3/1/Xf04PhaNLsn7w5DqjZmkuvfsO1s.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f9/34404a-4132-4e83-8e46-390e935beda3/1/Xf04PhaNLsn7w5DqjZmkuvfsO1s.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Xf04PhaNLsn7w5DqjZmkuvfsO1s.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 10 Jun 2025 02:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:52:6b:8e:76:b3:ab:3e:38:37:90:32:b0:60:a5:4d:9f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5dfd383e168d2ec9fbc390ea8d99a4baf7ec3b5b
        Validity
            Not Before: Jun  9 02:01:09 2025 GMT
            Not After : Jun 10 02:01:09 2025 GMT
        Subject: CN=0d62d4dac0b7de97a04710784596cab75ea223f3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:84:65:87:cb:e1:32:b8:eb:92:66:d8:65:51:ac:
                    16:60:a8:16:c2:0f:6f:85:c5:b7:b0:c7:6c:48:79:
                    f8:32:82:3d:0a:ca:a5:86:03:cf:e8:f4:4e:b4:5b:
                    db:3b:4d:e3:0e:da:15:bc:75:7f:a3:fa:f9:04:6d:
                    4a:22:34:ef:cf:90:00:bc:5e:93:27:d4:8f:47:ee:
                    24:22:d3:ce:ca:02:8e:85:b9:8a:f1:9c:18:be:ce:
                    23:29:e5:54:9d:72:95:d6:7e:7f:65:9d:d8:5b:45:
                    b7:87:c9:bd:2f:b5:e0:42:ab:36:06:bb:69:87:6a:
                    0c:b3:68:8e:4b:2f:18:8f:86:57:d5:1e:13:56:84:
                    27:14:53:69:23:78:d4:2c:de:85:1a:b1:b2:da:c2:
                    f9:16:d5:b4:bc:85:fb:c8:7e:07:de:98:e5:86:ae:
                    74:32:fb:bf:23:73:56:7a:08:5a:03:f6:c0:6e:88:
                    ce:1f:b6:32:b6:c1:7a:60:ec:48:b1:c0:d3:4b:66:
                    d7:f9:f9:5e:7e:d8:eb:75:50:1a:86:e1:b6:eb:31:
                    50:9b:db:0a:5c:c5:fb:e5:ba:5b:1f:f4:12:34:b9:
                    ef:35:bb:d6:b5:54:32:7b:54:26:56:a7:29:31:72:
                    04:67:91:b9:1d:1d:cd:c0:2d:d6:54:83:9d:81:9d:
                    bd:5b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0D:62:D4:DA:C0:B7:DE:97:A0:47:10:78:45:96:CA:B7:5E:A2:23:F3
            X509v3 Authority Key Identifier:
                keyid:5D:FD:38:3E:16:8D:2E:C9:FB:C3:90:EA:8D:99:A4:BA:F7:EC:3B:5B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Xf04PhaNLsn7w5DqjZmkuvfsO1s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/34404a-4132-4e83-8e46-390e935beda3/1/Xf04PhaNLsn7w5DqjZmkuvfsO1s.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/34404a-4132-4e83-8e46-390e935beda3/1/Xf04PhaNLsn7w5DqjZmkuvfsO1s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         44:0d:7f:9b:bf:b3:52:24:ad:a4:93:37:fd:9d:d5:31:0c:61:
         48:96:eb:9a:35:ce:8b:98:c6:8b:ff:02:71:54:ca:69:c8:e0:
         fc:bc:d1:ed:fe:76:03:25:7e:95:8a:c5:27:a2:c0:fb:72:99:
         c2:cc:70:3c:f5:35:1d:cb:f7:e6:87:44:3e:c1:87:4d:2f:39:
         0e:f1:7b:59:f3:7a:27:fc:41:e3:45:bb:85:a5:68:dd:7f:99:
         c6:e2:2d:ca:73:6a:2a:7a:e5:54:2c:76:5f:de:ae:ff:cb:ec:
         c6:79:f4:59:00:a2:fb:d1:2e:89:ff:e9:ca:e8:b2:88:e1:32:
         ca:26:4a:c9:e2:b6:9b:bf:7c:bf:a6:13:7e:a3:a7:87:dc:5e:
         58:9f:c1:3f:04:c8:ad:91:b6:6d:71:96:05:fe:a8:06:47:3a:
         03:9a:8a:ef:d5:d9:67:79:1e:85:c1:f6:e8:e5:67:90:14:a1:
         ba:5e:88:77:41:58:c2:bd:53:2b:37:97:77:9f:2a:47:96:c3:
         81:21:c5:96:31:30:2c:a2:32:a9:31:9e:14:3a:ca:93:9b:5e:
         a3:a6:47:ec:38:30:3b:8a:5e:80:ec:1e:eb:bd:2d:9b:aa:0d:
         24:e7:70:55:37:9e:11:6c:b6:16:39:a2:36:d7:a3:47:9a:db:
         13:bb:99:bb
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdSa452s6s+ODeQMrBgpU2fMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkZmQzODNlMTY4ZDJlYzlmYmMzOTBlYThkOTlhNGJhZjdl
YzNiNWIwHhcNMjUwNjA5MDIwMTA5WhcNMjUwNjEwMDIwMTA5WjAzMTEwLwYDVQQD
EygwZDYyZDRkYWMwYjdkZTk3YTA0NzEwNzg0NTk2Y2FiNzVlYTIyM2YzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhGWHy+EyuOuSZthlUawWYKgWwg9v
hcW3sMdsSHn4MoI9CsqlhgPP6PROtFvbO03jDtoVvHV/o/r5BG1KIjTvz5AAvF6T
J9SPR+4kItPOygKOhbmK8ZwYvs4jKeVUnXKV1n5/ZZ3YW0W3h8m9L7XgQqs2Brtp
h2oMs2iOSy8Yj4ZX1R4TVoQnFFNpI3jULN6FGrGy2sL5FtW0vIX7yH4H3pjlhq50
Mvu/I3NWeghaA/bAbojOH7YytsF6YOxIscDTS2bX+fleftjrdVAahuG26zFQm9sK
XMX75bpbH/QSNLnvNbvWtVQye1QmVqcpMXIEZ5G5HR3NwC3WVIOdgZ29WwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFA1i1NrAt96XoEcQeEWWyrdeoiPzMB8GA1UdIwQY
MBaAFF39OD4WjS7J+8OQ6o2ZpLr37DtbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGYwNFBoYU5Mc243dzVEcWpabWt1dmZzTzFzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOS8zNDQwNGEtNDEzMi00ZTgzLThlNDYt
MzkwZTkzNWJlZGEzLzEvWGYwNFBoYU5Mc243dzVEcWpabWt1dmZzTzFzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOS8zNDQwNGEtNDEzMi00ZTgzLThlNDYtMzkwZTkzNWJlZGEz
LzEvWGYwNFBoYU5Mc243dzVEcWpabWt1dmZzTzFzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEARA1/m7+z
UiStpJM3/Z3VMQxhSJbrmjXOi5jGi/8CcVTKacjg/LzR7f52AyV+lYrFJ6LA+3KZ
wsxwPPU1Hcv35odEPsGHTS85DvF7WfN6J/xB40W7haVo3X+ZxuItynNqKnrlVCx2
X96u/8vsxnn0WQCi+9Euif/pyuiyiOEyyiZKyeK2m798v6YTfqOnh9xeWJ/BPwTI
rZG2bXGWBf6oBkc6A5qK79XZZ3kehcH26OVnkBShul6Id0FYwr1TKzeXd58qR5bD
gSHFljEwLKIyqTGeFDrKk5teo6ZH7DgwO4pegOwe670tm6oNJOdwVTeeEWy2Fjmi
NtejR5rbE7uZuw==
-----END CERTIFICATE-----
Generated at Mon Jun 9 10:46:14 2025 by rpki-client