Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fa/445ed0-48b3-408e-a1bc-9979df52b018/1/0nuHf4mTQSab7GfG46CoiLp66Y0.mft
File:                     0nuHf4mTQSab7GfG46CoiLp66Y0.mft (raw, json)
Hash identifier:          ZaEAqXpJb798vyopLz/CAAwN/EQq/djT/wzYML7eOSs=
Subject key identifier:   69:77:C8:81:A5:17:CF:27:98:84:58:AF:66:6A:03:CE:18:DB:8A:E0
Authority key identifier: D2:7B:87:7F:89:93:41:26:9B:EC:67:C6:E3:A0:A8:88:BA:7A:E9:8D
Certificate issuer:       /CN=d27b877f899341269bec67c6e3a0a888ba7ae98d
Certificate serial:       019754FECCB7BF3A09937C3EFB440BC6BA8A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/0nuHf4mTQSab7GfG46CoiLp66Y0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/fa/445ed0-48b3-408e-a1bc-9979df52b018/1/0nuHf4mTQSab7GfG46CoiLp66Y0.mft
Manifest number:          0987
Signing time:             Mon 09 Jun 2025 14:01:14 +0000
Manifest this update:     Mon 09 Jun 2025 14:01:14 +0000
Manifest next update:     Tue 10 Jun 2025 14:01:14 +0000
Files and hashes:         1: 0nuHf4mTQSab7GfG46CoiLp66Y0.crl (hash: BesASMhrBsw8Tq4Vgh+xetxqwE7b3I0TFxWoVBMrjHc=)
                          2: PdXLVimBA8zILWLashg1LUqBqm8.roa (hash: IrtzMysR6KSQR0SZiM1b2jUK5M57dKBFlK4qFH4B+Mo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/fa/445ed0-48b3-408e-a1bc-9979df52b018/1/0nuHf4mTQSab7GfG46CoiLp66Y0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/fa/445ed0-48b3-408e-a1bc-9979df52b018/1/0nuHf4mTQSab7GfG46CoiLp66Y0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/0nuHf4mTQSab7GfG46CoiLp66Y0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 10 Jun 2025 11:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:54:fe:cc:b7:bf:3a:09:93:7c:3e:fb:44:0b:c6:ba:8a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d27b877f899341269bec67c6e3a0a888ba7ae98d
        Validity
            Not Before: Jun  9 14:01:14 2025 GMT
            Not After : Jun 10 14:01:14 2025 GMT
        Subject: CN=6977c881a517cf27988458af666a03ce18db8ae0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:f0:23:12:e0:4b:33:42:82:db:be:99:3c:0f:
                    69:de:f8:56:38:64:ae:76:39:6e:f5:a7:a1:80:64:
                    67:e4:10:de:93:60:c9:2a:79:e5:24:3a:50:44:3b:
                    97:98:4d:d9:51:4a:f8:93:ac:77:15:e8:d5:f0:9d:
                    00:1f:fe:12:52:d2:83:76:43:29:31:b2:a3:6b:c5:
                    71:db:20:3e:98:c6:46:da:90:12:98:3b:48:de:42:
                    87:b3:7b:23:cf:95:2c:44:dc:bf:e0:ff:80:b0:e5:
                    3c:66:33:0e:94:b8:be:92:4f:d8:5f:8a:88:a1:d5:
                    26:22:e1:27:28:1c:81:ad:e0:48:01:67:ed:a4:3f:
                    07:f3:34:6e:06:0c:b3:2c:5f:cf:2d:b7:9e:56:84:
                    6b:c0:d8:40:6a:0b:23:65:6a:78:25:28:f3:81:a2:
                    0b:0a:32:73:c6:71:a0:99:6d:4e:9f:5d:30:0e:75:
                    02:c4:33:9c:3d:7b:2d:76:e3:f2:ef:9b:9c:60:0e:
                    f6:7a:31:cb:7b:87:19:7f:bf:aa:b3:df:6e:c0:12:
                    42:98:fd:c6:0a:8f:34:c4:e3:9d:97:a3:75:be:ce:
                    b5:44:0c:23:44:89:87:79:18:3a:9a:57:f6:5f:3b:
                    1c:cf:1b:fc:26:c7:6d:48:8c:0c:8a:bc:91:d6:9d:
                    32:19
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                69:77:C8:81:A5:17:CF:27:98:84:58:AF:66:6A:03:CE:18:DB:8A:E0
            X509v3 Authority Key Identifier:
                keyid:D2:7B:87:7F:89:93:41:26:9B:EC:67:C6:E3:A0:A8:88:BA:7A:E9:8D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0nuHf4mTQSab7GfG46CoiLp66Y0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/445ed0-48b3-408e-a1bc-9979df52b018/1/0nuHf4mTQSab7GfG46CoiLp66Y0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/445ed0-48b3-408e-a1bc-9979df52b018/1/0nuHf4mTQSab7GfG46CoiLp66Y0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6b:19:51:8c:38:85:3a:4d:b0:c0:b8:a9:af:c2:88:73:5b:9c:
         7d:e9:5c:b4:65:4e:99:c1:55:d3:cb:22:e7:28:ce:16:8f:a4:
         b2:82:2b:58:ea:cc:80:91:75:34:4b:1b:76:f4:41:d0:07:a4:
         58:67:63:1d:b1:9a:cd:70:6d:b3:f8:5a:97:7f:95:6f:c2:c9:
         c1:f6:3a:37:94:ee:c8:47:5b:7a:c5:4d:52:7c:22:a2:6f:e8:
         3c:9c:30:b1:66:60:f7:06:d3:a7:e9:54:3a:68:f3:a9:61:96:
         d4:a6:62:df:a8:1e:f8:01:50:3d:5f:a7:c6:6e:bf:55:ac:7d:
         81:af:00:a0:6a:a7:29:54:46:bb:68:f9:75:b7:c8:28:f4:31:
         ee:06:3c:a7:04:20:8f:8a:21:27:9e:06:03:8e:79:a6:18:aa:
         30:5b:75:a0:f2:8a:5b:c6:74:05:b9:d7:ce:48:95:80:04:3a:
         9a:00:b3:0a:58:40:79:13:93:f8:2f:c6:4e:77:f7:a9:b1:7d:
         b6:e6:7e:6c:e0:f3:66:ee:d5:ce:57:03:d8:4c:8b:b4:d6:8c:
         29:3f:82:24:f4:6c:9e:24:41:e6:a3:67:96:5f:36:dd:1f:67:
         e7:0b:1e:0a:87:fd:0c:b4:f5:d9:35:0c:ff:05:8a:fd:38:15:
         bf:5e:59:fc
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdU/sy3vzoJk3w++0QLxrqKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyN2I4NzdmODk5MzQxMjY5YmVjNjdjNmUzYTBhODg4YmE3
YWU5OGQwHhcNMjUwNjA5MTQwMTE0WhcNMjUwNjEwMTQwMTE0WjAzMTEwLwYDVQQD
Eyg2OTc3Yzg4MWE1MTdjZjI3OTg4NDU4YWY2NjZhMDNjZTE4ZGI4YWUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAufAjEuBLM0KC276ZPA9p3vhWOGSu
djlu9aehgGRn5BDek2DJKnnlJDpQRDuXmE3ZUUr4k6x3FejV8J0AH/4SUtKDdkMp
MbKja8Vx2yA+mMZG2pASmDtI3kKHs3sjz5UsRNy/4P+AsOU8ZjMOlLi+kk/YX4qI
odUmIuEnKByBreBIAWftpD8H8zRuBgyzLF/PLbeeVoRrwNhAagsjZWp4JSjzgaIL
CjJzxnGgmW1On10wDnUCxDOcPXstduPy75ucYA72ejHLe4cZf7+qs99uwBJCmP3G
Co80xOOdl6N1vs61RAwjRImHeRg6mlf2Xzsczxv8JsdtSIwMiryR1p0yGQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGl3yIGlF88nmIRYr2ZqA84Y24rgMB8GA1UdIwQY
MBaAFNJ7h3+Jk0Emm+xnxuOgqIi6eumNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMG51SGY0bVRRU2FiN0dmRzQ2Q29pTHA2NlkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYS80NDVlZDAtNDhiMy00MDhlLWExYmMt
OTk3OWRmNTJiMDE4LzEvMG51SGY0bVRRU2FiN0dmRzQ2Q29pTHA2NlkwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYS80NDVlZDAtNDhiMy00MDhlLWExYmMtOTk3OWRmNTJiMDE4
LzEvMG51SGY0bVRRU2FiN0dmRzQ2Q29pTHA2NlkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAaxlRjDiF
Ok2wwLipr8KIc1ucfelctGVOmcFV08si5yjOFo+ksoIrWOrMgJF1NEsbdvRB0Aek
WGdjHbGazXBts/hal3+Vb8LJwfY6N5TuyEdbesVNUnwiom/oPJwwsWZg9wbTp+lU
OmjzqWGW1KZi36ge+AFQPV+nxm6/Vax9ga8AoGqnKVRGu2j5dbfIKPQx7gY8pwQg
j4ohJ54GA455phiqMFt1oPKKW8Z0BbnXzkiVgAQ6mgCzClhAeROT+C/GTnf3qbF9
tuZ+bODzZu7VzlcD2EyLtNaMKT+CJPRsniRB5qNnll823R9n5wseCof9DLT12TUM
/wWK/TgVv15Z/A==
-----END CERTIFICATE-----
Generated at Mon Jun 9 21:14:56 2025 by rpki-client