Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fa/cfbc62-5d54-4327-b072-0f52f867178d/1/3PhcNsaW1dssu0j9Q-ghc37jQic.mft
File:                     3PhcNsaW1dssu0j9Q-ghc37jQic.mft (raw, json)
Hash identifier:          XuM1jPDLav5s2JYezhZ1w7tAaouUwfzt6dvovWK+NIM=
Subject key identifier:   D8:C6:C3:E0:94:23:11:43:AC:7F:62:34:D6:59:59:39:8C:11:AB:44
Authority key identifier: DC:F8:5C:36:C6:96:D5:DB:2C:BB:48:FD:43:E8:21:73:7E:E3:42:27
Certificate issuer:       /CN=dcf85c36c696d5db2cbb48fd43e821737ee34227
Certificate serial:       01976AAA1EE876A98227DFC68610BED61B95
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3PhcNsaW1dssu0j9Q-ghc37jQic.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/fa/cfbc62-5d54-4327-b072-0f52f867178d/1/3PhcNsaW1dssu0j9Q-ghc37jQic.mft
Manifest number:          0FC8
Signing time:             Fri 13 Jun 2025 19:00:23 +0000
Manifest this update:     Fri 13 Jun 2025 19:00:23 +0000
Manifest next update:     Sat 14 Jun 2025 19:00:23 +0000
Files and hashes:         1: 3PhcNsaW1dssu0j9Q-ghc37jQic.crl (hash: /2Fh3IGm6Jn656NZhxjMxBXmjn18ua3F/NuwmvZKnzY=)
                          2: AuGSVrNkGgUtthLzU1YbunCRJmA.roa (hash: N+p3SVnY5s1RjPh5Td733eJn6W460syQCiw/MVZ+pqA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/fa/cfbc62-5d54-4327-b072-0f52f867178d/1/3PhcNsaW1dssu0j9Q-ghc37jQic.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/fa/cfbc62-5d54-4327-b072-0f52f867178d/1/3PhcNsaW1dssu0j9Q-ghc37jQic.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3PhcNsaW1dssu0j9Q-ghc37jQic.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 14 Jun 2025 16:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:6a:aa:1e:e8:76:a9:82:27:df:c6:86:10:be:d6:1b:95
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dcf85c36c696d5db2cbb48fd43e821737ee34227
        Validity
            Not Before: Jun 13 19:00:23 2025 GMT
            Not After : Jun 14 19:00:23 2025 GMT
        Subject: CN=d8c6c3e094231143ac7f6234d65959398c11ab44
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f5:34:c3:31:35:43:ff:06:a6:d8:0e:77:6f:06:
                    31:95:95:ee:2a:69:89:c6:e1:65:ed:c0:ce:fe:ba:
                    8c:9f:ce:15:6f:ea:db:32:2d:ba:c7:62:d5:a2:6e:
                    e0:45:41:89:bc:9a:3b:37:6d:0b:f1:7b:cb:0d:77:
                    85:4d:3b:c5:6e:62:32:c7:a2:6e:8c:09:9f:5b:59:
                    33:4b:0f:6f:8c:0c:51:d0:01:88:2f:88:21:6a:b1:
                    c0:e0:6b:7a:e9:5e:56:90:d7:64:71:d5:b5:da:76:
                    a8:48:46:3b:f2:c2:79:51:84:21:0a:4a:8b:0c:83:
                    be:c0:58:1e:1d:04:14:5e:13:a3:e4:e7:f1:18:c6:
                    e4:b2:d4:37:d5:40:a2:80:6f:4e:b4:39:80:b4:d6:
                    30:95:43:0c:ad:8c:ee:50:93:e5:26:b8:e4:0f:bc:
                    93:03:71:ec:2e:2d:fc:99:7f:03:b4:24:d2:1e:be:
                    e2:e7:e7:18:e4:f3:c3:9b:55:5a:83:33:d6:d2:fd:
                    66:0c:5f:c8:12:0b:b8:21:a1:26:51:9f:c8:3a:3b:
                    19:af:05:61:06:39:31:7d:b7:7e:63:d4:ea:7d:c2:
                    e8:62:82:f9:c7:88:63:2a:da:e7:b5:d3:bd:1a:ad:
                    43:c6:4f:42:12:61:06:00:b7:67:11:74:14:7c:2a:
                    45:49
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D8:C6:C3:E0:94:23:11:43:AC:7F:62:34:D6:59:59:39:8C:11:AB:44
            X509v3 Authority Key Identifier:
                keyid:DC:F8:5C:36:C6:96:D5:DB:2C:BB:48:FD:43:E8:21:73:7E:E3:42:27

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3PhcNsaW1dssu0j9Q-ghc37jQic.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/cfbc62-5d54-4327-b072-0f52f867178d/1/3PhcNsaW1dssu0j9Q-ghc37jQic.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/cfbc62-5d54-4327-b072-0f52f867178d/1/3PhcNsaW1dssu0j9Q-ghc37jQic.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         c6:9b:f2:0f:2e:58:53:62:7c:50:59:95:0b:6c:22:13:42:56:
         85:ca:06:2e:8a:5d:67:8a:1c:ce:64:1f:b9:01:38:73:81:1c:
         9c:e4:d3:e9:9b:5a:43:41:71:ba:d2:03:a0:b2:19:ff:09:5d:
         66:b7:19:d1:9b:77:1f:89:41:1e:04:2c:19:81:e0:25:a7:36:
         cb:5c:9b:a8:b8:e5:f9:ef:1c:58:d8:7b:34:f2:6a:0e:b9:3f:
         59:7c:bc:cd:3f:09:d6:aa:94:80:6e:03:a4:47:6c:a6:84:38:
         2a:b6:39:b0:d3:a8:0a:56:b8:7f:35:15:b1:92:13:7d:84:fe:
         fb:c3:8c:07:dc:70:71:60:89:2b:f4:5a:5c:9c:93:f4:42:e7:
         14:66:24:46:a2:5d:15:a7:45:40:c3:d9:b9:84:e8:5d:00:7c:
         3e:83:85:69:16:6e:97:24:04:a0:c0:98:a9:92:dc:23:41:c2:
         00:f7:3c:69:e6:a4:1c:49:f6:39:57:4c:6d:d3:35:a5:36:53:
         8b:0d:1a:23:a5:27:e9:a7:29:c3:01:95:86:e8:bc:21:67:ab:
         0d:eb:a6:16:dd:fc:14:6f:a7:33:74:a8:11:58:24:c8:50:10:
         d9:e6:13:62:5e:8e:9c:95:ee:98:8c:e4:c3:20:93:5a:4e:a9:
         ef:a7:a1:24
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdqqh7odqmCJ9/GhhC+1huVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjZjg1YzM2YzY5NmQ1ZGIyY2JiNDhmZDQzZTgyMTczN2Vl
MzQyMjcwHhcNMjUwNjEzMTkwMDIzWhcNMjUwNjE0MTkwMDIzWjAzMTEwLwYDVQQD
EyhkOGM2YzNlMDk0MjMxMTQzYWM3ZjYyMzRkNjU5NTkzOThjMTFhYjQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9TTDMTVD/wam2A53bwYxlZXuKmmJ
xuFl7cDO/rqMn84Vb+rbMi26x2LVom7gRUGJvJo7N20L8XvLDXeFTTvFbmIyx6Ju
jAmfW1kzSw9vjAxR0AGIL4gharHA4Gt66V5WkNdkcdW12naoSEY78sJ5UYQhCkqL
DIO+wFgeHQQUXhOj5OfxGMbkstQ31UCigG9OtDmAtNYwlUMMrYzuUJPlJrjkD7yT
A3HsLi38mX8DtCTSHr7i5+cY5PPDm1VagzPW0v1mDF/IEgu4IaEmUZ/IOjsZrwVh
Bjkxfbd+Y9TqfcLoYoL5x4hjKtrntdO9Gq1Dxk9CEmEGALdnEXQUfCpFSQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNjGw+CUIxFDrH9iNNZZWTmMEatEMB8GA1UdIwQY
MBaAFNz4XDbGltXbLLtI/UPoIXN+40InMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM1BoY05zYVcxZHNzdTBqOVEtZ2hjMzdqUWljLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYS9jZmJjNjItNWQ1NC00MzI3LWIwNzIt
MGY1MmY4NjcxNzhkLzEvM1BoY05zYVcxZHNzdTBqOVEtZ2hjMzdqUWljLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYS9jZmJjNjItNWQ1NC00MzI3LWIwNzItMGY1MmY4NjcxNzhk
LzEvM1BoY05zYVcxZHNzdTBqOVEtZ2hjMzdqUWljLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAxpvyDy5Y
U2J8UFmVC2wiE0JWhcoGLopdZ4oczmQfuQE4c4EcnOTT6ZtaQ0FxutIDoLIZ/wld
ZrcZ0Zt3H4lBHgQsGYHgJac2y1ybqLjl+e8cWNh7NPJqDrk/WXy8zT8J1qqUgG4D
pEdspoQ4KrY5sNOoCla4fzUVsZITfYT++8OMB9xwcWCJK/RaXJyT9ELnFGYkRqJd
FadFQMPZuYToXQB8PoOFaRZulyQEoMCYqZLcI0HCAPc8aeakHEn2OVdMbdM1pTZT
iw0aI6Un6acpwwGVhui8IWerDeumFt38FG+nM3SoEVgkyFAQ2eYTYl6OnJXumIzk
wyCTWk6p76ehJA==
-----END CERTIFICATE-----
Generated at Fri Jun 13 22:00:31 2025 by rpki-client