Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fa/cfbc62-5d54-4327-b072-0f52f867178d/1/3PhcNsaW1dssu0j9Q-ghc37jQic.mft
File:                     3PhcNsaW1dssu0j9Q-ghc37jQic.mft (raw, json)
Hash identifier:          XBxHPlNr+YjkbjSghm2LXcFZDR2/xgZB5ignL2xL410=
Subject key identifier:   10:19:97:02:45:CC:D2:6B:02:18:40:1B:8A:CB:B0:BB:02:CB:79:39
Authority key identifier: DC:F8:5C:36:C6:96:D5:DB:2C:BB:48:FD:43:E8:21:73:7E:E3:42:27
Certificate issuer:       /CN=dcf85c36c696d5db2cbb48fd43e821737ee34227
Certificate serial:       01975949331D5FC244BEB22F5B194F8B7C91
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3PhcNsaW1dssu0j9Q-ghc37jQic.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/fa/cfbc62-5d54-4327-b072-0f52f867178d/1/3PhcNsaW1dssu0j9Q-ghc37jQic.mft
Manifest number:          0FBF
Signing time:             Tue 10 Jun 2025 10:00:58 +0000
Manifest this update:     Tue 10 Jun 2025 10:00:58 +0000
Manifest next update:     Wed 11 Jun 2025 10:00:58 +0000
Files and hashes:         1: 3PhcNsaW1dssu0j9Q-ghc37jQic.crl (hash: TTEDCVBAPSA0RFwoPW9LBZE9BPNPgHik05GeHK1GgMI=)
                          2: AuGSVrNkGgUtthLzU1YbunCRJmA.roa (hash: N+p3SVnY5s1RjPh5Td733eJn6W460syQCiw/MVZ+pqA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/fa/cfbc62-5d54-4327-b072-0f52f867178d/1/3PhcNsaW1dssu0j9Q-ghc37jQic.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/fa/cfbc62-5d54-4327-b072-0f52f867178d/1/3PhcNsaW1dssu0j9Q-ghc37jQic.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3PhcNsaW1dssu0j9Q-ghc37jQic.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 11 Jun 2025 10:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:59:49:33:1d:5f:c2:44:be:b2:2f:5b:19:4f:8b:7c:91
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dcf85c36c696d5db2cbb48fd43e821737ee34227
        Validity
            Not Before: Jun 10 10:00:58 2025 GMT
            Not After : Jun 11 10:00:58 2025 GMT
        Subject: CN=1019970245ccd26b0218401b8acbb0bb02cb7939
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:c7:dc:41:65:72:4d:6a:92:5d:8f:03:6d:de:
                    d2:53:c9:95:81:b9:4a:46:d0:38:04:2c:ef:c8:d9:
                    4a:8e:e3:f2:a0:00:31:c6:e1:9d:0e:fd:62:86:46:
                    87:a6:2b:9e:40:d6:64:f1:a7:5b:af:05:9a:63:cb:
                    ae:16:24:15:50:e8:01:e8:78:9a:27:ca:55:b6:df:
                    89:7a:a3:0c:3a:5e:ff:65:cc:4e:1b:8a:be:d1:e1:
                    1a:e2:b2:82:45:14:89:44:4d:43:34:93:63:d8:2b:
                    d0:9f:26:4f:96:d4:ad:6f:f2:61:d9:f2:8e:e6:05:
                    df:8f:f1:3a:49:c0:50:65:f3:b8:b8:80:ff:17:07:
                    e1:ee:6d:41:fe:a4:5c:79:51:8b:ee:10:f5:67:4c:
                    84:50:f3:e6:aa:84:5e:fd:e5:32:62:d7:14:3c:56:
                    f8:8e:7b:38:48:75:a8:af:e5:83:55:d9:ee:85:fd:
                    13:1c:39:a4:e1:2e:55:41:b6:df:d3:80:2c:55:41:
                    b7:51:34:09:e7:1b:d3:c9:0a:23:3f:22:ef:66:ce:
                    06:a3:87:8c:09:8e:31:9c:43:aa:2b:29:12:17:44:
                    83:68:e6:51:94:b0:5d:4b:13:50:23:fc:27:45:57:
                    d6:86:0a:7c:8c:8b:c5:39:1d:93:71:04:a2:c5:4e:
                    06:a7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                10:19:97:02:45:CC:D2:6B:02:18:40:1B:8A:CB:B0:BB:02:CB:79:39
            X509v3 Authority Key Identifier:
                keyid:DC:F8:5C:36:C6:96:D5:DB:2C:BB:48:FD:43:E8:21:73:7E:E3:42:27

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3PhcNsaW1dssu0j9Q-ghc37jQic.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/cfbc62-5d54-4327-b072-0f52f867178d/1/3PhcNsaW1dssu0j9Q-ghc37jQic.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/cfbc62-5d54-4327-b072-0f52f867178d/1/3PhcNsaW1dssu0j9Q-ghc37jQic.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         37:33:a5:0e:6b:ad:99:75:3f:cf:29:34:fa:c1:b0:c1:de:d2:
         51:4a:8d:08:5a:80:fc:db:f2:c9:75:bb:58:e1:7a:35:0a:8f:
         0d:f6:54:30:d8:20:1c:c8:eb:5c:9b:3d:9e:ff:0f:f2:88:57:
         a7:d6:7a:ad:a1:c7:b8:f1:a0:72:82:f6:8e:3b:c0:69:6e:df:
         b7:ae:56:d7:3b:41:d6:a5:ce:bf:15:86:97:9c:a4:b6:78:1f:
         2f:0d:eb:3f:39:bf:4e:0a:f6:a1:db:99:7d:09:36:84:da:7c:
         19:2f:e4:d3:cf:9c:1c:71:8e:b7:9b:9f:b8:e9:25:8b:ca:16:
         bf:ea:71:6b:ad:a8:b0:ef:ca:19:0e:37:47:85:07:5d:33:62:
         5e:40:0f:fd:3e:c2:9e:a6:67:92:b5:2d:de:8f:ee:2f:5c:7d:
         83:f1:da:64:00:3b:d0:53:bb:ee:b0:8c:e8:d4:76:a2:5a:a0:
         12:57:ae:95:5f:fd:33:2e:42:04:0f:22:7c:bf:0d:74:a8:e2:
         a8:f5:f6:f4:9b:13:26:b8:93:7c:25:7a:4a:65:ce:df:a5:3b:
         aa:4d:df:91:d3:57:2b:a8:be:ee:04:4f:f0:3b:a7:23:e7:2c:
         ee:95:ef:38:6f:98:34:6e:74:01:5a:cd:55:6c:5c:7a:0c:87:
         66:fc:6f:f1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdZSTMdX8JEvrIvWxlPi3yRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjZjg1YzM2YzY5NmQ1ZGIyY2JiNDhmZDQzZTgyMTczN2Vl
MzQyMjcwHhcNMjUwNjEwMTAwMDU4WhcNMjUwNjExMTAwMDU4WjAzMTEwLwYDVQQD
EygxMDE5OTcwMjQ1Y2NkMjZiMDIxODQwMWI4YWNiYjBiYjAyY2I3OTM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArMfcQWVyTWqSXY8Dbd7SU8mVgblK
RtA4BCzvyNlKjuPyoAAxxuGdDv1ihkaHpiueQNZk8adbrwWaY8uuFiQVUOgB6Hia
J8pVtt+JeqMMOl7/ZcxOG4q+0eEa4rKCRRSJRE1DNJNj2CvQnyZPltStb/Jh2fKO
5gXfj/E6ScBQZfO4uID/Fwfh7m1B/qRceVGL7hD1Z0yEUPPmqoRe/eUyYtcUPFb4
jns4SHWor+WDVdnuhf0THDmk4S5VQbbf04AsVUG3UTQJ5xvTyQojPyLvZs4Go4eM
CY4xnEOqKykSF0SDaOZRlLBdSxNQI/wnRVfWhgp8jIvFOR2TcQSixU4GpwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBAZlwJFzNJrAhhAG4rLsLsCy3k5MB8GA1UdIwQY
MBaAFNz4XDbGltXbLLtI/UPoIXN+40InMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM1BoY05zYVcxZHNzdTBqOVEtZ2hjMzdqUWljLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYS9jZmJjNjItNWQ1NC00MzI3LWIwNzIt
MGY1MmY4NjcxNzhkLzEvM1BoY05zYVcxZHNzdTBqOVEtZ2hjMzdqUWljLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYS9jZmJjNjItNWQ1NC00MzI3LWIwNzItMGY1MmY4NjcxNzhk
LzEvM1BoY05zYVcxZHNzdTBqOVEtZ2hjMzdqUWljLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANzOlDmut
mXU/zyk0+sGwwd7SUUqNCFqA/NvyyXW7WOF6NQqPDfZUMNggHMjrXJs9nv8P8ohX
p9Z6raHHuPGgcoL2jjvAaW7ft65W1ztB1qXOvxWGl5yktngfLw3rPzm/Tgr2oduZ
fQk2hNp8GS/k08+cHHGOt5ufuOkli8oWv+pxa62osO/KGQ43R4UHXTNiXkAP/T7C
nqZnkrUt3o/uL1x9g/HaZAA70FO77rCM6NR2olqgEleulV/9My5CBA8ifL8NdKji
qPX29JsTJriTfCV6SmXO36U7qk3fkdNXK6i+7gRP8DunI+cs7pXvOG+YNG50AVrN
VWxcegyHZvxv8Q==
-----END CERTIFICATE-----
Generated at Tue Jun 10 18:02:05 2025 by rpki-client