Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/47/e85418-64b3-444b-913a-63c2ba4c996c/1/t4Xsc9wYH5k1ZZ9YrtIIUyosKmo.mft
File:                     t4Xsc9wYH5k1ZZ9YrtIIUyosKmo.mft (raw, json)
Hash identifier:          o4VTAmiSr02P7gsuZkQWQjWFmHPHsS0/e4WKqAXE/08=
Subject key identifier:   CF:99:C7:BF:9F:60:91:29:0D:6E:71:A6:DC:70:B9:83:75:95:E8:5E
Authority key identifier: B7:85:EC:73:DC:18:1F:99:35:65:9F:58:AE:D2:08:53:2A:2C:2A:6A
Certificate issuer:       /CN=b785ec73dc181f9935659f58aed208532a2c2a6a
Certificate serial:       0197B88F8608CF85BEE9FF93ADDC5809DFB9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/t4Xsc9wYH5k1ZZ9YrtIIUyosKmo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/47/e85418-64b3-444b-913a-63c2ba4c996c/1/t4Xsc9wYH5k1ZZ9YrtIIUyosKmo.mft
Manifest number:          0142
Signing time:             Sat 28 Jun 2025 22:01:43 +0000
Manifest this update:     Sat 28 Jun 2025 22:01:43 +0000
Manifest next update:     Sun 29 Jun 2025 22:01:43 +0000
Files and hashes:         1: t4Xsc9wYH5k1ZZ9YrtIIUyosKmo.crl (hash: ee50cs1ga9vVfwUCVM1fsdercs/0pmswG8hWsc9vrsU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/47/e85418-64b3-444b-913a-63c2ba4c996c/1/t4Xsc9wYH5k1ZZ9YrtIIUyosKmo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/47/e85418-64b3-444b-913a-63c2ba4c996c/1/t4Xsc9wYH5k1ZZ9YrtIIUyosKmo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/t4Xsc9wYH5k1ZZ9YrtIIUyosKmo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 15:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b8:8f:86:08:cf:85:be:e9:ff:93:ad:dc:58:09:df:b9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b785ec73dc181f9935659f58aed208532a2c2a6a
        Validity
            Not Before: Jun 28 22:01:43 2025 GMT
            Not After : Jun 29 22:01:43 2025 GMT
        Subject: CN=cf99c7bf9f6091290d6e71a6dc70b9837595e85e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:48:66:ed:2c:24:59:68:98:6c:2f:b3:dc:b9:
                    ef:40:a1:c4:2a:d5:f5:6e:80:de:1a:b2:ed:42:d4:
                    0d:36:73:ed:bc:98:16:c6:a8:62:e5:3b:73:5a:24:
                    50:9f:5a:d1:c5:77:7a:13:54:03:f0:73:f2:c2:aa:
                    5f:76:0a:f2:d6:be:3e:12:bc:b4:2a:26:9e:e6:16:
                    bd:ec:18:0f:01:a5:2c:a6:47:b5:5e:82:67:41:09:
                    a8:fb:7a:76:70:73:02:d7:0d:8a:6a:96:06:16:9d:
                    96:40:81:7f:e5:90:07:bc:91:e5:10:ed:27:18:a3:
                    e6:6e:f6:95:4b:bd:ef:6a:fa:02:cb:a6:e2:f3:c6:
                    82:e9:4d:1c:c1:13:1a:1d:79:9e:74:f7:ee:e6:72:
                    26:cc:db:e9:e9:83:01:6a:c0:1e:ae:70:57:02:8a:
                    80:d6:e0:85:79:48:e7:4e:69:31:88:b6:f0:f8:55:
                    88:8e:b9:e7:be:c0:ca:5d:1e:1d:20:d8:06:d3:01:
                    4b:c9:05:79:d0:c4:a0:38:f2:60:3b:a1:67:13:8a:
                    eb:46:70:56:fe:e6:ab:fb:85:b1:33:06:eb:2a:f6:
                    70:00:48:f7:e1:c4:b5:5e:81:20:54:ca:96:16:81:
                    05:85:4d:05:ba:b4:ec:54:9d:36:95:1e:b1:dc:da:
                    4a:2b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CF:99:C7:BF:9F:60:91:29:0D:6E:71:A6:DC:70:B9:83:75:95:E8:5E
            X509v3 Authority Key Identifier:
                keyid:B7:85:EC:73:DC:18:1F:99:35:65:9F:58:AE:D2:08:53:2A:2C:2A:6A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/t4Xsc9wYH5k1ZZ9YrtIIUyosKmo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/e85418-64b3-444b-913a-63c2ba4c996c/1/t4Xsc9wYH5k1ZZ9YrtIIUyosKmo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/47/e85418-64b3-444b-913a-63c2ba4c996c/1/t4Xsc9wYH5k1ZZ9YrtIIUyosKmo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         20:24:2f:f9:04:b8:75:e0:47:a9:70:7f:4e:7c:8a:de:cd:a6:
         33:b3:69:93:10:2f:93:51:4b:af:a4:3b:d6:a3:17:fc:b6:19:
         31:4a:fd:7d:4a:d7:9b:b8:c4:5d:c2:06:b0:22:96:9c:86:b0:
         86:23:52:12:6c:1c:be:6a:12:18:c3:e8:f8:1a:33:2f:05:d0:
         6b:a0:0e:bc:2b:d9:60:6f:ba:22:70:8d:d4:34:24:c3:7e:eb:
         03:94:80:f3:ea:41:f9:dd:f9:f6:fc:39:b9:0f:6d:de:ac:64:
         6c:c4:d0:2b:8c:a5:76:f7:c6:a0:8b:13:3f:63:45:8f:69:4a:
         76:f9:2a:b1:9c:87:a0:8e:f7:76:89:ef:dd:86:cc:8b:df:aa:
         41:10:73:7d:84:7e:bd:df:4a:b2:af:a1:0c:fc:93:0c:80:53:
         28:50:cc:2f:bd:b0:82:9c:c0:b8:aa:98:10:d5:a8:44:b5:94:
         e7:08:e8:77:6a:c1:91:f6:8a:e2:7d:da:08:6f:c7:bd:ce:2a:
         5d:93:33:3d:43:97:dd:95:85:10:e2:6f:1b:f1:a7:dd:00:e6:
         05:02:b5:91:cd:d1:a6:70:58:b5:a0:30:08:80:4c:51:60:59:
         e5:fe:dd:8e:7c:ce:36:bc:f7:5b:1f:7e:26:69:82:32:e4:1e:
         af:46:44:ff
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe4j4YIz4W+6f+TrdxYCd+5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI3ODVlYzczZGMxODFmOTkzNTY1OWY1OGFlZDIwODUzMmEy
YzJhNmEwHhcNMjUwNjI4MjIwMTQzWhcNMjUwNjI5MjIwMTQzWjAzMTEwLwYDVQQD
EyhjZjk5YzdiZjlmNjA5MTI5MGQ2ZTcxYTZkYzcwYjk4Mzc1OTVlODVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApUhm7SwkWWiYbC+z3LnvQKHEKtX1
boDeGrLtQtQNNnPtvJgWxqhi5TtzWiRQn1rRxXd6E1QD8HPywqpfdgry1r4+Ery0
Kiae5ha97BgPAaUspke1XoJnQQmo+3p2cHMC1w2KapYGFp2WQIF/5ZAHvJHlEO0n
GKPmbvaVS73vavoCy6bi88aC6U0cwRMaHXmedPfu5nImzNvp6YMBasAernBXAoqA
1uCFeUjnTmkxiLbw+FWIjrnnvsDKXR4dINgG0wFLyQV50MSgOPJgO6FnE4rrRnBW
/uar+4WxMwbrKvZwAEj34cS1XoEgVMqWFoEFhU0FurTsVJ02lR6x3NpKKwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFM+Zx7+fYJEpDW5xptxwuYN1leheMB8GA1UdIwQY
MBaAFLeF7HPcGB+ZNWWfWK7SCFMqLCpqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdDRYc2M5d1lINWsxWlo5WXJ0SUlVeW9zS21vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ny9lODU0MTgtNjRiMy00NDRiLTkxM2Et
NjNjMmJhNGM5OTZjLzEvdDRYc2M5d1lINWsxWlo5WXJ0SUlVeW9zS21vLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ny9lODU0MTgtNjRiMy00NDRiLTkxM2EtNjNjMmJhNGM5OTZj
LzEvdDRYc2M5d1lINWsxWlo5WXJ0SUlVeW9zS21vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAICQv+QS4
deBHqXB/TnyK3s2mM7NpkxAvk1FLr6Q71qMX/LYZMUr9fUrXm7jEXcIGsCKWnIaw
hiNSEmwcvmoSGMPo+BozLwXQa6AOvCvZYG+6InCN1DQkw37rA5SA8+pB+d359vw5
uQ9t3qxkbMTQK4yldvfGoIsTP2NFj2lKdvkqsZyHoI73donv3YbMi9+qQRBzfYR+
vd9Ksq+hDPyTDIBTKFDML72wgpzAuKqYENWoRLWU5wjod2rBkfaK4n3aCG/Hvc4q
XZMzPUOX3ZWFEOJvG/Gn3QDmBQK1kc3RpnBYtaAwCIBMUWBZ5f7djnzONrz3Wx9+
JmmCMuQer0ZE/w==
-----END CERTIFICATE-----
Generated at Sat Jun 28 23:17:30 2025 by rpki-client