Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4e/31d2ed-8e2f-4fa9-83ca-70405e3528af/1/duK6XMFQs1PL00ufBF6gUJdAhE0.mft
File:                     duK6XMFQs1PL00ufBF6gUJdAhE0.mft (raw, json)
Hash identifier:          6Fv6BELWUQBoJqHg5yQsAqWo3EafmE3rYO4nBaA18u0=
Subject key identifier:   35:C6:2A:AA:CC:67:2D:05:E2:00:03:41:BE:3F:33:FF:4F:AF:95:46
Authority key identifier: 76:E2:BA:5C:C1:50:B3:53:CB:D3:4B:9F:04:5E:A0:50:97:40:84:4D
Certificate issuer:       /CN=76e2ba5cc150b353cbd34b9f045ea0509740844d
Certificate serial:       0197C426A6133F13F79F2EFF5313765D9D5F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/duK6XMFQs1PL00ufBF6gUJdAhE0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4e/31d2ed-8e2f-4fa9-83ca-70405e3528af/1/duK6XMFQs1PL00ufBF6gUJdAhE0.mft
Manifest number:          15BC
Signing time:             Tue 01 Jul 2025 04:02:36 +0000
Manifest this update:     Tue 01 Jul 2025 04:02:36 +0000
Manifest next update:     Wed 02 Jul 2025 04:02:36 +0000
Files and hashes:         1: duK6XMFQs1PL00ufBF6gUJdAhE0.crl (hash: 6WH8sGeHbp6TJyG3HrybKwd0WLWTbr2sjXJ5I36KeAY=)
                          2: iAKwu0FCFCsG-u4j0uUU3e7V0to.roa (hash: aFD2zsZtjltC/vwpNr5sAlXxHDjwIU9VRcONuFQwgo0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/4e/31d2ed-8e2f-4fa9-83ca-70405e3528af/1/duK6XMFQs1PL00ufBF6gUJdAhE0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/4e/31d2ed-8e2f-4fa9-83ca-70405e3528af/1/duK6XMFQs1PL00ufBF6gUJdAhE0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/duK6XMFQs1PL00ufBF6gUJdAhE0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 01 Jul 2025 23:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:c4:26:a6:13:3f:13:f7:9f:2e:ff:53:13:76:5d:9d:5f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=76e2ba5cc150b353cbd34b9f045ea0509740844d
        Validity
            Not Before: Jul  1 04:02:36 2025 GMT
            Not After : Jul  2 04:02:36 2025 GMT
        Subject: CN=35c62aaacc672d05e2000341be3f33ff4faf9546
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c6:46:67:6c:01:cc:d8:f9:6b:b5:18:fa:e5:41:
                    f4:2a:8f:a2:b0:2c:a8:6e:e4:25:70:3b:02:71:19:
                    c3:86:3e:1b:3d:34:6d:75:7a:55:be:1b:3c:7c:f2:
                    cb:c5:1d:75:7d:ee:95:b2:54:f9:68:d0:b5:24:f1:
                    d8:15:e7:a1:4a:6c:03:95:63:9b:b2:18:82:48:fd:
                    5b:df:80:0f:e8:43:5d:77:63:ab:74:b5:8e:34:01:
                    69:e8:6a:6d:6c:5a:a8:62:7b:40:86:b9:64:2d:ac:
                    46:60:58:aa:c8:8e:c8:2f:97:cb:19:fa:81:7b:03:
                    81:56:ef:d7:ff:b7:3d:46:f4:6c:5a:f6:fe:ea:b2:
                    43:ad:00:01:71:25:8a:d5:77:2c:38:fc:a2:28:97:
                    91:35:ad:88:d3:df:06:ac:50:23:0b:b0:d7:af:75:
                    c8:f0:c6:d5:fb:db:41:d0:92:89:a7:79:a8:23:e8:
                    2e:8f:8a:23:8b:bc:f4:7f:63:f6:f2:bc:c5:d2:e4:
                    38:7f:e5:c5:e9:0d:a2:c5:29:92:b5:5b:84:35:d5:
                    4d:0e:1b:01:6d:9e:f3:a2:0b:05:d1:86:bc:1c:0c:
                    b6:40:d3:46:aa:18:32:b2:6b:42:8e:1c:72:14:a1:
                    d6:81:ad:78:09:61:cd:bc:60:0d:f8:11:87:ee:ff:
                    02:8d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                35:C6:2A:AA:CC:67:2D:05:E2:00:03:41:BE:3F:33:FF:4F:AF:95:46
            X509v3 Authority Key Identifier:
                keyid:76:E2:BA:5C:C1:50:B3:53:CB:D3:4B:9F:04:5E:A0:50:97:40:84:4D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/duK6XMFQs1PL00ufBF6gUJdAhE0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/31d2ed-8e2f-4fa9-83ca-70405e3528af/1/duK6XMFQs1PL00ufBF6gUJdAhE0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/31d2ed-8e2f-4fa9-83ca-70405e3528af/1/duK6XMFQs1PL00ufBF6gUJdAhE0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         82:79:69:f1:eb:3a:12:95:55:14:b4:38:7a:40:35:6f:5e:d1:
         f3:39:bd:01:a2:fb:69:6b:fd:ed:82:7d:5b:09:7d:7c:85:ef:
         fd:17:9d:cf:51:86:e2:e6:a3:6c:5f:bb:bd:35:17:f4:9d:7c:
         29:e0:35:c6:67:d3:bd:c7:b0:74:e9:58:4b:15:69:ad:83:62:
         02:fe:54:9a:d9:65:ef:c2:13:47:db:13:d0:9e:b0:b3:59:e7:
         5e:7a:b5:f0:37:fc:6a:b1:16:73:c7:61:77:b6:15:78:1b:52:
         2b:71:9f:93:c6:39:aa:5f:f5:90:e3:5e:90:38:09:93:1e:6f:
         b2:64:48:07:06:2d:f6:10:2d:76:a1:d6:92:9d:84:93:62:16:
         b3:5f:28:a4:86:e4:33:12:42:88:ff:83:40:e0:f3:7a:7f:b0:
         2f:60:44:aa:20:7f:df:d5:3d:3d:1b:e7:31:ac:2f:05:e8:2f:
         86:a8:37:d5:55:6e:41:02:85:95:68:e9:8f:07:f1:9f:3d:97:
         17:ce:3c:16:6c:d2:b0:47:4e:c3:d5:65:35:47:2c:67:fc:ad:
         5a:9f:72:b3:d7:75:86:83:29:ab:d9:74:56:4d:be:0d:63:67:
         a4:2d:46:c5:36:f6:36:ae:ad:29:29:e7:c0:ec:70:31:17:a6:
         de:79:9a:41
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZfEJqYTPxP3ny7/UxN2XZ1fMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc2ZTJiYTVjYzE1MGIzNTNjYmQzNGI5ZjA0NWVhMDUwOTc0
MDg0NGQwHhcNMjUwNzAxMDQwMjM2WhcNMjUwNzAyMDQwMjM2WjAzMTEwLwYDVQQD
EygzNWM2MmFhYWNjNjcyZDA1ZTIwMDAzNDFiZTNmMzNmZjRmYWY5NTQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxkZnbAHM2PlrtRj65UH0Ko+isCyo
buQlcDsCcRnDhj4bPTRtdXpVvhs8fPLLxR11fe6VslT5aNC1JPHYFeehSmwDlWOb
shiCSP1b34AP6ENdd2OrdLWONAFp6GptbFqoYntAhrlkLaxGYFiqyI7IL5fLGfqB
ewOBVu/X/7c9RvRsWvb+6rJDrQABcSWK1XcsOPyiKJeRNa2I098GrFAjC7DXr3XI
8MbV+9tB0JKJp3moI+guj4oji7z0f2P28rzF0uQ4f+XF6Q2ixSmStVuENdVNDhsB
bZ7zogsF0Ya8HAy2QNNGqhgysmtCjhxyFKHWga14CWHNvGAN+BGH7v8CjQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDXGKqrMZy0F4gADQb4/M/9Pr5VGMB8GA1UdIwQY
MBaAFHbiulzBULNTy9NLnwReoFCXQIRNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZHVLNlhNRlFzMVBMMDB1ZkJGNmdVSmRBaEUwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZS8zMWQyZWQtOGUyZi00ZmE5LTgzY2Et
NzA0MDVlMzUyOGFmLzEvZHVLNlhNRlFzMVBMMDB1ZkJGNmdVSmRBaEUwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZS8zMWQyZWQtOGUyZi00ZmE5LTgzY2EtNzA0MDVlMzUyOGFm
LzEvZHVLNlhNRlFzMVBMMDB1ZkJGNmdVSmRBaEUwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAgnlp8es6
EpVVFLQ4ekA1b17R8zm9AaL7aWv97YJ9Wwl9fIXv/Redz1GG4uajbF+7vTUX9J18
KeA1xmfTvcewdOlYSxVprYNiAv5Umtll78ITR9sT0J6ws1nnXnq18Df8arEWc8dh
d7YVeBtSK3Gfk8Y5ql/1kONekDgJkx5vsmRIBwYt9hAtdqHWkp2Ek2IWs18opIbk
MxJCiP+DQODzen+wL2BEqiB/39U9PRvnMawvBegvhqg31VVuQQKFlWjpjwfxnz2X
F848FmzSsEdOw9VlNUcsZ/ytWp9ys9d1hoMpq9l0Vk2+DWNnpC1GxTb2Nq6tKSnn
wOxwMRem3nmaQQ==
-----END CERTIFICATE-----
Generated at Tue Jul 1 07:33:57 2025 by rpki-client