Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/3a6d28-1c43-4b8b-b713-568c407b30f7/1/582m42RtyToNLUKV0esJR2xmvKY.mft
File:                     582m42RtyToNLUKV0esJR2xmvKY.mft (raw, json)
Hash identifier:          X4qt+FnBOHz4yoVM5HpbZyyo16MTV4Wy5KePPc1Y5eg=
Subject key identifier:   57:9B:B5:55:3B:99:ED:7E:09:5C:B0:05:5D:BF:48:5D:AA:2D:51:31
Authority key identifier: E7:CD:A6:E3:64:6D:C9:3A:0D:2D:42:95:D1:EB:09:47:6C:66:BC:A6
Certificate issuer:       /CN=e7cda6e3646dc93a0d2d4295d1eb09476c66bca6
Certificate serial:       0197B77C9CFFE338A0633F42B6F60EC426C6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/582m42RtyToNLUKV0esJR2xmvKY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/aa/3a6d28-1c43-4b8b-b713-568c407b30f7/1/582m42RtyToNLUKV0esJR2xmvKY.mft
Manifest number:          02DC
Signing time:             Sat 28 Jun 2025 17:01:26 +0000
Manifest this update:     Sat 28 Jun 2025 17:01:26 +0000
Manifest next update:     Sun 29 Jun 2025 17:01:26 +0000
Files and hashes:         1: 582m42RtyToNLUKV0esJR2xmvKY.crl (hash: DaIjpnTf2NpViQsSFYrELcHfKJu8o6Khbz16cm9Yvfw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/aa/3a6d28-1c43-4b8b-b713-568c407b30f7/1/582m42RtyToNLUKV0esJR2xmvKY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/aa/3a6d28-1c43-4b8b-b713-568c407b30f7/1/582m42RtyToNLUKV0esJR2xmvKY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/582m42RtyToNLUKV0esJR2xmvKY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 15:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b7:7c:9c:ff:e3:38:a0:63:3f:42:b6:f6:0e:c4:26:c6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e7cda6e3646dc93a0d2d4295d1eb09476c66bca6
        Validity
            Not Before: Jun 28 17:01:26 2025 GMT
            Not After : Jun 29 17:01:26 2025 GMT
        Subject: CN=579bb5553b99ed7e095cb0055dbf485daa2d5131
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:18:e2:68:30:2d:57:be:08:64:fd:16:03:85:
                    5d:9e:e9:b8:85:f5:7f:7e:f2:b5:8a:08:f5:79:3e:
                    78:c3:12:45:75:4a:da:18:51:0c:4e:3d:0a:61:da:
                    48:09:8b:0b:05:42:f4:2c:23:85:45:b4:b9:4d:19:
                    66:62:6c:46:c1:a1:79:10:56:37:08:71:e0:67:44:
                    bd:77:c6:25:bb:aa:42:05:56:a3:75:5b:c2:1b:ad:
                    c0:ac:d9:96:72:c5:d9:44:9d:7d:2a:af:05:bd:a5:
                    2e:43:ec:2c:ea:fb:49:5c:ed:17:6d:50:ff:df:b1:
                    3b:d0:dd:71:da:af:a5:96:7f:da:ef:7c:a1:c1:84:
                    3f:1f:19:74:04:40:71:4d:a4:d4:b8:f2:e1:a0:f5:
                    65:d6:5b:be:fd:6b:68:7f:08:dc:74:89:f4:5f:e9:
                    70:b4:c0:ea:86:6f:b7:d1:b6:f5:da:44:38:db:17:
                    d2:6e:96:7f:d0:5b:ec:87:fb:75:62:82:61:bd:d5:
                    77:b5:81:02:f2:04:c2:b0:34:f6:ba:7f:13:fc:d3:
                    2a:97:a7:fc:c3:c3:d9:76:ff:eb:c5:67:11:7d:e3:
                    4e:ca:e5:f2:27:37:df:9a:0f:a0:8d:6e:55:63:4d:
                    da:ce:81:69:d1:0b:2b:37:4e:7c:d8:fc:48:d1:46:
                    0a:f3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                57:9B:B5:55:3B:99:ED:7E:09:5C:B0:05:5D:BF:48:5D:AA:2D:51:31
            X509v3 Authority Key Identifier:
                keyid:E7:CD:A6:E3:64:6D:C9:3A:0D:2D:42:95:D1:EB:09:47:6C:66:BC:A6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/582m42RtyToNLUKV0esJR2xmvKY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/3a6d28-1c43-4b8b-b713-568c407b30f7/1/582m42RtyToNLUKV0esJR2xmvKY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/3a6d28-1c43-4b8b-b713-568c407b30f7/1/582m42RtyToNLUKV0esJR2xmvKY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5e:de:ce:ae:df:b1:f2:80:68:8b:75:29:82:ef:c3:d9:fd:34:
         c2:31:06:ff:0f:da:eb:a5:86:ca:e1:c6:9d:b5:a2:77:59:d4:
         2d:e9:84:40:26:a3:3b:49:51:00:4a:92:aa:8e:9e:03:af:f2:
         47:45:56:12:38:a0:89:93:9a:43:67:6c:ff:33:d9:74:81:0b:
         89:b9:4f:b9:d3:b4:45:6c:ed:6f:3c:90:e1:44:9e:e9:4d:47:
         1b:6e:97:cb:82:41:39:ed:ba:02:2c:a1:9f:b4:03:be:35:fe:
         43:1a:5a:86:52:c8:03:09:6b:c3:df:a2:89:09:07:d3:3f:7c:
         81:1f:47:7e:12:cb:2e:77:e9:f8:53:11:ed:f6:96:f3:59:68:
         95:a0:77:f0:b5:b7:58:4b:b4:14:35:93:50:67:2e:5a:45:30:
         f9:9b:71:5b:8b:0a:52:d4:2e:8c:e4:ae:04:a4:ea:42:75:7a:
         90:18:d4:2e:2e:77:bb:08:51:ad:55:f9:93:c2:00:d3:d6:21:
         0e:13:68:3c:b6:96:f6:04:b8:8a:33:ed:77:14:a9:ca:6d:4e:
         c1:98:75:0a:06:3b:a2:b7:ba:02:2a:61:fb:77:9a:f3:5d:64:
         1c:35:55:17:00:ab:d5:5a:b8:49:e6:e5:74:84:40:dd:17:43:
         f5:b9:b1:d8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe3fJz/4zigYz9CtvYOxCbGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3Y2RhNmUzNjQ2ZGM5M2EwZDJkNDI5NWQxZWIwOTQ3NmM2
NmJjYTYwHhcNMjUwNjI4MTcwMTI2WhcNMjUwNjI5MTcwMTI2WjAzMTEwLwYDVQQD
Eyg1NzliYjU1NTNiOTllZDdlMDk1Y2IwMDU1ZGJmNDg1ZGFhMmQ1MTMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqBjiaDAtV74IZP0WA4Vdnum4hfV/
fvK1igj1eT54wxJFdUraGFEMTj0KYdpICYsLBUL0LCOFRbS5TRlmYmxGwaF5EFY3
CHHgZ0S9d8Ylu6pCBVajdVvCG63ArNmWcsXZRJ19Kq8FvaUuQ+ws6vtJXO0XbVD/
37E70N1x2q+lln/a73yhwYQ/Hxl0BEBxTaTUuPLhoPVl1lu+/WtofwjcdIn0X+lw
tMDqhm+30bb12kQ42xfSbpZ/0Fvsh/t1YoJhvdV3tYEC8gTCsDT2un8T/NMql6f8
w8PZdv/rxWcRfeNOyuXyJzffmg+gjW5VY03azoFp0QsrN0582PxI0UYK8wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFebtVU7me1+CVywBV2/SF2qLVExMB8GA1UdIwQY
MBaAFOfNpuNkbck6DS1CldHrCUdsZrymMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNTgybTQyUnR5VG9OTFVLVjBlc0pSMnhtdktZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS8zYTZkMjgtMWM0My00YjhiLWI3MTMt
NTY4YzQwN2IzMGY3LzEvNTgybTQyUnR5VG9OTFVLVjBlc0pSMnhtdktZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYS8zYTZkMjgtMWM0My00YjhiLWI3MTMtNTY4YzQwN2IzMGY3
LzEvNTgybTQyUnR5VG9OTFVLVjBlc0pSMnhtdktZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXt7Ort+x
8oBoi3Upgu/D2f00wjEG/w/a66WGyuHGnbWid1nULemEQCajO0lRAEqSqo6eA6/y
R0VWEjigiZOaQ2ds/zPZdIELiblPudO0RWztbzyQ4USe6U1HG26Xy4JBOe26Aiyh
n7QDvjX+QxpahlLIAwlrw9+iiQkH0z98gR9HfhLLLnfp+FMR7faW81lolaB38LW3
WEu0FDWTUGcuWkUw+ZtxW4sKUtQujOSuBKTqQnV6kBjULi53uwhRrVX5k8IA09Yh
DhNoPLaW9gS4ijPtdxSpym1OwZh1CgY7ore6Aiph+3ea811kHDVVFwCr1Vq4Sebl
dIRA3RdD9bmx2A==
-----END CERTIFICATE-----
Generated at Sat Jun 28 23:17:35 2025 by rpki-client