Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fc/e215ce-8de7-484b-baa3-8fffd8f5ebfb/1/hVEtGdN5Rs1MI2-JBGljV1H12QQ.mft
File:                     hVEtGdN5Rs1MI2-JBGljV1H12QQ.mft (raw, json)
Hash identifier:          WTgSdqkF70iJAyMNu6eqStZdhPK6jksYHvVUtHYKDTY=
Subject key identifier:   BF:36:27:4D:75:C8:B0:A0:B8:D8:21:E2:C5:5B:32:F5:68:8E:C0:71
Authority key identifier: 85:51:2D:19:D3:79:46:CD:4C:23:6F:89:04:69:63:57:51:F5:D9:04
Certificate issuer:       /CN=85512d19d37946cd4c236f890469635751f5d904
Certificate serial:       01977B30D8E4CC43A9C4422C72DE6E652828
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hVEtGdN5Rs1MI2-JBGljV1H12QQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/fc/e215ce-8de7-484b-baa3-8fffd8f5ebfb/1/hVEtGdN5Rs1MI2-JBGljV1H12QQ.mft
Manifest number:          1591
Signing time:             Tue 17 Jun 2025 00:01:27 +0000
Manifest this update:     Tue 17 Jun 2025 00:01:27 +0000
Manifest next update:     Wed 18 Jun 2025 00:01:27 +0000
Files and hashes:         1: hVEtGdN5Rs1MI2-JBGljV1H12QQ.crl (hash: PNsKVnIDul+9phMUs/hMpu22tJ+zSDlfzfqPHbTlRG8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/fc/e215ce-8de7-484b-baa3-8fffd8f5ebfb/1/hVEtGdN5Rs1MI2-JBGljV1H12QQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/fc/e215ce-8de7-484b-baa3-8fffd8f5ebfb/1/hVEtGdN5Rs1MI2-JBGljV1H12QQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/hVEtGdN5Rs1MI2-JBGljV1H12QQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 17 Jun 2025 21:51:18 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:7b:30:d8:e4:cc:43:a9:c4:42:2c:72:de:6e:65:28:28
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=85512d19d37946cd4c236f890469635751f5d904
        Validity
            Not Before: Jun 17 00:01:27 2025 GMT
            Not After : Jun 18 00:01:27 2025 GMT
        Subject: CN=bf36274d75c8b0a0b8d821e2c55b32f5688ec071
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:95:46:a5:1d:b7:b3:f9:5a:58:48:24:89:58:67:
                    51:0b:59:7e:e5:fd:25:53:07:22:be:20:5f:74:92:
                    2e:70:1d:ac:f5:08:7f:c8:61:8c:61:a6:ed:a4:af:
                    f4:00:8d:02:02:c4:e8:ba:78:28:64:37:46:78:85:
                    54:5c:d5:b6:08:8b:cc:1d:ae:ab:ed:a5:f5:cc:2c:
                    bd:54:0d:c9:92:35:50:85:6e:94:a2:da:ac:31:56:
                    c7:01:cd:9f:d0:af:6d:3a:92:fd:b4:e6:d1:42:5b:
                    e1:b8:c3:94:25:32:9c:b8:d4:a3:1e:ee:b4:c0:87:
                    95:c9:2e:79:2a:92:aa:2b:79:c9:ee:03:07:a6:2c:
                    26:31:2e:3d:7f:d6:20:4f:3c:7f:72:65:e0:ca:69:
                    da:e6:2b:71:fb:65:10:74:c3:2b:a8:bb:32:75:bf:
                    a0:bc:f3:23:ac:26:77:7d:5c:da:ec:a0:4f:61:60:
                    13:ee:2d:a7:48:f7:5d:1d:5f:15:0b:d5:d2:e1:fc:
                    8e:62:72:b7:70:1e:97:1d:c3:56:8b:32:a9:d2:01:
                    59:5d:60:64:c5:17:97:34:35:c5:e3:cc:70:01:ae:
                    60:9a:23:ee:8d:40:83:c3:50:7f:e6:b1:8a:99:32:
                    44:af:e9:fa:40:cf:3e:c1:d3:b3:1f:a9:72:1c:e0:
                    e5:dd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BF:36:27:4D:75:C8:B0:A0:B8:D8:21:E2:C5:5B:32:F5:68:8E:C0:71
            X509v3 Authority Key Identifier:
                keyid:85:51:2D:19:D3:79:46:CD:4C:23:6F:89:04:69:63:57:51:F5:D9:04

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hVEtGdN5Rs1MI2-JBGljV1H12QQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/e215ce-8de7-484b-baa3-8fffd8f5ebfb/1/hVEtGdN5Rs1MI2-JBGljV1H12QQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/e215ce-8de7-484b-baa3-8fffd8f5ebfb/1/hVEtGdN5Rs1MI2-JBGljV1H12QQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7e:3a:a0:48:4c:d6:39:0f:dc:91:3f:ac:eb:0e:a5:09:3a:08:
         86:c5:2e:2f:3b:e5:b3:8d:a7:c2:c9:b9:33:8c:f6:e6:38:06:
         9e:2c:ed:42:84:f6:cd:48:61:ce:1f:c2:30:a7:32:88:04:6f:
         fc:cc:a3:21:67:3f:1f:32:e6:38:4e:99:ac:54:05:88:4c:15:
         cb:90:9f:a3:9d:b4:76:4b:21:ca:95:24:53:cd:d0:25:e4:73:
         be:d0:a0:66:f5:bd:93:ee:2e:33:4f:fc:61:78:09:96:fb:ad:
         08:03:45:49:89:ac:24:da:cd:7e:bc:89:22:55:7d:63:bc:3b:
         eb:da:de:2e:d7:a5:49:cc:7f:18:b5:af:b4:17:27:e1:2c:d7:
         ec:21:2b:d5:0c:e1:ba:c0:74:89:b4:e1:cd:04:bc:b5:32:58:
         af:34:e5:36:f9:7a:94:ed:7e:a6:9f:79:a7:7c:25:79:c5:ed:
         89:a5:50:7c:c8:a0:24:6a:a9:81:22:1a:90:fd:b3:75:5c:8d:
         3f:59:75:05:cd:9f:ba:f1:fa:27:35:ff:24:89:4d:84:4a:ea:
         bb:0f:40:3f:b9:4f:8f:ca:c3:d6:bc:4d:ce:c4:6e:12:8e:be:
         3e:a9:cf:27:5b:3d:52:38:10:8b:2e:54:ee:a2:6d:cf:45:4d:
         ec:3f:59:e3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZd7MNjkzEOpxEIsct5uZSgoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1NTEyZDE5ZDM3OTQ2Y2Q0YzIzNmY4OTA0Njk2MzU3NTFm
NWQ5MDQwHhcNMjUwNjE3MDAwMTI3WhcNMjUwNjE4MDAwMTI3WjAzMTEwLwYDVQQD
EyhiZjM2Mjc0ZDc1YzhiMGEwYjhkODIxZTJjNTViMzJmNTY4OGVjMDcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlUalHbez+VpYSCSJWGdRC1l+5f0l
UwciviBfdJIucB2s9Qh/yGGMYabtpK/0AI0CAsToungoZDdGeIVUXNW2CIvMHa6r
7aX1zCy9VA3JkjVQhW6UotqsMVbHAc2f0K9tOpL9tObRQlvhuMOUJTKcuNSjHu60
wIeVyS55KpKqK3nJ7gMHpiwmMS49f9YgTzx/cmXgymna5itx+2UQdMMrqLsydb+g
vPMjrCZ3fVza7KBPYWAT7i2nSPddHV8VC9XS4fyOYnK3cB6XHcNWizKp0gFZXWBk
xReXNDXF48xwAa5gmiPujUCDw1B/5rGKmTJEr+n6QM8+wdOzH6lyHODl3QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFL82J011yLCguNgh4sVbMvVojsBxMB8GA1UdIwQY
MBaAFIVRLRnTeUbNTCNviQRpY1dR9dkEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaFZFdEdkTjVSczFNSTItSkJHbGpWMUgxMlFRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYy9lMjE1Y2UtOGRlNy00ODRiLWJhYTMt
OGZmZmQ4ZjVlYmZiLzEvaFZFdEdkTjVSczFNSTItSkJHbGpWMUgxMlFRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYy9lMjE1Y2UtOGRlNy00ODRiLWJhYTMtOGZmZmQ4ZjVlYmZi
LzEvaFZFdEdkTjVSczFNSTItSkJHbGpWMUgxMlFRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAfjqgSEzW
OQ/ckT+s6w6lCToIhsUuLzvls42nwsm5M4z25jgGniztQoT2zUhhzh/CMKcyiARv
/MyjIWc/HzLmOE6ZrFQFiEwVy5Cfo520dkshypUkU83QJeRzvtCgZvW9k+4uM0/8
YXgJlvutCANFSYmsJNrNfryJIlV9Y7w769reLtelScx/GLWvtBcn4SzX7CEr1Qzh
usB0ibThzQS8tTJYrzTlNvl6lO1+pp95p3wlecXtiaVQfMigJGqpgSIakP2zdVyN
P1l1Bc2fuvH6JzX/JIlNhErquw9AP7lPj8rD1rxNzsRuEo6+PqnPJ1s9UjgQiy5U
7qJtz0VN7D9Z4w==
-----END CERTIFICATE-----
Generated at Tue Jun 17 03:20:05 2025 by rpki-client