Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/04/4bff72-ba5b-4528-8c42-7f6b9f1040fd/1/PZlE6PVlGxvS8KngBoZfOmuB62E.mft
File:                     PZlE6PVlGxvS8KngBoZfOmuB62E.mft (raw, json)
Hash identifier:          Bllhijc1+9zAQu8pdT/omTCGvn+5eEGlW12AIYXJjbo=
Subject key identifier:   02:4D:3D:C2:82:FB:18:E8:8D:DB:6A:F8:AE:E6:82:06:5A:1F:AA:4F
Authority key identifier: 3D:99:44:E8:F5:65:1B:1B:D2:F0:A9:E0:06:86:5F:3A:6B:81:EB:61
Certificate issuer:       /CN=3d9944e8f5651b1bd2f0a9e006865f3a6b81eb61
Certificate serial:       019759ED974AFCC612890D3E11EE8DAC78CC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/PZlE6PVlGxvS8KngBoZfOmuB62E.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/04/4bff72-ba5b-4528-8c42-7f6b9f1040fd/1/PZlE6PVlGxvS8KngBoZfOmuB62E.mft
Manifest number:          1586
Signing time:             Tue 10 Jun 2025 13:00:32 +0000
Manifest this update:     Tue 10 Jun 2025 13:00:32 +0000
Manifest next update:     Wed 11 Jun 2025 13:00:32 +0000
Files and hashes:         1: PZlE6PVlGxvS8KngBoZfOmuB62E.crl (hash: 3ncpke6iE3swQGiVbgcMEp2f8H5QB9WDrUExCO2g9So=)
                          2: tlchQmDxgjTRo1pLaspfZw12O3A.roa (hash: 6bDu460ilvbyFwMJbm1Vw+QewREO9nGYqnB3iYaAR4Y=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/04/4bff72-ba5b-4528-8c42-7f6b9f1040fd/1/PZlE6PVlGxvS8KngBoZfOmuB62E.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/04/4bff72-ba5b-4528-8c42-7f6b9f1040fd/1/PZlE6PVlGxvS8KngBoZfOmuB62E.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/PZlE6PVlGxvS8KngBoZfOmuB62E.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 11 Jun 2025 13:00:32 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:59:ed:97:4a:fc:c6:12:89:0d:3e:11:ee:8d:ac:78:cc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3d9944e8f5651b1bd2f0a9e006865f3a6b81eb61
        Validity
            Not Before: Jun 10 13:00:32 2025 GMT
            Not After : Jun 11 13:00:32 2025 GMT
        Subject: CN=024d3dc282fb18e88ddb6af8aee682065a1faa4f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9a:df:fe:d8:f5:b8:19:ea:3d:6d:67:7c:60:9f:
                    12:a8:8a:0b:8b:d9:dc:ce:b1:76:5c:db:86:ac:64:
                    2e:55:fd:b8:ef:76:c3:a4:6d:4b:c6:8e:48:f1:6f:
                    0a:94:2f:f6:0a:5d:40:3a:5f:b1:0c:d2:3d:e6:d8:
                    d7:d8:59:12:66:c7:82:64:f3:55:0a:9f:82:2c:d3:
                    9c:16:aa:26:8d:2c:90:fd:30:e5:ca:4f:c8:37:69:
                    1e:b0:c7:a1:ff:8f:e4:3e:a5:2e:f4:6e:94:3b:28:
                    69:63:10:1b:60:1f:7d:43:62:55:5f:eb:6f:4c:ae:
                    4e:41:91:7f:5e:77:bd:26:8c:6c:80:a5:8f:bb:0a:
                    ad:5d:20:bd:b8:1c:c2:55:c5:53:01:76:71:e7:8b:
                    2b:06:f4:95:c7:0a:32:e7:d3:02:77:d8:1c:f6:ae:
                    ec:f9:41:63:8e:86:14:1d:a9:28:db:ae:6e:32:cd:
                    fe:e6:79:2a:34:e4:fc:f0:5b:59:1f:c8:81:3d:44:
                    14:99:87:61:6d:26:37:76:6f:f2:9b:fa:2c:06:78:
                    77:c6:e8:a4:05:d5:33:41:16:34:a5:53:ac:30:a9:
                    66:18:95:5f:53:40:1f:75:b7:54:cf:4e:09:49:79:
                    1f:42:59:bf:29:ca:8e:d7:4c:a1:39:34:6b:ab:07:
                    dd:71
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                02:4D:3D:C2:82:FB:18:E8:8D:DB:6A:F8:AE:E6:82:06:5A:1F:AA:4F
            X509v3 Authority Key Identifier:
                keyid:3D:99:44:E8:F5:65:1B:1B:D2:F0:A9:E0:06:86:5F:3A:6B:81:EB:61

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PZlE6PVlGxvS8KngBoZfOmuB62E.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/04/4bff72-ba5b-4528-8c42-7f6b9f1040fd/1/PZlE6PVlGxvS8KngBoZfOmuB62E.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/04/4bff72-ba5b-4528-8c42-7f6b9f1040fd/1/PZlE6PVlGxvS8KngBoZfOmuB62E.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         57:c9:3f:93:38:dd:4a:40:57:a6:0b:89:a2:3e:26:31:9a:42:
         e7:99:2e:5b:04:92:ab:c0:49:1e:82:d6:20:7f:08:58:7f:06:
         cc:c2:32:3e:ca:30:1c:a1:ad:75:4f:a1:88:6f:40:f5:73:98:
         45:3e:e6:17:1d:f2:5d:79:50:db:98:34:d7:18:e6:ec:a0:a6:
         5c:60:8f:54:78:f3:e2:9f:5a:7d:87:8f:0e:f6:c0:0d:41:72:
         70:59:aa:b3:18:ab:72:51:83:a5:67:5e:40:c7:ab:e4:35:0f:
         d4:f1:99:54:05:59:a7:48:ce:6b:92:81:c9:d7:98:48:94:27:
         bc:95:d0:ab:65:b9:97:e2:c9:cf:4c:02:0b:52:34:41:70:e0:
         09:31:15:7f:60:a6:5a:40:0e:93:99:d1:cd:6b:0a:b9:ab:c6:
         67:e2:7e:92:c1:05:a1:28:cf:5e:b8:f9:84:2e:ba:31:35:8d:
         d5:e1:f7:dd:d8:fb:6c:1b:81:86:7c:17:b9:aa:4f:46:a1:ae:
         2c:82:31:55:c3:f3:8d:d4:b3:a5:8f:2c:39:13:7a:75:4f:84:
         9a:33:cf:29:f3:74:a6:7e:62:54:99:95:85:5f:22:44:9a:76:
         57:95:77:ec:e6:1b:e8:c7:8d:64:e0:01:25:6f:66:82:45:e3:
         51:73:d5:52
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdZ7ZdK/MYSiQ0+Ee6NrHjMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNkOTk0NGU4ZjU2NTFiMWJkMmYwYTllMDA2ODY1ZjNhNmI4
MWViNjEwHhcNMjUwNjEwMTMwMDMyWhcNMjUwNjExMTMwMDMyWjAzMTEwLwYDVQQD
EygwMjRkM2RjMjgyZmIxOGU4OGRkYjZhZjhhZWU2ODIwNjVhMWZhYTRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmt/+2PW4Geo9bWd8YJ8SqIoLi9nc
zrF2XNuGrGQuVf2473bDpG1Lxo5I8W8KlC/2Cl1AOl+xDNI95tjX2FkSZseCZPNV
Cp+CLNOcFqomjSyQ/TDlyk/IN2kesMeh/4/kPqUu9G6UOyhpYxAbYB99Q2JVX+tv
TK5OQZF/Xne9JoxsgKWPuwqtXSC9uBzCVcVTAXZx54srBvSVxwoy59MCd9gc9q7s
+UFjjoYUHako265uMs3+5nkqNOT88FtZH8iBPUQUmYdhbSY3dm/ym/osBnh3xuik
BdUzQRY0pVOsMKlmGJVfU0AfdbdUz04JSXkfQlm/KcqO10yhOTRrqwfdcQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAJNPcKC+xjojdtq+K7mggZaH6pPMB8GA1UdIwQY
MBaAFD2ZROj1ZRsb0vCp4AaGXzprgethMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUFpsRTZQVmxHeHZTOEtuZ0JvWmZPbXVCNjJFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNC80YmZmNzItYmE1Yi00NTI4LThjNDIt
N2Y2YjlmMTA0MGZkLzEvUFpsRTZQVmxHeHZTOEtuZ0JvWmZPbXVCNjJFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNC80YmZmNzItYmE1Yi00NTI4LThjNDItN2Y2YjlmMTA0MGZk
LzEvUFpsRTZQVmxHeHZTOEtuZ0JvWmZPbXVCNjJFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAV8k/kzjd
SkBXpguJoj4mMZpC55kuWwSSq8BJHoLWIH8IWH8GzMIyPsowHKGtdU+hiG9A9XOY
RT7mFx3yXXlQ25g01xjm7KCmXGCPVHjz4p9afYePDvbADUFycFmqsxirclGDpWde
QMer5DUP1PGZVAVZp0jOa5KBydeYSJQnvJXQq2W5l+LJz0wCC1I0QXDgCTEVf2Cm
WkAOk5nRzWsKuavGZ+J+ksEFoSjPXrj5hC66MTWN1eH33dj7bBuBhnwXuapPRqGu
LIIxVcPzjdSzpY8sORN6dU+EmjPPKfN0pn5iVJmVhV8iRJp2V5V37OYb6MeNZOAB
JW9mgkXjUXPVUg==
-----END CERTIFICATE-----
Generated at Tue Jun 10 20:34:53 2025 by rpki-client