Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/04/e8f344-edb2-4400-b3ca-527ac54c2357/1/kTg2hZxs4YaTQO3x8nNwm4CU2dQ.mft
File:                     kTg2hZxs4YaTQO3x8nNwm4CU2dQ.mft (raw, json)
Hash identifier:          xNb5du85olnGklukdOPU3zLQlQ098d3iJQYSYKcyg1Y=
Subject key identifier:   2B:28:61:12:CF:7A:3A:A2:64:70:F9:76:7D:84:B8:4B:B8:92:28:B2
Authority key identifier: 91:38:36:85:9C:6C:E1:86:93:40:ED:F1:F2:73:70:9B:80:94:D9:D4
Certificate issuer:       /CN=913836859c6ce1869340edf1f273709b8094d9d4
Certificate serial:       01975F14528926A2F0CE151BCBFEA7B2E7DD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/kTg2hZxs4YaTQO3x8nNwm4CU2dQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/04/e8f344-edb2-4400-b3ca-527ac54c2357/1/kTg2hZxs4YaTQO3x8nNwm4CU2dQ.mft
Manifest number:          14EF
Signing time:             Wed 11 Jun 2025 13:00:56 +0000
Manifest this update:     Wed 11 Jun 2025 13:00:56 +0000
Manifest next update:     Thu 12 Jun 2025 13:00:56 +0000
Files and hashes:         1: i0znYyDIsk78QzCDDCTg60lK9ig.roa (hash: aeDo1wq5VczgcfrDX0J+4eB6IcjwVsRwiJM6vkXROSk=)
                          2: kTg2hZxs4YaTQO3x8nNwm4CU2dQ.crl (hash: gkch/rw+rr47q8JX7wWbP60eBy9g3aYz5zxU0MHJGPU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/04/e8f344-edb2-4400-b3ca-527ac54c2357/1/kTg2hZxs4YaTQO3x8nNwm4CU2dQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/04/e8f344-edb2-4400-b3ca-527ac54c2357/1/kTg2hZxs4YaTQO3x8nNwm4CU2dQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/kTg2hZxs4YaTQO3x8nNwm4CU2dQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 12 Jun 2025 13:00:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:5f:14:52:89:26:a2:f0:ce:15:1b:cb:fe:a7:b2:e7:dd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=913836859c6ce1869340edf1f273709b8094d9d4
        Validity
            Not Before: Jun 11 13:00:56 2025 GMT
            Not After : Jun 12 13:00:56 2025 GMT
        Subject: CN=2b286112cf7a3aa26470f9767d84b84bb89228b2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c7:8d:fa:54:41:f6:19:26:3a:af:62:f9:55:90:
                    ac:22:18:db:62:03:a8:37:cc:51:87:56:3a:2d:43:
                    98:be:18:01:d1:94:76:48:1a:ba:80:b1:85:de:a8:
                    c5:b9:2a:14:91:20:d0:52:be:d8:34:22:21:79:0a:
                    7d:c2:42:85:90:3e:47:13:4f:f8:83:df:d3:0e:09:
                    75:b5:e2:44:79:8d:d6:af:bd:83:79:92:cc:f8:50:
                    08:79:91:98:9d:6d:d2:5f:44:4a:c1:c8:9c:a6:d6:
                    64:14:49:35:b7:00:c5:c1:e5:6d:1d:89:f3:51:97:
                    1d:53:7a:db:1d:92:06:ae:6c:8b:8c:53:1a:0b:06:
                    65:b1:36:d5:6a:57:ab:70:8a:21:0a:a4:79:69:00:
                    24:b0:48:a7:3e:f1:6a:45:1f:ff:e2:b4:f8:e7:6d:
                    70:97:5c:89:e8:3b:64:90:1c:54:6f:41:96:ef:7a:
                    04:94:66:1e:92:0b:d7:1d:2c:2a:3e:84:7f:48:35:
                    c8:99:98:cc:10:a4:29:69:10:85:1f:69:d0:72:87:
                    67:aa:6f:23:9d:a6:74:19:88:2d:a1:0f:01:38:7b:
                    dd:b2:ea:98:e6:b2:55:ff:e0:84:5c:6d:cf:50:af:
                    50:aa:96:ef:ee:be:46:71:d5:c7:73:9a:3b:5c:6f:
                    75:b3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2B:28:61:12:CF:7A:3A:A2:64:70:F9:76:7D:84:B8:4B:B8:92:28:B2
            X509v3 Authority Key Identifier:
                keyid:91:38:36:85:9C:6C:E1:86:93:40:ED:F1:F2:73:70:9B:80:94:D9:D4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kTg2hZxs4YaTQO3x8nNwm4CU2dQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/04/e8f344-edb2-4400-b3ca-527ac54c2357/1/kTg2hZxs4YaTQO3x8nNwm4CU2dQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/04/e8f344-edb2-4400-b3ca-527ac54c2357/1/kTg2hZxs4YaTQO3x8nNwm4CU2dQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         76:52:ec:bc:bf:95:0b:f7:f3:b7:05:fc:63:66:ea:34:65:3a:
         35:7c:bb:34:f4:c3:32:42:3d:4d:52:0d:bc:d3:80:db:c9:cb:
         d1:fe:f9:a2:94:18:71:98:be:58:28:2e:2f:64:b7:59:31:42:
         ed:45:18:41:c0:77:e9:60:c3:c0:13:38:86:a4:cf:48:4f:90:
         13:9a:cd:c4:1d:51:f2:a7:a7:97:8e:c2:ba:35:2d:4e:44:9b:
         ec:c6:86:c7:69:91:1c:0d:ce:1b:f5:64:4f:e9:93:06:e7:64:
         64:4b:04:79:c7:86:0b:49:63:55:75:4e:cb:b9:a7:c0:87:92:
         7a:af:4a:cf:d4:aa:6a:7a:ee:04:3d:ec:5a:a1:dc:e3:f7:8a:
         e1:5f:63:d9:22:d0:b0:e7:04:b7:6e:79:40:a0:51:ff:a6:ca:
         70:85:94:c8:9c:b5:67:67:8d:72:d4:76:53:d8:c7:7c:21:7c:
         e7:d5:8c:19:28:4a:9a:77:12:59:b6:16:f3:5e:27:56:3c:cb:
         68:73:cd:95:1a:e8:ba:aa:fb:b3:be:a6:ef:47:04:54:25:1b:
         ea:c0:ba:50:c4:0b:95:51:bf:07:0f:14:77:d5:2d:4e:b0:32:
         fc:8b:dd:a3:e9:18:18:db:6e:49:ec:1c:53:d8:03:e0:b4:11:
         08:de:74:a9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdfFFKJJqLwzhUby/6nsufdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkxMzgzNjg1OWM2Y2UxODY5MzQwZWRmMWYyNzM3MDliODA5
NGQ5ZDQwHhcNMjUwNjExMTMwMDU2WhcNMjUwNjEyMTMwMDU2WjAzMTEwLwYDVQQD
EygyYjI4NjExMmNmN2EzYWEyNjQ3MGY5NzY3ZDg0Yjg0YmI4OTIyOGIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx436VEH2GSY6r2L5VZCsIhjbYgOo
N8xRh1Y6LUOYvhgB0ZR2SBq6gLGF3qjFuSoUkSDQUr7YNCIheQp9wkKFkD5HE0/4
g9/TDgl1teJEeY3Wr72DeZLM+FAIeZGYnW3SX0RKwcicptZkFEk1twDFweVtHYnz
UZcdU3rbHZIGrmyLjFMaCwZlsTbValercIohCqR5aQAksEinPvFqRR//4rT4521w
l1yJ6DtkkBxUb0GW73oElGYekgvXHSwqPoR/SDXImZjMEKQpaRCFH2nQcodnqm8j
naZ0GYgtoQ8BOHvdsuqY5rJV/+CEXG3PUK9Qqpbv7r5GcdXHc5o7XG91swIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCsoYRLPejqiZHD5dn2EuEu4kiiyMB8GA1UdIwQY
MBaAFJE4NoWcbOGGk0Dt8fJzcJuAlNnUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva1RnMmhaeHM0WWFUUU8zeDhuTndtNENVMmRRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNC9lOGYzNDQtZWRiMi00NDAwLWIzY2Et
NTI3YWM1NGMyMzU3LzEva1RnMmhaeHM0WWFUUU8zeDhuTndtNENVMmRRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNC9lOGYzNDQtZWRiMi00NDAwLWIzY2EtNTI3YWM1NGMyMzU3
LzEva1RnMmhaeHM0WWFUUU8zeDhuTndtNENVMmRRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAdlLsvL+V
C/fztwX8Y2bqNGU6NXy7NPTDMkI9TVINvNOA28nL0f75opQYcZi+WCguL2S3WTFC
7UUYQcB36WDDwBM4hqTPSE+QE5rNxB1R8qenl47CujUtTkSb7MaGx2mRHA3OG/Vk
T+mTBudkZEsEeceGC0ljVXVOy7mnwIeSeq9Kz9SqanruBD3sWqHc4/eK4V9j2SLQ
sOcEt255QKBR/6bKcIWUyJy1Z2eNctR2U9jHfCF859WMGShKmncSWbYW814nVjzL
aHPNlRrouqr7s76m70cEVCUb6sC6UMQLlVG/Bw8Ud9UtTrAy/Ivdo+kYGNtuSewc
U9gD4LQRCN50qQ==
-----END CERTIFICATE-----
Generated at Wed Jun 11 20:47:35 2025 by rpki-client