Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/05/1240eb-bab4-45ad-9387-516f11acb3ae/1/4auG-AxLsqxW5B7HokauKWnY01g.mft
File:                     4auG-AxLsqxW5B7HokauKWnY01g.mft (raw, json)
Hash identifier:          l3H1UYNARehj20jJNR9CxHZDN3unp4IVOobXwqKTNKs=
Subject key identifier:   B6:D7:6E:56:6C:B2:DF:75:AC:5C:D9:98:1C:43:B6:90:D4:D3:8E:A1
Authority key identifier: E1:AB:86:F8:0C:4B:B2:AC:56:E4:1E:C7:A2:46:AE:29:69:D8:D3:58
Certificate issuer:       /CN=e1ab86f80c4bb2ac56e41ec7a246ae2969d8d358
Certificate serial:       01975B36F70F19763674654151A7FEC24365
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/4auG-AxLsqxW5B7HokauKWnY01g.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/05/1240eb-bab4-45ad-9387-516f11acb3ae/1/4auG-AxLsqxW5B7HokauKWnY01g.mft
Manifest number:          054F
Signing time:             Tue 10 Jun 2025 19:00:18 +0000
Manifest this update:     Tue 10 Jun 2025 19:00:18 +0000
Manifest next update:     Wed 11 Jun 2025 19:00:18 +0000
Files and hashes:         1: 4auG-AxLsqxW5B7HokauKWnY01g.crl (hash: Hjy4RLp2DksXcGTx6iStaaEn+xREX2pZtXnfQgrFJxw=)
                          2: IrEzCg-L6ChV6NO0z_pSKTvObkE.roa (hash: BAxTmTfKNgnausi613sLgqp7n2C4MuqhHvDS7/1g8aY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/05/1240eb-bab4-45ad-9387-516f11acb3ae/1/4auG-AxLsqxW5B7HokauKWnY01g.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/05/1240eb-bab4-45ad-9387-516f11acb3ae/1/4auG-AxLsqxW5B7HokauKWnY01g.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/4auG-AxLsqxW5B7HokauKWnY01g.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 11 Jun 2025 14:55:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:5b:36:f7:0f:19:76:36:74:65:41:51:a7:fe:c2:43:65
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e1ab86f80c4bb2ac56e41ec7a246ae2969d8d358
        Validity
            Not Before: Jun 10 19:00:18 2025 GMT
            Not After : Jun 11 19:00:18 2025 GMT
        Subject: CN=b6d76e566cb2df75ac5cd9981c43b690d4d38ea1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9f:8f:73:e0:38:66:e8:38:6d:ef:8a:ca:5b:30:
                    c9:a9:c7:5e:6d:a9:f9:ea:98:12:ee:dd:b5:89:c3:
                    cf:59:11:cf:1f:7c:59:dc:8f:4f:b2:61:14:8e:1a:
                    e0:ba:35:a9:38:6c:9c:f3:24:bf:36:bb:52:16:1d:
                    de:1e:55:bd:64:00:f9:9b:28:fd:8b:7e:c0:52:48:
                    e7:83:99:08:85:05:f0:6d:5e:fb:70:9b:78:8c:10:
                    19:af:c3:3b:1f:b6:fe:db:82:4e:92:35:df:d9:c1:
                    6b:ef:67:33:8d:8a:54:1f:4c:55:07:a2:6c:af:4b:
                    b3:11:e9:90:84:1b:1b:89:15:71:38:c5:a9:92:ee:
                    5f:64:58:43:43:dc:2b:bc:64:32:c1:63:ea:51:74:
                    b4:5d:05:b3:24:6b:7e:7c:5b:00:37:69:91:6e:e8:
                    32:91:36:ab:42:20:d9:4e:12:68:1d:72:65:73:da:
                    87:eb:b5:cb:63:f3:6f:55:73:25:29:b9:f2:52:f7:
                    45:0a:3b:42:33:3f:3c:ef:4e:29:f6:c8:11:85:4d:
                    32:e6:17:52:9a:fc:fc:47:6f:9b:9d:5a:3e:b7:55:
                    19:d0:6f:0d:ec:46:03:b4:1d:8d:dc:b0:31:8b:d8:
                    78:7d:e9:9a:8c:24:ab:81:4b:18:f3:28:95:8f:e7:
                    32:8d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B6:D7:6E:56:6C:B2:DF:75:AC:5C:D9:98:1C:43:B6:90:D4:D3:8E:A1
            X509v3 Authority Key Identifier:
                keyid:E1:AB:86:F8:0C:4B:B2:AC:56:E4:1E:C7:A2:46:AE:29:69:D8:D3:58

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4auG-AxLsqxW5B7HokauKWnY01g.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/1240eb-bab4-45ad-9387-516f11acb3ae/1/4auG-AxLsqxW5B7HokauKWnY01g.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/05/1240eb-bab4-45ad-9387-516f11acb3ae/1/4auG-AxLsqxW5B7HokauKWnY01g.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         32:a2:9d:65:2b:a4:c1:ea:76:73:17:24:37:55:21:1a:b6:e5:
         7f:0a:4e:4f:61:96:be:c9:45:32:27:09:40:5e:4f:cf:b1:ce:
         fe:1c:f1:42:c9:ce:7c:fa:57:e6:75:39:79:e4:b9:fd:62:6b:
         78:cf:f7:5b:cc:9b:38:c2:29:9f:ef:45:e5:13:89:9c:20:a5:
         d7:fd:9f:a2:86:f9:8e:3c:0e:8a:e7:a4:ee:e8:74:b0:e0:e0:
         99:3a:b6:bc:86:71:02:62:ba:ea:ba:b7:f6:d3:4a:74:42:17:
         01:46:b3:06:93:f2:54:8c:aa:7d:f5:0c:18:26:c1:2f:04:8b:
         47:1a:87:5a:7c:cf:8b:87:71:11:f0:9e:34:11:ce:7d:43:1e:
         f1:91:0e:73:7f:6a:e4:29:04:b9:c2:14:80:8f:74:d4:2b:11:
         14:9a:b1:44:f3:be:72:8a:12:e4:cf:08:29:b3:c9:8b:e3:d8:
         ef:db:06:38:80:82:e8:ff:ea:56:a6:f4:28:d0:b8:2d:52:4c:
         ec:01:06:ad:a3:67:4c:79:13:16:a7:ff:5a:c5:b6:42:85:b1:
         1b:ae:06:9b:29:f3:d4:f3:dc:dd:61:65:f2:0f:1d:68:21:e8:
         3d:3b:fe:2b:73:53:f5:49:64:4f:19:82:31:ca:35:4c:e4:7b:
         4d:1f:1a:9d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdbNvcPGXY2dGVBUaf+wkNlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUxYWI4NmY4MGM0YmIyYWM1NmU0MWVjN2EyNDZhZTI5Njlk
OGQzNTgwHhcNMjUwNjEwMTkwMDE4WhcNMjUwNjExMTkwMDE4WjAzMTEwLwYDVQQD
EyhiNmQ3NmU1NjZjYjJkZjc1YWM1Y2Q5OTgxYzQzYjY5MGQ0ZDM4ZWExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn49z4Dhm6Dht74rKWzDJqcdeban5
6pgS7t21icPPWRHPH3xZ3I9PsmEUjhrgujWpOGyc8yS/NrtSFh3eHlW9ZAD5myj9
i37AUkjng5kIhQXwbV77cJt4jBAZr8M7H7b+24JOkjXf2cFr72czjYpUH0xVB6Js
r0uzEemQhBsbiRVxOMWpku5fZFhDQ9wrvGQywWPqUXS0XQWzJGt+fFsAN2mRbugy
kTarQiDZThJoHXJlc9qH67XLY/NvVXMlKbnyUvdFCjtCMz88704p9sgRhU0y5hdS
mvz8R2+bnVo+t1UZ0G8N7EYDtB2N3LAxi9h4femajCSrgUsY8yiVj+cyjQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLbXblZsst91rFzZmBxDtpDU046hMB8GA1UdIwQY
MBaAFOGrhvgMS7KsVuQex6JGrilp2NNYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNGF1Ry1BeExzcXhXNUI3SG9rYXVLV25ZMDFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNS8xMjQwZWItYmFiNC00NWFkLTkzODct
NTE2ZjExYWNiM2FlLzEvNGF1Ry1BeExzcXhXNUI3SG9rYXVLV25ZMDFnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNS8xMjQwZWItYmFiNC00NWFkLTkzODctNTE2ZjExYWNiM2Fl
LzEvNGF1Ry1BeExzcXhXNUI3SG9rYXVLV25ZMDFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMqKdZSuk
wep2cxckN1UhGrblfwpOT2GWvslFMicJQF5Pz7HO/hzxQsnOfPpX5nU5eeS5/WJr
eM/3W8ybOMIpn+9F5ROJnCCl1/2foob5jjwOiuek7uh0sODgmTq2vIZxAmK66rq3
9tNKdEIXAUazBpPyVIyqffUMGCbBLwSLRxqHWnzPi4dxEfCeNBHOfUMe8ZEOc39q
5CkEucIUgI901CsRFJqxRPO+cooS5M8IKbPJi+PY79sGOICC6P/qVqb0KNC4LVJM
7AEGraNnTHkTFqf/WsW2QoWxG64Gmynz1PPc3WFl8g8daCHoPTv+K3NT9UlkTxmC
Mco1TOR7TR8anQ==
-----END CERTIFICATE-----
Generated at Tue Jun 10 21:27:19 2025 by rpki-client