Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/05/4df429-f776-4fd3-8de4-00bc903d2621/1/Ilzw0xcEtZ1-6wGFSCAtOlcNqTI.mft
File:                     Ilzw0xcEtZ1-6wGFSCAtOlcNqTI.mft (raw, json)
Hash identifier:          UR9Hz87Xd3UkcDXM7qyUfo0i5mf6j2JSgnXmAU6zasc=
Subject key identifier:   9D:6A:1C:93:8B:00:B0:DB:D0:D3:C4:7A:86:95:84:09:AE:B1:85:C2
Authority key identifier: 22:5C:F0:D3:17:04:B5:9D:7E:EB:01:85:48:20:2D:3A:57:0D:A9:32
Certificate issuer:       /CN=225cf0d31704b59d7eeb018548202d3a570da932
Certificate serial:       01975EDD5EA1C0975281EED9A7F71A518B19
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Ilzw0xcEtZ1-6wGFSCAtOlcNqTI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/05/4df429-f776-4fd3-8de4-00bc903d2621/1/Ilzw0xcEtZ1-6wGFSCAtOlcNqTI.mft
Manifest number:          145C
Signing time:             Wed 11 Jun 2025 12:00:55 +0000
Manifest this update:     Wed 11 Jun 2025 12:00:55 +0000
Manifest next update:     Thu 12 Jun 2025 12:00:55 +0000
Files and hashes:         1: Ilzw0xcEtZ1-6wGFSCAtOlcNqTI.crl (hash: rawGY5Mk0iXo+tfpuzCGJDXjjRtz7iT9gqOvHNeTNpk=)
                          2: rRTGMxhiOpV_X766sLDj0H5s3lk.roa (hash: Fk8zZgs5ltomuLpQlhRuRyNBCQpASYJvnVS5AQLwlOo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/05/4df429-f776-4fd3-8de4-00bc903d2621/1/Ilzw0xcEtZ1-6wGFSCAtOlcNqTI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/05/4df429-f776-4fd3-8de4-00bc903d2621/1/Ilzw0xcEtZ1-6wGFSCAtOlcNqTI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Ilzw0xcEtZ1-6wGFSCAtOlcNqTI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 12 Jun 2025 12:00:55 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:5e:dd:5e:a1:c0:97:52:81:ee:d9:a7:f7:1a:51:8b:19
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=225cf0d31704b59d7eeb018548202d3a570da932
        Validity
            Not Before: Jun 11 12:00:55 2025 GMT
            Not After : Jun 12 12:00:55 2025 GMT
        Subject: CN=9d6a1c938b00b0dbd0d3c47a86958409aeb185c2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:95:e1:1c:07:4d:9d:a6:4d:73:f3:9d:3d:45:
                    1f:bf:5c:eb:c2:ce:10:d3:28:25:20:0c:cb:8e:6a:
                    fe:ab:60:71:89:fd:60:1d:84:df:be:c3:5c:8f:15:
                    41:94:7e:f9:4c:c7:ca:29:a0:ae:2c:fe:07:08:92:
                    d4:4a:12:56:0b:96:29:27:ee:42:0d:f0:cc:da:11:
                    d5:30:78:00:0e:e5:69:04:5e:0c:4f:37:ad:05:82:
                    d9:a6:7e:0e:45:e4:be:42:67:7f:60:11:3a:95:52:
                    6d:f7:fa:a4:9f:32:45:c6:06:6f:ac:a0:4e:76:43:
                    02:45:f8:f6:b8:8f:bd:a4:5c:7f:61:17:7f:3d:71:
                    1a:a0:25:5a:72:24:fc:e2:9c:0a:90:69:88:c8:29:
                    bb:d0:f7:a2:02:e3:65:bc:5d:ff:60:64:18:0f:b8:
                    24:1b:6c:bb:2b:4c:79:c5:a5:6f:76:f9:90:bb:8f:
                    58:5e:26:2e:d8:4c:64:0b:a3:ce:1e:e4:9f:ea:36:
                    8e:da:12:53:c7:59:32:24:35:72:e3:9b:ed:a8:19:
                    3b:e3:26:3e:b9:50:dd:a7:a4:fc:63:75:8e:1a:c2:
                    5a:36:9d:69:50:16:c3:e5:be:b1:24:24:3d:27:ad:
                    ce:1b:11:9d:82:fd:84:40:f2:df:2b:24:1d:fe:78:
                    2d:93
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9D:6A:1C:93:8B:00:B0:DB:D0:D3:C4:7A:86:95:84:09:AE:B1:85:C2
            X509v3 Authority Key Identifier:
                keyid:22:5C:F0:D3:17:04:B5:9D:7E:EB:01:85:48:20:2D:3A:57:0D:A9:32

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ilzw0xcEtZ1-6wGFSCAtOlcNqTI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/4df429-f776-4fd3-8de4-00bc903d2621/1/Ilzw0xcEtZ1-6wGFSCAtOlcNqTI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/05/4df429-f776-4fd3-8de4-00bc903d2621/1/Ilzw0xcEtZ1-6wGFSCAtOlcNqTI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         13:9e:3a:1d:88:7f:df:8e:f6:0c:4a:0f:2c:80:34:dc:9f:26:
         de:56:4b:c6:96:90:4d:04:a3:2b:99:c8:0e:24:fc:ca:71:4b:
         75:8a:72:e5:f9:a5:d9:1d:10:b8:e9:29:88:ea:a6:43:a4:8a:
         da:fa:4f:0f:58:2b:0f:ac:8e:c9:19:dd:62:f9:16:99:75:42:
         6c:d7:b2:bf:cd:77:5d:f5:9c:45:ec:f0:5c:04:25:fe:16:ec:
         73:37:84:97:7a:6d:71:dc:c8:8f:35:5f:71:dd:be:c5:70:52:
         ab:53:16:15:2c:a0:20:ae:b7:c0:1a:cf:37:f3:b0:7f:47:6f:
         ec:fb:c1:05:fb:c3:73:bf:34:94:1f:6d:2d:a9:55:ce:01:7a:
         1f:f7:66:dc:3c:50:c8:5d:7a:58:64:74:32:f5:d8:bc:af:79:
         91:06:8b:77:3e:8b:00:63:81:94:d2:2a:07:a5:56:71:60:5a:
         01:6f:fa:f6:6f:64:86:b5:b3:25:c5:5e:eb:97:4f:c7:4b:6f:
         4b:6e:c6:d3:cb:b8:6d:56:e2:89:44:a2:06:c8:d7:87:5d:ee:
         89:6a:04:1e:f7:0a:d3:dc:5a:13:14:d7:f1:35:53:35:65:f1:
         0b:f1:40:8d:b6:61:86:e0:09:3b:be:d8:36:d3:e5:61:6b:f4:
         48:ce:11:11
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZde3V6hwJdSge7Zp/caUYsZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyNWNmMGQzMTcwNGI1OWQ3ZWViMDE4NTQ4MjAyZDNhNTcw
ZGE5MzIwHhcNMjUwNjExMTIwMDU1WhcNMjUwNjEyMTIwMDU1WjAzMTEwLwYDVQQD
Eyg5ZDZhMWM5MzhiMDBiMGRiZDBkM2M0N2E4Njk1ODQwOWFlYjE4NWMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq5XhHAdNnaZNc/OdPUUfv1zrws4Q
0yglIAzLjmr+q2Bxif1gHYTfvsNcjxVBlH75TMfKKaCuLP4HCJLUShJWC5YpJ+5C
DfDM2hHVMHgADuVpBF4MTzetBYLZpn4OReS+Qmd/YBE6lVJt9/qknzJFxgZvrKBO
dkMCRfj2uI+9pFx/YRd/PXEaoCVaciT84pwKkGmIyCm70PeiAuNlvF3/YGQYD7gk
G2y7K0x5xaVvdvmQu49YXiYu2ExkC6POHuSf6jaO2hJTx1kyJDVy45vtqBk74yY+
uVDdp6T8Y3WOGsJaNp1pUBbD5b6xJCQ9J63OGxGdgv2EQPLfKyQd/ngtkwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJ1qHJOLALDb0NPEeoaVhAmusYXCMB8GA1UdIwQY
MBaAFCJc8NMXBLWdfusBhUggLTpXDakyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSWx6dzB4Y0V0WjEtNndHRlNDQXRPbGNOcVRJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNS80ZGY0MjktZjc3Ni00ZmQzLThkZTQt
MDBiYzkwM2QyNjIxLzEvSWx6dzB4Y0V0WjEtNndHRlNDQXRPbGNOcVRJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNS80ZGY0MjktZjc3Ni00ZmQzLThkZTQtMDBiYzkwM2QyNjIx
LzEvSWx6dzB4Y0V0WjEtNndHRlNDQXRPbGNOcVRJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAE546HYh/
3472DEoPLIA03J8m3lZLxpaQTQSjK5nIDiT8ynFLdYpy5fml2R0QuOkpiOqmQ6SK
2vpPD1grD6yOyRndYvkWmXVCbNeyv813XfWcRezwXAQl/hbsczeEl3ptcdzIjzVf
cd2+xXBSq1MWFSygIK63wBrPN/Owf0dv7PvBBfvDc780lB9tLalVzgF6H/dm3DxQ
yF16WGR0MvXYvK95kQaLdz6LAGOBlNIqB6VWcWBaAW/69m9khrWzJcVe65dPx0tv
S27G08u4bVbiiUSiBsjXh13uiWoEHvcK09xaExTX8TVTNWXxC/FAjbZhhuAJO77Y
NtPlYWv0SM4REQ==
-----END CERTIFICATE-----
Generated at Wed Jun 11 21:22:43 2025 by rpki-client