Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/a8bb57-c181-4695-9be7-57554058620b/1/4qEN5v-uWQQnJEoDND22asVkJ1o.mft
File:                     4qEN5v-uWQQnJEoDND22asVkJ1o.mft (raw, json)
Hash identifier:          7tck+c8QYI2wqLf7FXLv3j5H6aX2iR+EsqNwRkGVit4=
Subject key identifier:   51:1C:70:70:B9:A5:6A:05:F0:A9:C9:4C:EE:AB:AE:62:AE:90:6B:15
Authority key identifier: E2:A1:0D:E6:FF:AE:59:04:27:24:4A:03:34:3D:B6:6A:C5:64:27:5A
Certificate issuer:       /CN=e2a10de6ffae590427244a03343db66ac564275a
Certificate serial:       019759B6BB780307A505661695A9E75CA344
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/4qEN5v-uWQQnJEoDND22asVkJ1o.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/07/a8bb57-c181-4695-9be7-57554058620b/1/4qEN5v-uWQQnJEoDND22asVkJ1o.mft
Manifest number:          12CD
Signing time:             Tue 10 Jun 2025 12:00:36 +0000
Manifest this update:     Tue 10 Jun 2025 12:00:36 +0000
Manifest next update:     Wed 11 Jun 2025 12:00:36 +0000
Files and hashes:         1: 4qEN5v-uWQQnJEoDND22asVkJ1o.crl (hash: wlR8HnzDS9zWg1d1CF1vB/PBu/bB3jsgwwX/3pEUDGA=)
                          2: EMEQainrdjhvrSxfRt2EdTwfFho.roa (hash: MgfrBxxTqDVEh7a/Ypney2yykLPSmFU/4+sRkVkl74s=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/07/a8bb57-c181-4695-9be7-57554058620b/1/4qEN5v-uWQQnJEoDND22asVkJ1o.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/07/a8bb57-c181-4695-9be7-57554058620b/1/4qEN5v-uWQQnJEoDND22asVkJ1o.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/4qEN5v-uWQQnJEoDND22asVkJ1o.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 11 Jun 2025 09:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:59:b6:bb:78:03:07:a5:05:66:16:95:a9:e7:5c:a3:44
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e2a10de6ffae590427244a03343db66ac564275a
        Validity
            Not Before: Jun 10 12:00:36 2025 GMT
            Not After : Jun 11 12:00:36 2025 GMT
        Subject: CN=511c7070b9a56a05f0a9c94ceeabae62ae906b15
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:69:f1:43:08:d5:51:4f:36:de:2b:af:c3:9a:
                    b8:2a:e5:50:d1:92:f1:cb:f8:90:4e:c6:36:b8:6e:
                    5e:97:a5:6b:5f:7c:3f:e9:f0:e1:e9:d7:ff:0c:bb:
                    e8:53:bf:34:50:d2:8c:f7:e1:85:81:2d:c4:a8:e5:
                    51:e0:17:2f:17:9b:6a:36:fd:1c:ad:8b:8b:d0:c5:
                    3a:11:96:7d:37:b8:c9:07:ee:8f:cb:ee:1b:c0:fc:
                    05:e6:ee:1c:12:f3:51:41:a6:eb:98:37:9c:78:dd:
                    06:cd:ed:ab:4b:62:8b:51:40:15:cb:b6:8b:9a:d7:
                    1f:2b:4f:26:f9:54:8a:ad:7d:ae:d6:47:98:6d:17:
                    86:72:9d:83:c9:59:96:32:71:29:e1:2c:62:bc:cf:
                    d3:ea:1d:59:3c:c0:b9:f8:cf:ad:6e:2b:62:af:fc:
                    23:bf:5e:c9:c5:96:78:07:ab:65:e9:f7:9b:e7:18:
                    da:7d:35:c3:48:d0:20:56:2d:49:19:d1:04:b5:70:
                    b3:f0:f7:46:d0:2f:8d:f4:16:16:c3:d3:f4:a2:eb:
                    56:63:ed:2c:06:ee:e0:f5:19:d9:a6:5b:78:5b:8f:
                    ec:46:a3:a6:95:08:55:e2:b6:38:c9:51:a1:dc:b2:
                    9d:57:2a:67:5d:a3:a2:56:ac:33:5c:b8:c6:f2:2e:
                    74:c9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                51:1C:70:70:B9:A5:6A:05:F0:A9:C9:4C:EE:AB:AE:62:AE:90:6B:15
            X509v3 Authority Key Identifier:
                keyid:E2:A1:0D:E6:FF:AE:59:04:27:24:4A:03:34:3D:B6:6A:C5:64:27:5A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4qEN5v-uWQQnJEoDND22asVkJ1o.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/a8bb57-c181-4695-9be7-57554058620b/1/4qEN5v-uWQQnJEoDND22asVkJ1o.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/07/a8bb57-c181-4695-9be7-57554058620b/1/4qEN5v-uWQQnJEoDND22asVkJ1o.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         82:dc:45:d5:88:f6:45:0b:ed:1b:66:e0:d8:95:9a:16:e7:4b:
         4f:d4:cb:ff:36:0e:13:ea:01:9b:ad:e4:c7:e1:f6:d3:ad:7f:
         61:64:32:c9:37:80:d2:8c:f7:ab:a9:6e:bf:1d:5f:1f:5f:df:
         f6:c3:c1:12:63:bd:29:ce:6c:75:53:4a:c5:a3:7b:b6:06:d8:
         da:3e:12:fa:a8:e8:1f:26:41:3a:f5:b5:83:39:07:e6:ff:4e:
         d8:43:a6:93:82:4d:6e:6a:3b:93:ee:93:17:3d:f7:d6:3b:f3:
         27:40:e2:e9:d2:67:e0:dc:27:6f:18:7c:48:17:73:ea:71:83:
         01:8c:96:aa:f0:8a:34:ce:82:db:bc:a7:e2:49:86:20:0e:95:
         a9:6b:53:9a:d5:80:8d:1b:64:a9:2f:01:de:18:1d:bf:29:2c:
         b7:9f:e4:62:08:0c:cb:13:ef:c5:cb:c9:fb:d9:fe:5b:4a:22:
         18:80:19:37:0b:13:06:b0:7d:a1:2e:c7:89:ac:c9:c3:e2:c1:
         0e:83:74:c1:47:5f:68:c2:e6:16:84:37:e7:ca:89:cf:30:56:
         c9:d4:f2:04:19:1b:33:31:7c:3f:3a:24:23:9d:63:57:ee:3a:
         05:7f:b3:0e:b6:43:f9:14:15:b4:4c:fc:e0:62:48:7e:a8:8b:
         36:d5:2e:e8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdZtrt4AwelBWYWlannXKNEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUyYTEwZGU2ZmZhZTU5MDQyNzI0NGEwMzM0M2RiNjZhYzU2
NDI3NWEwHhcNMjUwNjEwMTIwMDM2WhcNMjUwNjExMTIwMDM2WjAzMTEwLwYDVQQD
Eyg1MTFjNzA3MGI5YTU2YTA1ZjBhOWM5NGNlZWFiYWU2MmFlOTA2YjE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt2nxQwjVUU823iuvw5q4KuVQ0ZLx
y/iQTsY2uG5el6VrX3w/6fDh6df/DLvoU780UNKM9+GFgS3EqOVR4BcvF5tqNv0c
rYuL0MU6EZZ9N7jJB+6Py+4bwPwF5u4cEvNRQabrmDeceN0Gze2rS2KLUUAVy7aL
mtcfK08m+VSKrX2u1keYbReGcp2DyVmWMnEp4SxivM/T6h1ZPMC5+M+tbitir/wj
v17JxZZ4B6tl6feb5xjafTXDSNAgVi1JGdEEtXCz8PdG0C+N9BYWw9P0outWY+0s
Bu7g9RnZplt4W4/sRqOmlQhV4rY4yVGh3LKdVypnXaOiVqwzXLjG8i50yQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFEccHC5pWoF8KnJTO6rrmKukGsVMB8GA1UdIwQY
MBaAFOKhDeb/rlkEJyRKAzQ9tmrFZCdaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNHFFTjV2LXVXUVFuSkVvRE5EMjJhc1ZrSjFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNy9hOGJiNTctYzE4MS00Njk1LTliZTct
NTc1NTQwNTg2MjBiLzEvNHFFTjV2LXVXUVFuSkVvRE5EMjJhc1ZrSjFvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNy9hOGJiNTctYzE4MS00Njk1LTliZTctNTc1NTQwNTg2MjBi
LzEvNHFFTjV2LXVXUVFuSkVvRE5EMjJhc1ZrSjFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAgtxF1Yj2
RQvtG2bg2JWaFudLT9TL/zYOE+oBm63kx+H2061/YWQyyTeA0oz3q6luvx1fH1/f
9sPBEmO9Kc5sdVNKxaN7tgbY2j4S+qjoHyZBOvW1gzkH5v9O2EOmk4JNbmo7k+6T
Fz331jvzJ0Di6dJn4Nwnbxh8SBdz6nGDAYyWqvCKNM6C27yn4kmGIA6VqWtTmtWA
jRtkqS8B3hgdvykst5/kYggMyxPvxcvJ+9n+W0oiGIAZNwsTBrB9oS7HiazJw+LB
DoN0wUdfaMLmFoQ358qJzzBWydTyBBkbMzF8PzokI51jV+46BX+zDrZD+RQVtEz8
4GJIfqiLNtUu6A==
-----END CERTIFICATE-----
Generated at Tue Jun 10 14:59:54 2025 by rpki-client