Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/a8bb57-c181-4695-9be7-57554058620b/1/4qEN5v-uWQQnJEoDND22asVkJ1o.mft
File:                     4qEN5v-uWQQnJEoDND22asVkJ1o.mft (raw, json)
Hash identifier:          V8yCEoPonAEsLzvOC8KFa3iEld8wNQvUEoJIrbUN86k=
Subject key identifier:   BB:28:28:41:64:00:3F:F2:2A:B0:0D:A8:11:DD:34:52:2F:5D:05:14
Authority key identifier: E2:A1:0D:E6:FF:AE:59:04:27:24:4A:03:34:3D:B6:6A:C5:64:27:5A
Certificate issuer:       /CN=e2a10de6ffae590427244a03343db66ac564275a
Certificate serial:       01976EF4F29B456CD6D26B2F53BC45D28861
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/4qEN5v-uWQQnJEoDND22asVkJ1o.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/07/a8bb57-c181-4695-9be7-57554058620b/1/4qEN5v-uWQQnJEoDND22asVkJ1o.mft
Manifest number:          12D8
Signing time:             Sat 14 Jun 2025 15:00:35 +0000
Manifest this update:     Sat 14 Jun 2025 15:00:35 +0000
Manifest next update:     Sun 15 Jun 2025 15:00:35 +0000
Files and hashes:         1: 4qEN5v-uWQQnJEoDND22asVkJ1o.crl (hash: NgXcSJNsaF7VLMqVA3WPARjZCEPBclD2yx9pQPZ1sdA=)
                          2: EMEQainrdjhvrSxfRt2EdTwfFho.roa (hash: MgfrBxxTqDVEh7a/Ypney2yykLPSmFU/4+sRkVkl74s=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/07/a8bb57-c181-4695-9be7-57554058620b/1/4qEN5v-uWQQnJEoDND22asVkJ1o.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/07/a8bb57-c181-4695-9be7-57554058620b/1/4qEN5v-uWQQnJEoDND22asVkJ1o.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/4qEN5v-uWQQnJEoDND22asVkJ1o.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 15 Jun 2025 15:00:35 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:6e:f4:f2:9b:45:6c:d6:d2:6b:2f:53:bc:45:d2:88:61
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e2a10de6ffae590427244a03343db66ac564275a
        Validity
            Not Before: Jun 14 15:00:35 2025 GMT
            Not After : Jun 15 15:00:35 2025 GMT
        Subject: CN=bb28284164003ff22ab00da811dd34522f5d0514
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:95:c0:07:5a:0e:33:83:48:ea:f8:a9:96:bc:9c:
                    35:fa:c7:86:60:a4:10:6e:11:29:ff:35:34:5b:69:
                    c4:b6:9e:89:68:f7:81:83:c2:66:f1:27:bf:bf:15:
                    74:c8:99:39:e2:dc:00:0e:82:eb:48:cf:1c:93:7c:
                    a1:26:5e:e0:2e:1d:94:af:cc:46:a7:68:e6:fd:1c:
                    88:1a:cb:5e:78:b3:63:c1:88:e9:27:90:5d:3a:2d:
                    5c:77:9b:ff:ac:2c:ce:36:bd:50:5d:fe:50:36:6c:
                    65:41:80:e8:c1:87:d0:d4:ad:d3:09:98:4a:da:0e:
                    96:8a:e7:54:c9:f7:03:84:1b:0b:f4:f7:46:bb:2f:
                    a7:89:89:34:65:c0:df:7d:48:53:12:8d:96:65:77:
                    4e:d7:a5:d1:b5:bd:08:f0:45:0e:02:b3:15:67:e9:
                    3b:f6:2e:dc:80:26:73:52:3a:c6:8f:ff:ef:50:48:
                    2a:01:b7:60:1c:15:59:5a:fb:ea:27:fe:d6:88:27:
                    27:5b:10:3c:85:33:9a:d4:a7:f2:10:34:24:56:05:
                    23:66:9d:70:5a:bb:fa:cd:e9:25:9e:44:50:23:07:
                    e0:60:74:34:14:d9:d4:25:c4:8e:5c:b1:cd:bc:bd:
                    e6:6b:81:21:28:64:c5:46:2f:81:50:08:11:70:b6:
                    01:13
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BB:28:28:41:64:00:3F:F2:2A:B0:0D:A8:11:DD:34:52:2F:5D:05:14
            X509v3 Authority Key Identifier:
                keyid:E2:A1:0D:E6:FF:AE:59:04:27:24:4A:03:34:3D:B6:6A:C5:64:27:5A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4qEN5v-uWQQnJEoDND22asVkJ1o.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/a8bb57-c181-4695-9be7-57554058620b/1/4qEN5v-uWQQnJEoDND22asVkJ1o.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/07/a8bb57-c181-4695-9be7-57554058620b/1/4qEN5v-uWQQnJEoDND22asVkJ1o.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         12:e3:b5:4a:bd:6e:7e:4a:e5:aa:85:5c:20:24:06:cb:9c:7b:
         24:88:de:5d:2d:70:f2:f5:d9:65:3f:75:7d:4f:59:a5:d8:86:
         83:b6:e4:50:4b:5e:4b:c3:d5:69:60:a5:43:82:3b:a1:34:8b:
         2f:ac:c1:f9:21:9b:4c:29:9f:9e:45:38:28:1e:ba:52:08:76:
         74:2e:48:78:fb:d4:d1:4c:a5:c1:9a:05:1c:1f:f0:a6:89:c0:
         95:60:93:73:75:49:59:72:2d:8d:0f:51:79:04:8c:2c:b6:2b:
         e4:82:00:c2:21:40:1e:9b:c7:4a:54:65:b0:63:45:e9:3b:07:
         87:d1:b9:03:59:b3:06:d6:09:23:32:7b:44:c4:0d:e8:07:7e:
         d0:e8:6f:47:bf:61:b4:df:93:51:8b:78:83:83:16:f6:52:d6:
         f0:4d:04:38:0b:3c:ab:06:59:0f:0f:c7:66:61:98:34:f6:68:
         fa:fa:fe:97:81:48:b9:2e:77:ea:cc:6e:25:8e:e4:49:45:c0:
         a2:d5:5e:16:a3:37:54:4e:f7:f4:9e:3d:16:3a:7f:86:0e:34:
         c5:81:c3:bf:91:8a:25:fc:bc:37:41:b0:49:b2:ff:7e:cd:81:
         80:7e:e9:23:4a:32:05:1d:45:57:5e:4e:d1:f9:18:d4:50:e3:
         72:db:ce:6c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdu9PKbRWzW0msvU7xF0ohhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUyYTEwZGU2ZmZhZTU5MDQyNzI0NGEwMzM0M2RiNjZhYzU2
NDI3NWEwHhcNMjUwNjE0MTUwMDM1WhcNMjUwNjE1MTUwMDM1WjAzMTEwLwYDVQQD
EyhiYjI4Mjg0MTY0MDAzZmYyMmFiMDBkYTgxMWRkMzQ1MjJmNWQwNTE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlcAHWg4zg0jq+KmWvJw1+seGYKQQ
bhEp/zU0W2nEtp6JaPeBg8Jm8Se/vxV0yJk54twADoLrSM8ck3yhJl7gLh2Ur8xG
p2jm/RyIGsteeLNjwYjpJ5BdOi1cd5v/rCzONr1QXf5QNmxlQYDowYfQ1K3TCZhK
2g6WiudUyfcDhBsL9PdGuy+niYk0ZcDffUhTEo2WZXdO16XRtb0I8EUOArMVZ+k7
9i7cgCZzUjrGj//vUEgqAbdgHBVZWvvqJ/7WiCcnWxA8hTOa1KfyEDQkVgUjZp1w
Wrv6zeklnkRQIwfgYHQ0FNnUJcSOXLHNvL3ma4EhKGTFRi+BUAgRcLYBEwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLsoKEFkAD/yKrANqBHdNFIvXQUUMB8GA1UdIwQY
MBaAFOKhDeb/rlkEJyRKAzQ9tmrFZCdaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNHFFTjV2LXVXUVFuSkVvRE5EMjJhc1ZrSjFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNy9hOGJiNTctYzE4MS00Njk1LTliZTct
NTc1NTQwNTg2MjBiLzEvNHFFTjV2LXVXUVFuSkVvRE5EMjJhc1ZrSjFvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNy9hOGJiNTctYzE4MS00Njk1LTliZTctNTc1NTQwNTg2MjBi
LzEvNHFFTjV2LXVXUVFuSkVvRE5EMjJhc1ZrSjFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAEuO1Sr1u
fkrlqoVcICQGy5x7JIjeXS1w8vXZZT91fU9ZpdiGg7bkUEteS8PVaWClQ4I7oTSL
L6zB+SGbTCmfnkU4KB66Ugh2dC5IePvU0UylwZoFHB/wponAlWCTc3VJWXItjQ9R
eQSMLLYr5IIAwiFAHpvHSlRlsGNF6TsHh9G5A1mzBtYJIzJ7RMQN6Ad+0OhvR79h
tN+TUYt4g4MW9lLW8E0EOAs8qwZZDw/HZmGYNPZo+vr+l4FIuS536sxuJY7kSUXA
otVeFqM3VE739J49Fjp/hg40xYHDv5GKJfy8N0GwSbL/fs2BgH7pI0oyBR1FV15O
0fkY1FDjctvObA==
-----END CERTIFICATE-----
Generated at Sat Jun 14 23:45:53 2025 by rpki-client