Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/a8bb57-c181-4695-9be7-57554058620b/1/4qEN5v-uWQQnJEoDND22asVkJ1o.mft
File:                     4qEN5v-uWQQnJEoDND22asVkJ1o.mft (raw, json)
Hash identifier:          q6Y6kTTCbW0G5rFckF/gmJlH+8ksEfeg5Hft8xI2VSI=
Subject key identifier:   49:AF:9B:79:C1:DD:90:70:D4:D0:04:D9:89:49:6F:C3:9C:66:9D:86
Authority key identifier: E2:A1:0D:E6:FF:AE:59:04:27:24:4A:03:34:3D:B6:6A:C5:64:27:5A
Certificate issuer:       /CN=e2a10de6ffae590427244a03343db66ac564275a
Certificate serial:       019761707A4263E6E503B3BFE561C1C8304F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/4qEN5v-uWQQnJEoDND22asVkJ1o.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/07/a8bb57-c181-4695-9be7-57554058620b/1/4qEN5v-uWQQnJEoDND22asVkJ1o.mft
Manifest number:          12D1
Signing time:             Thu 12 Jun 2025 00:00:50 +0000
Manifest this update:     Thu 12 Jun 2025 00:00:50 +0000
Manifest next update:     Fri 13 Jun 2025 00:00:50 +0000
Files and hashes:         1: 4qEN5v-uWQQnJEoDND22asVkJ1o.crl (hash: Td+DSw8zGgliKA5IozV4kc4d5JmDtbLp4aX8R7JSA6Q=)
                          2: EMEQainrdjhvrSxfRt2EdTwfFho.roa (hash: MgfrBxxTqDVEh7a/Ypney2yykLPSmFU/4+sRkVkl74s=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/07/a8bb57-c181-4695-9be7-57554058620b/1/4qEN5v-uWQQnJEoDND22asVkJ1o.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/07/a8bb57-c181-4695-9be7-57554058620b/1/4qEN5v-uWQQnJEoDND22asVkJ1o.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/4qEN5v-uWQQnJEoDND22asVkJ1o.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 12 Jun 2025 21:26:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:61:70:7a:42:63:e6:e5:03:b3:bf:e5:61:c1:c8:30:4f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e2a10de6ffae590427244a03343db66ac564275a
        Validity
            Not Before: Jun 12 00:00:50 2025 GMT
            Not After : Jun 13 00:00:50 2025 GMT
        Subject: CN=49af9b79c1dd9070d4d004d989496fc39c669d86
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dd:a7:49:3e:56:dd:6d:38:c0:c4:dc:c9:1f:c0:
                    79:a4:e1:79:0b:b3:22:41:04:1d:07:b9:b3:84:88:
                    59:2b:2d:65:cc:50:d8:e7:4c:d5:cb:8d:94:ed:9a:
                    6f:8e:dc:43:9e:64:83:c5:45:f0:8b:f8:be:d8:aa:
                    8a:b5:a8:8a:65:ed:c5:24:23:ca:88:27:f4:18:64:
                    9c:e7:50:ca:68:26:66:5b:c6:4e:50:eb:db:e1:56:
                    b9:2e:f8:20:e1:59:6e:93:66:f1:b9:3f:d1:5a:bf:
                    d9:76:6f:63:2e:7c:60:f2:0a:bc:fc:4b:2d:f4:95:
                    b1:00:62:22:a7:41:9b:83:de:5d:93:3b:5f:35:bc:
                    d8:b7:48:28:0d:4b:fa:bc:8d:36:e5:ea:87:f7:79:
                    62:4e:ce:cf:59:85:41:ec:95:86:67:33:68:c5:2f:
                    e0:b0:29:f1:ef:60:01:1b:29:d9:1b:b1:ad:2f:6a:
                    5b:20:36:b2:5a:63:d6:c5:3d:74:32:69:87:e9:cb:
                    da:a3:4b:22:7d:7d:8c:9c:4f:b2:b9:d0:49:05:56:
                    aa:1e:71:65:9a:ae:37:b2:7c:be:66:58:ca:39:28:
                    27:9f:22:7f:d4:5e:38:33:c6:b0:b3:c4:a0:79:bf:
                    24:c1:7c:38:dd:48:10:6e:b6:22:74:bd:dd:f5:ac:
                    fc:69
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                49:AF:9B:79:C1:DD:90:70:D4:D0:04:D9:89:49:6F:C3:9C:66:9D:86
            X509v3 Authority Key Identifier:
                keyid:E2:A1:0D:E6:FF:AE:59:04:27:24:4A:03:34:3D:B6:6A:C5:64:27:5A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4qEN5v-uWQQnJEoDND22asVkJ1o.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/a8bb57-c181-4695-9be7-57554058620b/1/4qEN5v-uWQQnJEoDND22asVkJ1o.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/07/a8bb57-c181-4695-9be7-57554058620b/1/4qEN5v-uWQQnJEoDND22asVkJ1o.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0c:3e:b3:e3:8b:04:ad:fd:70:5e:94:83:52:bb:92:a7:b6:74:
         91:6e:93:ee:5b:c2:0c:30:72:80:f7:13:14:65:2d:bd:0a:5d:
         ad:f6:cb:e7:85:0b:a9:a8:38:04:37:a4:40:39:6c:1d:f7:52:
         5a:0a:1d:e4:d2:ee:53:c3:07:d5:dd:c9:35:25:30:5c:12:b2:
         ae:de:d4:50:5b:40:7b:5a:2e:3d:8c:18:6d:06:fb:1d:7d:1d:
         a9:fc:e1:8e:dd:5a:3e:ae:7d:47:c1:0d:ba:26:67:25:9e:37:
         10:05:49:ed:7b:3e:e3:22:79:d2:e3:58:87:23:80:f4:df:45:
         71:c8:2e:c0:91:2c:89:04:0d:6e:ae:aa:1e:8a:e5:22:cf:4d:
         75:19:1d:82:d7:d0:fb:69:01:de:25:d2:a5:18:64:40:d6:f3:
         10:0b:e8:f1:c7:f8:1c:ff:10:22:b7:03:c7:dd:96:07:d5:33:
         3f:44:bc:0a:cf:fb:a8:60:c6:99:59:0d:86:74:fe:fa:72:17:
         b7:41:09:e8:93:a4:51:87:92:bd:f6:5a:fa:a7:bb:9f:0a:ce:
         75:d3:54:c9:0b:51:4d:73:fa:ba:3e:4d:f2:27:8d:9f:0c:75:
         94:5b:96:f8:64:1d:3e:86:6f:78:3c:0d:38:c1:7a:68:9b:89:
         93:d1:94:fc
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdhcHpCY+blA7O/5WHByDBPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUyYTEwZGU2ZmZhZTU5MDQyNzI0NGEwMzM0M2RiNjZhYzU2
NDI3NWEwHhcNMjUwNjEyMDAwMDUwWhcNMjUwNjEzMDAwMDUwWjAzMTEwLwYDVQQD
Eyg0OWFmOWI3OWMxZGQ5MDcwZDRkMDA0ZDk4OTQ5NmZjMzljNjY5ZDg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3adJPlbdbTjAxNzJH8B5pOF5C7Mi
QQQdB7mzhIhZKy1lzFDY50zVy42U7ZpvjtxDnmSDxUXwi/i+2KqKtaiKZe3FJCPK
iCf0GGSc51DKaCZmW8ZOUOvb4Va5Lvgg4Vluk2bxuT/RWr/Zdm9jLnxg8gq8/Est
9JWxAGIip0Gbg95dkztfNbzYt0goDUv6vI025eqH93liTs7PWYVB7JWGZzNoxS/g
sCnx72ABGynZG7GtL2pbIDayWmPWxT10MmmH6cvao0sifX2MnE+yudBJBVaqHnFl
mq43sny+ZljKOSgnnyJ/1F44M8aws8Sgeb8kwXw43UgQbrYidL3d9az8aQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEmvm3nB3ZBw1NAE2YlJb8OcZp2GMB8GA1UdIwQY
MBaAFOKhDeb/rlkEJyRKAzQ9tmrFZCdaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNHFFTjV2LXVXUVFuSkVvRE5EMjJhc1ZrSjFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNy9hOGJiNTctYzE4MS00Njk1LTliZTct
NTc1NTQwNTg2MjBiLzEvNHFFTjV2LXVXUVFuSkVvRE5EMjJhc1ZrSjFvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNy9hOGJiNTctYzE4MS00Njk1LTliZTctNTc1NTQwNTg2MjBi
LzEvNHFFTjV2LXVXUVFuSkVvRE5EMjJhc1ZrSjFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADD6z44sE
rf1wXpSDUruSp7Z0kW6T7lvCDDBygPcTFGUtvQpdrfbL54ULqag4BDekQDlsHfdS
Wgod5NLuU8MH1d3JNSUwXBKyrt7UUFtAe1ouPYwYbQb7HX0dqfzhjt1aPq59R8EN
uiZnJZ43EAVJ7Xs+4yJ50uNYhyOA9N9FccguwJEsiQQNbq6qHorlIs9NdRkdgtfQ
+2kB3iXSpRhkQNbzEAvo8cf4HP8QIrcDx92WB9UzP0S8Cs/7qGDGmVkNhnT++nIX
t0EJ6JOkUYeSvfZa+qe7nwrOddNUyQtRTXP6uj5N8ieNnwx1lFuW+GQdPoZveDwN
OMF6aJuJk9GU/A==
-----END CERTIFICATE-----
Generated at Thu Jun 12 02:17:38 2025 by rpki-client