Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/338605-4db4-4ede-a310-5642353d431a/1/StRn8W0JUeQwcTgyxsdZVh52BB8.mft
File:                     StRn8W0JUeQwcTgyxsdZVh52BB8.mft (raw, json)
Hash identifier:          3H7ZQbrcvZRs7h/3TTi4COnQKhTFOcmgfrd0nntnsG4=
Subject key identifier:   35:67:55:F7:92:4E:9B:F5:DD:CC:6E:24:3F:0C:66:E1:D7:65:AE:D3
Authority key identifier: 4A:D4:67:F1:6D:09:51:E4:30:71:38:32:C6:C7:59:56:1E:76:04:1F
Certificate issuer:       /CN=4ad467f16d0951e430713832c6c759561e76041f
Certificate serial:       019761704725A4A460A511A17AB48BF684BB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/StRn8W0JUeQwcTgyxsdZVh52BB8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0d/338605-4db4-4ede-a310-5642353d431a/1/StRn8W0JUeQwcTgyxsdZVh52BB8.mft
Manifest number:          1589
Signing time:             Thu 12 Jun 2025 00:00:37 +0000
Manifest this update:     Thu 12 Jun 2025 00:00:37 +0000
Manifest next update:     Fri 13 Jun 2025 00:00:37 +0000
Files and hashes:         1: 0qO4O1iuPzCMlLlUt1HamKiYOoA.roa (hash: cgE/JK3sVjQnbjv1N0QFg9l7ug/Hstmhscf6qZhJ3xA=)
                          2: StRn8W0JUeQwcTgyxsdZVh52BB8.crl (hash: rRg17XBgswt1Ka/zJO8T52flOHVcsjWJ7w9bMcX8FiA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0d/338605-4db4-4ede-a310-5642353d431a/1/StRn8W0JUeQwcTgyxsdZVh52BB8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0d/338605-4db4-4ede-a310-5642353d431a/1/StRn8W0JUeQwcTgyxsdZVh52BB8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/StRn8W0JUeQwcTgyxsdZVh52BB8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 13 Jun 2025 00:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:61:70:47:25:a4:a4:60:a5:11:a1:7a:b4:8b:f6:84:bb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4ad467f16d0951e430713832c6c759561e76041f
        Validity
            Not Before: Jun 12 00:00:37 2025 GMT
            Not After : Jun 13 00:00:37 2025 GMT
        Subject: CN=356755f7924e9bf5ddcc6e243f0c66e1d765aed3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:a8:79:91:bd:5e:87:82:a4:41:50:ed:36:52:
                    96:ed:7a:1f:2f:3e:8e:b0:44:c2:41:a0:ac:5b:75:
                    30:fa:a1:8c:78:23:7c:ef:43:11:4e:de:72:83:29:
                    7c:0e:2e:c7:f6:a4:46:a4:b6:66:af:40:fb:05:f2:
                    28:f5:7a:34:85:60:c8:3f:d6:b0:65:4f:fa:96:ab:
                    e7:61:b7:b6:37:d4:db:88:a8:4e:2a:f1:71:c3:62:
                    96:07:12:8d:65:bf:b1:60:c7:3c:a4:ff:cd:73:0d:
                    30:be:52:3e:12:72:4f:a0:74:83:cb:e7:79:02:62:
                    e6:74:fa:e8:2c:f8:cd:bc:6a:a0:71:74:f2:f5:55:
                    a3:ea:1e:21:9e:50:23:65:02:83:0c:47:e4:ef:f6:
                    2d:da:e3:89:d1:c1:61:ae:a7:dc:9a:74:81:09:ea:
                    f3:ec:aa:37:e7:09:fb:63:4f:35:13:27:c7:8a:64:
                    95:cf:e6:cf:62:d2:50:e6:cf:bd:32:1e:65:e3:12:
                    3b:39:b4:89:b8:ad:17:5c:0a:7f:8b:f4:54:a7:5c:
                    1e:d1:04:9c:1a:77:b3:1c:f2:8d:36:1c:11:bf:67:
                    e3:8e:cb:c7:ba:b9:8f:ff:2a:cc:e7:cf:b4:8b:90:
                    c6:8f:88:50:d8:d0:6f:77:0a:28:a7:f4:19:c9:d8:
                    6a:25
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                35:67:55:F7:92:4E:9B:F5:DD:CC:6E:24:3F:0C:66:E1:D7:65:AE:D3
            X509v3 Authority Key Identifier:
                keyid:4A:D4:67:F1:6D:09:51:E4:30:71:38:32:C6:C7:59:56:1E:76:04:1F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/StRn8W0JUeQwcTgyxsdZVh52BB8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/338605-4db4-4ede-a310-5642353d431a/1/StRn8W0JUeQwcTgyxsdZVh52BB8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/338605-4db4-4ede-a310-5642353d431a/1/StRn8W0JUeQwcTgyxsdZVh52BB8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2d:b7:8b:aa:87:70:04:2e:48:a7:27:d2:fc:c6:f9:1c:21:9b:
         6b:ea:1e:18:60:3b:85:9c:25:15:3f:01:c9:b9:ee:03:d9:76:
         e1:07:f7:f5:9a:0c:1a:5f:2e:fa:ce:48:0e:e2:5b:62:cd:aa:
         1a:af:ce:83:48:c3:d2:af:fb:9f:bd:db:6d:bf:cd:a7:a5:01:
         07:9b:08:f0:fd:48:e8:35:70:02:37:ae:77:ce:0a:b6:68:92:
         37:2c:e1:06:c6:4e:e5:6b:3d:7f:7b:23:41:71:ce:f4:86:5b:
         03:71:52:01:66:a0:d3:4f:98:11:67:60:df:32:81:86:51:a1:
         b5:c3:1c:fc:f8:f3:56:3a:a7:0d:05:f5:64:79:54:07:a9:69:
         62:0d:17:13:a9:f2:bd:9b:4c:ee:3e:a5:d8:6e:6d:e6:b0:45:
         9f:8d:89:13:89:d4:a5:c8:97:2c:16:6c:cf:e5:e5:6a:bd:dc:
         bf:91:57:5e:4e:61:d7:ef:cb:92:7c:39:2e:34:71:82:6a:d9:
         82:f0:c0:bb:22:f2:71:77:56:ef:42:e9:b7:70:d1:87:db:31:
         fe:c8:ad:15:69:d8:9d:3f:e4:74:d4:38:f3:45:13:90:89:e2:
         09:83:ed:67:16:8f:d6:64:7d:63:be:b8:4b:fd:94:70:64:78:
         2d:7c:24:dc
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdhcEclpKRgpRGherSL9oS7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRhZDQ2N2YxNmQwOTUxZTQzMDcxMzgzMmM2Yzc1OTU2MWU3
NjA0MWYwHhcNMjUwNjEyMDAwMDM3WhcNMjUwNjEzMDAwMDM3WjAzMTEwLwYDVQQD
EygzNTY3NTVmNzkyNGU5YmY1ZGRjYzZlMjQzZjBjNjZlMWQ3NjVhZWQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuah5kb1eh4KkQVDtNlKW7XofLz6O
sETCQaCsW3Uw+qGMeCN870MRTt5ygyl8Di7H9qRGpLZmr0D7BfIo9Xo0hWDIP9aw
ZU/6lqvnYbe2N9TbiKhOKvFxw2KWBxKNZb+xYMc8pP/Ncw0wvlI+EnJPoHSDy+d5
AmLmdProLPjNvGqgcXTy9VWj6h4hnlAjZQKDDEfk7/Yt2uOJ0cFhrqfcmnSBCerz
7Ko35wn7Y081EyfHimSVz+bPYtJQ5s+9Mh5l4xI7ObSJuK0XXAp/i/RUp1we0QSc
GnezHPKNNhwRv2fjjsvHurmP/yrM58+0i5DGj4hQ2NBvdwoop/QZydhqJQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDVnVfeSTpv13cxuJD8MZuHXZa7TMB8GA1UdIwQY
MBaAFErUZ/FtCVHkMHE4MsbHWVYedgQfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU3RSbjhXMEpVZVF3Y1RneXhzZFpWaDUyQkI4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZC8zMzg2MDUtNGRiNC00ZWRlLWEzMTAt
NTY0MjM1M2Q0MzFhLzEvU3RSbjhXMEpVZVF3Y1RneXhzZFpWaDUyQkI4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZC8zMzg2MDUtNGRiNC00ZWRlLWEzMTAtNTY0MjM1M2Q0MzFh
LzEvU3RSbjhXMEpVZVF3Y1RneXhzZFpWaDUyQkI4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALbeLqodw
BC5IpyfS/Mb5HCGba+oeGGA7hZwlFT8BybnuA9l24Qf39ZoMGl8u+s5IDuJbYs2q
Gq/Og0jD0q/7n73bbb/Np6UBB5sI8P1I6DVwAjeud84KtmiSNyzhBsZO5Ws9f3sj
QXHO9IZbA3FSAWag00+YEWdg3zKBhlGhtcMc/PjzVjqnDQX1ZHlUB6lpYg0XE6ny
vZtM7j6l2G5t5rBFn42JE4nUpciXLBZsz+Xlar3cv5FXXk5h1+/Lknw5LjRxgmrZ
gvDAuyLycXdW70Lpt3DRh9sx/sitFWnYnT/kdNQ480UTkIniCYPtZxaP1mR9Y764
S/2UcGR4LXwk3A==
-----END CERTIFICATE-----
Generated at Thu Jun 12 09:16:17 2025 by rpki-client