Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/56f2a3-7eb7-4513-9f55-677871a03355/1/rAiBXoxlA2AfJUyrNxvsRxvX6qY.mft
File:                     rAiBXoxlA2AfJUyrNxvsRxvX6qY.mft (raw, json)
Hash identifier:          el9FW+zg6hICP/GhVJ8JsbPL4jitWxvKckf0EUT2Xl8=
Subject key identifier:   6A:37:55:5F:E0:DA:8F:7B:6D:58:FB:EC:5C:42:A2:EC:93:70:26:43
Authority key identifier: AC:08:81:5E:8C:65:03:60:1F:25:4C:AB:37:1B:EC:47:1B:D7:EA:A6
Certificate issuer:       /CN=ac08815e8c6503601f254cab371bec471bd7eaa6
Certificate serial:       0197586D2ACB98FA2D4B01AE9705DE817821
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/rAiBXoxlA2AfJUyrNxvsRxvX6qY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/10/56f2a3-7eb7-4513-9f55-677871a03355/1/rAiBXoxlA2AfJUyrNxvsRxvX6qY.mft
Manifest number:          0993
Signing time:             Tue 10 Jun 2025 06:00:38 +0000
Manifest this update:     Tue 10 Jun 2025 06:00:38 +0000
Manifest next update:     Wed 11 Jun 2025 06:00:38 +0000
Files and hashes:         1: QsrgGtjjVfYUdnjVBy3FKVxOReM.roa (hash: /bct/glFTr5+fLpXRU1WLa/LnjLyQigL1zGVjyxrPQI=)
                          2: rAiBXoxlA2AfJUyrNxvsRxvX6qY.crl (hash: zBIAjUgH6TwB8+LQ1CCKL7Wj/AOUGx0U83u3o+SE/NA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/10/56f2a3-7eb7-4513-9f55-677871a03355/1/rAiBXoxlA2AfJUyrNxvsRxvX6qY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/10/56f2a3-7eb7-4513-9f55-677871a03355/1/rAiBXoxlA2AfJUyrNxvsRxvX6qY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/rAiBXoxlA2AfJUyrNxvsRxvX6qY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 11 Jun 2025 06:00:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:58:6d:2a:cb:98:fa:2d:4b:01:ae:97:05:de:81:78:21
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ac08815e8c6503601f254cab371bec471bd7eaa6
        Validity
            Not Before: Jun 10 06:00:38 2025 GMT
            Not After : Jun 11 06:00:38 2025 GMT
        Subject: CN=6a37555fe0da8f7b6d58fbec5c42a2ec93702643
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:db:8f:2e:02:d0:09:8d:83:23:33:35:e4:4f:
                    7f:9e:a1:0b:2b:af:70:44:96:82:32:ad:28:01:76:
                    df:35:40:85:a8:7b:0c:47:3e:22:85:b7:1a:d7:33:
                    7a:38:d3:2d:35:85:dd:2a:d9:10:e1:1f:44:6b:51:
                    4c:50:d5:56:41:8c:c9:fc:2b:10:de:b3:3c:82:f6:
                    08:53:ab:ed:46:8a:5f:7b:52:30:d1:5d:2a:54:5e:
                    84:dd:f7:a9:6b:8b:42:8d:85:5a:65:07:b3:4f:50:
                    92:92:09:50:2a:bd:d2:bf:6f:7b:a2:af:20:57:0b:
                    aa:f2:83:16:ac:88:12:2e:3b:e6:d3:b3:51:0e:cc:
                    08:9c:0f:21:bc:be:f5:a4:6b:85:74:98:3e:d7:fc:
                    b3:5e:0f:06:9b:25:a7:61:b3:58:3a:39:c8:80:f3:
                    68:91:ed:7a:51:cc:99:57:ed:c9:b7:95:65:94:c0:
                    6d:55:cb:9a:34:20:8e:81:5a:ce:89:7b:7b:85:13:
                    51:cf:70:79:5e:9a:72:37:64:f7:fb:60:68:f4:03:
                    c5:3e:be:ca:48:00:03:98:5c:ec:7e:e8:66:38:c7:
                    38:d6:d8:cd:a4:fc:8d:08:5b:a2:c1:e8:25:05:c5:
                    c0:74:00:9d:12:1e:6b:8a:5b:88:81:70:29:93:40:
                    a8:21
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6A:37:55:5F:E0:DA:8F:7B:6D:58:FB:EC:5C:42:A2:EC:93:70:26:43
            X509v3 Authority Key Identifier:
                keyid:AC:08:81:5E:8C:65:03:60:1F:25:4C:AB:37:1B:EC:47:1B:D7:EA:A6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rAiBXoxlA2AfJUyrNxvsRxvX6qY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/56f2a3-7eb7-4513-9f55-677871a03355/1/rAiBXoxlA2AfJUyrNxvsRxvX6qY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/10/56f2a3-7eb7-4513-9f55-677871a03355/1/rAiBXoxlA2AfJUyrNxvsRxvX6qY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6a:54:9c:f3:4d:c7:bc:3f:f4:14:05:f9:36:20:64:c9:81:1c:
         ee:61:fe:9f:ab:68:d3:63:a1:cd:a3:f3:2d:33:f3:0e:ee:74:
         c6:3c:d2:95:46:46:0c:63:ec:4a:f5:f7:8f:b9:02:36:3a:5a:
         47:83:1b:2e:f4:6e:5e:ee:15:9d:e7:69:76:66:27:63:d0:a0:
         7c:c3:28:37:09:ae:df:5f:85:3b:4b:a0:03:2c:3c:43:be:f3:
         6a:e6:03:c1:89:a4:de:6d:a1:4f:ba:4f:01:69:06:f1:87:bc:
         07:25:5c:0b:b6:07:0f:39:07:d4:ed:8b:17:b4:53:6a:be:39:
         37:05:c6:a8:36:8c:88:01:1f:bb:4d:c6:70:44:f6:71:4e:f1:
         d3:8a:3f:ab:73:a7:0b:ef:e0:00:dc:72:02:0f:e3:a7:3b:5d:
         68:55:c8:f1:7e:3b:ae:95:e6:d0:7a:8c:96:fd:8d:92:d6:ea:
         30:37:35:d8:f9:f1:6b:f6:9a:7b:44:a9:46:13:7c:6f:28:42:
         ca:11:8e:2e:9e:4f:f3:84:d8:ae:1a:d6:b8:a2:be:56:f9:97:
         b8:cb:74:a1:0e:bf:28:49:12:18:3c:ef:f3:f8:81:4b:8b:76:
         ed:2c:f3:29:ed:3a:38:78:a2:e3:2f:a5:65:7e:4d:6a:4a:7f:
         78:ca:63:9b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdYbSrLmPotSwGulwXegXghMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFjMDg4MTVlOGM2NTAzNjAxZjI1NGNhYjM3MWJlYzQ3MWJk
N2VhYTYwHhcNMjUwNjEwMDYwMDM4WhcNMjUwNjExMDYwMDM4WjAzMTEwLwYDVQQD
Eyg2YTM3NTU1ZmUwZGE4ZjdiNmQ1OGZiZWM1YzQyYTJlYzkzNzAyNjQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqtuPLgLQCY2DIzM15E9/nqELK69w
RJaCMq0oAXbfNUCFqHsMRz4ihbca1zN6ONMtNYXdKtkQ4R9Ea1FMUNVWQYzJ/CsQ
3rM8gvYIU6vtRopfe1Iw0V0qVF6E3fepa4tCjYVaZQezT1CSkglQKr3Sv297oq8g
Vwuq8oMWrIgSLjvm07NRDswInA8hvL71pGuFdJg+1/yzXg8GmyWnYbNYOjnIgPNo
ke16UcyZV+3Jt5VllMBtVcuaNCCOgVrOiXt7hRNRz3B5XppyN2T3+2Bo9APFPr7K
SAADmFzsfuhmOMc41tjNpPyNCFuiweglBcXAdACdEh5riluIgXApk0CoIQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGo3VV/g2o97bVj77FxCouyTcCZDMB8GA1UdIwQY
MBaAFKwIgV6MZQNgHyVMqzcb7Ecb1+qmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvckFpQlhveGxBMkFmSlV5ck54dnNSeHZYNnFZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC81NmYyYTMtN2ViNy00NTEzLTlmNTUt
Njc3ODcxYTAzMzU1LzEvckFpQlhveGxBMkFmSlV5ck54dnNSeHZYNnFZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC81NmYyYTMtN2ViNy00NTEzLTlmNTUtNjc3ODcxYTAzMzU1
LzEvckFpQlhveGxBMkFmSlV5ck54dnNSeHZYNnFZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAalSc803H
vD/0FAX5NiBkyYEc7mH+n6to02OhzaPzLTPzDu50xjzSlUZGDGPsSvX3j7kCNjpa
R4MbLvRuXu4VnedpdmYnY9CgfMMoNwmu31+FO0ugAyw8Q77zauYDwYmk3m2hT7pP
AWkG8Ye8ByVcC7YHDzkH1O2LF7RTar45NwXGqDaMiAEfu03GcET2cU7x04o/q3On
C+/gANxyAg/jpztdaFXI8X47rpXm0HqMlv2NktbqMDc12Pnxa/aae0SpRhN8byhC
yhGOLp5P84TYrhrWuKK+VvmXuMt0oQ6/KEkSGDzv8/iBS4t27SzzKe06OHii4y+l
ZX5Nakp/eMpjmw==
-----END CERTIFICATE-----
Generated at Tue Jun 10 13:14:07 2025 by rpki-client