Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/56f2a3-7eb7-4513-9f55-677871a03355/1/rAiBXoxlA2AfJUyrNxvsRxvX6qY.mft
File:                     rAiBXoxlA2AfJUyrNxvsRxvX6qY.mft (raw, json)
Hash identifier:          zGlKZ9McxLmvqXSU3xUalKQKIK9CdZJtopP+z4oiTUk=
Subject key identifier:   CC:DE:82:1A:7D:30:83:1F:CB:00:8D:F5:B6:9B:87:EA:D6:FB:F4:61
Authority key identifier: AC:08:81:5E:8C:65:03:60:1F:25:4C:AB:37:1B:EC:47:1B:D7:EA:A6
Certificate issuer:       /CN=ac08815e8c6503601f254cab371bec471bd7eaa6
Certificate serial:       01976403BAEB54E3ACC176CC41953E69C760
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/rAiBXoxlA2AfJUyrNxvsRxvX6qY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/10/56f2a3-7eb7-4513-9f55-677871a03355/1/rAiBXoxlA2AfJUyrNxvsRxvX6qY.mft
Manifest number:          0999
Signing time:             Thu 12 Jun 2025 12:00:55 +0000
Manifest this update:     Thu 12 Jun 2025 12:00:55 +0000
Manifest next update:     Fri 13 Jun 2025 12:00:55 +0000
Files and hashes:         1: QsrgGtjjVfYUdnjVBy3FKVxOReM.roa (hash: /bct/glFTr5+fLpXRU1WLa/LnjLyQigL1zGVjyxrPQI=)
                          2: rAiBXoxlA2AfJUyrNxvsRxvX6qY.crl (hash: DJUOgWHDE7GEHTUFi1Xm80BlXXNROhrf0tUcW8Leg5I=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/10/56f2a3-7eb7-4513-9f55-677871a03355/1/rAiBXoxlA2AfJUyrNxvsRxvX6qY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/10/56f2a3-7eb7-4513-9f55-677871a03355/1/rAiBXoxlA2AfJUyrNxvsRxvX6qY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/rAiBXoxlA2AfJUyrNxvsRxvX6qY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 13 Jun 2025 12:00:55 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:64:03:ba:eb:54:e3:ac:c1:76:cc:41:95:3e:69:c7:60
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ac08815e8c6503601f254cab371bec471bd7eaa6
        Validity
            Not Before: Jun 12 12:00:55 2025 GMT
            Not After : Jun 13 12:00:55 2025 GMT
        Subject: CN=ccde821a7d30831fcb008df5b69b87ead6fbf461
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8a:64:33:f7:bc:c4:16:fa:5d:93:bc:eb:15:38:
                    6f:8c:0a:7f:9d:5d:48:65:75:f5:e5:f4:98:b9:5f:
                    2a:42:b6:4c:31:e1:69:af:6c:c5:23:aa:4f:2d:e8:
                    b1:92:c7:7b:c9:1b:b6:11:d9:20:5b:75:0a:fa:23:
                    4e:d8:18:0b:92:09:87:77:11:37:ba:19:41:41:74:
                    8c:bc:21:e9:01:f0:9f:d8:d9:9f:56:6e:d9:6a:03:
                    f0:20:04:d2:68:5b:48:c9:ec:1a:e2:50:6a:6f:1b:
                    74:1b:7b:7c:46:41:57:47:f8:4d:91:79:33:f5:f2:
                    f3:30:db:3e:16:21:da:dc:00:7b:69:08:81:21:de:
                    d2:1f:19:ba:85:f4:63:56:93:53:eb:a5:c9:8c:85:
                    c6:22:ac:a1:79:4b:0b:51:d4:b1:7c:40:b8:7b:c0:
                    ee:fb:0c:d3:b6:94:aa:30:31:05:7e:82:0d:11:4d:
                    35:4b:66:95:d1:bb:51:b9:53:12:c1:71:e8:0f:30:
                    5b:d0:a0:bd:c5:ab:09:c4:3f:f0:b1:44:53:d5:d8:
                    7e:e0:e1:20:1c:54:3e:75:9d:e2:e9:f9:d3:14:1d:
                    5c:6b:e6:18:cb:1e:7b:d2:68:39:58:6a:ed:74:b9:
                    f6:c6:fb:4f:41:fd:df:4b:aa:89:d4:54:18:fc:af:
                    fd:15
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CC:DE:82:1A:7D:30:83:1F:CB:00:8D:F5:B6:9B:87:EA:D6:FB:F4:61
            X509v3 Authority Key Identifier:
                keyid:AC:08:81:5E:8C:65:03:60:1F:25:4C:AB:37:1B:EC:47:1B:D7:EA:A6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rAiBXoxlA2AfJUyrNxvsRxvX6qY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/56f2a3-7eb7-4513-9f55-677871a03355/1/rAiBXoxlA2AfJUyrNxvsRxvX6qY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/10/56f2a3-7eb7-4513-9f55-677871a03355/1/rAiBXoxlA2AfJUyrNxvsRxvX6qY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         06:13:7e:18:5b:02:7c:fc:c8:31:6d:15:9b:4f:51:f3:03:2d:
         06:0e:da:44:d7:f6:d9:ef:48:22:9b:34:52:b0:8d:73:b5:93:
         8c:15:63:be:48:d7:f7:b7:99:a5:e2:7d:d7:05:32:5c:fe:6a:
         92:71:e2:23:3a:63:5f:f3:b7:a7:c3:d0:af:1a:4b:2e:29:b9:
         3f:3a:81:2b:e4:c2:14:64:97:aa:38:97:49:0c:45:51:c6:5f:
         6d:ba:e0:b9:97:6b:19:b6:85:0c:8f:bc:2b:f3:e6:11:fc:0a:
         a7:9e:65:d2:46:d2:dd:a6:14:76:50:f1:79:09:5c:ba:52:ca:
         8a:a3:7c:60:6b:d5:a8:11:1b:b4:0d:eb:b9:64:d2:0c:09:1a:
         ad:a2:2a:4d:8b:98:0d:5c:de:07:be:d6:d1:32:8a:4d:4c:bb:
         0e:4d:90:ed:29:6d:1a:76:c8:b8:90:6a:38:aa:f9:2f:d5:71:
         2d:93:5e:e1:51:68:f5:5b:80:78:ef:56:0b:e9:ad:e7:7b:ef:
         e3:be:47:47:0e:aa:98:16:54:87:ee:2a:41:fa:13:cc:15:d5:
         f1:15:15:6c:87:57:1a:51:3a:e7:02:41:6f:46:72:f1:a9:5a:
         45:b2:33:c0:36:54:9f:e2:b7:de:2b:5c:c8:c1:36:95:f4:79:
         f6:5a:a9:7b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdkA7rrVOOswXbMQZU+acdgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFjMDg4MTVlOGM2NTAzNjAxZjI1NGNhYjM3MWJlYzQ3MWJk
N2VhYTYwHhcNMjUwNjEyMTIwMDU1WhcNMjUwNjEzMTIwMDU1WjAzMTEwLwYDVQQD
EyhjY2RlODIxYTdkMzA4MzFmY2IwMDhkZjViNjliODdlYWQ2ZmJmNDYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAimQz97zEFvpdk7zrFThvjAp/nV1I
ZXX15fSYuV8qQrZMMeFpr2zFI6pPLeixksd7yRu2EdkgW3UK+iNO2BgLkgmHdxE3
uhlBQXSMvCHpAfCf2NmfVm7ZagPwIATSaFtIyewa4lBqbxt0G3t8RkFXR/hNkXkz
9fLzMNs+FiHa3AB7aQiBId7SHxm6hfRjVpNT66XJjIXGIqyheUsLUdSxfEC4e8Du
+wzTtpSqMDEFfoINEU01S2aV0btRuVMSwXHoDzBb0KC9xasJxD/wsURT1dh+4OEg
HFQ+dZ3i6fnTFB1ca+YYyx570mg5WGrtdLn2xvtPQf3fS6qJ1FQY/K/9FQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMzeghp9MIMfywCN9babh+rW+/RhMB8GA1UdIwQY
MBaAFKwIgV6MZQNgHyVMqzcb7Ecb1+qmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvckFpQlhveGxBMkFmSlV5ck54dnNSeHZYNnFZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC81NmYyYTMtN2ViNy00NTEzLTlmNTUt
Njc3ODcxYTAzMzU1LzEvckFpQlhveGxBMkFmSlV5ck54dnNSeHZYNnFZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC81NmYyYTMtN2ViNy00NTEzLTlmNTUtNjc3ODcxYTAzMzU1
LzEvckFpQlhveGxBMkFmSlV5ck54dnNSeHZYNnFZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEABhN+GFsC
fPzIMW0Vm09R8wMtBg7aRNf22e9IIps0UrCNc7WTjBVjvkjX97eZpeJ91wUyXP5q
knHiIzpjX/O3p8PQrxpLLim5PzqBK+TCFGSXqjiXSQxFUcZfbbrguZdrGbaFDI+8
K/PmEfwKp55l0kbS3aYUdlDxeQlculLKiqN8YGvVqBEbtA3ruWTSDAkaraIqTYuY
DVzeB77W0TKKTUy7Dk2Q7SltGnbIuJBqOKr5L9VxLZNe4VFo9VuAeO9WC+mt53vv
475HRw6qmBZUh+4qQfoTzBXV8RUVbIdXGlE65wJBb0Zy8alaRbIzwDZUn+K33itc
yME2lfR59lqpew==
-----END CERTIFICATE-----
Generated at Thu Jun 12 18:26:32 2025 by rpki-client