Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/a9a479-9e2f-4cb0-8ded-7781681077f7/1/ApHU3hMNpqrOIu2ZZQvhgkl-C88.mft
File:                     ApHU3hMNpqrOIu2ZZQvhgkl-C88.mft (raw, json)
Hash identifier:          JefB116W5N72xN6A9RUfZOjMEKXtFjsDPw74yE6jEY0=
Subject key identifier:   6B:78:62:14:BC:5E:60:9B:72:7B:EB:5A:61:20:EE:00:51:17:17:2E
Authority key identifier: 02:91:D4:DE:13:0D:A6:AA:CE:22:ED:99:65:0B:E1:82:49:7E:0B:CF
Certificate issuer:       /CN=0291d4de130da6aace22ed99650be182497e0bcf
Certificate serial:       0197635F28A8BE1BE983F2CDB847E293D78D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ApHU3hMNpqrOIu2ZZQvhgkl-C88.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/13/a9a479-9e2f-4cb0-8ded-7781681077f7/1/ApHU3hMNpqrOIu2ZZQvhgkl-C88.mft
Manifest number:          1589
Signing time:             Thu 12 Jun 2025 09:01:09 +0000
Manifest this update:     Thu 12 Jun 2025 09:01:09 +0000
Manifest next update:     Fri 13 Jun 2025 09:01:09 +0000
Files and hashes:         1: ApHU3hMNpqrOIu2ZZQvhgkl-C88.crl (hash: KyEly6cgX/5BJ1XjaXLuuLE/muokWswYkZ5oMNaghSA=)
                          2: Bbv2QAFPf4Szau3NTd0aayAiypc.roa (hash: cRocTgGmyLRnpI3qcdUdz3Vd6OE/CS3oghy6+UyVfVc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/13/a9a479-9e2f-4cb0-8ded-7781681077f7/1/ApHU3hMNpqrOIu2ZZQvhgkl-C88.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/13/a9a479-9e2f-4cb0-8ded-7781681077f7/1/ApHU3hMNpqrOIu2ZZQvhgkl-C88.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ApHU3hMNpqrOIu2ZZQvhgkl-C88.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 13 Jun 2025 09:01:09 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:63:5f:28:a8:be:1b:e9:83:f2:cd:b8:47:e2:93:d7:8d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0291d4de130da6aace22ed99650be182497e0bcf
        Validity
            Not Before: Jun 12 09:01:09 2025 GMT
            Not After : Jun 13 09:01:09 2025 GMT
        Subject: CN=6b786214bc5e609b727beb5a6120ee005117172e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:6b:64:6e:d6:ab:4e:cb:95:79:27:74:96:27:
                    9b:98:35:4e:f9:9e:01:9a:fb:17:15:a1:b8:75:32:
                    c5:be:5b:f1:1a:3d:5d:f8:d5:68:f5:7d:ce:ce:1e:
                    08:c6:80:7a:1b:ad:5b:8c:b2:61:2d:75:00:8e:0d:
                    27:ce:4d:a5:75:24:a5:7c:0c:ea:15:3a:da:ce:f5:
                    52:4c:1a:49:70:db:40:97:a3:e7:13:44:0a:6f:7c:
                    8e:9c:f8:84:d6:92:af:21:5c:aa:e5:e9:42:85:37:
                    99:81:a2:64:8c:67:1f:23:56:12:db:95:da:52:fe:
                    48:db:50:27:f1:74:38:74:4f:a2:c7:4a:2c:78:73:
                    8c:57:56:74:9a:13:f1:35:83:6c:cc:67:d9:a3:69:
                    9c:79:1a:0e:6f:7f:e4:db:52:0b:63:2a:4d:53:1d:
                    1c:db:1d:c8:db:79:fd:89:bf:e7:63:5c:d3:ba:a2:
                    2b:b9:c1:bf:93:dc:1e:61:14:3b:01:14:99:f3:6b:
                    56:61:02:7e:80:42:7b:26:3f:aa:4c:e6:0d:f4:6e:
                    e9:c2:8e:33:a2:f3:57:20:1a:a9:e5:fb:68:cb:00:
                    2a:9a:bf:3b:84:2d:4d:01:53:e4:52:70:2a:33:fb:
                    29:8c:a1:3a:51:a2:9d:dd:f3:70:56:2a:07:ca:ac:
                    85:79
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6B:78:62:14:BC:5E:60:9B:72:7B:EB:5A:61:20:EE:00:51:17:17:2E
            X509v3 Authority Key Identifier:
                keyid:02:91:D4:DE:13:0D:A6:AA:CE:22:ED:99:65:0B:E1:82:49:7E:0B:CF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ApHU3hMNpqrOIu2ZZQvhgkl-C88.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/a9a479-9e2f-4cb0-8ded-7781681077f7/1/ApHU3hMNpqrOIu2ZZQvhgkl-C88.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/13/a9a479-9e2f-4cb0-8ded-7781681077f7/1/ApHU3hMNpqrOIu2ZZQvhgkl-C88.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         9e:df:45:37:b4:a9:2e:d1:54:9c:79:a0:98:ac:4c:16:02:ea:
         c9:b1:59:f0:d3:7f:a9:bd:45:54:4f:67:29:b1:bb:dc:e9:4f:
         3b:24:eb:35:56:d3:08:98:e8:4c:54:e1:24:0c:b8:d5:36:59:
         84:87:80:25:ec:05:66:47:6c:a7:ad:27:66:3d:d9:b6:2b:83:
         20:bd:87:7a:28:88:8e:54:47:41:34:fe:f0:5a:2e:78:39:9d:
         cd:ea:79:f3:94:e5:78:1a:c1:f6:3b:b7:9f:e6:5d:2f:0b:a6:
         12:a2:45:ef:be:57:34:bf:da:8c:fe:c9:8a:82:43:8a:c0:33:
         c0:b0:fb:95:56:01:b3:b3:59:13:c9:bc:ea:62:25:75:ee:e4:
         02:7e:f4:61:ec:a7:f3:11:27:24:81:aa:c7:38:66:a8:c9:23:
         35:2b:34:20:bf:d5:43:12:dc:0e:a0:0b:4c:28:14:af:ae:79:
         57:f9:40:5f:25:3e:7d:a2:0f:7f:29:bc:6c:01:de:ef:30:ba:
         61:b4:8c:4d:3e:14:02:ee:a8:a1:e3:f7:2a:02:1a:32:c0:bb:
         70:bc:15:15:47:85:28:3f:35:e5:f5:c6:c4:7f:0a:ee:33:2b:
         f9:6b:54:94:3e:69:c7:d2:e7:81:4d:13:a0:6e:a6:17:11:bb:
         75:5d:a0:8c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdjXyiovhvpg/LNuEfik9eNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAyOTFkNGRlMTMwZGE2YWFjZTIyZWQ5OTY1MGJlMTgyNDk3
ZTBiY2YwHhcNMjUwNjEyMDkwMTA5WhcNMjUwNjEzMDkwMTA5WjAzMTEwLwYDVQQD
Eyg2Yjc4NjIxNGJjNWU2MDliNzI3YmViNWE2MTIwZWUwMDUxMTcxNzJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArGtkbtarTsuVeSd0liebmDVO+Z4B
mvsXFaG4dTLFvlvxGj1d+NVo9X3Ozh4IxoB6G61bjLJhLXUAjg0nzk2ldSSlfAzq
FTrazvVSTBpJcNtAl6PnE0QKb3yOnPiE1pKvIVyq5elChTeZgaJkjGcfI1YS25Xa
Uv5I21An8XQ4dE+ix0oseHOMV1Z0mhPxNYNszGfZo2mceRoOb3/k21ILYypNUx0c
2x3I23n9ib/nY1zTuqIrucG/k9weYRQ7ARSZ82tWYQJ+gEJ7Jj+qTOYN9G7pwo4z
ovNXIBqp5ftoywAqmr87hC1NAVPkUnAqM/spjKE6UaKd3fNwVioHyqyFeQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGt4YhS8XmCbcnvrWmEg7gBRFxcuMB8GA1UdIwQY
MBaAFAKR1N4TDaaqziLtmWUL4YJJfgvPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQXBIVTNoTU5wcXJPSXUyWlpRdmhna2wtQzg4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9hOWE0NzktOWUyZi00Y2IwLThkZWQt
Nzc4MTY4MTA3N2Y3LzEvQXBIVTNoTU5wcXJPSXUyWlpRdmhna2wtQzg4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9hOWE0NzktOWUyZi00Y2IwLThkZWQtNzc4MTY4MTA3N2Y3
LzEvQXBIVTNoTU5wcXJPSXUyWlpRdmhna2wtQzg4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAnt9FN7Sp
LtFUnHmgmKxMFgLqybFZ8NN/qb1FVE9nKbG73OlPOyTrNVbTCJjoTFThJAy41TZZ
hIeAJewFZkdsp60nZj3ZtiuDIL2HeiiIjlRHQTT+8FoueDmdzep585TleBrB9ju3
n+ZdLwumEqJF775XNL/ajP7JioJDisAzwLD7lVYBs7NZE8m86mIlde7kAn70Yeyn
8xEnJIGqxzhmqMkjNSs0IL/VQxLcDqALTCgUr655V/lAXyU+faIPfym8bAHe7zC6
YbSMTT4UAu6ooeP3KgIaMsC7cLwVFUeFKD815fXGxH8K7jMr+WtUlD5px9LngU0T
oG6mFxG7dV2gjA==
-----END CERTIFICATE-----
Generated at Thu Jun 12 17:50:21 2025 by rpki-client