Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/27b62e-3639-4e74-affe-2b2f2b8908cc/1/KQH1AZqXC6W-DHVNIPeGcYGPSi4.mft
File:                     KQH1AZqXC6W-DHVNIPeGcYGPSi4.mft (raw, json)
Hash identifier:          XPv2O77BeTZ3+QnM/XSBjvOmJCxK/DrmHwnrEEe2CAw=
Subject key identifier:   71:1A:DA:0B:CB:44:4C:C6:32:CE:33:24:40:85:EC:10:42:3E:EC:B2
Authority key identifier: 29:01:F5:01:9A:97:0B:A5:BE:0C:75:4D:20:F7:86:71:81:8F:4A:2E
Certificate issuer:       /CN=2901f5019a970ba5be0c754d20f78671818f4a2e
Certificate serial:       01975EA6003142A7674BCE3F64A657A5DE4B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/KQH1AZqXC6W-DHVNIPeGcYGPSi4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/14/27b62e-3639-4e74-affe-2b2f2b8908cc/1/KQH1AZqXC6W-DHVNIPeGcYGPSi4.mft
Manifest number:          1589
Signing time:             Wed 11 Jun 2025 11:00:26 +0000
Manifest this update:     Wed 11 Jun 2025 11:00:26 +0000
Manifest next update:     Thu 12 Jun 2025 11:00:26 +0000
Files and hashes:         1: 8U2ACQzYPSPV3L5sSEkKCsB8pBA.roa (hash: ZbH4IgJyW8KkApU2bDE8XFDW+P9+bjUQNudFm1PbyTE=)
                          2: KQH1AZqXC6W-DHVNIPeGcYGPSi4.crl (hash: yAL+n/LGcQOFXoC6Z0StX8ENbwzFlOas6q/J1trMUas=)
                          3: Ra0sgLWf3JdJbcM4jauXm0fPx4g.roa (hash: ymRkXWhwSlWVwmfkCY22bMBdImNrCEWfsZ+bTko6SjM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/14/27b62e-3639-4e74-affe-2b2f2b8908cc/1/KQH1AZqXC6W-DHVNIPeGcYGPSi4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/14/27b62e-3639-4e74-affe-2b2f2b8908cc/1/KQH1AZqXC6W-DHVNIPeGcYGPSi4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/KQH1AZqXC6W-DHVNIPeGcYGPSi4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 12 Jun 2025 11:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:5e:a6:00:31:42:a7:67:4b:ce:3f:64:a6:57:a5:de:4b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2901f5019a970ba5be0c754d20f78671818f4a2e
        Validity
            Not Before: Jun 11 11:00:26 2025 GMT
            Not After : Jun 12 11:00:26 2025 GMT
        Subject: CN=711ada0bcb444cc632ce33244085ec10423eecb2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c2:b5:1d:59:00:60:ab:5e:ed:69:d2:7a:be:05:
                    c4:d0:b2:f6:a8:c1:e9:09:bc:06:03:36:1b:ed:63:
                    78:a3:d9:46:db:ab:4d:f7:a5:68:20:18:13:94:79:
                    c6:38:a3:1d:35:7a:98:e1:d8:76:c3:74:4e:73:92:
                    61:53:20:72:4c:67:62:c9:45:d5:7a:b9:f6:38:f6:
                    ec:ee:22:b3:d9:2b:5a:0f:c9:54:3b:59:2c:d2:cd:
                    1d:cc:64:77:9a:ef:b2:4a:4d:b9:0b:bd:5a:6f:ce:
                    ad:1e:2a:2e:3a:34:b0:9c:10:e3:2d:79:da:55:5d:
                    db:c6:6c:9b:c7:1b:3c:11:f7:4a:94:07:b1:45:d5:
                    d6:f9:01:26:da:f6:3a:5d:c1:6c:f5:fb:91:25:41:
                    64:3d:80:9b:98:26:aa:fa:b7:94:84:71:3c:34:08:
                    8f:78:84:17:4d:57:70:9c:be:ab:23:e5:f8:f1:9a:
                    3a:2c:0c:53:9a:eb:e4:65:73:ee:32:7b:de:ea:fd:
                    aa:6b:d9:a2:d0:d2:f1:50:1c:70:47:c6:36:4a:80:
                    79:ab:40:fb:63:ec:cb:fb:8f:b6:08:cc:96:fb:30:
                    90:64:8a:c2:4b:c3:5a:be:13:28:8c:52:8c:31:a0:
                    58:c5:20:11:58:09:c9:f1:aa:64:8b:ec:af:12:d7:
                    55:55
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                71:1A:DA:0B:CB:44:4C:C6:32:CE:33:24:40:85:EC:10:42:3E:EC:B2
            X509v3 Authority Key Identifier:
                keyid:29:01:F5:01:9A:97:0B:A5:BE:0C:75:4D:20:F7:86:71:81:8F:4A:2E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KQH1AZqXC6W-DHVNIPeGcYGPSi4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/27b62e-3639-4e74-affe-2b2f2b8908cc/1/KQH1AZqXC6W-DHVNIPeGcYGPSi4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/14/27b62e-3639-4e74-affe-2b2f2b8908cc/1/KQH1AZqXC6W-DHVNIPeGcYGPSi4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4a:ab:6a:e7:c2:b0:39:a5:31:55:78:ad:1a:04:42:c7:0f:fe:
         77:b2:ee:9f:31:dc:94:4f:66:f8:12:76:a6:5d:b9:d1:00:9e:
         1f:56:a6:b6:e5:cb:97:e0:62:28:33:e0:51:b4:45:41:2e:cb:
         2c:98:c9:e1:00:81:94:0f:b4:54:23:29:34:32:9a:72:b3:fb:
         d5:52:e6:59:e5:91:44:aa:c4:35:2c:d5:c0:df:39:9a:2d:ed:
         73:46:32:fd:58:d7:af:71:0d:9c:01:e2:13:2b:2c:f9:3a:ca:
         be:b3:23:38:f1:ff:9f:93:b4:4d:56:68:8f:7b:ea:d2:6f:20:
         1a:df:28:e8:ff:89:2b:80:67:46:e4:12:89:d2:59:33:17:bd:
         ef:27:3b:7b:38:d9:15:3b:3d:70:01:10:86:a4:8d:f4:d5:1d:
         95:92:08:6a:b2:ff:85:51:44:1c:f0:db:9b:8b:56:f4:13:51:
         04:dd:5f:c3:24:aa:81:64:37:08:1d:41:39:0e:09:f9:ea:29:
         cd:b5:0b:34:f0:7d:49:a0:e2:22:3d:8c:86:ea:6a:10:95:d8:
         39:cb:71:9a:8b:91:16:6e:61:ed:d6:bb:ff:f6:d7:c6:78:15:
         c6:93:06:d0:b0:36:9e:56:cf:5e:25:c2:8f:29:1d:13:e5:2e:
         37:b5:3e:7e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdepgAxQqdnS84/ZKZXpd5LMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5MDFmNTAxOWE5NzBiYTViZTBjNzU0ZDIwZjc4NjcxODE4
ZjRhMmUwHhcNMjUwNjExMTEwMDI2WhcNMjUwNjEyMTEwMDI2WjAzMTEwLwYDVQQD
Eyg3MTFhZGEwYmNiNDQ0Y2M2MzJjZTMzMjQ0MDg1ZWMxMDQyM2VlY2IyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwrUdWQBgq17tadJ6vgXE0LL2qMHp
CbwGAzYb7WN4o9lG26tN96VoIBgTlHnGOKMdNXqY4dh2w3ROc5JhUyByTGdiyUXV
ern2OPbs7iKz2StaD8lUO1ks0s0dzGR3mu+ySk25C71ab86tHiouOjSwnBDjLXna
VV3bxmybxxs8EfdKlAexRdXW+QEm2vY6XcFs9fuRJUFkPYCbmCaq+reUhHE8NAiP
eIQXTVdwnL6rI+X48Zo6LAxTmuvkZXPuMnve6v2qa9mi0NLxUBxwR8Y2SoB5q0D7
Y+zL+4+2CMyW+zCQZIrCS8NavhMojFKMMaBYxSARWAnJ8apki+yvEtdVVQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHEa2gvLREzGMs4zJECF7BBCPuyyMB8GA1UdIwQY
MBaAFCkB9QGalwulvgx1TSD3hnGBj0ouMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1FIMUFacVhDNlctREhWTklQZUdjWUdQU2k0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNC8yN2I2MmUtMzYzOS00ZTc0LWFmZmUt
MmIyZjJiODkwOGNjLzEvS1FIMUFacVhDNlctREhWTklQZUdjWUdQU2k0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNC8yN2I2MmUtMzYzOS00ZTc0LWFmZmUtMmIyZjJiODkwOGNj
LzEvS1FIMUFacVhDNlctREhWTklQZUdjWUdQU2k0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEASqtq58Kw
OaUxVXitGgRCxw/+d7LunzHclE9m+BJ2pl250QCeH1amtuXLl+BiKDPgUbRFQS7L
LJjJ4QCBlA+0VCMpNDKacrP71VLmWeWRRKrENSzVwN85mi3tc0Yy/VjXr3ENnAHi
Eyss+TrKvrMjOPH/n5O0TVZoj3vq0m8gGt8o6P+JK4BnRuQSidJZMxe97yc7ezjZ
FTs9cAEQhqSN9NUdlZIIarL/hVFEHPDbm4tW9BNRBN1fwySqgWQ3CB1BOQ4J+eop
zbULNPB9SaDiIj2MhupqEJXYOctxmouRFm5h7da7//bXxngVxpMG0LA2nlbPXiXC
jykdE+UuN7U+fg==
-----END CERTIFICATE-----
Generated at Wed Jun 11 20:46:45 2025 by rpki-client