Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/27b62e-3639-4e74-affe-2b2f2b8908cc/1/KQH1AZqXC6W-DHVNIPeGcYGPSi4.mft
File:                     KQH1AZqXC6W-DHVNIPeGcYGPSi4.mft (raw, json)
Hash identifier:          n2AzCQX1E/XDznEHGf0PcUIlr6pW8q53flHhP1yRIg4=
Subject key identifier:   B2:07:07:67:F9:82:0E:42:DF:C3:3E:8A:F9:9E:58:E8:30:C8:6A:A4
Authority key identifier: 29:01:F5:01:9A:97:0B:A5:BE:0C:75:4D:20:F7:86:71:81:8F:4A:2E
Certificate issuer:       /CN=2901f5019a970ba5be0c754d20f78671818f4a2e
Certificate serial:       01975CB7AB0E63934B147B5C76FA3A1B83C5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/KQH1AZqXC6W-DHVNIPeGcYGPSi4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/14/27b62e-3639-4e74-affe-2b2f2b8908cc/1/KQH1AZqXC6W-DHVNIPeGcYGPSi4.mft
Manifest number:          1588
Signing time:             Wed 11 Jun 2025 02:00:30 +0000
Manifest this update:     Wed 11 Jun 2025 02:00:30 +0000
Manifest next update:     Thu 12 Jun 2025 02:00:30 +0000
Files and hashes:         1: 8U2ACQzYPSPV3L5sSEkKCsB8pBA.roa (hash: ZbH4IgJyW8KkApU2bDE8XFDW+P9+bjUQNudFm1PbyTE=)
                          2: KQH1AZqXC6W-DHVNIPeGcYGPSi4.crl (hash: 2AsbtATHpFcVdIcJeHHDFfUQX9EtmTz6FDvrwlh48IE=)
                          3: Ra0sgLWf3JdJbcM4jauXm0fPx4g.roa (hash: ymRkXWhwSlWVwmfkCY22bMBdImNrCEWfsZ+bTko6SjM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/14/27b62e-3639-4e74-affe-2b2f2b8908cc/1/KQH1AZqXC6W-DHVNIPeGcYGPSi4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/14/27b62e-3639-4e74-affe-2b2f2b8908cc/1/KQH1AZqXC6W-DHVNIPeGcYGPSi4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/KQH1AZqXC6W-DHVNIPeGcYGPSi4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 12 Jun 2025 02:00:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:5c:b7:ab:0e:63:93:4b:14:7b:5c:76:fa:3a:1b:83:c5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2901f5019a970ba5be0c754d20f78671818f4a2e
        Validity
            Not Before: Jun 11 02:00:30 2025 GMT
            Not After : Jun 12 02:00:30 2025 GMT
        Subject: CN=b2070767f9820e42dfc33e8af99e58e830c86aa4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:52:57:4b:4f:b0:a5:6b:09:5c:b5:03:47:ed:
                    b8:a1:0d:2b:11:e2:18:f6:90:4a:b6:b0:32:dd:82:
                    8c:ca:e4:82:3c:66:c0:b1:4e:a8:57:46:38:a9:04:
                    58:57:42:5d:d1:12:84:b8:ee:35:28:9e:2c:62:99:
                    08:f3:c7:a3:23:1e:04:c4:3d:8b:e5:0b:b8:36:0d:
                    26:72:26:c2:07:36:c8:d3:8c:42:2d:5c:5d:4e:fe:
                    c2:3d:70:bb:12:50:03:a4:ef:74:e0:e0:10:d1:d9:
                    52:c8:09:6c:a5:ae:0c:07:ff:99:6b:72:d0:ef:ad:
                    e7:49:6e:90:bc:b8:60:39:02:42:26:a8:31:3a:e4:
                    a9:8c:a7:5c:17:b8:60:b0:46:69:23:2e:33:d2:7b:
                    37:8a:b8:33:f6:df:f1:0b:81:0b:6b:9c:28:f6:e6:
                    ef:96:4c:18:75:fb:6f:ec:f0:98:c4:07:08:47:af:
                    7d:2e:75:c1:fd:39:29:f5:f2:58:76:27:9c:86:87:
                    c3:42:d9:45:b0:46:bd:f5:4d:b2:c8:fa:a0:ec:40:
                    48:a3:22:3e:cb:86:67:ee:7f:73:6b:db:a3:35:cc:
                    d4:13:cc:95:60:7e:0a:a6:31:0f:2d:5f:45:a6:00:
                    8f:fc:86:ed:8e:62:ab:53:db:cb:6f:72:4c:3e:c6:
                    48:3b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B2:07:07:67:F9:82:0E:42:DF:C3:3E:8A:F9:9E:58:E8:30:C8:6A:A4
            X509v3 Authority Key Identifier:
                keyid:29:01:F5:01:9A:97:0B:A5:BE:0C:75:4D:20:F7:86:71:81:8F:4A:2E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KQH1AZqXC6W-DHVNIPeGcYGPSi4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/27b62e-3639-4e74-affe-2b2f2b8908cc/1/KQH1AZqXC6W-DHVNIPeGcYGPSi4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/14/27b62e-3639-4e74-affe-2b2f2b8908cc/1/KQH1AZqXC6W-DHVNIPeGcYGPSi4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         64:42:47:38:2d:2c:b8:ec:83:6c:7b:a2:98:40:ba:8a:94:18:
         a6:34:83:4a:9f:55:e3:9b:7a:08:1e:f9:cf:9d:f8:48:25:f1:
         00:4e:cf:07:04:c1:0d:19:0a:cf:20:0a:88:75:84:1c:da:82:
         34:bb:1d:cc:1f:fb:1c:6f:e3:07:35:1f:9e:bc:e3:32:79:70:
         27:3d:f5:b2:69:e3:44:b6:78:35:ca:bd:36:7c:4c:be:5e:35:
         a5:df:59:7f:be:42:78:e4:f5:bd:d8:c0:91:2d:c8:cb:09:5c:
         d2:93:07:9c:fd:ae:81:60:23:41:39:30:e6:ac:78:75:2a:44:
         00:cd:a0:40:7d:95:81:bb:c5:10:0f:5e:bd:0a:ce:2f:cf:f9:
         0f:31:d7:8b:b0:6e:f4:54:2c:00:43:c0:1f:fe:85:34:fd:7c:
         a9:86:c6:a4:d1:45:78:03:dd:90:97:e6:b3:e6:ac:36:1b:58:
         d0:c2:a2:c4:8c:cd:6e:ef:dc:92:e6:15:57:17:50:c0:a3:1a:
         45:6c:ca:78:2f:7d:f0:af:ce:2c:f2:9c:dc:11:7d:01:38:e0:
         2f:62:1e:2b:53:f8:28:79:fc:21:0a:f3:32:3d:61:7d:65:1d:
         96:9e:18:d0:a2:1c:8c:a9:1a:aa:9b:ee:8f:fc:d6:b0:cb:84:
         5c:b0:9a:99
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdct6sOY5NLFHtcdvo6G4PFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5MDFmNTAxOWE5NzBiYTViZTBjNzU0ZDIwZjc4NjcxODE4
ZjRhMmUwHhcNMjUwNjExMDIwMDMwWhcNMjUwNjEyMDIwMDMwWjAzMTEwLwYDVQQD
EyhiMjA3MDc2N2Y5ODIwZTQyZGZjMzNlOGFmOTllNThlODMwYzg2YWE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs1JXS0+wpWsJXLUDR+24oQ0rEeIY
9pBKtrAy3YKMyuSCPGbAsU6oV0Y4qQRYV0Jd0RKEuO41KJ4sYpkI88ejIx4ExD2L
5Qu4Ng0mcibCBzbI04xCLVxdTv7CPXC7ElADpO904OAQ0dlSyAlspa4MB/+Za3LQ
763nSW6QvLhgOQJCJqgxOuSpjKdcF7hgsEZpIy4z0ns3irgz9t/xC4ELa5wo9ubv
lkwYdftv7PCYxAcIR699LnXB/Tkp9fJYdiechofDQtlFsEa99U2yyPqg7EBIoyI+
y4Zn7n9za9ujNczUE8yVYH4KpjEPLV9FpgCP/IbtjmKrU9vLb3JMPsZIOwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLIHB2f5gg5C38M+ivmeWOgwyGqkMB8GA1UdIwQY
MBaAFCkB9QGalwulvgx1TSD3hnGBj0ouMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1FIMUFacVhDNlctREhWTklQZUdjWUdQU2k0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNC8yN2I2MmUtMzYzOS00ZTc0LWFmZmUt
MmIyZjJiODkwOGNjLzEvS1FIMUFacVhDNlctREhWTklQZUdjWUdQU2k0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNC8yN2I2MmUtMzYzOS00ZTc0LWFmZmUtMmIyZjJiODkwOGNj
LzEvS1FIMUFacVhDNlctREhWTklQZUdjWUdQU2k0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZEJHOC0s
uOyDbHuimEC6ipQYpjSDSp9V45t6CB75z534SCXxAE7PBwTBDRkKzyAKiHWEHNqC
NLsdzB/7HG/jBzUfnrzjMnlwJz31smnjRLZ4Ncq9NnxMvl41pd9Zf75CeOT1vdjA
kS3Iywlc0pMHnP2ugWAjQTkw5qx4dSpEAM2gQH2VgbvFEA9evQrOL8/5DzHXi7Bu
9FQsAEPAH/6FNP18qYbGpNFFeAPdkJfms+asNhtY0MKixIzNbu/ckuYVVxdQwKMa
RWzKeC998K/OLPKc3BF9ATjgL2IeK1P4KHn8IQrzMj1hfWUdlp4Y0KIcjKkaqpvu
j/zWsMuEXLCamQ==
-----END CERTIFICATE-----
Generated at Wed Jun 11 11:52:05 2025 by rpki-client