Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/27b62e-3639-4e74-affe-2b2f2b8908cc/1/KQH1AZqXC6W-DHVNIPeGcYGPSi4.mft
File:                     KQH1AZqXC6W-DHVNIPeGcYGPSi4.mft (raw, json)
Hash identifier:          DC7FR3FqBzPHZAX5oFqccxeKoGx7+sDheuHimpa0DFs=
Subject key identifier:   A8:7D:67:F0:66:E1:C4:B6:A5:57:B1:F4:1B:79:5F:AE:D8:D8:62:FE
Authority key identifier: 29:01:F5:01:9A:97:0B:A5:BE:0C:75:4D:20:F7:86:71:81:8F:4A:2E
Certificate issuer:       /CN=2901f5019a970ba5be0c754d20f78671818f4a2e
Certificate serial:       01976282CF1EE811B600E60882FD9B389C22
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/KQH1AZqXC6W-DHVNIPeGcYGPSi4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/14/27b62e-3639-4e74-affe-2b2f2b8908cc/1/KQH1AZqXC6W-DHVNIPeGcYGPSi4.mft
Manifest number:          158B
Signing time:             Thu 12 Jun 2025 05:00:28 +0000
Manifest this update:     Thu 12 Jun 2025 05:00:28 +0000
Manifest next update:     Fri 13 Jun 2025 05:00:28 +0000
Files and hashes:         1: 8U2ACQzYPSPV3L5sSEkKCsB8pBA.roa (hash: ZbH4IgJyW8KkApU2bDE8XFDW+P9+bjUQNudFm1PbyTE=)
                          2: KQH1AZqXC6W-DHVNIPeGcYGPSi4.crl (hash: gxl55iA9bXCFvXVsIOwY3GqMkSYCvBosfO/M9r+RxEc=)
                          3: Ra0sgLWf3JdJbcM4jauXm0fPx4g.roa (hash: ymRkXWhwSlWVwmfkCY22bMBdImNrCEWfsZ+bTko6SjM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/14/27b62e-3639-4e74-affe-2b2f2b8908cc/1/KQH1AZqXC6W-DHVNIPeGcYGPSi4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/14/27b62e-3639-4e74-affe-2b2f2b8908cc/1/KQH1AZqXC6W-DHVNIPeGcYGPSi4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/KQH1AZqXC6W-DHVNIPeGcYGPSi4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 13 Jun 2025 05:00:28 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:62:82:cf:1e:e8:11:b6:00:e6:08:82:fd:9b:38:9c:22
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2901f5019a970ba5be0c754d20f78671818f4a2e
        Validity
            Not Before: Jun 12 05:00:28 2025 GMT
            Not After : Jun 13 05:00:28 2025 GMT
        Subject: CN=a87d67f066e1c4b6a557b1f41b795faed8d862fe
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:ee:37:cd:d9:fc:90:1c:b1:51:f4:95:eb:60:
                    76:c4:1a:1c:84:66:af:34:f2:04:cb:01:b6:5d:a0:
                    1c:9d:c8:43:05:da:df:66:b3:54:f4:b3:9a:bc:c7:
                    a3:23:ab:2c:a6:60:2d:0c:22:1a:0d:dd:79:06:85:
                    8d:c0:b1:30:d5:40:a6:11:3e:d1:9d:d8:2c:af:9a:
                    d7:a5:d8:fc:0f:04:75:82:0a:49:61:1f:ad:73:86:
                    e6:13:ed:ac:e6:95:aa:bb:6d:83:1b:a6:c0:bf:f8:
                    97:11:9f:0f:f6:8d:33:0c:c1:c8:75:52:e3:c1:a9:
                    d8:eb:59:f8:96:f5:61:22:5f:d8:27:94:02:c8:f4:
                    18:e2:a6:e6:d1:66:72:2a:16:b9:81:84:83:06:6b:
                    36:47:bd:3a:62:86:97:2d:ca:81:84:4f:d8:c0:09:
                    1a:bb:d1:06:d9:05:42:28:e9:07:ec:e3:58:6c:34:
                    96:40:39:67:0d:fb:82:03:54:c7:82:61:ee:64:c3:
                    37:4e:c4:2e:17:ca:39:30:b1:f5:58:0c:a7:79:ba:
                    34:65:4c:b3:ba:47:a8:9d:5b:5d:1d:6d:e3:f6:c8:
                    7c:2f:fb:bf:41:65:a5:ba:d7:33:26:9a:f4:d2:a6:
                    89:26:c7:92:85:85:90:f3:80:dc:4c:fd:0c:ad:40:
                    b8:47
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A8:7D:67:F0:66:E1:C4:B6:A5:57:B1:F4:1B:79:5F:AE:D8:D8:62:FE
            X509v3 Authority Key Identifier:
                keyid:29:01:F5:01:9A:97:0B:A5:BE:0C:75:4D:20:F7:86:71:81:8F:4A:2E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KQH1AZqXC6W-DHVNIPeGcYGPSi4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/27b62e-3639-4e74-affe-2b2f2b8908cc/1/KQH1AZqXC6W-DHVNIPeGcYGPSi4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/14/27b62e-3639-4e74-affe-2b2f2b8908cc/1/KQH1AZqXC6W-DHVNIPeGcYGPSi4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         90:f8:d6:ab:3e:c9:91:c0:23:da:6d:d1:10:44:45:62:24:36:
         b9:ed:b9:a8:b3:4e:72:14:f3:a8:87:b9:63:74:f4:ee:08:51:
         7a:51:2a:dd:c3:67:3e:bd:31:ed:d9:1c:77:a7:a7:09:da:f8:
         c3:52:ba:f8:d4:21:7f:fa:f1:68:ab:5c:dc:25:2a:00:0a:78:
         36:72:58:52:0d:32:7d:42:c4:fb:5a:70:5b:f1:ef:d9:d9:8c:
         9c:96:4a:e1:1c:41:52:4c:0f:ac:13:69:f6:75:79:b0:9a:a2:
         51:8c:2d:5b:c5:ab:53:77:64:1d:cd:86:f5:93:d8:90:fd:6a:
         0a:ab:40:cf:67:3c:25:b1:66:9a:f4:eb:26:59:3e:67:00:e1:
         69:4a:17:92:2f:fd:8b:88:a7:eb:76:8f:78:7e:ce:de:90:e6:
         7e:01:6f:8f:6a:11:10:78:c4:7c:30:c4:f2:a8:ba:e1:d2:99:
         8b:2b:97:4f:05:c7:dc:f2:88:df:e6:f3:64:c2:32:07:c8:0a:
         38:c1:38:1b:04:f0:25:11:45:32:e9:2f:c7:ac:3e:d0:5d:fa:
         5c:95:d3:31:c9:2c:9e:2c:eb:f2:e8:2a:ed:d3:2b:13:fa:60:
         02:85:fc:9a:ff:9a:4a:b2:65:68:a3:a5:7a:5c:81:29:e1:33:
         6d:eb:cb:00
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdigs8e6BG2AOYIgv2bOJwiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5MDFmNTAxOWE5NzBiYTViZTBjNzU0ZDIwZjc4NjcxODE4
ZjRhMmUwHhcNMjUwNjEyMDUwMDI4WhcNMjUwNjEzMDUwMDI4WjAzMTEwLwYDVQQD
EyhhODdkNjdmMDY2ZTFjNGI2YTU1N2IxZjQxYjc5NWZhZWQ4ZDg2MmZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAve43zdn8kByxUfSV62B2xBochGav
NPIEywG2XaAcnchDBdrfZrNU9LOavMejI6sspmAtDCIaDd15BoWNwLEw1UCmET7R
ndgsr5rXpdj8DwR1ggpJYR+tc4bmE+2s5pWqu22DG6bAv/iXEZ8P9o0zDMHIdVLj
wanY61n4lvVhIl/YJ5QCyPQY4qbm0WZyKha5gYSDBms2R706YoaXLcqBhE/YwAka
u9EG2QVCKOkH7ONYbDSWQDlnDfuCA1THgmHuZMM3TsQuF8o5MLH1WAynebo0ZUyz
ukeonVtdHW3j9sh8L/u/QWWlutczJpr00qaJJseShYWQ84DcTP0MrUC4RwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKh9Z/Bm4cS2pVex9Bt5X67Y2GL+MB8GA1UdIwQY
MBaAFCkB9QGalwulvgx1TSD3hnGBj0ouMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1FIMUFacVhDNlctREhWTklQZUdjWUdQU2k0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNC8yN2I2MmUtMzYzOS00ZTc0LWFmZmUt
MmIyZjJiODkwOGNjLzEvS1FIMUFacVhDNlctREhWTklQZUdjWUdQU2k0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNC8yN2I2MmUtMzYzOS00ZTc0LWFmZmUtMmIyZjJiODkwOGNj
LzEvS1FIMUFacVhDNlctREhWTklQZUdjWUdQU2k0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAkPjWqz7J
kcAj2m3REERFYiQ2ue25qLNOchTzqIe5Y3T07ghRelEq3cNnPr0x7dkcd6enCdr4
w1K6+NQhf/rxaKtc3CUqAAp4NnJYUg0yfULE+1pwW/Hv2dmMnJZK4RxBUkwPrBNp
9nV5sJqiUYwtW8WrU3dkHc2G9ZPYkP1qCqtAz2c8JbFmmvTrJlk+ZwDhaUoXki/9
i4in63aPeH7O3pDmfgFvj2oREHjEfDDE8qi64dKZiyuXTwXH3PKI3+bzZMIyB8gK
OME4GwTwJRFFMukvx6w+0F36XJXTMcksnizr8ugq7dMrE/pgAoX8mv+aSrJlaKOl
elyBKeEzbevLAA==
-----END CERTIFICATE-----
Generated at Thu Jun 12 11:34:56 2025 by rpki-client