Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/18/bcf272-d751-45be-9856-018a3770da77/1/KfFNQRwg7PxJYhX82w9D2EchkJY.mft
File:                     KfFNQRwg7PxJYhX82w9D2EchkJY.mft (raw, json)
Hash identifier:          uEA3gjgPq62f8+KdSCgIzJUOf0z4WqcFgEcv0doE1wE=
Subject key identifier:   65:C6:39:E5:15:A0:74:31:A7:0F:37:06:36:BF:68:C4:E4:36:C5:DE
Authority key identifier: 29:F1:4D:41:1C:20:EC:FC:49:62:15:FC:DB:0F:43:D8:47:21:90:96
Certificate issuer:       /CN=29f14d411c20ecfc496215fcdb0f43d847219096
Certificate serial:       019754234C41FC008A6D1347F4FE41DB7CC9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/KfFNQRwg7PxJYhX82w9D2EchkJY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/18/bcf272-d751-45be-9856-018a3770da77/1/KfFNQRwg7PxJYhX82w9D2EchkJY.mft
Manifest number:          1215
Signing time:             Mon 09 Jun 2025 10:01:28 +0000
Manifest this update:     Mon 09 Jun 2025 10:01:28 +0000
Manifest next update:     Tue 10 Jun 2025 10:01:28 +0000
Files and hashes:         1: K3k_GCXnaMv59dLKq-rHfPOR6HE.roa (hash: 5Q6jyJMRb9gad/mJLct+/fYWsLJ0GiEE1wJJESuoLsM=)
                          2: KfFNQRwg7PxJYhX82w9D2EchkJY.crl (hash: xmpIQR1Szuhew8Lkw8YUxlPm7eHflS37gYwz8drfOAk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/18/bcf272-d751-45be-9856-018a3770da77/1/KfFNQRwg7PxJYhX82w9D2EchkJY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/18/bcf272-d751-45be-9856-018a3770da77/1/KfFNQRwg7PxJYhX82w9D2EchkJY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/KfFNQRwg7PxJYhX82w9D2EchkJY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 10 Jun 2025 06:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:54:23:4c:41:fc:00:8a:6d:13:47:f4:fe:41:db:7c:c9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=29f14d411c20ecfc496215fcdb0f43d847219096
        Validity
            Not Before: Jun  9 10:01:28 2025 GMT
            Not After : Jun 10 10:01:28 2025 GMT
        Subject: CN=65c639e515a07431a70f370636bf68c4e436c5de
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:97:d3:d9:db:fb:af:0f:85:c1:e5:c8:84:51:39:
                    09:e6:fe:7d:0f:bd:ef:9e:47:8c:0a:c2:74:f3:5e:
                    93:e8:5e:3b:b3:75:93:0a:b5:f4:1d:e4:3a:0f:6f:
                    6c:5b:7c:57:03:26:c1:c5:98:dd:01:6d:ff:dd:5e:
                    5d:eb:c9:20:eb:3d:e4:68:5c:b6:07:59:b6:a3:8c:
                    b8:a2:e3:fa:cd:8d:5b:8d:b8:bb:3e:e0:62:8d:e7:
                    cc:e6:f5:0e:6b:e9:37:c8:8c:5c:ed:c7:e8:bb:d1:
                    1f:96:00:58:e8:bf:79:c4:b6:92:97:fe:f3:74:99:
                    a8:8a:e3:44:82:2f:99:aa:69:3f:7d:d8:49:8d:f6:
                    64:c7:b3:62:4f:b6:3b:4f:96:0c:4c:08:6c:20:ab:
                    ac:fe:ea:27:9b:15:40:57:fd:41:95:d8:d3:43:ca:
                    b4:7c:79:f6:2c:44:6b:d6:c9:32:13:11:c7:5d:09:
                    71:07:c4:ff:4f:58:bd:5f:b5:4f:13:5b:31:61:f6:
                    f4:46:43:bf:f4:b6:c2:fc:3f:90:25:01:71:e1:60:
                    3b:56:14:e4:df:04:88:9b:75:d7:16:f7:2b:fd:e7:
                    c1:b1:7d:85:dc:63:d1:05:6d:b4:98:05:c9:67:e9:
                    0f:1e:85:05:13:07:d4:57:66:94:59:62:22:98:a6:
                    7e:59
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                65:C6:39:E5:15:A0:74:31:A7:0F:37:06:36:BF:68:C4:E4:36:C5:DE
            X509v3 Authority Key Identifier:
                keyid:29:F1:4D:41:1C:20:EC:FC:49:62:15:FC:DB:0F:43:D8:47:21:90:96

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KfFNQRwg7PxJYhX82w9D2EchkJY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/18/bcf272-d751-45be-9856-018a3770da77/1/KfFNQRwg7PxJYhX82w9D2EchkJY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/18/bcf272-d751-45be-9856-018a3770da77/1/KfFNQRwg7PxJYhX82w9D2EchkJY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         70:75:23:a5:11:5d:b0:2b:26:63:4b:b3:b9:c9:3b:c1:38:58:
         d7:e4:f0:e1:f9:5c:f3:8b:c7:d0:56:0d:3b:89:98:13:37:76:
         5c:cd:60:97:d4:d5:e9:00:f2:c1:60:b4:35:67:2f:77:93:57:
         67:41:06:cc:87:29:67:c6:19:b5:5a:2b:e7:f2:b9:26:6d:03:
         38:18:c4:a0:90:7d:a4:09:f4:47:13:a5:74:b3:10:92:3a:3f:
         80:11:3e:b4:73:8f:37:79:58:c9:2a:ed:db:2a:6d:c9:92:58:
         df:81:45:af:95:46:54:aa:c0:2f:00:9c:78:88:cd:30:b5:a3:
         67:2e:3a:e9:b4:54:8b:b2:62:20:b2:4a:06:5e:17:61:f1:03:
         69:0e:7c:47:cb:40:d9:a7:02:84:16:e2:e0:22:97:9e:1e:d9:
         06:21:6e:7f:41:45:1e:5f:9a:ed:1b:40:43:aa:c5:76:8b:f9:
         9c:cb:4b:df:f0:14:ad:d1:23:6b:31:f4:3a:64:73:a0:bc:18:
         74:cd:19:43:d3:9f:f7:6b:60:4e:e1:7b:54:5b:41:08:5a:98:
         65:5f:76:82:8b:da:a0:80:3d:fb:7c:f6:9d:cc:5e:87:a5:b7:
         7a:5f:3b:9a:48:f2:d0:c7:4e:9d:e2:7e:14:dc:ab:9b:12:dc:
         67:97:1e:ae
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdUI0xB/ACKbRNH9P5B23zJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5ZjE0ZDQxMWMyMGVjZmM0OTYyMTVmY2RiMGY0M2Q4NDcy
MTkwOTYwHhcNMjUwNjA5MTAwMTI4WhcNMjUwNjEwMTAwMTI4WjAzMTEwLwYDVQQD
Eyg2NWM2MzllNTE1YTA3NDMxYTcwZjM3MDYzNmJmNjhjNGU0MzZjNWRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl9PZ2/uvD4XB5ciEUTkJ5v59D73v
nkeMCsJ0816T6F47s3WTCrX0HeQ6D29sW3xXAybBxZjdAW3/3V5d68kg6z3kaFy2
B1m2o4y4ouP6zY1bjbi7PuBijefM5vUOa+k3yIxc7cfou9EflgBY6L95xLaSl/7z
dJmoiuNEgi+Zqmk/fdhJjfZkx7NiT7Y7T5YMTAhsIKus/uonmxVAV/1BldjTQ8q0
fHn2LERr1skyExHHXQlxB8T/T1i9X7VPE1sxYfb0RkO/9LbC/D+QJQFx4WA7VhTk
3wSIm3XXFvcr/efBsX2F3GPRBW20mAXJZ+kPHoUFEwfUV2aUWWIimKZ+WQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGXGOeUVoHQxpw83Bja/aMTkNsXeMB8GA1UdIwQY
MBaAFCnxTUEcIOz8SWIV/NsPQ9hHIZCWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS2ZGTlFSd2c3UHhKWWhYODJ3OUQyRWNoa0pZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOC9iY2YyNzItZDc1MS00NWJlLTk4NTYt
MDE4YTM3NzBkYTc3LzEvS2ZGTlFSd2c3UHhKWWhYODJ3OUQyRWNoa0pZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOC9iY2YyNzItZDc1MS00NWJlLTk4NTYtMDE4YTM3NzBkYTc3
LzEvS2ZGTlFSd2c3UHhKWWhYODJ3OUQyRWNoa0pZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAcHUjpRFd
sCsmY0uzuck7wThY1+Tw4flc84vH0FYNO4mYEzd2XM1gl9TV6QDywWC0NWcvd5NX
Z0EGzIcpZ8YZtVor5/K5Jm0DOBjEoJB9pAn0RxOldLMQkjo/gBE+tHOPN3lYySrt
2yptyZJY34FFr5VGVKrALwCceIjNMLWjZy466bRUi7JiILJKBl4XYfEDaQ58R8tA
2acChBbi4CKXnh7ZBiFuf0FFHl+a7RtAQ6rFdov5nMtL3/AUrdEjazH0OmRzoLwY
dM0ZQ9Of92tgTuF7VFtBCFqYZV92govaoIA9+3z2ncxeh6W3el87mkjy0MdOneJ+
FNyrmxLcZ5cerg==
-----END CERTIFICATE-----
Generated at Mon Jun 9 15:36:35 2025 by rpki-client