Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/8bfcc2-5def-44aa-87c1-2bbf46884585/1/iOuqLxdpo932X4c9wx81HvB4rSU.mft
File:                     iOuqLxdpo932X4c9wx81HvB4rSU.mft (raw, json)
Hash identifier:          NhFKhX946WuWqmm+7wrONEhtRBh8iQFc3KbkimGUEIs=
Subject key identifier:   01:4A:98:19:64:08:94:B6:D2:6C:82:2C:4D:6F:C3:16:AC:E2:5E:FF
Authority key identifier: 88:EB:AA:2F:17:69:A3:DD:F6:5F:87:3D:C3:1F:35:1E:F0:78:AD:25
Certificate issuer:       /CN=88ebaa2f1769a3ddf65f873dc31f351ef078ad25
Certificate serial:       01975E6F1BC5594BE1BC24AB43671897FFCF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/iOuqLxdpo932X4c9wx81HvB4rSU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1c/8bfcc2-5def-44aa-87c1-2bbf46884585/1/iOuqLxdpo932X4c9wx81HvB4rSU.mft
Manifest number:          0D25
Signing time:             Wed 11 Jun 2025 10:00:29 +0000
Manifest this update:     Wed 11 Jun 2025 10:00:29 +0000
Manifest next update:     Thu 12 Jun 2025 10:00:29 +0000
Files and hashes:         1: P5TwA4gqR6DNAZ9Tx38K6wVBeSw.roa (hash: JFHWlXs6ts8+WEohOsphMs0bmJPDZeURLkqEXMqad1U=)
                          2: iOuqLxdpo932X4c9wx81HvB4rSU.crl (hash: NclXFXBR1JYGY8vOwOeaDUnHO45nP9TlolgVV2uQa68=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/1c/8bfcc2-5def-44aa-87c1-2bbf46884585/1/iOuqLxdpo932X4c9wx81HvB4rSU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/1c/8bfcc2-5def-44aa-87c1-2bbf46884585/1/iOuqLxdpo932X4c9wx81HvB4rSU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/iOuqLxdpo932X4c9wx81HvB4rSU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 12 Jun 2025 10:00:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:5e:6f:1b:c5:59:4b:e1:bc:24:ab:43:67:18:97:ff:cf
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=88ebaa2f1769a3ddf65f873dc31f351ef078ad25
        Validity
            Not Before: Jun 11 10:00:29 2025 GMT
            Not After : Jun 12 10:00:29 2025 GMT
        Subject: CN=014a9819640894b6d26c822c4d6fc316ace25eff
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d4:51:8b:a0:1f:d3:47:86:28:3e:c1:b3:75:7d:
                    43:6e:38:07:9b:3d:9d:cb:4d:d1:ee:df:e1:9d:59:
                    92:4e:43:eb:db:1d:e4:b6:2f:65:09:f1:67:33:a5:
                    70:6f:c1:66:01:16:2b:f6:14:a8:bd:28:73:92:3c:
                    78:d7:4a:2c:41:38:db:d5:47:00:83:77:25:3d:c9:
                    4c:82:73:11:33:c6:5d:8e:f2:62:55:1d:29:5f:a0:
                    15:3f:26:4b:c5:d3:8b:7e:7d:db:8a:b6:3e:71:0f:
                    dc:5d:71:8c:dc:78:4e:77:78:50:6e:0b:1c:b8:0f:
                    4d:8e:d4:cd:f0:30:e6:0b:b6:79:e7:ba:c0:02:a5:
                    f8:c1:47:4d:43:40:45:4a:99:7f:49:e5:d5:fd:8d:
                    db:fa:60:c6:4c:cf:58:5f:05:60:03:6a:24:3c:67:
                    dd:cd:25:05:e6:a5:90:15:9a:14:ff:95:cf:ec:3d:
                    01:55:f5:5b:33:ed:59:7e:12:92:70:ab:9c:c8:82:
                    20:8c:4c:7e:d9:62:6a:4d:a1:a0:fc:f4:ca:7d:f4:
                    98:3f:2b:21:04:ad:4b:49:4f:a9:2f:fc:de:31:e0:
                    17:c0:6a:46:93:4e:0b:ba:08:e3:3a:91:48:3f:4c:
                    ca:1b:93:ff:ed:33:42:56:05:54:e1:19:ad:74:a0:
                    50:81
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                01:4A:98:19:64:08:94:B6:D2:6C:82:2C:4D:6F:C3:16:AC:E2:5E:FF
            X509v3 Authority Key Identifier:
                keyid:88:EB:AA:2F:17:69:A3:DD:F6:5F:87:3D:C3:1F:35:1E:F0:78:AD:25

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iOuqLxdpo932X4c9wx81HvB4rSU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/8bfcc2-5def-44aa-87c1-2bbf46884585/1/iOuqLxdpo932X4c9wx81HvB4rSU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/8bfcc2-5def-44aa-87c1-2bbf46884585/1/iOuqLxdpo932X4c9wx81HvB4rSU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         29:c8:89:5e:86:21:ff:4e:d8:11:bc:cb:26:af:0c:d8:99:e2:
         81:63:3b:aa:59:f8:8f:83:18:30:ad:30:b4:ad:a2:a3:d9:50:
         26:e8:4c:a8:30:89:38:7c:66:bb:33:4c:19:61:7c:97:50:63:
         ae:d4:2a:3a:fe:99:00:f6:67:6b:2d:5e:5e:20:9d:ab:41:d0:
         2c:f0:9e:63:e3:53:1d:b4:92:d9:28:ba:85:66:7a:aa:c4:ba:
         fe:ca:24:8c:ed:75:08:71:67:20:48:b8:d4:84:d7:be:0b:91:
         5e:b6:68:db:ce:fc:c9:3f:9f:15:9d:23:d0:79:a6:43:39:d7:
         8c:c9:1a:ee:e3:31:98:cc:1e:8c:50:a3:06:8d:90:a6:3d:42:
         69:18:54:58:bf:00:ed:6f:b0:5b:ad:50:a5:28:13:b4:3b:3e:
         4d:84:b9:1f:36:7c:97:89:6c:90:5e:3a:34:aa:c9:17:40:88:
         03:d4:5b:4e:63:5a:75:6d:e7:e6:d9:cc:14:6e:8e:be:21:d6:
         ca:f0:b5:8a:77:f5:de:fd:fa:56:51:81:df:e7:aa:77:ed:a6:
         35:f5:b0:c1:23:78:7e:48:4c:75:b5:80:05:8a:0f:a2:aa:ea:
         74:9f:49:a6:91:c4:9d:45:0e:0e:22:0a:d3:df:d2:f7:6c:f6:
         db:8d:d7:2a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdebxvFWUvhvCSrQ2cYl//PMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4ZWJhYTJmMTc2OWEzZGRmNjVmODczZGMzMWYzNTFlZjA3
OGFkMjUwHhcNMjUwNjExMTAwMDI5WhcNMjUwNjEyMTAwMDI5WjAzMTEwLwYDVQQD
EygwMTRhOTgxOTY0MDg5NGI2ZDI2YzgyMmM0ZDZmYzMxNmFjZTI1ZWZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1FGLoB/TR4YoPsGzdX1DbjgHmz2d
y03R7t/hnVmSTkPr2x3kti9lCfFnM6Vwb8FmARYr9hSovShzkjx410osQTjb1UcA
g3clPclMgnMRM8ZdjvJiVR0pX6AVPyZLxdOLfn3birY+cQ/cXXGM3HhOd3hQbgsc
uA9NjtTN8DDmC7Z557rAAqX4wUdNQ0BFSpl/SeXV/Y3b+mDGTM9YXwVgA2okPGfd
zSUF5qWQFZoU/5XP7D0BVfVbM+1ZfhKScKucyIIgjEx+2WJqTaGg/PTKffSYPysh
BK1LSU+pL/zeMeAXwGpGk04LugjjOpFIP0zKG5P/7TNCVgVU4RmtdKBQgQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAFKmBlkCJS20myCLE1vwxas4l7/MB8GA1UdIwQY
MBaAFIjrqi8XaaPd9l+HPcMfNR7weK0lMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaU91cUx4ZHBvOTMyWDRjOXd4ODFIdkI0clNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy84YmZjYzItNWRlZi00NGFhLTg3YzEt
MmJiZjQ2ODg0NTg1LzEvaU91cUx4ZHBvOTMyWDRjOXd4ODFIdkI0clNVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy84YmZjYzItNWRlZi00NGFhLTg3YzEtMmJiZjQ2ODg0NTg1
LzEvaU91cUx4ZHBvOTMyWDRjOXd4ODFIdkI0clNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKciJXoYh
/07YEbzLJq8M2JnigWM7qln4j4MYMK0wtK2io9lQJuhMqDCJOHxmuzNMGWF8l1Bj
rtQqOv6ZAPZnay1eXiCdq0HQLPCeY+NTHbSS2Si6hWZ6qsS6/sokjO11CHFnIEi4
1ITXvguRXrZo2878yT+fFZ0j0HmmQznXjMka7uMxmMwejFCjBo2Qpj1CaRhUWL8A
7W+wW61QpSgTtDs+TYS5HzZ8l4lskF46NKrJF0CIA9RbTmNadW3n5tnMFG6OviHW
yvC1inf13v36VlGB3+eqd+2mNfWwwSN4fkhMdbWABYoPoqrqdJ9JppHEnUUODiIK
09/S92z2243XKg==
-----END CERTIFICATE-----
Generated at Wed Jun 11 20:39:40 2025 by rpki-client