Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/8bfcc2-5def-44aa-87c1-2bbf46884585/1/iOuqLxdpo932X4c9wx81HvB4rSU.mft
File:                     iOuqLxdpo932X4c9wx81HvB4rSU.mft (raw, json)
Hash identifier:          nqWPDvzTOYuiZ8RkwCmJGuMlevp9YIlcECnT8/AXcvk=
Subject key identifier:   F4:20:58:62:0E:75:A3:52:5D:01:0D:69:CF:2A:35:AC:CB:14:1D:17
Authority key identifier: 88:EB:AA:2F:17:69:A3:DD:F6:5F:87:3D:C3:1F:35:1E:F0:78:AD:25
Certificate issuer:       /CN=88ebaa2f1769a3ddf65f873dc31f351ef078ad25
Certificate serial:       019754C78B4DA86DDD7081AB81A3F5927BF1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/iOuqLxdpo932X4c9wx81HvB4rSU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1c/8bfcc2-5def-44aa-87c1-2bbf46884585/1/iOuqLxdpo932X4c9wx81HvB4rSU.mft
Manifest number:          0D20
Signing time:             Mon 09 Jun 2025 13:00:52 +0000
Manifest this update:     Mon 09 Jun 2025 13:00:52 +0000
Manifest next update:     Tue 10 Jun 2025 13:00:52 +0000
Files and hashes:         1: P5TwA4gqR6DNAZ9Tx38K6wVBeSw.roa (hash: JFHWlXs6ts8+WEohOsphMs0bmJPDZeURLkqEXMqad1U=)
                          2: iOuqLxdpo932X4c9wx81HvB4rSU.crl (hash: Q8S0Cn0SbA3DkJQa6tPljlfI2K7Lz7vQ2m6I0K7dVms=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/1c/8bfcc2-5def-44aa-87c1-2bbf46884585/1/iOuqLxdpo932X4c9wx81HvB4rSU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/1c/8bfcc2-5def-44aa-87c1-2bbf46884585/1/iOuqLxdpo932X4c9wx81HvB4rSU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/iOuqLxdpo932X4c9wx81HvB4rSU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 10 Jun 2025 11:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:54:c7:8b:4d:a8:6d:dd:70:81:ab:81:a3:f5:92:7b:f1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=88ebaa2f1769a3ddf65f873dc31f351ef078ad25
        Validity
            Not Before: Jun  9 13:00:52 2025 GMT
            Not After : Jun 10 13:00:52 2025 GMT
        Subject: CN=f42058620e75a3525d010d69cf2a35accb141d17
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:85:1f:0f:09:c2:09:a0:4a:f7:77:3d:38:cc:aa:
                    a1:4c:00:43:ac:52:72:7b:b4:ab:6a:21:dc:9f:1b:
                    04:7f:97:ba:5d:78:2a:ea:f7:36:1b:b3:c3:c7:4b:
                    ae:42:10:ae:ab:15:f2:cc:6d:dd:ec:a9:57:14:81:
                    7b:4a:39:97:be:cc:9d:8f:42:77:03:c0:80:e6:d2:
                    66:16:a5:7c:1c:8f:30:2b:ac:ef:ed:4a:4a:96:44:
                    72:79:6e:20:01:32:d0:25:b8:24:68:82:3d:c4:21:
                    05:6f:97:7d:c3:0b:44:5f:4a:55:05:09:fb:cf:09:
                    cf:96:c1:47:7a:d1:61:20:14:0b:32:da:e8:4c:99:
                    a5:c2:5a:ec:bb:61:2b:04:7b:13:37:fd:e5:92:19:
                    26:ec:4b:2a:c5:9d:27:7b:6b:6d:6c:e0:f1:cf:1b:
                    18:a4:5c:7e:74:93:00:a0:94:71:d5:55:11:3c:b9:
                    48:c0:65:97:cf:4c:03:82:5a:c7:b8:da:1d:3a:06:
                    1d:ae:6f:c2:9d:5b:d1:9b:04:b2:64:e3:08:2a:5d:
                    2e:64:7e:a8:ea:27:c6:ed:f0:08:7d:cf:45:31:91:
                    2b:b2:11:83:e4:00:33:78:38:dc:bb:ea:1b:3e:cf:
                    48:01:f5:76:dd:f4:13:c0:53:e0:df:b6:24:24:a5:
                    bd:2f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F4:20:58:62:0E:75:A3:52:5D:01:0D:69:CF:2A:35:AC:CB:14:1D:17
            X509v3 Authority Key Identifier:
                keyid:88:EB:AA:2F:17:69:A3:DD:F6:5F:87:3D:C3:1F:35:1E:F0:78:AD:25

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iOuqLxdpo932X4c9wx81HvB4rSU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/8bfcc2-5def-44aa-87c1-2bbf46884585/1/iOuqLxdpo932X4c9wx81HvB4rSU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/8bfcc2-5def-44aa-87c1-2bbf46884585/1/iOuqLxdpo932X4c9wx81HvB4rSU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         59:44:6e:6b:e4:d4:c2:aa:6f:c8:df:5c:5a:57:11:07:fd:93:
         3a:a0:06:52:16:57:9f:a5:b6:c4:6c:40:ae:a0:de:9e:2a:e1:
         e4:13:66:54:c5:6b:64:a6:d6:6a:e0:f2:ff:bb:46:56:e5:7e:
         9e:7b:5a:ea:0d:8e:07:6a:28:1f:42:ac:7c:cc:eb:38:b1:21:
         08:ec:45:f7:42:59:2c:48:51:e7:5c:20:cf:c3:79:af:f1:0b:
         d4:81:74:d9:8e:c6:19:19:c8:b3:2f:3b:d1:49:8b:57:7a:4c:
         eb:03:9a:4c:b9:4c:1d:af:13:95:fd:22:43:5a:33:63:6e:c0:
         52:67:a1:91:ff:ec:e4:6d:c6:ac:62:7a:a0:72:35:46:08:6a:
         98:84:e4:d1:17:89:a9:cc:95:cf:26:b4:5a:97:98:3b:08:df:
         52:f5:60:b2:e8:bb:a2:b3:ab:70:55:10:3b:4a:87:cb:1e:09:
         0f:bb:d4:6f:38:71:21:21:4d:7b:ea:9a:0f:19:40:e9:4c:06:
         a3:8f:f7:f8:d9:9e:f5:4a:aa:51:06:7f:f6:22:48:05:45:79:
         bd:53:9e:4f:86:88:61:37:79:bc:9c:6e:6d:b3:8e:cc:7a:3a:
         a1:c4:b1:75:57:d5:4f:5c:b2:6d:a1:4e:45:82:1d:31:f7:74:
         da:ee:36:8a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdUx4tNqG3dcIGrgaP1knvxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4ZWJhYTJmMTc2OWEzZGRmNjVmODczZGMzMWYzNTFlZjA3
OGFkMjUwHhcNMjUwNjA5MTMwMDUyWhcNMjUwNjEwMTMwMDUyWjAzMTEwLwYDVQQD
EyhmNDIwNTg2MjBlNzVhMzUyNWQwMTBkNjljZjJhMzVhY2NiMTQxZDE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhR8PCcIJoEr3dz04zKqhTABDrFJy
e7SraiHcnxsEf5e6XXgq6vc2G7PDx0uuQhCuqxXyzG3d7KlXFIF7SjmXvsydj0J3
A8CA5tJmFqV8HI8wK6zv7UpKlkRyeW4gATLQJbgkaII9xCEFb5d9wwtEX0pVBQn7
zwnPlsFHetFhIBQLMtroTJmlwlrsu2ErBHsTN/3lkhkm7EsqxZ0ne2ttbODxzxsY
pFx+dJMAoJRx1VURPLlIwGWXz0wDglrHuNodOgYdrm/CnVvRmwSyZOMIKl0uZH6o
6ifG7fAIfc9FMZErshGD5AAzeDjcu+obPs9IAfV23fQTwFPg37YkJKW9LwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPQgWGIOdaNSXQENac8qNazLFB0XMB8GA1UdIwQY
MBaAFIjrqi8XaaPd9l+HPcMfNR7weK0lMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaU91cUx4ZHBvOTMyWDRjOXd4ODFIdkI0clNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy84YmZjYzItNWRlZi00NGFhLTg3YzEt
MmJiZjQ2ODg0NTg1LzEvaU91cUx4ZHBvOTMyWDRjOXd4ODFIdkI0clNVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy84YmZjYzItNWRlZi00NGFhLTg3YzEtMmJiZjQ2ODg0NTg1
LzEvaU91cUx4ZHBvOTMyWDRjOXd4ODFIdkI0clNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWURua+TU
wqpvyN9cWlcRB/2TOqAGUhZXn6W2xGxArqDenirh5BNmVMVrZKbWauDy/7tGVuV+
nnta6g2OB2ooH0KsfMzrOLEhCOxF90JZLEhR51wgz8N5r/EL1IF02Y7GGRnIsy87
0UmLV3pM6wOaTLlMHa8Tlf0iQ1ozY27AUmehkf/s5G3GrGJ6oHI1RghqmITk0ReJ
qcyVzya0WpeYOwjfUvVgsui7orOrcFUQO0qHyx4JD7vUbzhxISFNe+qaDxlA6UwG
o4/3+Nme9UqqUQZ/9iJIBUV5vVOeT4aIYTd5vJxubbOOzHo6ocSxdVfVT1yybaFO
RYIdMfd02u42ig==
-----END CERTIFICATE-----
Generated at Mon Jun 9 18:36:39 2025 by rpki-client