Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1f/d317ca-3961-4fe0-bde8-f7c501418e56/1/gEH-6hI_ywfocqjLS92at7jaL88.mft
File:                     gEH-6hI_ywfocqjLS92at7jaL88.mft (raw, json)
Hash identifier:          VexCbhlXP9zrthu3cZIewXhzHlO8pVafgKbPCr75E70=
Subject key identifier:   09:FA:4E:26:52:27:EE:37:C2:EA:E8:D5:9F:89:6E:75:11:84:3F:EA
Authority key identifier: 80:41:FE:EA:12:3F:CB:07:E8:72:A8:CB:4B:DD:9A:B7:B8:DA:2F:CF
Certificate issuer:       /CN=8041feea123fcb07e872a8cb4bdd9ab7b8da2fcf
Certificate serial:       01976A05A6DCF0EAB920C125ABD152F4FB29
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/gEH-6hI_ywfocqjLS92at7jaL88.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1f/d317ca-3961-4fe0-bde8-f7c501418e56/1/gEH-6hI_ywfocqjLS92at7jaL88.mft
Manifest number:          09A4
Signing time:             Fri 13 Jun 2025 16:00:44 +0000
Manifest this update:     Fri 13 Jun 2025 16:00:44 +0000
Manifest next update:     Sat 14 Jun 2025 16:00:44 +0000
Files and hashes:         1: 5QlNV7-3Q34zZfQ5XbNLc8wKA40.roa (hash: T1GmpANOUDoxZLUDnHoNMN2ENMK9C/xESzMwTNL0s2Y=)
                          2: gEH-6hI_ywfocqjLS92at7jaL88.crl (hash: tzW2ysucAbFvA0aYra+w/wKg82Cj6vyCB8KO1I5bgZc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/1f/d317ca-3961-4fe0-bde8-f7c501418e56/1/gEH-6hI_ywfocqjLS92at7jaL88.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/1f/d317ca-3961-4fe0-bde8-f7c501418e56/1/gEH-6hI_ywfocqjLS92at7jaL88.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/gEH-6hI_ywfocqjLS92at7jaL88.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 14 Jun 2025 13:55:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:6a:05:a6:dc:f0:ea:b9:20:c1:25:ab:d1:52:f4:fb:29
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8041feea123fcb07e872a8cb4bdd9ab7b8da2fcf
        Validity
            Not Before: Jun 13 16:00:44 2025 GMT
            Not After : Jun 14 16:00:44 2025 GMT
        Subject: CN=09fa4e265227ee37c2eae8d59f896e7511843fea
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d5:2f:99:b8:b4:72:e0:31:fc:db:fe:94:fb:ac:
                    fe:7c:3f:c6:fb:25:3d:d9:8c:81:b5:f3:50:81:89:
                    41:5b:35:47:b7:cb:f1:5c:7b:ac:c5:cd:9e:65:f1:
                    b5:23:f1:0d:a3:39:b6:ae:7a:3d:c0:7a:a0:a2:39:
                    81:64:22:24:ff:d4:b9:3c:15:25:f3:f2:82:57:35:
                    9a:d8:01:4e:46:9b:e9:e2:58:bb:3e:3a:40:20:9c:
                    79:64:63:0e:b8:16:73:8d:29:2b:5c:72:ba:13:8b:
                    e7:cb:bc:a6:38:d5:b8:bd:46:ad:5c:0c:73:25:d5:
                    ca:c2:47:6b:d1:68:9f:46:6e:71:0b:eb:a5:ca:cc:
                    37:31:93:cd:49:89:31:4d:1b:c4:5f:c1:af:02:71:
                    da:14:9a:b7:d9:cd:2d:29:af:e9:f4:6a:6b:28:ff:
                    99:cd:5e:fb:f7:25:57:dd:77:51:15:fe:f9:be:74:
                    5c:ff:05:5a:3f:aa:2e:53:a4:39:dc:4e:a8:f7:82:
                    f2:bc:72:95:09:8f:18:89:2c:00:33:af:31:d5:41:
                    28:85:1e:2e:ff:12:3c:18:39:2a:8e:ab:27:41:dd:
                    5e:48:63:ef:b2:63:be:f3:70:6b:07:25:9a:37:02:
                    3b:37:4e:be:7c:09:6e:18:db:10:b0:35:19:90:05:
                    6d:f3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                09:FA:4E:26:52:27:EE:37:C2:EA:E8:D5:9F:89:6E:75:11:84:3F:EA
            X509v3 Authority Key Identifier:
                keyid:80:41:FE:EA:12:3F:CB:07:E8:72:A8:CB:4B:DD:9A:B7:B8:DA:2F:CF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gEH-6hI_ywfocqjLS92at7jaL88.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/d317ca-3961-4fe0-bde8-f7c501418e56/1/gEH-6hI_ywfocqjLS92at7jaL88.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/d317ca-3961-4fe0-bde8-f7c501418e56/1/gEH-6hI_ywfocqjLS92at7jaL88.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         53:ec:4b:68:a7:80:48:cd:a6:ad:20:b3:27:ae:9c:89:2d:e2:
         20:3f:63:48:dc:f6:ed:01:7a:a5:d1:2b:b5:09:65:63:aa:8a:
         75:39:06:5a:33:36:ea:92:e8:3b:26:c0:e9:17:60:ac:bd:d4:
         fe:1b:5a:49:73:e5:e7:a1:f7:de:e0:de:85:5b:99:81:d3:c4:
         ad:02:10:06:ee:0d:7d:3e:bb:6a:22:64:dd:dd:b6:ab:df:12:
         00:03:bd:77:e3:fc:c5:79:3c:14:9f:a4:cb:3b:66:ec:f2:8d:
         ed:0d:3f:6a:3d:78:a2:a7:db:27:19:c9:d3:94:e0:dc:f0:97:
         b2:ca:e4:b1:e4:57:fc:e6:c5:ca:6e:22:a5:5b:6f:81:22:68:
         45:3e:e1:a8:db:b4:82:98:27:30:6b:f2:80:84:c4:15:26:49:
         cd:3f:16:fa:72:d9:13:7c:5f:8f:e8:a2:b4:81:52:5e:84:82:
         2f:57:69:25:3d:0c:a9:72:9a:d3:ff:ce:fd:df:8d:ab:e0:24:
         9d:af:fc:42:30:c3:8b:dd:5a:ce:ab:ab:2f:5c:af:fd:b1:c4:
         c8:b9:74:d6:c7:43:58:c6:6c:4d:c9:46:11:44:60:9b:44:33:
         5c:82:9f:73:8d:dd:92:2d:3c:75:34:78:af:70:e2:0b:23:ea:
         3f:df:ec:96
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdqBabc8Oq5IMElq9FS9PspMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgwNDFmZWVhMTIzZmNiMDdlODcyYThjYjRiZGQ5YWI3Yjhk
YTJmY2YwHhcNMjUwNjEzMTYwMDQ0WhcNMjUwNjE0MTYwMDQ0WjAzMTEwLwYDVQQD
EygwOWZhNGUyNjUyMjdlZTM3YzJlYWU4ZDU5Zjg5NmU3NTExODQzZmVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1S+ZuLRy4DH82/6U+6z+fD/G+yU9
2YyBtfNQgYlBWzVHt8vxXHusxc2eZfG1I/ENozm2rno9wHqgojmBZCIk/9S5PBUl
8/KCVzWa2AFORpvp4li7PjpAIJx5ZGMOuBZzjSkrXHK6E4vny7ymONW4vUatXAxz
JdXKwkdr0WifRm5xC+ulysw3MZPNSYkxTRvEX8GvAnHaFJq32c0tKa/p9GprKP+Z
zV779yVX3XdRFf75vnRc/wVaP6ouU6Q53E6o94LyvHKVCY8YiSwAM68x1UEohR4u
/xI8GDkqjqsnQd1eSGPvsmO+83BrByWaNwI7N06+fAluGNsQsDUZkAVt8wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAn6TiZSJ+43wuro1Z+JbnURhD/qMB8GA1UdIwQY
MBaAFIBB/uoSP8sH6HKoy0vdmre42i/PMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ0VILTZoSV95d2ZvY3FqTFM5MmF0N2phTDg4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZi9kMzE3Y2EtMzk2MS00ZmUwLWJkZTgt
ZjdjNTAxNDE4ZTU2LzEvZ0VILTZoSV95d2ZvY3FqTFM5MmF0N2phTDg4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZi9kMzE3Y2EtMzk2MS00ZmUwLWJkZTgtZjdjNTAxNDE4ZTU2
LzEvZ0VILTZoSV95d2ZvY3FqTFM5MmF0N2phTDg4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAU+xLaKeA
SM2mrSCzJ66ciS3iID9jSNz27QF6pdErtQllY6qKdTkGWjM26pLoOybA6RdgrL3U
/htaSXPl56H33uDehVuZgdPErQIQBu4NfT67aiJk3d22q98SAAO9d+P8xXk8FJ+k
yztm7PKN7Q0/aj14oqfbJxnJ05Tg3PCXssrkseRX/ObFym4ipVtvgSJoRT7hqNu0
gpgnMGvygITEFSZJzT8W+nLZE3xfj+iitIFSXoSCL1dpJT0MqXKa0//O/d+Nq+Ak
na/8QjDDi91azqurL1yv/bHEyLl01sdDWMZsTclGEURgm0QzXIKfc43dki08dTR4
r3DiCyPqP9/slg==
-----END CERTIFICATE-----
Generated at Fri Jun 13 20:52:04 2025 by rpki-client