Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1f/d317ca-3961-4fe0-bde8-f7c501418e56/1/gEH-6hI_ywfocqjLS92at7jaL88.mft
File:                     gEH-6hI_ywfocqjLS92at7jaL88.mft (raw, json)
Hash identifier:          nDZEQVGtQ3vTbC4b0eu+hJlsp9Bym4xtPTtKTEpad+w=
Subject key identifier:   54:BF:C0:16:FA:4E:D2:9D:80:D2:CD:45:4C:D1:B3:EC:F9:F0:54:D7
Authority key identifier: 80:41:FE:EA:12:3F:CB:07:E8:72:A8:CB:4B:DD:9A:B7:B8:DA:2F:CF
Certificate issuer:       /CN=8041feea123fcb07e872a8cb4bdd9ab7b8da2fcf
Certificate serial:       01975C81023B5051E4813B6EB2C0216087B8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/gEH-6hI_ywfocqjLS92at7jaL88.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1f/d317ca-3961-4fe0-bde8-f7c501418e56/1/gEH-6hI_ywfocqjLS92at7jaL88.mft
Manifest number:          099D
Signing time:             Wed 11 Jun 2025 01:00:47 +0000
Manifest this update:     Wed 11 Jun 2025 01:00:47 +0000
Manifest next update:     Thu 12 Jun 2025 01:00:47 +0000
Files and hashes:         1: 5QlNV7-3Q34zZfQ5XbNLc8wKA40.roa (hash: T1GmpANOUDoxZLUDnHoNMN2ENMK9C/xESzMwTNL0s2Y=)
                          2: gEH-6hI_ywfocqjLS92at7jaL88.crl (hash: aZrVRK46IL9drhyJnxwl96GYxuvVBrd5RyTazF4p7gY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/1f/d317ca-3961-4fe0-bde8-f7c501418e56/1/gEH-6hI_ywfocqjLS92at7jaL88.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/1f/d317ca-3961-4fe0-bde8-f7c501418e56/1/gEH-6hI_ywfocqjLS92at7jaL88.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/gEH-6hI_ywfocqjLS92at7jaL88.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 12 Jun 2025 01:00:47 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:5c:81:02:3b:50:51:e4:81:3b:6e:b2:c0:21:60:87:b8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8041feea123fcb07e872a8cb4bdd9ab7b8da2fcf
        Validity
            Not Before: Jun 11 01:00:47 2025 GMT
            Not After : Jun 12 01:00:47 2025 GMT
        Subject: CN=54bfc016fa4ed29d80d2cd454cd1b3ecf9f054d7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:97:cb:dc:ae:a6:ec:21:6a:a5:0d:96:57:3b:a5:
                    d4:db:76:e7:76:79:ab:7f:95:ca:87:d2:81:92:37:
                    68:97:08:50:d4:93:c4:36:bb:b0:6a:f1:39:c8:38:
                    43:40:d1:77:1d:3f:78:9b:60:ec:4a:ff:2d:02:c4:
                    62:d8:a2:89:72:ba:55:d8:2b:73:13:df:4b:28:98:
                    1d:4e:ae:32:e3:f8:83:03:13:1f:af:46:ae:dc:bd:
                    34:cb:a6:c7:85:57:2b:4a:62:27:87:b8:e2:10:8b:
                    16:df:36:e2:f4:2f:b5:b1:46:c2:21:fc:98:27:4e:
                    f5:bb:73:c3:3a:ba:13:9d:b6:34:02:f0:99:f5:4c:
                    ff:fb:e7:72:ed:06:1a:01:fb:6a:b8:88:6e:fa:9b:
                    36:70:eb:64:69:cd:8b:95:99:6b:ed:5a:94:2f:3b:
                    c7:05:af:a3:b3:f2:0c:cf:b0:e1:44:79:47:00:68:
                    e1:70:54:5b:ee:00:30:99:aa:06:5b:09:33:4f:f9:
                    74:22:e4:eb:dd:6e:3a:e8:6e:40:90:b6:c0:75:a1:
                    26:87:6f:29:29:12:58:d4:d7:f3:e9:1c:d1:da:2f:
                    8d:70:5d:08:b2:12:7e:98:2e:fe:f7:76:75:5c:82:
                    ba:26:8b:f6:8f:cb:0d:82:6a:f7:68:e1:f0:0e:b3:
                    5c:6d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                54:BF:C0:16:FA:4E:D2:9D:80:D2:CD:45:4C:D1:B3:EC:F9:F0:54:D7
            X509v3 Authority Key Identifier:
                keyid:80:41:FE:EA:12:3F:CB:07:E8:72:A8:CB:4B:DD:9A:B7:B8:DA:2F:CF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gEH-6hI_ywfocqjLS92at7jaL88.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/d317ca-3961-4fe0-bde8-f7c501418e56/1/gEH-6hI_ywfocqjLS92at7jaL88.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/d317ca-3961-4fe0-bde8-f7c501418e56/1/gEH-6hI_ywfocqjLS92at7jaL88.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5c:42:62:50:49:25:b1:e7:ef:b8:ec:7b:22:2d:01:6c:e6:3a:
         c6:10:a5:10:32:e9:16:82:85:c9:02:1e:bd:e8:1e:6c:82:df:
         8d:3f:2e:91:28:50:46:67:51:78:0b:05:ef:6e:74:1a:b9:ee:
         de:30:11:1a:cb:58:a5:21:51:93:24:43:59:ae:a9:dc:c4:79:
         07:85:0f:3e:db:32:01:34:91:6c:85:29:ff:7a:82:fa:2c:d7:
         9a:5c:d2:d9:91:dc:9c:af:ed:51:f3:db:c5:b5:bd:5a:ca:2a:
         3f:0e:d8:c2:9c:b6:b0:21:7d:29:88:b8:02:5d:8a:4b:ac:a9:
         ff:dd:cd:e3:cf:ec:21:88:45:8a:1e:db:0e:5b:5e:ec:9c:8e:
         2d:22:9a:c2:03:4a:84:65:06:a3:bc:b0:0b:f7:4b:30:28:40:
         2c:9b:00:2f:d9:c2:b7:91:47:52:ce:6a:1a:93:9b:3e:1d:ba:
         d3:63:31:b8:b8:9d:5d:3b:fb:3a:b2:27:64:6a:00:23:f3:89:
         86:54:3a:85:31:53:a0:c4:d7:79:fa:2b:99:39:20:5b:7b:e7:
         59:70:1a:5d:15:45:31:55:5d:3d:2e:76:75:16:59:6b:e6:45:
         49:b1:78:f2:ad:9c:8a:9f:65:0d:68:35:e9:0f:a7:aa:c6:6b:
         b9:12:2f:fe
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdcgQI7UFHkgTtussAhYIe4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgwNDFmZWVhMTIzZmNiMDdlODcyYThjYjRiZGQ5YWI3Yjhk
YTJmY2YwHhcNMjUwNjExMDEwMDQ3WhcNMjUwNjEyMDEwMDQ3WjAzMTEwLwYDVQQD
Eyg1NGJmYzAxNmZhNGVkMjlkODBkMmNkNDU0Y2QxYjNlY2Y5ZjA1NGQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl8vcrqbsIWqlDZZXO6XU23bndnmr
f5XKh9KBkjdolwhQ1JPENruwavE5yDhDQNF3HT94m2DsSv8tAsRi2KKJcrpV2Ctz
E99LKJgdTq4y4/iDAxMfr0au3L00y6bHhVcrSmInh7jiEIsW3zbi9C+1sUbCIfyY
J071u3PDOroTnbY0AvCZ9Uz/++dy7QYaAftquIhu+ps2cOtkac2LlZlr7VqULzvH
Ba+js/IMz7DhRHlHAGjhcFRb7gAwmaoGWwkzT/l0IuTr3W466G5AkLbAdaEmh28p
KRJY1Nfz6RzR2i+NcF0IshJ+mC7+93Z1XIK6Jov2j8sNgmr3aOHwDrNcbQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFS/wBb6TtKdgNLNRUzRs+z58FTXMB8GA1UdIwQY
MBaAFIBB/uoSP8sH6HKoy0vdmre42i/PMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ0VILTZoSV95d2ZvY3FqTFM5MmF0N2phTDg4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZi9kMzE3Y2EtMzk2MS00ZmUwLWJkZTgt
ZjdjNTAxNDE4ZTU2LzEvZ0VILTZoSV95d2ZvY3FqTFM5MmF0N2phTDg4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZi9kMzE3Y2EtMzk2MS00ZmUwLWJkZTgtZjdjNTAxNDE4ZTU2
LzEvZ0VILTZoSV95d2ZvY3FqTFM5MmF0N2phTDg4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXEJiUEkl
sefvuOx7Ii0BbOY6xhClEDLpFoKFyQIevegebILfjT8ukShQRmdReAsF7250Grnu
3jARGstYpSFRkyRDWa6p3MR5B4UPPtsyATSRbIUp/3qC+izXmlzS2ZHcnK/tUfPb
xbW9WsoqPw7Ywpy2sCF9KYi4Al2KS6yp/93N48/sIYhFih7bDlte7JyOLSKawgNK
hGUGo7ywC/dLMChALJsAL9nCt5FHUs5qGpObPh2602MxuLidXTv7OrInZGoAI/OJ
hlQ6hTFToMTXeformTkgW3vnWXAaXRVFMVVdPS52dRZZa+ZFSbF48q2cip9lDWg1
6Q+nqsZruRIv/g==
-----END CERTIFICATE-----
Generated at Wed Jun 11 11:50:00 2025 by rpki-client