Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1f/d317ca-3961-4fe0-bde8-f7c501418e56/1/gEH-6hI_ywfocqjLS92at7jaL88.mft
File:                     gEH-6hI_ywfocqjLS92at7jaL88.mft (raw, json)
Hash identifier:          R+F21gUcj7Xef3hhBZppdywbML216nekcKKq/bolR3g=
Subject key identifier:   44:41:F4:0A:9E:FE:00:F6:EA:C8:1A:B3:29:83:79:AC:04:A5:32:6A
Authority key identifier: 80:41:FE:EA:12:3F:CB:07:E8:72:A8:CB:4B:DD:9A:B7:B8:DA:2F:CF
Certificate issuer:       /CN=8041feea123fcb07e872a8cb4bdd9ab7b8da2fcf
Certificate serial:       0197643A4AA2B03471DDDE12409F252D58D3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/gEH-6hI_ywfocqjLS92at7jaL88.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1f/d317ca-3961-4fe0-bde8-f7c501418e56/1/gEH-6hI_ywfocqjLS92at7jaL88.mft
Manifest number:          09A1
Signing time:             Thu 12 Jun 2025 13:00:31 +0000
Manifest this update:     Thu 12 Jun 2025 13:00:31 +0000
Manifest next update:     Fri 13 Jun 2025 13:00:31 +0000
Files and hashes:         1: 5QlNV7-3Q34zZfQ5XbNLc8wKA40.roa (hash: T1GmpANOUDoxZLUDnHoNMN2ENMK9C/xESzMwTNL0s2Y=)
                          2: gEH-6hI_ywfocqjLS92at7jaL88.crl (hash: mCcXVWtfGRR1pEk4Inktu3mhVQ34SCI51xNtTctS2S8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/1f/d317ca-3961-4fe0-bde8-f7c501418e56/1/gEH-6hI_ywfocqjLS92at7jaL88.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/1f/d317ca-3961-4fe0-bde8-f7c501418e56/1/gEH-6hI_ywfocqjLS92at7jaL88.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/gEH-6hI_ywfocqjLS92at7jaL88.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 13 Jun 2025 13:00:31 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:64:3a:4a:a2:b0:34:71:dd:de:12:40:9f:25:2d:58:d3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8041feea123fcb07e872a8cb4bdd9ab7b8da2fcf
        Validity
            Not Before: Jun 12 13:00:31 2025 GMT
            Not After : Jun 13 13:00:31 2025 GMT
        Subject: CN=4441f40a9efe00f6eac81ab3298379ac04a5326a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:98:02:57:f9:c6:a5:db:d0:09:9e:f3:89:e7:04:
                    d7:22:0f:2b:0e:1f:91:e2:c6:08:34:c6:2b:3c:ff:
                    6a:a9:c0:11:1c:2b:d5:fc:ac:ff:03:71:27:6b:16:
                    e7:8d:ed:ff:ee:dd:01:fc:84:44:f7:c1:f1:e0:ca:
                    e4:4a:5e:9a:d3:a2:bb:9d:33:60:ec:af:ae:f4:ee:
                    9e:74:e9:58:0d:de:3a:da:12:13:51:03:36:c0:9e:
                    63:0f:69:d7:82:87:c1:3d:d8:25:08:4f:0e:e2:0f:
                    4a:30:7b:6d:3d:43:33:5c:1a:78:8d:22:fa:b6:8f:
                    37:d6:7a:13:ee:85:c3:96:f9:b8:50:41:f3:03:6e:
                    02:f9:f9:6d:06:f2:6f:61:00:14:e3:cd:f4:0f:44:
                    97:17:18:e7:ea:81:db:fe:33:45:69:26:b9:9e:3a:
                    08:01:79:1e:14:41:37:81:38:d3:30:0e:2d:6d:f6:
                    20:76:af:f8:b7:c4:7d:7c:73:0d:f7:5b:9b:71:65:
                    89:f0:c4:a3:a4:59:1c:cc:56:58:38:54:c8:0f:e6:
                    38:03:29:bf:9d:8d:53:e4:7f:ab:02:af:05:60:1c:
                    af:7d:d5:15:7a:6f:49:6d:5b:81:34:ca:c2:fa:4f:
                    db:35:66:14:8f:e2:9e:61:6b:92:8c:42:e6:c0:ca:
                    98:63
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                44:41:F4:0A:9E:FE:00:F6:EA:C8:1A:B3:29:83:79:AC:04:A5:32:6A
            X509v3 Authority Key Identifier:
                keyid:80:41:FE:EA:12:3F:CB:07:E8:72:A8:CB:4B:DD:9A:B7:B8:DA:2F:CF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gEH-6hI_ywfocqjLS92at7jaL88.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/d317ca-3961-4fe0-bde8-f7c501418e56/1/gEH-6hI_ywfocqjLS92at7jaL88.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/d317ca-3961-4fe0-bde8-f7c501418e56/1/gEH-6hI_ywfocqjLS92at7jaL88.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         aa:d8:97:38:31:c1:9b:41:8c:c7:1c:f7:2c:09:28:ac:86:a8:
         fd:f1:cd:5a:02:2c:b1:bf:65:d6:e9:60:60:a8:13:d3:a0:16:
         f3:9c:59:fa:02:84:8f:f0:35:cc:1b:41:f4:b2:b2:d0:40:ad:
         18:91:30:ac:54:fc:59:5e:f4:67:bb:19:e8:91:98:12:1a:00:
         ef:e9:51:6b:a0:31:17:24:d0:45:74:16:f0:09:ff:db:ec:67:
         fa:17:4d:6d:36:c6:e6:9e:ce:12:9b:fd:72:1b:be:78:c0:a9:
         c1:11:c6:e5:c8:5b:fb:12:fe:36:58:39:e7:af:05:b5:f5:36:
         d7:a3:c1:63:89:45:bd:eb:ae:b1:ce:31:c1:9c:fb:6c:75:65:
         38:1d:bf:43:40:eb:3e:e1:49:1c:eb:33:31:f1:e3:70:e5:a1:
         7b:6a:83:59:3f:4e:1f:bd:6b:4c:be:7a:b8:53:c2:65:b9:3c:
         00:b7:eb:6f:c5:da:cb:cc:f1:ed:b4:d7:07:8f:db:cf:24:62:
         35:42:22:56:83:a9:01:c3:43:01:2e:36:5e:24:4f:bf:7b:4a:
         03:93:4b:d6:e7:ed:26:f2:f9:7f:e7:c6:98:e0:e3:4c:12:96:
         27:1e:0a:18:b9:d5:5f:e9:b4:cb:6a:ff:dd:5f:70:4d:90:e1:
         a6:98:c1:ff
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdkOkqisDRx3d4SQJ8lLVjTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgwNDFmZWVhMTIzZmNiMDdlODcyYThjYjRiZGQ5YWI3Yjhk
YTJmY2YwHhcNMjUwNjEyMTMwMDMxWhcNMjUwNjEzMTMwMDMxWjAzMTEwLwYDVQQD
Eyg0NDQxZjQwYTllZmUwMGY2ZWFjODFhYjMyOTgzNzlhYzA0YTUzMjZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmAJX+cal29AJnvOJ5wTXIg8rDh+R
4sYINMYrPP9qqcARHCvV/Kz/A3Enaxbnje3/7t0B/IRE98Hx4MrkSl6a06K7nTNg
7K+u9O6edOlYDd462hITUQM2wJ5jD2nXgofBPdglCE8O4g9KMHttPUMzXBp4jSL6
to831noT7oXDlvm4UEHzA24C+fltBvJvYQAU4830D0SXFxjn6oHb/jNFaSa5njoI
AXkeFEE3gTjTMA4tbfYgdq/4t8R9fHMN91ubcWWJ8MSjpFkczFZYOFTID+Y4Aym/
nY1T5H+rAq8FYByvfdUVem9JbVuBNMrC+k/bNWYUj+KeYWuSjELmwMqYYwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFERB9Aqe/gD26sgasymDeawEpTJqMB8GA1UdIwQY
MBaAFIBB/uoSP8sH6HKoy0vdmre42i/PMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ0VILTZoSV95d2ZvY3FqTFM5MmF0N2phTDg4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZi9kMzE3Y2EtMzk2MS00ZmUwLWJkZTgt
ZjdjNTAxNDE4ZTU2LzEvZ0VILTZoSV95d2ZvY3FqTFM5MmF0N2phTDg4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZi9kMzE3Y2EtMzk2MS00ZmUwLWJkZTgtZjdjNTAxNDE4ZTU2
LzEvZ0VILTZoSV95d2ZvY3FqTFM5MmF0N2phTDg4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAqtiXODHB
m0GMxxz3LAkorIao/fHNWgIssb9l1ulgYKgT06AW85xZ+gKEj/A1zBtB9LKy0ECt
GJEwrFT8WV70Z7sZ6JGYEhoA7+lRa6AxFyTQRXQW8An/2+xn+hdNbTbG5p7OEpv9
chu+eMCpwRHG5chb+xL+Nlg5568FtfU216PBY4lFveuusc4xwZz7bHVlOB2/Q0Dr
PuFJHOszMfHjcOWhe2qDWT9OH71rTL56uFPCZbk8ALfrb8Xay8zx7bTXB4/bzyRi
NUIiVoOpAcNDAS42XiRPv3tKA5NL1uftJvL5f+fGmODjTBKWJx4KGLnVX+m0y2r/
3V9wTZDhppjB/w==
-----END CERTIFICATE-----
Generated at Thu Jun 12 18:09:00 2025 by rpki-client