Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/795620-2003-4785-999f-51c77cc49146/1/aU5RXMW-Tifp09E-XhwR3HUpJ0s.mft
File:                     aU5RXMW-Tifp09E-XhwR3HUpJ0s.mft (raw, json)
Hash identifier:          W/gFW+17A9erxmluWZDjofDVGUxvmDTaGMENYEXz6/A=
Subject key identifier:   5C:2F:77:4A:F0:94:F8:AF:C2:66:43:AD:57:8F:93:F3:06:29:A2:48
Authority key identifier: 69:4E:51:5C:C5:BE:4E:27:E9:D3:D1:3E:5E:1C:11:DC:75:29:27:4B
Certificate issuer:       /CN=694e515cc5be4e27e9d3d13e5e1c11dc7529274b
Certificate serial:       01976395D196F83AB06923B94BA57F2643AC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/aU5RXMW-Tifp09E-XhwR3HUpJ0s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/21/795620-2003-4785-999f-51c77cc49146/1/aU5RXMW-Tifp09E-XhwR3HUpJ0s.mft
Manifest number:          158C
Signing time:             Thu 12 Jun 2025 10:00:52 +0000
Manifest this update:     Thu 12 Jun 2025 10:00:52 +0000
Manifest next update:     Fri 13 Jun 2025 10:00:52 +0000
Files and hashes:         1: 1LWuminfGd450btHCMbnnbPQ_ZE.roa (hash: TISDdBpwKFkkTeSDLc72qwKWM7K/Xn5/55e5YUo0nnQ=)
                          2: aU5RXMW-Tifp09E-XhwR3HUpJ0s.crl (hash: fue05ZoVaEszGAZM/bUnjVs8LL82iJD1RN2GxQVv7j4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/21/795620-2003-4785-999f-51c77cc49146/1/aU5RXMW-Tifp09E-XhwR3HUpJ0s.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/21/795620-2003-4785-999f-51c77cc49146/1/aU5RXMW-Tifp09E-XhwR3HUpJ0s.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/aU5RXMW-Tifp09E-XhwR3HUpJ0s.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 13 Jun 2025 10:00:52 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:63:95:d1:96:f8:3a:b0:69:23:b9:4b:a5:7f:26:43:ac
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=694e515cc5be4e27e9d3d13e5e1c11dc7529274b
        Validity
            Not Before: Jun 12 10:00:52 2025 GMT
            Not After : Jun 13 10:00:52 2025 GMT
        Subject: CN=5c2f774af094f8afc26643ad578f93f30629a248
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c6:2c:de:a7:5b:9a:60:55:06:fe:ea:a9:13:30:
                    3f:bd:1a:ce:57:d5:4c:c4:34:97:e7:73:a4:a3:b3:
                    60:0a:29:cb:cb:4d:f1:90:a3:7f:87:b1:35:93:dd:
                    9a:8e:9e:2c:5d:a9:fb:35:34:4c:e1:97:61:a0:5b:
                    d4:a1:07:b2:e2:5e:19:74:e7:48:79:f7:86:60:22:
                    a8:f7:b3:f2:52:eb:7b:76:f6:b3:7a:b9:1c:bf:56:
                    22:d6:8c:36:c0:ad:62:3d:51:d6:12:f3:42:5a:b1:
                    94:75:80:27:02:e1:72:b8:b1:72:05:85:31:cc:4f:
                    bc:cf:68:57:c2:71:d7:a1:29:53:a9:e1:5e:f5:93:
                    1b:1d:6e:5a:01:04:0e:39:9e:5b:9a:13:27:38:9a:
                    1c:87:f6:40:b0:08:77:5c:23:5c:f9:f2:ff:3f:14:
                    9e:6b:99:75:27:9c:8e:4b:f9:19:c2:a6:ad:55:c4:
                    e5:47:a3:b7:87:52:cb:ef:aa:56:f3:b2:da:2c:28:
                    c3:3e:31:7f:b5:77:cf:85:ee:98:76:ce:f7:07:16:
                    0a:46:66:13:2a:c5:19:0e:c0:9b:3b:c3:a2:9f:3a:
                    b6:e9:fc:fe:0d:80:f7:89:35:6e:f0:75:f9:26:07:
                    ef:f1:2a:cf:6a:38:18:7e:2a:9c:54:5c:80:32:db:
                    17:2f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5C:2F:77:4A:F0:94:F8:AF:C2:66:43:AD:57:8F:93:F3:06:29:A2:48
            X509v3 Authority Key Identifier:
                keyid:69:4E:51:5C:C5:BE:4E:27:E9:D3:D1:3E:5E:1C:11:DC:75:29:27:4B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aU5RXMW-Tifp09E-XhwR3HUpJ0s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/795620-2003-4785-999f-51c77cc49146/1/aU5RXMW-Tifp09E-XhwR3HUpJ0s.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/21/795620-2003-4785-999f-51c77cc49146/1/aU5RXMW-Tifp09E-XhwR3HUpJ0s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         58:8c:bc:b5:73:44:d2:74:1a:94:67:bb:d9:60:fe:2c:e5:19:
         56:7d:b7:ce:d3:5c:f1:3d:ca:75:23:22:59:75:ee:c0:c1:ec:
         f3:c5:60:f6:ed:2b:da:0d:58:85:14:96:24:cc:1f:46:1b:67:
         f7:43:eb:87:50:b8:35:94:8a:c8:23:34:e5:08:f7:d7:46:4d:
         7f:34:68:cb:ad:a1:7f:a4:9d:44:0b:fc:09:52:42:83:0c:59:
         3e:7e:b2:a6:51:4b:8a:91:cd:6e:d8:a2:68:7d:f5:d0:da:a0:
         38:54:6a:cc:22:a4:8e:1d:16:4a:5f:be:5f:dd:94:8f:99:0b:
         e8:e9:8d:3f:fb:18:e2:4b:32:47:f5:69:d4:15:79:47:d6:80:
         8d:bd:08:0e:01:c8:7f:84:e1:4c:5f:ad:e6:bd:a5:70:98:a4:
         c0:26:f4:98:23:a5:75:ad:76:5d:ee:fe:79:85:ea:a0:28:ed:
         48:5f:a7:e4:7d:f9:b9:c5:dc:d3:b4:44:ce:06:a7:d7:a3:96:
         d8:24:3e:9d:df:37:dc:3f:74:a0:92:4d:98:36:7d:f5:d2:6c:
         8f:5f:37:55:e3:2f:0c:12:47:c5:93:a2:7f:13:49:da:9b:f6:
         5e:95:16:28:62:bc:f6:0c:d0:d0:de:fb:4e:92:0d:74:8f:d5:
         96:c2:d7:fd
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdjldGW+DqwaSO5S6V/JkOsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY5NGU1MTVjYzViZTRlMjdlOWQzZDEzZTVlMWMxMWRjNzUy
OTI3NGIwHhcNMjUwNjEyMTAwMDUyWhcNMjUwNjEzMTAwMDUyWjAzMTEwLwYDVQQD
Eyg1YzJmNzc0YWYwOTRmOGFmYzI2NjQzYWQ1NzhmOTNmMzA2MjlhMjQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxizep1uaYFUG/uqpEzA/vRrOV9VM
xDSX53Oko7NgCinLy03xkKN/h7E1k92ajp4sXan7NTRM4ZdhoFvUoQey4l4ZdOdI
efeGYCKo97PyUut7dvazerkcv1Yi1ow2wK1iPVHWEvNCWrGUdYAnAuFyuLFyBYUx
zE+8z2hXwnHXoSlTqeFe9ZMbHW5aAQQOOZ5bmhMnOJoch/ZAsAh3XCNc+fL/PxSe
a5l1J5yOS/kZwqatVcTlR6O3h1LL76pW87LaLCjDPjF/tXfPhe6Yds73BxYKRmYT
KsUZDsCbO8Oinzq26fz+DYD3iTVu8HX5Jgfv8SrPajgYfiqcVFyAMtsXLwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFwvd0rwlPivwmZDrVePk/MGKaJIMB8GA1UdIwQY
MBaAFGlOUVzFvk4n6dPRPl4cEdx1KSdLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYVU1UlhNVy1UaWZwMDlFLVhod1IzSFVwSjBzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS83OTU2MjAtMjAwMy00Nzg1LTk5OWYt
NTFjNzdjYzQ5MTQ2LzEvYVU1UlhNVy1UaWZwMDlFLVhod1IzSFVwSjBzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS83OTU2MjAtMjAwMy00Nzg1LTk5OWYtNTFjNzdjYzQ5MTQ2
LzEvYVU1UlhNVy1UaWZwMDlFLVhod1IzSFVwSjBzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWIy8tXNE
0nQalGe72WD+LOUZVn23ztNc8T3KdSMiWXXuwMHs88Vg9u0r2g1YhRSWJMwfRhtn
90Prh1C4NZSKyCM05Qj310ZNfzRoy62hf6SdRAv8CVJCgwxZPn6yplFLipHNbtii
aH310NqgOFRqzCKkjh0WSl++X92Uj5kL6OmNP/sY4ksyR/Vp1BV5R9aAjb0IDgHI
f4ThTF+t5r2lcJikwCb0mCOlda12Xe7+eYXqoCjtSF+n5H35ucXc07REzgan16OW
2CQ+nd833D90oJJNmDZ99dJsj183VeMvDBJHxZOifxNJ2pv2XpUWKGK89gzQ0N77
TpINdI/VlsLX/Q==
-----END CERTIFICATE-----
Generated at Thu Jun 12 16:04:21 2025 by rpki-client