Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/7c1c29-ca02-490b-aa84-e1a8a6f1d59a/1/3MstX7JThS8YI8ZUNOjydtBOTgw.mft
File:                     3MstX7JThS8YI8ZUNOjydtBOTgw.mft (raw, json)
Hash identifier:          NmfHEfc/XOVl8+V91/igOrDDW492qAgCZwG0z1Olv/s=
Subject key identifier:   02:A1:0E:C0:CC:D1:37:FF:93:F6:DB:CB:A8:92:EA:31:22:1E:0B:61
Authority key identifier: DC:CB:2D:5F:B2:53:85:2F:18:23:C6:54:34:E8:F2:76:D0:4E:4E:0C
Certificate issuer:       /CN=dccb2d5fb253852f1823c65434e8f276d04e4e0c
Certificate serial:       0197537DB829F0E2320683A69B379F12A20D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3MstX7JThS8YI8ZUNOjydtBOTgw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/21/7c1c29-ca02-490b-aa84-e1a8a6f1d59a/1/3MstX7JThS8YI8ZUNOjydtBOTgw.mft
Manifest number:          158B
Signing time:             Mon 09 Jun 2025 07:00:37 +0000
Manifest this update:     Mon 09 Jun 2025 07:00:37 +0000
Manifest next update:     Tue 10 Jun 2025 07:00:37 +0000
Files and hashes:         1: 3MstX7JThS8YI8ZUNOjydtBOTgw.crl (hash: JsPghY0539aOfmrnwrQY5c5SuAtXCdVB354GwOnkPL4=)
                          2: 4iSMhBF2xZj26lycKx2j1fhAtX8.roa (hash: 5NzSosDSsdztn+kQLtfES98hJSpuF/nYSnJEW3vMqlE=)
                          3: MCaozM05EgQpOj9KWtfk_EMYWf0.roa (hash: I6Y0DISsiTz+oGPxMCPt4OQoH1zQxzx22/aiFTgMNtU=)
                          4: qMfArzwkX8G0WDNHJN4uX2h7ong.roa (hash: J4HIUTvl0CZ/07KSIMq+Jwo8Hxn+rCK5OIiJhW9OzqI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/21/7c1c29-ca02-490b-aa84-e1a8a6f1d59a/1/3MstX7JThS8YI8ZUNOjydtBOTgw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/21/7c1c29-ca02-490b-aa84-e1a8a6f1d59a/1/3MstX7JThS8YI8ZUNOjydtBOTgw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3MstX7JThS8YI8ZUNOjydtBOTgw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 10 Jun 2025 02:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:53:7d:b8:29:f0:e2:32:06:83:a6:9b:37:9f:12:a2:0d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dccb2d5fb253852f1823c65434e8f276d04e4e0c
        Validity
            Not Before: Jun  9 07:00:37 2025 GMT
            Not After : Jun 10 07:00:37 2025 GMT
        Subject: CN=02a10ec0ccd137ff93f6dbcba892ea31221e0b61
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:c9:b0:d3:14:db:8d:15:a1:60:2d:6c:b5:ce:
                    2c:65:96:61:43:fe:b5:28:20:c7:92:a7:74:82:33:
                    f2:1f:30:47:32:44:df:df:79:f3:b0:9f:d2:92:11:
                    87:8e:28:04:7e:80:66:f6:63:77:9c:28:7e:29:09:
                    76:2d:2f:d2:53:fb:e0:13:61:39:95:21:77:2c:22:
                    c6:ba:07:06:7e:0f:79:ac:58:ea:4a:f9:d2:48:09:
                    2c:95:7e:e6:1b:11:5f:43:34:fa:3d:3d:91:bb:ec:
                    ab:4e:e2:d0:13:5a:76:90:83:bb:c0:a8:65:e0:b9:
                    9b:79:29:05:5b:4f:cc:a0:2d:98:0a:92:70:ad:18:
                    39:3e:45:e2:32:f0:87:a4:79:4a:69:32:74:fb:dc:
                    b1:a7:c6:b8:dd:94:ff:73:31:a2:ee:33:ae:2a:bf:
                    81:a4:48:4f:16:45:8f:b3:85:c6:2a:06:49:4d:0a:
                    0d:63:bb:ba:dd:28:32:26:22:fe:73:e0:88:29:d4:
                    1a:8b:87:28:1f:7d:e7:94:69:33:77:c1:76:03:46:
                    f8:94:77:76:1d:21:da:0e:6c:ae:01:4b:de:aa:8d:
                    de:3c:03:5f:cc:a7:a1:f5:d0:38:de:e1:e5:5b:08:
                    31:18:0d:4b:d9:f9:0d:28:b2:8a:37:60:a8:40:fb:
                    59:23
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                02:A1:0E:C0:CC:D1:37:FF:93:F6:DB:CB:A8:92:EA:31:22:1E:0B:61
            X509v3 Authority Key Identifier:
                keyid:DC:CB:2D:5F:B2:53:85:2F:18:23:C6:54:34:E8:F2:76:D0:4E:4E:0C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3MstX7JThS8YI8ZUNOjydtBOTgw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/7c1c29-ca02-490b-aa84-e1a8a6f1d59a/1/3MstX7JThS8YI8ZUNOjydtBOTgw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/21/7c1c29-ca02-490b-aa84-e1a8a6f1d59a/1/3MstX7JThS8YI8ZUNOjydtBOTgw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         81:a4:0c:a8:5d:fc:97:95:15:22:71:5e:a0:63:b2:71:7c:63:
         68:28:93:12:80:1e:66:54:29:dc:00:99:04:02:b0:82:e3:4f:
         f4:08:5f:d3:0e:b3:66:82:3f:9a:fa:5a:96:2a:96:a6:19:5f:
         88:cf:f8:69:49:3a:ab:ad:ee:33:f8:36:bf:0d:95:40:aa:ca:
         80:d8:d2:27:b3:a5:91:3d:63:53:ab:f8:5c:09:6a:97:ba:33:
         90:2a:05:85:df:1b:de:c0:e7:38:7b:0d:1c:e6:17:7c:87:1c:
         ed:24:0d:b0:9b:01:6a:31:a0:a2:6e:a3:4e:38:2a:db:65:83:
         e2:c5:38:8d:96:78:ee:d9:cd:fb:69:89:77:70:84:ea:f2:bf:
         7d:be:e1:e5:7a:c2:c5:54:48:b3:4e:b4:62:09:8f:4d:f3:86:
         a9:67:33:d2:b0:06:aa:c9:37:3e:e5:44:5e:8d:d4:a8:35:3d:
         b1:5c:1b:8a:7b:b4:b8:b9:72:c7:68:64:aa:0f:07:7a:be:38:
         72:7b:1a:8a:e5:8f:97:41:f2:eb:66:8e:7e:8b:e4:16:46:47:
         8b:e1:c9:45:e7:8a:5d:e4:8e:d8:8a:6c:e1:41:c8:5d:bf:38:
         28:4b:8e:46:cb:f8:94:1d:b1:3f:f3:67:68:cd:d1:64:47:94:
         0c:d8:f8:ba
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdTfbgp8OIyBoOmmzefEqINMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjY2IyZDVmYjI1Mzg1MmYxODIzYzY1NDM0ZThmMjc2ZDA0
ZTRlMGMwHhcNMjUwNjA5MDcwMDM3WhcNMjUwNjEwMDcwMDM3WjAzMTEwLwYDVQQD
EygwMmExMGVjMGNjZDEzN2ZmOTNmNmRiY2JhODkyZWEzMTIyMWUwYjYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtMmw0xTbjRWhYC1stc4sZZZhQ/61
KCDHkqd0gjPyHzBHMkTf33nzsJ/SkhGHjigEfoBm9mN3nCh+KQl2LS/SU/vgE2E5
lSF3LCLGugcGfg95rFjqSvnSSAkslX7mGxFfQzT6PT2Ru+yrTuLQE1p2kIO7wKhl
4LmbeSkFW0/MoC2YCpJwrRg5PkXiMvCHpHlKaTJ0+9yxp8a43ZT/czGi7jOuKr+B
pEhPFkWPs4XGKgZJTQoNY7u63SgyJiL+c+CIKdQai4coH33nlGkzd8F2A0b4lHd2
HSHaDmyuAUveqo3ePANfzKeh9dA43uHlWwgxGA1L2fkNKLKKN2CoQPtZIwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAKhDsDM0Tf/k/bby6iS6jEiHgthMB8GA1UdIwQY
MBaAFNzLLV+yU4UvGCPGVDTo8nbQTk4MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM01zdFg3SlRoUzhZSThaVU5PanlkdEJPVGd3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS83YzFjMjktY2EwMi00OTBiLWFhODQt
ZTFhOGE2ZjFkNTlhLzEvM01zdFg3SlRoUzhZSThaVU5PanlkdEJPVGd3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS83YzFjMjktY2EwMi00OTBiLWFhODQtZTFhOGE2ZjFkNTlh
LzEvM01zdFg3SlRoUzhZSThaVU5PanlkdEJPVGd3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAgaQMqF38
l5UVInFeoGOycXxjaCiTEoAeZlQp3ACZBAKwguNP9Ahf0w6zZoI/mvpaliqWphlf
iM/4aUk6q63uM/g2vw2VQKrKgNjSJ7OlkT1jU6v4XAlql7ozkCoFhd8b3sDnOHsN
HOYXfIcc7SQNsJsBajGgom6jTjgq22WD4sU4jZZ47tnN+2mJd3CE6vK/fb7h5XrC
xVRIs060YgmPTfOGqWcz0rAGqsk3PuVEXo3UqDU9sVwbinu0uLlyx2hkqg8Her44
cnsaiuWPl0Hy62aOfovkFkZHi+HJReeKXeSO2Ips4UHIXb84KEuORsv4lB2xP/Nn
aM3RZEeUDNj4ug==
-----END CERTIFICATE-----
Generated at Mon Jun 9 12:43:56 2025 by rpki-client