Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/ec6905-b0f7-424f-8a84-28bec7b99929/1/o3U2my1LsuLe3maGRTE-NE5vHMA.mft
File:                     o3U2my1LsuLe3maGRTE-NE5vHMA.mft (raw, json)
Hash identifier:          lABysU/iSOQE0usIbziYC/1eyHH+inuag86OlIXFLn4=
Subject key identifier:   92:CC:51:9D:4B:DA:7A:68:AA:B3:8C:9F:75:2B:44:EC:72:55:23:BD
Authority key identifier: A3:75:36:9B:2D:4B:B2:E2:DE:DE:66:86:45:31:3E:34:4E:6F:1C:C0
Certificate issuer:       /CN=a375369b2d4bb2e2dede668645313e344e6f1cc0
Certificate serial:       01976C2B032D5C7F3DA0204E7AE4BE10B74B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/o3U2my1LsuLe3maGRTE-NE5vHMA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/22/ec6905-b0f7-424f-8a84-28bec7b99929/1/o3U2my1LsuLe3maGRTE-NE5vHMA.mft
Manifest number:          1592
Signing time:             Sat 14 Jun 2025 02:00:47 +0000
Manifest this update:     Sat 14 Jun 2025 02:00:47 +0000
Manifest next update:     Sun 15 Jun 2025 02:00:47 +0000
Files and hashes:         1: DyAD9klcag15NhnplKEMXi8dKqg.roa (hash: Zvr5j/JLyl2kQb4eL63NQCTsndBLbuYPjEiWULmfej8=)
                          2: o3U2my1LsuLe3maGRTE-NE5vHMA.crl (hash: JBQK3ccnLTNjwxBWWJYZzrJ4bSf8aAoPHXw4WWXO8fk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/22/ec6905-b0f7-424f-8a84-28bec7b99929/1/o3U2my1LsuLe3maGRTE-NE5vHMA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/22/ec6905-b0f7-424f-8a84-28bec7b99929/1/o3U2my1LsuLe3maGRTE-NE5vHMA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/o3U2my1LsuLe3maGRTE-NE5vHMA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 15 Jun 2025 01:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:6c:2b:03:2d:5c:7f:3d:a0:20:4e:7a:e4:be:10:b7:4b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a375369b2d4bb2e2dede668645313e344e6f1cc0
        Validity
            Not Before: Jun 14 02:00:47 2025 GMT
            Not After : Jun 15 02:00:47 2025 GMT
        Subject: CN=92cc519d4bda7a68aab38c9f752b44ec725523bd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f4:2e:4f:ac:ac:a6:e9:cb:06:c3:cf:5f:bd:91:
                    21:53:d3:0b:4a:42:42:5d:74:cb:4e:2a:a8:ff:fd:
                    1b:34:50:ed:92:24:ba:fc:95:72:6a:6d:83:7d:f9:
                    69:46:58:c7:c9:30:94:6c:60:78:ff:97:a2:22:0f:
                    6d:74:23:09:bf:18:22:bc:0a:f2:ef:5b:bb:8a:c1:
                    fb:22:32:fb:12:b8:fb:9d:9c:22:2d:e2:97:e4:0f:
                    a2:69:23:28:e0:1a:c6:18:a4:7f:9b:0c:63:55:1a:
                    59:ee:06:a1:1e:9f:87:ef:b2:67:8f:35:8f:70:36:
                    ed:cd:dd:9c:fe:5a:5c:ef:1c:1e:0b:7b:50:8a:77:
                    87:1b:73:e9:15:22:5b:ca:5d:4b:10:fc:b5:82:ec:
                    f6:0c:38:54:51:86:66:3d:b7:f3:87:a1:d8:0a:08:
                    05:6b:7c:1e:f4:4d:57:00:4f:40:9d:b2:5a:e0:fe:
                    ab:08:00:09:26:5c:71:b5:94:1a:72:86:45:99:53:
                    d6:65:71:11:8f:bf:a1:f4:b3:5e:eb:b5:72:56:d5:
                    21:19:bd:0a:f0:2f:4d:6b:3a:b6:f8:c6:51:31:65:
                    84:91:57:1a:2d:06:f4:df:4f:b2:86:1c:d7:b1:59:
                    08:ac:8c:b6:27:3e:e2:fa:ec:01:ea:d9:d8:a1:2a:
                    1d:e9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                92:CC:51:9D:4B:DA:7A:68:AA:B3:8C:9F:75:2B:44:EC:72:55:23:BD
            X509v3 Authority Key Identifier:
                keyid:A3:75:36:9B:2D:4B:B2:E2:DE:DE:66:86:45:31:3E:34:4E:6F:1C:C0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/o3U2my1LsuLe3maGRTE-NE5vHMA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/ec6905-b0f7-424f-8a84-28bec7b99929/1/o3U2my1LsuLe3maGRTE-NE5vHMA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/22/ec6905-b0f7-424f-8a84-28bec7b99929/1/o3U2my1LsuLe3maGRTE-NE5vHMA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         97:a3:62:f9:da:38:de:84:df:db:d6:6e:a0:2c:aa:3e:24:61:
         28:db:13:55:f5:6d:67:ab:3d:bc:eb:65:ae:c4:f8:2b:0c:7e:
         06:cc:12:b1:a5:02:d0:82:9f:24:9a:e6:e3:67:0d:73:f6:ca:
         7d:62:4b:83:05:45:c1:b9:a0:f3:2c:d0:25:40:b5:e1:e3:dd:
         f8:ba:2f:73:c5:82:1d:ea:50:c3:9f:97:59:20:0f:5d:30:90:
         86:40:86:eb:33:95:66:65:d9:0c:c6:71:65:f0:75:a2:11:3e:
         8c:7f:f4:25:aa:f5:45:0a:1a:a3:b7:a6:ee:a8:7f:2c:d2:c6:
         c1:08:c2:87:26:32:f6:89:04:25:14:b5:8a:e6:53:1e:fd:6f:
         2e:06:bb:33:c2:d5:93:53:8a:00:3a:8f:4b:fb:c2:c2:d7:c3:
         49:43:0f:2a:d2:81:e9:13:26:54:19:b4:ec:ac:1d:fd:b6:f5:
         5b:2c:dc:be:23:90:ff:8e:46:1e:73:e9:56:7a:71:65:34:17:
         77:02:b6:21:4a:9e:f9:9d:02:91:a6:70:1f:09:9b:84:f1:cf:
         17:91:57:a7:41:7e:22:4a:72:c3:8c:0a:fe:e8:a3:2c:25:e1:
         1d:b3:56:6f:36:58:36:bd:63:24:24:93:51:e4:15:4b:08:67:
         bc:a1:dc:04
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdsKwMtXH89oCBOeuS+ELdLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEzNzUzNjliMmQ0YmIyZTJkZWRlNjY4NjQ1MzEzZTM0NGU2
ZjFjYzAwHhcNMjUwNjE0MDIwMDQ3WhcNMjUwNjE1MDIwMDQ3WjAzMTEwLwYDVQQD
Eyg5MmNjNTE5ZDRiZGE3YTY4YWFiMzhjOWY3NTJiNDRlYzcyNTUyM2JkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9C5PrKym6csGw89fvZEhU9MLSkJC
XXTLTiqo//0bNFDtkiS6/JVyam2DfflpRljHyTCUbGB4/5eiIg9tdCMJvxgivAry
71u7isH7IjL7Erj7nZwiLeKX5A+iaSMo4BrGGKR/mwxjVRpZ7gahHp+H77JnjzWP
cDbtzd2c/lpc7xweC3tQineHG3PpFSJbyl1LEPy1guz2DDhUUYZmPbfzh6HYCggF
a3we9E1XAE9AnbJa4P6rCAAJJlxxtZQacoZFmVPWZXERj7+h9LNe67VyVtUhGb0K
8C9Nazq2+MZRMWWEkVcaLQb030+yhhzXsVkIrIy2Jz7i+uwB6tnYoSod6QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJLMUZ1L2npoqrOMn3UrROxyVSO9MB8GA1UdIwQY
MBaAFKN1NpstS7Li3t5mhkUxPjRObxzAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbzNVMm15MUxzdUxlM21hR1JURS1ORTV2SE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMi9lYzY5MDUtYjBmNy00MjRmLThhODQt
MjhiZWM3Yjk5OTI5LzEvbzNVMm15MUxzdUxlM21hR1JURS1ORTV2SE1BLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMi9lYzY5MDUtYjBmNy00MjRmLThhODQtMjhiZWM3Yjk5OTI5
LzEvbzNVMm15MUxzdUxlM21hR1JURS1ORTV2SE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAl6Ni+do4
3oTf29ZuoCyqPiRhKNsTVfVtZ6s9vOtlrsT4Kwx+BswSsaUC0IKfJJrm42cNc/bK
fWJLgwVFwbmg8yzQJUC14ePd+Lovc8WCHepQw5+XWSAPXTCQhkCG6zOVZmXZDMZx
ZfB1ohE+jH/0Jar1RQoao7em7qh/LNLGwQjChyYy9okEJRS1iuZTHv1vLga7M8LV
k1OKADqPS/vCwtfDSUMPKtKB6RMmVBm07Kwd/bb1WyzcviOQ/45GHnPpVnpxZTQX
dwK2IUqe+Z0CkaZwHwmbhPHPF5FXp0F+Ikpyw4wK/uijLCXhHbNWbzZYNr1jJCST
UeQVSwhnvKHcBA==
-----END CERTIFICATE-----
Generated at Sat Jun 14 08:32:32 2025 by rpki-client