Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/ec6905-b0f7-424f-8a84-28bec7b99929/1/o3U2my1LsuLe3maGRTE-NE5vHMA.mft
File:                     o3U2my1LsuLe3maGRTE-NE5vHMA.mft (raw, json)
Hash identifier:          67Pj44FCEL/NUDKyD6Ui931XNYYw7oFC+WsNI1j7Jv4=
Subject key identifier:   D3:E2:93:09:26:07:EC:CF:89:35:06:25:96:93:74:67:09:62:EA:F1
Authority key identifier: A3:75:36:9B:2D:4B:B2:E2:DE:DE:66:86:45:31:3E:34:4E:6F:1C:C0
Certificate issuer:       /CN=a375369b2d4bb2e2dede668645313e344e6f1cc0
Certificate serial:       0197609454EA686C9642DC9792A0322CB0C9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/o3U2my1LsuLe3maGRTE-NE5vHMA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/22/ec6905-b0f7-424f-8a84-28bec7b99929/1/o3U2my1LsuLe3maGRTE-NE5vHMA.mft
Manifest number:          158C
Signing time:             Wed 11 Jun 2025 20:00:23 +0000
Manifest this update:     Wed 11 Jun 2025 20:00:23 +0000
Manifest next update:     Thu 12 Jun 2025 20:00:23 +0000
Files and hashes:         1: DyAD9klcag15NhnplKEMXi8dKqg.roa (hash: Zvr5j/JLyl2kQb4eL63NQCTsndBLbuYPjEiWULmfej8=)
                          2: o3U2my1LsuLe3maGRTE-NE5vHMA.crl (hash: snxLymP1NO9hv1V6ymj2py8/iVqUIyrSQoMWXp/Mu8Q=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/22/ec6905-b0f7-424f-8a84-28bec7b99929/1/o3U2my1LsuLe3maGRTE-NE5vHMA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/22/ec6905-b0f7-424f-8a84-28bec7b99929/1/o3U2my1LsuLe3maGRTE-NE5vHMA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/o3U2my1LsuLe3maGRTE-NE5vHMA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 12 Jun 2025 20:00:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:60:94:54:ea:68:6c:96:42:dc:97:92:a0:32:2c:b0:c9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a375369b2d4bb2e2dede668645313e344e6f1cc0
        Validity
            Not Before: Jun 11 20:00:23 2025 GMT
            Not After : Jun 12 20:00:23 2025 GMT
        Subject: CN=d3e293092607eccf89350625969374670962eaf1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e4:64:08:e1:a0:e8:6c:8b:cb:0b:3e:5c:04:76:
                    65:80:fe:45:8a:ae:2f:69:40:4e:5d:01:b9:75:b5:
                    50:e3:a0:ba:f1:59:70:ff:68:9d:6c:6c:f0:c0:b5:
                    b4:ea:94:1e:24:f9:73:df:c5:14:74:61:8a:c2:1f:
                    86:d8:42:93:d5:fd:96:27:19:6e:c9:1c:34:75:6f:
                    1f:b5:c9:1e:89:fb:87:07:a3:5f:41:36:b1:0a:12:
                    8b:24:33:3e:7f:2b:10:53:a8:70:1c:ed:14:41:fe:
                    62:84:9f:58:16:26:2b:60:28:5e:31:60:e1:0f:e1:
                    93:8e:da:7b:cd:50:09:14:ef:b0:25:73:24:a3:6d:
                    72:05:70:74:33:b9:94:32:f8:54:6c:e8:1c:63:91:
                    28:5e:1c:2b:5c:30:29:fb:16:b6:c3:ff:ba:0e:4f:
                    db:29:0d:57:f6:0d:43:09:b8:77:d9:f7:f7:93:b6:
                    b4:f6:99:ad:34:96:a6:c2:1a:d7:9a:6a:0d:21:7d:
                    bb:83:56:dc:fc:3d:4f:f3:8d:3b:03:55:ff:fe:51:
                    ad:67:5b:f2:f2:a5:02:8d:a3:3e:77:48:0a:71:7a:
                    9a:0a:94:01:6c:0a:e7:77:0a:95:b3:1f:b2:e3:8a:
                    1c:a5:f3:c4:21:fe:65:f7:46:08:47:11:6c:3f:7b:
                    85:db
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D3:E2:93:09:26:07:EC:CF:89:35:06:25:96:93:74:67:09:62:EA:F1
            X509v3 Authority Key Identifier:
                keyid:A3:75:36:9B:2D:4B:B2:E2:DE:DE:66:86:45:31:3E:34:4E:6F:1C:C0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/o3U2my1LsuLe3maGRTE-NE5vHMA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/ec6905-b0f7-424f-8a84-28bec7b99929/1/o3U2my1LsuLe3maGRTE-NE5vHMA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/22/ec6905-b0f7-424f-8a84-28bec7b99929/1/o3U2my1LsuLe3maGRTE-NE5vHMA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         69:39:00:56:57:b7:3d:9c:c1:48:9e:04:eb:fd:9a:42:75:a5:
         02:6b:7d:0a:5e:29:75:5d:c6:33:4d:3b:96:d8:86:0a:8e:05:
         aa:72:88:62:1a:45:dc:07:2b:4f:a9:ce:b0:94:06:27:76:bb:
         81:3b:7b:89:87:41:d1:02:18:62:a1:19:aa:f5:48:22:93:0d:
         7e:af:b2:90:13:81:09:45:e4:5a:4b:a9:65:61:dc:85:a8:c1:
         fc:98:c8:45:64:1f:18:a2:0b:7e:c4:27:3f:c7:4e:17:94:ca:
         2c:1b:81:2f:ec:1b:51:a3:0f:98:b7:8a:a9:80:97:ad:dd:73:
         89:73:37:f5:91:4d:46:de:82:42:ab:57:50:d1:9c:92:07:42:
         f6:12:88:ff:8b:46:fc:22:ba:dd:eb:1a:61:c3:4f:0a:15:72:
         17:7d:44:44:83:4f:3a:0d:98:31:56:1e:63:27:88:b2:b2:e8:
         11:7f:74:6f:33:ae:e1:e8:57:b0:01:92:1b:f5:de:12:32:50:
         40:53:86:41:0b:4b:c2:a8:28:70:51:1f:1c:80:50:df:b9:af:
         30:77:bc:07:4b:15:f9:fb:2d:2c:d5:4d:5f:ba:81:b6:93:ec:
         b1:00:e3:69:7f:9c:7e:3c:54:f4:09:29:72:f4:64:8e:22:93:
         18:b3:91:c3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdglFTqaGyWQtyXkqAyLLDJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEzNzUzNjliMmQ0YmIyZTJkZWRlNjY4NjQ1MzEzZTM0NGU2
ZjFjYzAwHhcNMjUwNjExMjAwMDIzWhcNMjUwNjEyMjAwMDIzWjAzMTEwLwYDVQQD
EyhkM2UyOTMwOTI2MDdlY2NmODkzNTA2MjU5NjkzNzQ2NzA5NjJlYWYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5GQI4aDobIvLCz5cBHZlgP5Fiq4v
aUBOXQG5dbVQ46C68Vlw/2idbGzwwLW06pQeJPlz38UUdGGKwh+G2EKT1f2WJxlu
yRw0dW8ftckeifuHB6NfQTaxChKLJDM+fysQU6hwHO0UQf5ihJ9YFiYrYCheMWDh
D+GTjtp7zVAJFO+wJXMko21yBXB0M7mUMvhUbOgcY5EoXhwrXDAp+xa2w/+6Dk/b
KQ1X9g1DCbh32ff3k7a09pmtNJamwhrXmmoNIX27g1bc/D1P8407A1X//lGtZ1vy
8qUCjaM+d0gKcXqaCpQBbArndwqVsx+y44ocpfPEIf5l90YIRxFsP3uF2wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNPikwkmB+zPiTUGJZaTdGcJYurxMB8GA1UdIwQY
MBaAFKN1NpstS7Li3t5mhkUxPjRObxzAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbzNVMm15MUxzdUxlM21hR1JURS1ORTV2SE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMi9lYzY5MDUtYjBmNy00MjRmLThhODQt
MjhiZWM3Yjk5OTI5LzEvbzNVMm15MUxzdUxlM21hR1JURS1ORTV2SE1BLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMi9lYzY5MDUtYjBmNy00MjRmLThhODQtMjhiZWM3Yjk5OTI5
LzEvbzNVMm15MUxzdUxlM21hR1JURS1ORTV2SE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAaTkAVle3
PZzBSJ4E6/2aQnWlAmt9Cl4pdV3GM007ltiGCo4FqnKIYhpF3AcrT6nOsJQGJ3a7
gTt7iYdB0QIYYqEZqvVIIpMNfq+ykBOBCUXkWkupZWHchajB/JjIRWQfGKILfsQn
P8dOF5TKLBuBL+wbUaMPmLeKqYCXrd1ziXM39ZFNRt6CQqtXUNGckgdC9hKI/4tG
/CK63esaYcNPChVyF31ERINPOg2YMVYeYyeIsrLoEX90bzOu4ehXsAGSG/XeEjJQ
QFOGQQtLwqgocFEfHIBQ37mvMHe8B0sV+fstLNVNX7qBtpPssQDjaX+cfjxU9Akp
cvRkjiKTGLORww==
-----END CERTIFICATE-----
Generated at Thu Jun 12 03:51:08 2025 by rpki-client