Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/ec6905-b0f7-424f-8a84-28bec7b99929/1/o3U2my1LsuLe3maGRTE-NE5vHMA.mft
File:                     o3U2my1LsuLe3maGRTE-NE5vHMA.mft (raw, json)
Hash identifier:          SIu+4st52q+zfxpBA0zp+cxMfcv5JbRzxspGJxHfNZw=
Subject key identifier:   65:5A:FF:CF:98:AB:1F:1F:5C:48:27:65:79:09:5C:F7:A0:FC:B0:D1
Authority key identifier: A3:75:36:9B:2D:4B:B2:E2:DE:DE:66:86:45:31:3E:34:4E:6F:1C:C0
Certificate issuer:       /CN=a375369b2d4bb2e2dede668645313e344e6f1cc0
Certificate serial:       019754FE92514C5841D2890D49D73759A85A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/o3U2my1LsuLe3maGRTE-NE5vHMA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/22/ec6905-b0f7-424f-8a84-28bec7b99929/1/o3U2my1LsuLe3maGRTE-NE5vHMA.mft
Manifest number:          1586
Signing time:             Mon 09 Jun 2025 14:00:59 +0000
Manifest this update:     Mon 09 Jun 2025 14:00:59 +0000
Manifest next update:     Tue 10 Jun 2025 14:00:59 +0000
Files and hashes:         1: DyAD9klcag15NhnplKEMXi8dKqg.roa (hash: Zvr5j/JLyl2kQb4eL63NQCTsndBLbuYPjEiWULmfej8=)
                          2: o3U2my1LsuLe3maGRTE-NE5vHMA.crl (hash: AWVWaajWhkd+SVzCcpRI/cZM4WGowQh0C3aKxqxLsmw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/22/ec6905-b0f7-424f-8a84-28bec7b99929/1/o3U2my1LsuLe3maGRTE-NE5vHMA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/22/ec6905-b0f7-424f-8a84-28bec7b99929/1/o3U2my1LsuLe3maGRTE-NE5vHMA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/o3U2my1LsuLe3maGRTE-NE5vHMA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 10 Jun 2025 14:00:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:54:fe:92:51:4c:58:41:d2:89:0d:49:d7:37:59:a8:5a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a375369b2d4bb2e2dede668645313e344e6f1cc0
        Validity
            Not Before: Jun  9 14:00:59 2025 GMT
            Not After : Jun 10 14:00:59 2025 GMT
        Subject: CN=655affcf98ab1f1f5c48276579095cf7a0fcb0d1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c2:ee:1e:62:4c:69:77:0b:bf:fe:78:64:83:4e:
                    61:26:05:89:1b:7d:04:c6:87:1c:65:2b:6d:0a:80:
                    19:21:65:6b:05:6d:6a:d8:cb:2d:74:e9:d1:6a:89:
                    c3:22:70:f2:aa:4e:e5:07:e3:ba:a5:ec:2a:46:97:
                    71:7e:9f:3e:3e:15:16:0c:b0:3e:29:05:bc:ab:e6:
                    02:1e:c6:83:63:db:55:97:31:bc:64:b7:09:31:49:
                    0c:b8:f7:3c:38:4a:32:12:99:59:b6:f8:a0:e7:db:
                    4d:6a:19:d7:ed:44:c8:d4:33:24:6c:ee:60:ce:53:
                    0d:f3:82:79:1a:a4:fc:f0:9a:6c:e1:61:fb:18:b9:
                    d6:8f:5e:4a:4d:8b:ed:b3:46:17:db:f2:10:b6:af:
                    c5:f9:79:65:e1:27:1c:07:ce:50:4e:82:98:14:5d:
                    d0:57:e5:05:a5:25:38:ab:ab:4f:20:f7:5b:67:cb:
                    0b:26:2a:05:38:eb:bf:d2:68:8b:2d:c9:e5:65:0f:
                    91:08:24:eb:25:bd:e4:62:a2:46:b5:e7:d6:03:aa:
                    3a:17:22:bf:29:a7:46:c1:c1:be:4d:7e:27:a2:75:
                    f8:56:95:04:6c:b2:85:77:2c:45:bb:ac:8f:ec:fb:
                    51:72:db:84:c1:8a:87:1a:b5:50:dc:c0:57:66:52:
                    35:7b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                65:5A:FF:CF:98:AB:1F:1F:5C:48:27:65:79:09:5C:F7:A0:FC:B0:D1
            X509v3 Authority Key Identifier:
                keyid:A3:75:36:9B:2D:4B:B2:E2:DE:DE:66:86:45:31:3E:34:4E:6F:1C:C0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/o3U2my1LsuLe3maGRTE-NE5vHMA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/ec6905-b0f7-424f-8a84-28bec7b99929/1/o3U2my1LsuLe3maGRTE-NE5vHMA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/22/ec6905-b0f7-424f-8a84-28bec7b99929/1/o3U2my1LsuLe3maGRTE-NE5vHMA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         c7:96:9c:34:3d:cd:84:05:11:a3:77:b5:45:88:98:a7:6c:f4:
         64:1d:89:a6:78:c1:3f:e4:5d:d6:8a:9c:e0:34:6d:21:75:60:
         18:81:6a:3f:66:eb:f9:95:99:e8:43:48:0c:8d:49:6b:9e:96:
         70:ab:b7:1f:9c:d2:6c:70:af:92:94:8f:ca:45:cd:af:48:68:
         eb:84:d2:b4:03:b4:34:0e:e0:78:9e:4b:f2:77:4c:5c:50:be:
         4a:59:b9:43:19:aa:25:d3:a4:f8:bc:c2:4f:18:ee:71:4b:24:
         33:57:8f:73:a1:7a:83:54:bb:26:bf:99:81:92:cc:ed:dd:76:
         76:3b:5f:c8:9b:fa:c3:bc:21:32:94:47:c7:78:22:84:db:00:
         68:64:f7:ab:a6:62:b9:30:2d:7a:86:8c:02:c7:5d:77:ff:fa:
         64:75:72:f1:02:7b:aa:b7:c4:df:26:01:1f:c7:47:f4:4b:85:
         de:b1:a0:fb:d6:49:14:af:06:95:8b:cf:8e:50:f8:f3:a2:42:
         9f:1b:74:59:50:fa:fb:e1:8d:11:c8:1f:69:82:30:ce:35:4e:
         63:9b:f6:17:80:2b:1f:bd:95:1e:16:cd:a2:e3:3b:7d:7c:04:
         16:ff:1f:de:a0:18:73:fb:c5:1c:0f:99:a8:c8:a8:a8:c9:9e:
         c2:e6:9d:bf
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdU/pJRTFhB0okNSdc3WahaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEzNzUzNjliMmQ0YmIyZTJkZWRlNjY4NjQ1MzEzZTM0NGU2
ZjFjYzAwHhcNMjUwNjA5MTQwMDU5WhcNMjUwNjEwMTQwMDU5WjAzMTEwLwYDVQQD
Eyg2NTVhZmZjZjk4YWIxZjFmNWM0ODI3NjU3OTA5NWNmN2EwZmNiMGQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwu4eYkxpdwu//nhkg05hJgWJG30E
xoccZSttCoAZIWVrBW1q2MstdOnRaonDInDyqk7lB+O6pewqRpdxfp8+PhUWDLA+
KQW8q+YCHsaDY9tVlzG8ZLcJMUkMuPc8OEoyEplZtvig59tNahnX7UTI1DMkbO5g
zlMN84J5GqT88Jps4WH7GLnWj15KTYvts0YX2/IQtq/F+Xll4SccB85QToKYFF3Q
V+UFpSU4q6tPIPdbZ8sLJioFOOu/0miLLcnlZQ+RCCTrJb3kYqJGtefWA6o6FyK/
KadGwcG+TX4nonX4VpUEbLKFdyxFu6yP7PtRctuEwYqHGrVQ3MBXZlI1ewIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGVa/8+Yqx8fXEgnZXkJXPeg/LDRMB8GA1UdIwQY
MBaAFKN1NpstS7Li3t5mhkUxPjRObxzAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbzNVMm15MUxzdUxlM21hR1JURS1ORTV2SE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMi9lYzY5MDUtYjBmNy00MjRmLThhODQt
MjhiZWM3Yjk5OTI5LzEvbzNVMm15MUxzdUxlM21hR1JURS1ORTV2SE1BLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMi9lYzY5MDUtYjBmNy00MjRmLThhODQtMjhiZWM3Yjk5OTI5
LzEvbzNVMm15MUxzdUxlM21hR1JURS1ORTV2SE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAx5acND3N
hAURo3e1RYiYp2z0ZB2JpnjBP+Rd1oqc4DRtIXVgGIFqP2br+ZWZ6ENIDI1Ja56W
cKu3H5zSbHCvkpSPykXNr0ho64TStAO0NA7geJ5L8ndMXFC+Slm5QxmqJdOk+LzC
TxjucUskM1ePc6F6g1S7Jr+ZgZLM7d12djtfyJv6w7whMpRHx3gihNsAaGT3q6Zi
uTAteoaMAsddd//6ZHVy8QJ7qrfE3yYBH8dH9EuF3rGg+9ZJFK8GlYvPjlD486JC
nxt0WVD6++GNEcgfaYIwzjVOY5v2F4ArH72VHhbNouM7fXwEFv8f3qAYc/vFHA+Z
qMioqMmewuadvw==
-----END CERTIFICATE-----
Generated at Tue Jun 10 01:09:32 2025 by rpki-client