Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/ec6905-b0f7-424f-8a84-28bec7b99929/1/o3U2my1LsuLe3maGRTE-NE5vHMA.mft
File:                     o3U2my1LsuLe3maGRTE-NE5vHMA.mft (raw, json)
Hash identifier:          /9ymswKGybacRRVjRtOH5yiB7RBnK0Hz8H1Jx0ybSOk=
Subject key identifier:   C7:28:A4:87:4C:21:BB:37:39:63:31:F2:04:B2:1A:A0:10:F8:02:9A
Authority key identifier: A3:75:36:9B:2D:4B:B2:E2:DE:DE:66:86:45:31:3E:34:4E:6F:1C:C0
Certificate issuer:       /CN=a375369b2d4bb2e2dede668645313e344e6f1cc0
Certificate serial:       01975AC924FABCCAA4A23D48E53134091A17
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/o3U2my1LsuLe3maGRTE-NE5vHMA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/22/ec6905-b0f7-424f-8a84-28bec7b99929/1/o3U2my1LsuLe3maGRTE-NE5vHMA.mft
Manifest number:          1589
Signing time:             Tue 10 Jun 2025 17:00:20 +0000
Manifest this update:     Tue 10 Jun 2025 17:00:20 +0000
Manifest next update:     Wed 11 Jun 2025 17:00:20 +0000
Files and hashes:         1: DyAD9klcag15NhnplKEMXi8dKqg.roa (hash: Zvr5j/JLyl2kQb4eL63NQCTsndBLbuYPjEiWULmfej8=)
                          2: o3U2my1LsuLe3maGRTE-NE5vHMA.crl (hash: prI1CWVpEJvQqNQm/vS0U1U6NsVXBeX0IA6zsFFWOx4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/22/ec6905-b0f7-424f-8a84-28bec7b99929/1/o3U2my1LsuLe3maGRTE-NE5vHMA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/22/ec6905-b0f7-424f-8a84-28bec7b99929/1/o3U2my1LsuLe3maGRTE-NE5vHMA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/o3U2my1LsuLe3maGRTE-NE5vHMA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 11 Jun 2025 17:00:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:5a:c9:24:fa:bc:ca:a4:a2:3d:48:e5:31:34:09:1a:17
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a375369b2d4bb2e2dede668645313e344e6f1cc0
        Validity
            Not Before: Jun 10 17:00:20 2025 GMT
            Not After : Jun 11 17:00:20 2025 GMT
        Subject: CN=c728a4874c21bb37396331f204b21aa010f8029a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d2:f7:66:a3:2d:c6:5b:89:77:44:44:a0:ec:ae:
                    27:60:58:bc:03:32:7b:e6:65:c6:35:0c:30:78:c8:
                    62:ba:91:7c:e9:bd:fa:0c:fc:6b:7c:3a:b8:80:ac:
                    7e:a9:47:5d:45:6c:c1:17:16:96:cc:28:d6:85:e3:
                    dc:65:d4:00:e8:88:42:83:54:96:a0:83:b9:a0:73:
                    35:27:93:22:07:6f:d7:3b:3e:04:7e:c0:07:5f:23:
                    c8:d7:96:ce:f3:9a:6a:02:8a:36:7d:19:73:24:c2:
                    81:bc:6f:7c:cb:43:b4:41:2f:26:53:cc:15:5b:db:
                    3d:00:c0:cb:b0:d4:a2:ce:3b:e4:ea:36:22:51:94:
                    0a:56:bd:00:e2:8e:4f:fe:4c:9b:e2:c1:f1:f3:d4:
                    3d:d7:43:5d:d9:3a:b3:6a:21:75:ef:e9:a9:55:50:
                    f1:06:ea:64:3e:da:f0:26:f5:a7:40:67:fe:84:e0:
                    3f:3c:b1:3b:1f:2d:37:4a:d0:4e:c9:b5:77:92:45:
                    91:42:86:70:79:ea:a8:e0:c6:f0:36:14:4f:00:49:
                    10:ad:69:90:fb:ee:fe:1e:64:ad:8a:bb:e0:00:82:
                    a7:b9:a7:ee:72:c8:51:f2:ec:73:06:53:7c:d1:e1:
                    6f:a7:7a:25:b7:cb:c6:31:56:c9:3b:7d:81:0b:07:
                    48:05
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C7:28:A4:87:4C:21:BB:37:39:63:31:F2:04:B2:1A:A0:10:F8:02:9A
            X509v3 Authority Key Identifier:
                keyid:A3:75:36:9B:2D:4B:B2:E2:DE:DE:66:86:45:31:3E:34:4E:6F:1C:C0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/o3U2my1LsuLe3maGRTE-NE5vHMA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/ec6905-b0f7-424f-8a84-28bec7b99929/1/o3U2my1LsuLe3maGRTE-NE5vHMA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/22/ec6905-b0f7-424f-8a84-28bec7b99929/1/o3U2my1LsuLe3maGRTE-NE5vHMA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         92:11:e5:e6:a9:77:6b:5b:95:4a:90:28:55:81:84:2b:e0:25:
         3d:1f:ae:64:0f:0e:7d:a8:6c:6c:ca:89:1a:ae:cd:d6:c3:9a:
         41:bf:e7:14:e8:41:04:95:0e:6f:18:9f:01:19:b1:39:57:c3:
         5d:f5:7f:e7:63:52:f7:82:6c:54:7f:55:6a:42:64:6b:5f:9a:
         03:d2:d4:72:cd:03:e0:8b:10:4b:7f:81:ed:2e:be:53:82:5f:
         e9:16:cd:67:c9:b5:f5:a6:0d:89:cb:bc:69:54:9e:de:c0:d1:
         14:50:30:86:5c:ab:e9:53:5b:74:72:74:f6:c4:2d:0a:33:18:
         43:71:da:2b:48:95:9e:7d:35:fe:01:7a:84:13:15:24:5a:8b:
         5b:b4:dc:31:9c:ef:41:f1:b4:15:5b:1e:be:55:e8:44:e7:6f:
         8a:3d:8d:47:00:50:f6:9f:14:46:99:d5:67:f7:ec:7b:65:d2:
         c3:4e:04:48:c6:7f:d8:8b:94:16:8f:75:11:84:9e:73:5f:c6:
         9d:9f:1b:fc:a8:3b:9c:32:13:9c:42:e9:2f:86:c7:41:48:e6:
         c4:19:57:54:57:06:7c:f9:ee:d9:2a:59:56:3c:85:1c:80:fc:
         1f:4c:71:2b:b9:de:aa:b3:56:3b:f1:68:ae:cd:3b:b1:ad:2d:
         09:ef:56:d9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdayST6vMqkoj1I5TE0CRoXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEzNzUzNjliMmQ0YmIyZTJkZWRlNjY4NjQ1MzEzZTM0NGU2
ZjFjYzAwHhcNMjUwNjEwMTcwMDIwWhcNMjUwNjExMTcwMDIwWjAzMTEwLwYDVQQD
EyhjNzI4YTQ4NzRjMjFiYjM3Mzk2MzMxZjIwNGIyMWFhMDEwZjgwMjlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0vdmoy3GW4l3RESg7K4nYFi8AzJ7
5mXGNQwweMhiupF86b36DPxrfDq4gKx+qUddRWzBFxaWzCjWhePcZdQA6IhCg1SW
oIO5oHM1J5MiB2/XOz4EfsAHXyPI15bO85pqAoo2fRlzJMKBvG98y0O0QS8mU8wV
W9s9AMDLsNSizjvk6jYiUZQKVr0A4o5P/kyb4sHx89Q910Nd2TqzaiF17+mpVVDx
BupkPtrwJvWnQGf+hOA/PLE7Hy03StBOybV3kkWRQoZweeqo4MbwNhRPAEkQrWmQ
++7+HmStirvgAIKnuafucshR8uxzBlN80eFvp3olt8vGMVbJO32BCwdIBQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMcopIdMIbs3OWMx8gSyGqAQ+AKaMB8GA1UdIwQY
MBaAFKN1NpstS7Li3t5mhkUxPjRObxzAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbzNVMm15MUxzdUxlM21hR1JURS1ORTV2SE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMi9lYzY5MDUtYjBmNy00MjRmLThhODQt
MjhiZWM3Yjk5OTI5LzEvbzNVMm15MUxzdUxlM21hR1JURS1ORTV2SE1BLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMi9lYzY5MDUtYjBmNy00MjRmLThhODQtMjhiZWM3Yjk5OTI5
LzEvbzNVMm15MUxzdUxlM21hR1JURS1ORTV2SE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAkhHl5ql3
a1uVSpAoVYGEK+AlPR+uZA8OfahsbMqJGq7N1sOaQb/nFOhBBJUObxifARmxOVfD
XfV/52NS94JsVH9VakJka1+aA9LUcs0D4IsQS3+B7S6+U4Jf6RbNZ8m19aYNicu8
aVSe3sDRFFAwhlyr6VNbdHJ09sQtCjMYQ3HaK0iVnn01/gF6hBMVJFqLW7TcMZzv
QfG0FVsevlXoROdvij2NRwBQ9p8URpnVZ/fse2XSw04ESMZ/2IuUFo91EYSec1/G
nZ8b/Kg7nDITnELpL4bHQUjmxBlXVFcGfPnu2SpZVjyFHID8H0xxK7neqrNWO/Fo
rs07sa0tCe9W2Q==
-----END CERTIFICATE-----
Generated at Wed Jun 11 02:49:55 2025 by rpki-client