Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/ec6905-b0f7-424f-8a84-28bec7b99929/1/o3U2my1LsuLe3maGRTE-NE5vHMA.mft
File:                     o3U2my1LsuLe3maGRTE-NE5vHMA.mft (raw, json)
Hash identifier:          f/k+s2UOEJykHUsIfpNIJqwJQQ18PODN49qQ4+mkkcI=
Subject key identifier:   52:BB:50:63:3F:D2:3F:98:9C:C8:6E:A5:D4:43:47:85:0A:CA:E8:57
Authority key identifier: A3:75:36:9B:2D:4B:B2:E2:DE:DE:66:86:45:31:3E:34:4E:6F:1C:C0
Certificate issuer:       /CN=a375369b2d4bb2e2dede668645313e344e6f1cc0
Certificate serial:       0197665F84430893F94FED2282A106839483
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/o3U2my1LsuLe3maGRTE-NE5vHMA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/22/ec6905-b0f7-424f-8a84-28bec7b99929/1/o3U2my1LsuLe3maGRTE-NE5vHMA.mft
Manifest number:          158F
Signing time:             Thu 12 Jun 2025 23:00:24 +0000
Manifest this update:     Thu 12 Jun 2025 23:00:24 +0000
Manifest next update:     Fri 13 Jun 2025 23:00:24 +0000
Files and hashes:         1: DyAD9klcag15NhnplKEMXi8dKqg.roa (hash: Zvr5j/JLyl2kQb4eL63NQCTsndBLbuYPjEiWULmfej8=)
                          2: o3U2my1LsuLe3maGRTE-NE5vHMA.crl (hash: vPVH2K6d//4C7zOldN1Z9DxzvfvVpn67WgJzWbXbV8Q=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/22/ec6905-b0f7-424f-8a84-28bec7b99929/1/o3U2my1LsuLe3maGRTE-NE5vHMA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/22/ec6905-b0f7-424f-8a84-28bec7b99929/1/o3U2my1LsuLe3maGRTE-NE5vHMA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/o3U2my1LsuLe3maGRTE-NE5vHMA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 13 Jun 2025 22:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:66:5f:84:43:08:93:f9:4f:ed:22:82:a1:06:83:94:83
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a375369b2d4bb2e2dede668645313e344e6f1cc0
        Validity
            Not Before: Jun 12 23:00:24 2025 GMT
            Not After : Jun 13 23:00:24 2025 GMT
        Subject: CN=52bb50633fd23f989cc86ea5d44347850acae857
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ca:3c:21:8c:e5:0c:31:cc:06:3a:84:7a:1d:aa:
                    e2:fe:ce:23:26:e6:ad:ec:d9:b1:d2:23:d2:6e:90:
                    82:da:ba:7c:ab:8c:cc:ec:e0:f7:7e:49:44:7f:bc:
                    08:31:a1:03:c6:6f:db:63:2b:f4:a4:f5:f7:b4:6c:
                    bf:9c:dc:b6:cf:39:5d:df:23:2d:cb:5c:53:c5:ec:
                    fb:19:6a:bf:a8:78:9e:19:53:dd:db:f1:fb:f8:d5:
                    e6:6d:c7:d0:62:97:71:2c:b5:a4:13:c3:a4:e4:d2:
                    c7:c9:13:dc:34:03:4b:e3:ac:ff:20:0a:60:e2:ab:
                    ee:20:a8:82:f5:9e:a6:ee:da:67:eb:9e:7c:b9:37:
                    9c:d1:c6:93:31:7b:05:f5:75:6a:09:88:58:3d:43:
                    98:46:64:de:02:a2:eb:e9:8a:f3:cd:b6:25:54:45:
                    21:51:be:74:c0:f2:da:30:96:5a:36:68:d3:00:76:
                    d8:90:5c:32:06:c2:01:0e:66:22:44:c2:39:68:a0:
                    74:28:17:b7:bf:f9:d1:40:80:cc:6d:25:5f:42:62:
                    8d:d5:1f:be:bf:d6:26:89:94:8f:16:8e:28:9e:10:
                    85:0f:6f:32:49:55:10:2d:fd:b9:cf:65:78:96:b8:
                    8d:b7:60:8a:23:f4:d7:32:2a:96:85:44:f5:86:39:
                    d3:67
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                52:BB:50:63:3F:D2:3F:98:9C:C8:6E:A5:D4:43:47:85:0A:CA:E8:57
            X509v3 Authority Key Identifier:
                keyid:A3:75:36:9B:2D:4B:B2:E2:DE:DE:66:86:45:31:3E:34:4E:6F:1C:C0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/o3U2my1LsuLe3maGRTE-NE5vHMA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/ec6905-b0f7-424f-8a84-28bec7b99929/1/o3U2my1LsuLe3maGRTE-NE5vHMA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/22/ec6905-b0f7-424f-8a84-28bec7b99929/1/o3U2my1LsuLe3maGRTE-NE5vHMA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         55:fb:fe:cc:88:64:24:64:1c:4b:93:8a:5e:21:be:2c:0c:5e:
         1a:e8:06:2e:04:24:80:f8:94:b3:1a:3a:ba:21:2e:25:2a:2a:
         52:aa:6f:12:cf:d4:e1:4b:8a:68:e5:09:91:a4:46:50:aa:5f:
         2c:09:22:bf:f2:2c:d3:27:fc:07:76:06:bc:93:42:21:8d:0b:
         34:0e:93:73:ac:94:8e:e7:28:68:5c:94:f8:8e:4a:00:e7:a0:
         59:88:bd:f6:f6:cd:b1:d5:6c:33:1e:07:15:ea:49:58:ed:c7:
         76:cf:d0:ad:16:12:02:72:08:e2:98:37:c2:f6:84:21:0e:24:
         ee:41:79:06:60:dd:19:b8:e9:4c:79:af:f5:e3:d0:43:e1:78:
         e1:55:85:1c:ee:70:21:00:5d:95:67:f8:e5:4e:ad:c7:3a:39:
         6a:80:9c:ee:bf:b8:37:77:dc:95:4f:cf:ba:a0:ef:2b:56:7e:
         54:7a:ca:f8:8a:85:3f:41:57:27:1a:de:9f:10:78:1f:10:a8:
         91:db:9b:43:00:e6:f7:92:0a:cb:73:4d:23:ee:db:4b:b8:3b:
         55:0e:00:21:97:eb:55:3f:d6:b5:4c:22:aa:de:30:50:f9:24:
         98:00:1d:cd:d1:26:65:7e:08:96:ca:83:62:f1:d8:ba:ab:91:
         65:e9:2d:77
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdmX4RDCJP5T+0igqEGg5SDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEzNzUzNjliMmQ0YmIyZTJkZWRlNjY4NjQ1MzEzZTM0NGU2
ZjFjYzAwHhcNMjUwNjEyMjMwMDI0WhcNMjUwNjEzMjMwMDI0WjAzMTEwLwYDVQQD
Eyg1MmJiNTA2MzNmZDIzZjk4OWNjODZlYTVkNDQzNDc4NTBhY2FlODU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyjwhjOUMMcwGOoR6Hari/s4jJuat
7Nmx0iPSbpCC2rp8q4zM7OD3fklEf7wIMaEDxm/bYyv0pPX3tGy/nNy2zzld3yMt
y1xTxez7GWq/qHieGVPd2/H7+NXmbcfQYpdxLLWkE8Ok5NLHyRPcNANL46z/IApg
4qvuIKiC9Z6m7tpn6558uTec0caTMXsF9XVqCYhYPUOYRmTeAqLr6YrzzbYlVEUh
Ub50wPLaMJZaNmjTAHbYkFwyBsIBDmYiRMI5aKB0KBe3v/nRQIDMbSVfQmKN1R++
v9YmiZSPFo4onhCFD28ySVUQLf25z2V4lriNt2CKI/TXMiqWhUT1hjnTZwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFK7UGM/0j+YnMhupdRDR4UKyuhXMB8GA1UdIwQY
MBaAFKN1NpstS7Li3t5mhkUxPjRObxzAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbzNVMm15MUxzdUxlM21hR1JURS1ORTV2SE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMi9lYzY5MDUtYjBmNy00MjRmLThhODQt
MjhiZWM3Yjk5OTI5LzEvbzNVMm15MUxzdUxlM21hR1JURS1ORTV2SE1BLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMi9lYzY5MDUtYjBmNy00MjRmLThhODQtMjhiZWM3Yjk5OTI5
LzEvbzNVMm15MUxzdUxlM21hR1JURS1ORTV2SE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVfv+zIhk
JGQcS5OKXiG+LAxeGugGLgQkgPiUsxo6uiEuJSoqUqpvEs/U4UuKaOUJkaRGUKpf
LAkiv/Is0yf8B3YGvJNCIY0LNA6Tc6yUjucoaFyU+I5KAOegWYi99vbNsdVsMx4H
FepJWO3Hds/QrRYSAnII4pg3wvaEIQ4k7kF5BmDdGbjpTHmv9ePQQ+F44VWFHO5w
IQBdlWf45U6txzo5aoCc7r+4N3fclU/PuqDvK1Z+VHrK+IqFP0FXJxrenxB4HxCo
kdubQwDm95IKy3NNI+7bS7g7VQ4AIZfrVT/WtUwiqt4wUPkkmAAdzdEmZX4IlsqD
YvHYuquRZektdw==
-----END CERTIFICATE-----
Generated at Fri Jun 13 07:07:02 2025 by rpki-client