Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/23/1a7be5-3cf2-40c5-ba67-854182f09ef5/1/y78j_5hnaDYlSUYv4JLGMV6sykA.mft
File:                     y78j_5hnaDYlSUYv4JLGMV6sykA.mft (raw, json)
Hash identifier:          NNqR7/PbsrHeGKYy6L81ajuhA6DTWu2Muf2155Bgv14=
Subject key identifier:   AA:1B:C2:90:42:77:4F:FE:9D:73:D1:74:AD:F3:67:C7:99:6D:60:2E
Authority key identifier: CB:BF:23:FF:98:67:68:36:25:49:46:2F:E0:92:C6:31:5E:AC:CA:40
Certificate issuer:       /CN=cbbf23ff986768362549462fe092c6315eacca40
Certificate serial:       019753B4C00F15ACA82AB828308593634350
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/y78j_5hnaDYlSUYv4JLGMV6sykA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/23/1a7be5-3cf2-40c5-ba67-854182f09ef5/1/y78j_5hnaDYlSUYv4JLGMV6sykA.mft
Manifest number:          1581
Signing time:             Mon 09 Jun 2025 08:00:43 +0000
Manifest this update:     Mon 09 Jun 2025 08:00:43 +0000
Manifest next update:     Tue 10 Jun 2025 08:00:43 +0000
Files and hashes:         1: a0gi81K4PU-mZZPSh82aNeLjsVI.roa (hash: Id1bqvDurbpWKdNvf29qBzclAu3m5HKcR5Kg3lRHGKE=)
                          2: y78j_5hnaDYlSUYv4JLGMV6sykA.crl (hash: 2MrIsSStKH/2jN2yg/9ZTVSt8Jav72vi0NL2IsGljKc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/23/1a7be5-3cf2-40c5-ba67-854182f09ef5/1/y78j_5hnaDYlSUYv4JLGMV6sykA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/23/1a7be5-3cf2-40c5-ba67-854182f09ef5/1/y78j_5hnaDYlSUYv4JLGMV6sykA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/y78j_5hnaDYlSUYv4JLGMV6sykA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 10 Jun 2025 06:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:53:b4:c0:0f:15:ac:a8:2a:b8:28:30:85:93:63:43:50
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cbbf23ff986768362549462fe092c6315eacca40
        Validity
            Not Before: Jun  9 08:00:43 2025 GMT
            Not After : Jun 10 08:00:43 2025 GMT
        Subject: CN=aa1bc29042774ffe9d73d174adf367c7996d602e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:77:12:2e:15:aa:f7:b7:ad:eb:87:84:e9:9b:
                    f0:f6:33:18:89:5f:56:b6:34:23:56:fd:50:bf:68:
                    ae:01:06:ea:90:9f:fd:fe:94:47:80:67:40:39:c4:
                    bb:d0:c6:6d:68:ad:8e:68:36:4a:d7:61:09:d8:23:
                    20:1f:64:80:f9:88:0a:22:6c:d5:f7:7f:b9:15:d4:
                    d5:71:3e:ce:37:d9:37:4e:82:40:fc:cb:22:74:29:
                    c0:82:aa:6d:c6:1d:e8:2c:32:9f:9b:b5:6c:a9:fb:
                    26:94:23:08:f9:f1:ca:12:57:fd:ca:c3:6e:9e:b9:
                    42:31:8a:46:6f:69:c8:59:7d:99:64:68:25:6b:5c:
                    5d:2c:52:e5:3d:95:88:38:36:32:3c:7a:3b:d3:86:
                    30:60:79:95:ba:ed:77:e6:7f:14:d9:5c:1f:4a:b2:
                    92:47:13:74:94:bf:6c:85:6e:bc:51:99:83:14:b0:
                    38:70:d2:4f:14:cc:51:8f:f7:1e:bd:e9:c6:9f:b8:
                    aa:2c:be:c2:b2:71:bf:2f:5d:9f:4b:72:2e:56:17:
                    31:f6:89:ed:57:f8:37:95:f3:75:80:bc:24:99:ff:
                    af:76:2a:f6:e8:38:71:9a:b0:a6:12:09:7c:f5:7c:
                    39:00:bd:c7:30:0e:20:a3:68:fb:ad:97:59:ef:0b:
                    91:9f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AA:1B:C2:90:42:77:4F:FE:9D:73:D1:74:AD:F3:67:C7:99:6D:60:2E
            X509v3 Authority Key Identifier:
                keyid:CB:BF:23:FF:98:67:68:36:25:49:46:2F:E0:92:C6:31:5E:AC:CA:40

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/y78j_5hnaDYlSUYv4JLGMV6sykA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/23/1a7be5-3cf2-40c5-ba67-854182f09ef5/1/y78j_5hnaDYlSUYv4JLGMV6sykA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/23/1a7be5-3cf2-40c5-ba67-854182f09ef5/1/y78j_5hnaDYlSUYv4JLGMV6sykA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5c:92:dd:c8:2b:6e:75:a4:66:00:e9:33:09:87:6e:81:95:06:
         14:12:97:f4:5f:fa:11:de:2c:dd:44:d2:9c:ce:93:82:03:8e:
         61:f9:87:1a:0d:65:b9:b2:af:55:0d:03:11:93:a9:f7:09:1c:
         ef:95:2a:fe:93:80:2a:67:62:18:d6:fa:26:13:ee:95:7f:a2:
         e1:6f:86:a4:7c:43:7b:22:43:28:75:99:f2:3b:e8:3e:d0:89:
         80:54:a1:6d:94:62:aa:63:57:8b:65:b4:33:c5:11:0e:d7:2c:
         2d:ae:07:0b:55:d8:cf:db:6b:f4:6a:69:74:29:cb:9a:8d:dc:
         83:a3:65:bc:03:8d:c4:3f:98:26:9a:16:79:9c:03:0f:23:af:
         47:58:ac:23:c5:ef:64:31:d9:fa:fc:b0:0b:43:a2:5f:34:9d:
         f1:dc:22:75:62:95:f0:fb:bd:0b:0f:dd:22:be:64:ac:f5:08:
         c0:0f:19:53:ce:aa:70:74:8b:43:81:ae:8b:97:73:d4:62:19:
         10:49:f2:8a:d1:22:b5:61:00:8d:bc:2c:19:60:bf:7b:65:7c:
         a2:72:a6:08:ed:57:1d:ff:a0:4a:80:b4:1e:34:b4:fe:ff:b1:
         68:07:9e:9a:0d:7f:f1:c4:24:72:a0:a3:24:70:89:1b:6e:70:
         4b:c2:c9:2e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdTtMAPFayoKrgoMIWTY0NQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNiYmYyM2ZmOTg2NzY4MzYyNTQ5NDYyZmUwOTJjNjMxNWVh
Y2NhNDAwHhcNMjUwNjA5MDgwMDQzWhcNMjUwNjEwMDgwMDQzWjAzMTEwLwYDVQQD
EyhhYTFiYzI5MDQyNzc0ZmZlOWQ3M2QxNzRhZGYzNjdjNzk5NmQ2MDJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwHcSLhWq97et64eE6Zvw9jMYiV9W
tjQjVv1Qv2iuAQbqkJ/9/pRHgGdAOcS70MZtaK2OaDZK12EJ2CMgH2SA+YgKImzV
93+5FdTVcT7ON9k3ToJA/MsidCnAgqptxh3oLDKfm7VsqfsmlCMI+fHKElf9ysNu
nrlCMYpGb2nIWX2ZZGgla1xdLFLlPZWIODYyPHo704YwYHmVuu135n8U2VwfSrKS
RxN0lL9shW68UZmDFLA4cNJPFMxRj/cevenGn7iqLL7CsnG/L12fS3IuVhcx9ont
V/g3lfN1gLwkmf+vdir26DhxmrCmEgl89Xw5AL3HMA4go2j7rZdZ7wuRnwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKobwpBCd0/+nXPRdK3zZ8eZbWAuMB8GA1UdIwQY
MBaAFMu/I/+YZ2g2JUlGL+CSxjFerMpAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveTc4al81aG5hRFlsU1VZdjRKTEdNVjZzeWtBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMy8xYTdiZTUtM2NmMi00MGM1LWJhNjct
ODU0MTgyZjA5ZWY1LzEveTc4al81aG5hRFlsU1VZdjRKTEdNVjZzeWtBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMy8xYTdiZTUtM2NmMi00MGM1LWJhNjctODU0MTgyZjA5ZWY1
LzEveTc4al81aG5hRFlsU1VZdjRKTEdNVjZzeWtBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXJLdyCtu
daRmAOkzCYdugZUGFBKX9F/6Ed4s3UTSnM6TggOOYfmHGg1lubKvVQ0DEZOp9wkc
75Uq/pOAKmdiGNb6JhPulX+i4W+GpHxDeyJDKHWZ8jvoPtCJgFShbZRiqmNXi2W0
M8URDtcsLa4HC1XYz9tr9GppdCnLmo3cg6NlvAONxD+YJpoWeZwDDyOvR1isI8Xv
ZDHZ+vywC0OiXzSd8dwidWKV8Pu9Cw/dIr5krPUIwA8ZU86qcHSLQ4Gui5dz1GIZ
EEnyitEitWEAjbwsGWC/e2V8onKmCO1XHf+gSoC0HjS0/v+xaAeemg1/8cQkcqCj
JHCJG25wS8LJLg==
-----END CERTIFICATE-----
Generated at Mon Jun 9 14:30:59 2025 by rpki-client