Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/23/1a7be5-3cf2-40c5-ba67-854182f09ef5/1/y78j_5hnaDYlSUYv4JLGMV6sykA.mft
File:                     y78j_5hnaDYlSUYv4JLGMV6sykA.mft (raw, json)
Hash identifier:          Myf2maWoPsnlnZl5gI3yFpfmQ/HaZ48DqrKwnDoOhuY=
Subject key identifier:   15:AF:25:4B:5D:93:09:64:37:38:17:B7:B1:69:C1:B5:FB:E8:5D:0A
Authority key identifier: CB:BF:23:FF:98:67:68:36:25:49:46:2F:E0:92:C6:31:5E:AC:CA:40
Certificate issuer:       /CN=cbbf23ff986768362549462fe092c6315eacca40
Certificate serial:       01975F4AFBF8E0E94AF1E2C77F0927970FE3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/y78j_5hnaDYlSUYv4JLGMV6sykA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/23/1a7be5-3cf2-40c5-ba67-854182f09ef5/1/y78j_5hnaDYlSUYv4JLGMV6sykA.mft
Manifest number:          1587
Signing time:             Wed 11 Jun 2025 14:00:39 +0000
Manifest this update:     Wed 11 Jun 2025 14:00:39 +0000
Manifest next update:     Thu 12 Jun 2025 14:00:39 +0000
Files and hashes:         1: a0gi81K4PU-mZZPSh82aNeLjsVI.roa (hash: Id1bqvDurbpWKdNvf29qBzclAu3m5HKcR5Kg3lRHGKE=)
                          2: y78j_5hnaDYlSUYv4JLGMV6sykA.crl (hash: FBqkBgp17UVhd6CIpkq2JelccglBc9An18v4RkCUOUE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/23/1a7be5-3cf2-40c5-ba67-854182f09ef5/1/y78j_5hnaDYlSUYv4JLGMV6sykA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/23/1a7be5-3cf2-40c5-ba67-854182f09ef5/1/y78j_5hnaDYlSUYv4JLGMV6sykA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/y78j_5hnaDYlSUYv4JLGMV6sykA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 12 Jun 2025 14:00:39 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:5f:4a:fb:f8:e0:e9:4a:f1:e2:c7:7f:09:27:97:0f:e3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cbbf23ff986768362549462fe092c6315eacca40
        Validity
            Not Before: Jun 11 14:00:39 2025 GMT
            Not After : Jun 12 14:00:39 2025 GMT
        Subject: CN=15af254b5d930964373817b7b169c1b5fbe85d0a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c2:5c:7c:81:b5:48:3b:08:f3:76:6c:11:7e:b1:
                    17:40:5a:e9:31:bd:d6:73:f8:b3:d1:46:36:f4:23:
                    c1:0a:ad:74:c2:5c:fd:2e:6a:87:64:c6:70:78:9b:
                    8a:f1:9d:32:89:d5:9e:38:b9:55:60:c5:d5:df:5a:
                    d3:2e:0b:2f:41:fb:d9:f2:a1:0b:50:bb:33:77:5d:
                    52:47:e0:c5:79:1b:54:b1:8a:c1:63:c2:27:d9:36:
                    ce:15:3d:74:e5:65:1d:ad:a7:96:f5:12:43:07:95:
                    9a:04:51:aa:24:95:a3:cd:68:6f:12:06:7a:cf:84:
                    62:66:0d:d7:61:e8:fb:9f:3c:87:b6:66:c8:77:a4:
                    8c:30:00:fb:21:be:a9:31:f3:7d:bb:32:f4:97:aa:
                    35:9f:25:7f:25:a6:62:7f:19:49:f3:e8:38:52:c6:
                    1e:a6:40:09:e8:57:f6:4e:d2:8f:2b:87:0f:75:00:
                    5c:fd:8a:2d:d1:9c:a9:cc:d7:04:55:06:0a:e5:e8:
                    2d:07:fe:15:3a:c8:d0:14:1e:db:f4:8b:46:7c:23:
                    e2:0c:a1:d4:dc:30:e7:2d:d6:1b:3a:a5:23:7f:5c:
                    2e:8e:22:3c:07:05:00:c5:76:17:f2:4f:b4:31:61:
                    8e:e4:d6:56:7b:9d:57:77:aa:a4:e6:01:35:d5:4c:
                    4b:13
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                15:AF:25:4B:5D:93:09:64:37:38:17:B7:B1:69:C1:B5:FB:E8:5D:0A
            X509v3 Authority Key Identifier:
                keyid:CB:BF:23:FF:98:67:68:36:25:49:46:2F:E0:92:C6:31:5E:AC:CA:40

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/y78j_5hnaDYlSUYv4JLGMV6sykA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/23/1a7be5-3cf2-40c5-ba67-854182f09ef5/1/y78j_5hnaDYlSUYv4JLGMV6sykA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/23/1a7be5-3cf2-40c5-ba67-854182f09ef5/1/y78j_5hnaDYlSUYv4JLGMV6sykA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2a:ba:c4:fd:6f:25:81:16:e6:19:1d:d5:11:94:60:84:cc:b1:
         af:d3:dc:e5:f8:18:3c:da:69:fa:d0:f0:34:91:37:21:ca:ce:
         4d:2f:92:20:d9:25:ef:e3:80:20:ae:17:3c:54:a3:57:fc:45:
         92:8c:f6:21:59:ef:36:84:42:4a:05:d8:6d:e3:2f:fb:a3:40:
         b4:4c:d8:3a:9d:22:3c:0e:64:93:5e:42:94:55:f4:6b:e8:a7:
         b9:a7:36:69:8a:47:aa:9e:a3:6d:60:8c:c9:f9:04:04:6a:0e:
         ec:97:a7:55:60:e9:1c:47:96:59:f2:49:2c:b4:86:8c:f3:f9:
         e1:94:cc:ae:08:ad:62:f9:22:28:f6:f6:f4:cf:5c:95:fe:70:
         fc:06:14:23:8a:79:ac:00:9c:c4:cd:89:c2:1c:58:a4:78:8a:
         e0:b3:cf:ce:d3:4d:0d:18:46:a2:ec:a7:86:1a:62:e5:e0:26:
         be:cc:33:7c:89:6a:b8:3d:55:f8:89:fa:7f:79:59:74:a1:3c:
         d6:47:d9:18:22:2b:9f:c8:e4:bc:71:ab:34:6b:84:b0:c6:d2:
         2d:e6:69:e5:9c:7b:70:a0:9d:93:e7:d5:84:5a:7b:37:d0:39:
         81:52:e2:4d:b7:98:8b:7f:2d:98:fc:97:b5:d8:ed:44:40:65:
         38:92:09:9c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdfSvv44OlK8eLHfwknlw/jMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNiYmYyM2ZmOTg2NzY4MzYyNTQ5NDYyZmUwOTJjNjMxNWVh
Y2NhNDAwHhcNMjUwNjExMTQwMDM5WhcNMjUwNjEyMTQwMDM5WjAzMTEwLwYDVQQD
EygxNWFmMjU0YjVkOTMwOTY0MzczODE3YjdiMTY5YzFiNWZiZTg1ZDBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwlx8gbVIOwjzdmwRfrEXQFrpMb3W
c/iz0UY29CPBCq10wlz9LmqHZMZweJuK8Z0yidWeOLlVYMXV31rTLgsvQfvZ8qEL
ULszd11SR+DFeRtUsYrBY8In2TbOFT105WUdraeW9RJDB5WaBFGqJJWjzWhvEgZ6
z4RiZg3XYej7nzyHtmbId6SMMAD7Ib6pMfN9uzL0l6o1nyV/JaZifxlJ8+g4UsYe
pkAJ6Ff2TtKPK4cPdQBc/Yot0ZypzNcEVQYK5egtB/4VOsjQFB7b9ItGfCPiDKHU
3DDnLdYbOqUjf1wujiI8BwUAxXYX8k+0MWGO5NZWe51Xd6qk5gE11UxLEwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBWvJUtdkwlkNzgXt7FpwbX76F0KMB8GA1UdIwQY
MBaAFMu/I/+YZ2g2JUlGL+CSxjFerMpAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveTc4al81aG5hRFlsU1VZdjRKTEdNVjZzeWtBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMy8xYTdiZTUtM2NmMi00MGM1LWJhNjct
ODU0MTgyZjA5ZWY1LzEveTc4al81aG5hRFlsU1VZdjRKTEdNVjZzeWtBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMy8xYTdiZTUtM2NmMi00MGM1LWJhNjctODU0MTgyZjA5ZWY1
LzEveTc4al81aG5hRFlsU1VZdjRKTEdNVjZzeWtBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKrrE/W8l
gRbmGR3VEZRghMyxr9Pc5fgYPNpp+tDwNJE3IcrOTS+SINkl7+OAIK4XPFSjV/xF
koz2IVnvNoRCSgXYbeMv+6NAtEzYOp0iPA5kk15ClFX0a+inuac2aYpHqp6jbWCM
yfkEBGoO7JenVWDpHEeWWfJJLLSGjPP54ZTMrgitYvkiKPb29M9clf5w/AYUI4p5
rACcxM2JwhxYpHiK4LPPztNNDRhGouynhhpi5eAmvswzfIlquD1V+In6f3lZdKE8
1kfZGCIrn8jkvHGrNGuEsMbSLeZp5Zx7cKCdk+fVhFp7N9A5gVLiTbeYi38tmPyX
tdjtREBlOJIJnA==
-----END CERTIFICATE-----
Generated at Wed Jun 11 20:17:29 2025 by rpki-client