Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/c03d37-4efc-4c3c-8281-3c738544482e/1/fXhWyXvrl8KzhvuVjC2xIsV9s2w.mft
File:                     fXhWyXvrl8KzhvuVjC2xIsV9s2w.mft (raw, json)
Hash identifier:          +rhXBDDjC7jP+7R1dVoaa+XwbpfJ5LBQDxIRUzPnlNY=
Subject key identifier:   67:20:5D:F2:A3:8C:95:EA:49:F4:1C:76:C3:E2:09:A7:91:13:25:F4
Authority key identifier: 7D:78:56:C9:7B:EB:97:C2:B3:86:FB:95:8C:2D:B1:22:C5:7D:B3:6C
Certificate issuer:       /CN=7d7856c97beb97c2b386fb958c2db122c57db36c
Certificate serial:       01975C811C1920569F2391BA281DB7675800
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/fXhWyXvrl8KzhvuVjC2xIsV9s2w.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/27/c03d37-4efc-4c3c-8281-3c738544482e/1/fXhWyXvrl8KzhvuVjC2xIsV9s2w.mft
Manifest number:          03CF
Signing time:             Wed 11 Jun 2025 01:00:54 +0000
Manifest this update:     Wed 11 Jun 2025 01:00:54 +0000
Manifest next update:     Thu 12 Jun 2025 01:00:54 +0000
Files and hashes:         1: 7IU0huufqQxYxItg8zFZPOwzYRM.roa (hash: I4C8M2jxvU1m60xK7AT2Uz7jOA8Cd0LrtZ3lmEnNBLc=)
                          2: fXhWyXvrl8KzhvuVjC2xIsV9s2w.crl (hash: Xf5f3X9ictad/mpAocsByjX5xUxEWe4++y2rd4YFd0k=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/27/c03d37-4efc-4c3c-8281-3c738544482e/1/fXhWyXvrl8KzhvuVjC2xIsV9s2w.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/27/c03d37-4efc-4c3c-8281-3c738544482e/1/fXhWyXvrl8KzhvuVjC2xIsV9s2w.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/fXhWyXvrl8KzhvuVjC2xIsV9s2w.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 11 Jun 2025 23:00:18 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:5c:81:1c:19:20:56:9f:23:91:ba:28:1d:b7:67:58:00
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7d7856c97beb97c2b386fb958c2db122c57db36c
        Validity
            Not Before: Jun 11 01:00:54 2025 GMT
            Not After : Jun 12 01:00:54 2025 GMT
        Subject: CN=67205df2a38c95ea49f41c76c3e209a7911325f4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9d:fd:4e:23:96:d9:7a:a2:0b:3e:73:4c:7b:97:
                    1b:ff:2a:51:72:ee:e9:3e:9c:ca:6e:1b:07:01:39:
                    cc:ef:e9:f6:36:e3:21:de:05:2a:ae:e0:87:7c:d5:
                    77:d4:e4:da:b5:cf:bf:63:d8:67:1c:60:ca:79:df:
                    a3:61:f3:a0:dd:79:30:66:48:03:16:be:ec:fc:b5:
                    e4:e3:75:e9:02:8a:30:f5:4b:a4:76:8a:31:ec:ff:
                    82:c6:dc:b5:28:c0:e4:0a:9f:44:12:3e:b4:68:78:
                    92:a6:2f:0a:d9:3a:e3:33:81:5e:cc:d0:45:2f:fc:
                    ce:f2:f3:09:3b:97:d8:da:13:1b:0e:b3:a0:8f:21:
                    d0:f3:97:e5:af:a7:da:27:f9:24:c6:33:91:0c:bf:
                    a7:fc:35:10:5c:df:09:b9:4f:6b:72:7f:41:e4:46:
                    ae:03:db:f9:01:46:84:d6:e1:d6:0c:cf:49:14:5a:
                    fe:eb:58:2b:56:3a:e9:aa:75:4f:30:85:c7:74:00:
                    15:bb:5d:c8:78:c1:5f:79:8b:4b:be:a9:1f:fb:6c:
                    c3:6e:73:3a:e6:88:73:ae:19:10:35:d3:1b:ca:66:
                    3b:75:dc:fc:8c:6e:a2:05:03:ee:c6:66:1d:72:8f:
                    9b:e1:0b:56:82:73:0c:c2:ca:94:ee:90:22:1a:13:
                    70:ab
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                67:20:5D:F2:A3:8C:95:EA:49:F4:1C:76:C3:E2:09:A7:91:13:25:F4
            X509v3 Authority Key Identifier:
                keyid:7D:78:56:C9:7B:EB:97:C2:B3:86:FB:95:8C:2D:B1:22:C5:7D:B3:6C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fXhWyXvrl8KzhvuVjC2xIsV9s2w.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/c03d37-4efc-4c3c-8281-3c738544482e/1/fXhWyXvrl8KzhvuVjC2xIsV9s2w.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/27/c03d37-4efc-4c3c-8281-3c738544482e/1/fXhWyXvrl8KzhvuVjC2xIsV9s2w.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2b:ed:a5:b5:39:aa:71:8b:4a:cf:10:4e:29:13:ed:49:4d:cb:
         12:08:c4:5c:d5:76:77:7a:0f:0b:9f:60:10:94:77:c2:80:82:
         da:24:a7:a3:c9:47:58:d3:ca:0c:30:dc:38:cd:e2:90:c6:31:
         c5:92:05:82:03:a3:38:26:4f:de:e5:ae:6a:72:d4:51:1c:16:
         f9:62:c1:e7:96:c6:74:12:17:f4:3e:db:43:1f:94:37:24:0e:
         ec:ba:f2:a9:81:e6:58:41:6a:7d:20:28:0d:66:52:7b:41:34:
         01:ab:f4:9c:24:fe:8e:e0:38:23:e4:8d:b0:94:8f:85:41:91:
         6f:ae:b4:c5:34:ff:6e:90:2f:15:2e:72:ae:41:fe:ea:81:85:
         9b:f1:be:35:ea:f4:98:7c:90:88:ff:5c:61:dd:8b:1b:29:8d:
         e0:71:49:a2:4f:11:bb:dc:d8:7f:1c:75:79:eb:a6:4e:f0:be:
         5d:37:13:6e:93:f4:89:b6:91:22:87:f5:3c:cc:4d:79:36:50:
         60:13:73:1d:3f:ba:00:d0:49:ae:5d:db:5e:8c:6e:b9:cf:6a:
         8d:dd:2b:25:7c:ea:f2:b8:59:a5:33:55:ab:c4:1d:5a:32:ca:
         9c:ea:c6:fb:b1:2c:5a:c0:04:6f:05:9c:12:56:40:4a:95:b3:
         53:56:e8:5b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdcgRwZIFafI5G6KB23Z1gAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNzg1NmM5N2JlYjk3YzJiMzg2ZmI5NThjMmRiMTIyYzU3
ZGIzNmMwHhcNMjUwNjExMDEwMDU0WhcNMjUwNjEyMDEwMDU0WjAzMTEwLwYDVQQD
Eyg2NzIwNWRmMmEzOGM5NWVhNDlmNDFjNzZjM2UyMDlhNzkxMTMyNWY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnf1OI5bZeqILPnNMe5cb/ypRcu7p
PpzKbhsHATnM7+n2NuMh3gUqruCHfNV31OTatc+/Y9hnHGDKed+jYfOg3XkwZkgD
Fr7s/LXk43XpAoow9Uukdoox7P+Cxty1KMDkCp9EEj60aHiSpi8K2TrjM4FezNBF
L/zO8vMJO5fY2hMbDrOgjyHQ85flr6faJ/kkxjORDL+n/DUQXN8JuU9rcn9B5Eau
A9v5AUaE1uHWDM9JFFr+61grVjrpqnVPMIXHdAAVu13IeMFfeYtLvqkf+2zDbnM6
5ohzrhkQNdMbymY7ddz8jG6iBQPuxmYdco+b4QtWgnMMwsqU7pAiGhNwqwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGcgXfKjjJXqSfQcdsPiCaeREyX0MB8GA1UdIwQY
MBaAFH14Vsl765fCs4b7lYwtsSLFfbNsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlhoV3lYdnJsOEt6aHZ1VmpDMnhJc1Y5czJ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNy9jMDNkMzctNGVmYy00YzNjLTgyODEt
M2M3Mzg1NDQ0ODJlLzEvZlhoV3lYdnJsOEt6aHZ1VmpDMnhJc1Y5czJ3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNy9jMDNkMzctNGVmYy00YzNjLTgyODEtM2M3Mzg1NDQ0ODJl
LzEvZlhoV3lYdnJsOEt6aHZ1VmpDMnhJc1Y5czJ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAK+2ltTmq
cYtKzxBOKRPtSU3LEgjEXNV2d3oPC59gEJR3woCC2iSno8lHWNPKDDDcOM3ikMYx
xZIFggOjOCZP3uWuanLUURwW+WLB55bGdBIX9D7bQx+UNyQO7LryqYHmWEFqfSAo
DWZSe0E0Aav0nCT+juA4I+SNsJSPhUGRb660xTT/bpAvFS5yrkH+6oGFm/G+Ner0
mHyQiP9cYd2LGymN4HFJok8Ru9zYfxx1eeumTvC+XTcTbpP0ibaRIof1PMxNeTZQ
YBNzHT+6ANBJrl3bXoxuuc9qjd0rJXzq8rhZpTNVq8QdWjLKnOrG+7EsWsAEbwWc
ElZASpWzU1boWw==
-----END CERTIFICATE-----
Generated at Wed Jun 11 09:43:49 2025 by rpki-client