Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/31/3f8107-fc15-4c71-81d4-5238b03545ca/1/aYVKV6sNijySLI9qeaqP6KaiwJ4.mft
File:                     aYVKV6sNijySLI9qeaqP6KaiwJ4.mft (raw, json)
Hash identifier:          8b3FXZUM++UiOhgTIc1n9b/bQ8/CT91I/ldFo7N2I10=
Subject key identifier:   2D:7A:92:C9:B5:92:C1:60:AC:6B:5E:03:20:7B:58:E5:99:ED:66:85
Authority key identifier: 69:85:4A:57:AB:0D:8A:3C:92:2C:8F:6A:79:AA:8F:E8:A6:A2:C0:9E
Certificate issuer:       /CN=69854a57ab0d8a3c922c8f6a79aa8fe8a6a2c09e
Certificate serial:       01975D93BCA42C5DFE3CD9049D89DD8EF4E6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/aYVKV6sNijySLI9qeaqP6KaiwJ4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/31/3f8107-fc15-4c71-81d4-5238b03545ca/1/aYVKV6sNijySLI9qeaqP6KaiwJ4.mft
Manifest number:          0FE9
Signing time:             Wed 11 Jun 2025 06:00:52 +0000
Manifest this update:     Wed 11 Jun 2025 06:00:52 +0000
Manifest next update:     Thu 12 Jun 2025 06:00:52 +0000
Files and hashes:         1: 8criSeClq2Eu3zzop6X6ae-0yfY.roa (hash: nOinS53G7GkxN9bqxtcws3EdTvx5t+9T2IsaBWfXBg8=)
                          2: aYVKV6sNijySLI9qeaqP6KaiwJ4.crl (hash: KPnsa7uzQGH/3nS6bpfM87vZxyHQvuKiid9Ps42IRO0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/31/3f8107-fc15-4c71-81d4-5238b03545ca/1/aYVKV6sNijySLI9qeaqP6KaiwJ4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/31/3f8107-fc15-4c71-81d4-5238b03545ca/1/aYVKV6sNijySLI9qeaqP6KaiwJ4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/aYVKV6sNijySLI9qeaqP6KaiwJ4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 12 Jun 2025 06:00:52 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:5d:93:bc:a4:2c:5d:fe:3c:d9:04:9d:89:dd:8e:f4:e6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=69854a57ab0d8a3c922c8f6a79aa8fe8a6a2c09e
        Validity
            Not Before: Jun 11 06:00:52 2025 GMT
            Not After : Jun 12 06:00:52 2025 GMT
        Subject: CN=2d7a92c9b592c160ac6b5e03207b58e599ed6685
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cc:9d:6f:88:d2:af:41:45:4e:ac:ab:0c:82:3f:
                    2a:4a:f1:65:45:93:1e:57:5e:4f:f1:62:6d:ab:24:
                    e7:5f:c1:f1:27:bf:0c:23:79:a6:d8:79:aa:f9:23:
                    f8:87:a7:7d:54:5e:f1:a5:c1:f3:a8:9a:22:1b:5e:
                    0e:a3:07:7c:2d:82:a7:37:99:85:8f:5f:94:e3:0f:
                    a4:e0:19:eb:ed:da:d6:3b:98:c3:81:ac:77:23:b5:
                    99:20:c4:48:ba:db:43:9d:6d:c1:78:1f:c7:9d:64:
                    ae:d3:b5:cb:1e:48:ed:92:40:79:da:37:d8:50:69:
                    05:4d:f3:81:b3:b5:3e:38:30:24:05:61:a0:f6:e9:
                    76:ea:7c:94:79:9a:ce:b2:cb:17:ff:fd:5d:50:68:
                    09:81:4f:08:34:66:fd:5c:19:a6:92:df:f2:3d:34:
                    27:aa:05:20:a9:4c:e5:8c:27:0c:e2:7e:71:84:50:
                    ba:7e:6b:ee:52:5d:34:c7:de:af:c1:e8:c6:ab:52:
                    83:fc:d5:f0:e6:7a:58:89:4b:f0:a2:e0:b2:a6:c3:
                    60:29:1f:ee:61:94:4a:d3:68:89:61:a8:95:94:64:
                    24:39:1e:31:45:fb:89:15:f6:99:14:6b:d0:bd:08:
                    26:95:07:fc:5f:c0:63:76:a3:06:79:bb:54:2a:0e:
                    c5:29
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2D:7A:92:C9:B5:92:C1:60:AC:6B:5E:03:20:7B:58:E5:99:ED:66:85
            X509v3 Authority Key Identifier:
                keyid:69:85:4A:57:AB:0D:8A:3C:92:2C:8F:6A:79:AA:8F:E8:A6:A2:C0:9E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aYVKV6sNijySLI9qeaqP6KaiwJ4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/31/3f8107-fc15-4c71-81d4-5238b03545ca/1/aYVKV6sNijySLI9qeaqP6KaiwJ4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/31/3f8107-fc15-4c71-81d4-5238b03545ca/1/aYVKV6sNijySLI9qeaqP6KaiwJ4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5c:6a:21:06:38:d2:0e:b6:63:4a:81:a3:c9:43:45:2b:74:2a:
         64:8c:e8:de:e0:70:c0:49:10:46:d7:e3:a6:ee:3b:ff:c2:58:
         9a:1c:8a:de:ec:d8:76:46:b1:a1:4d:d0:4f:95:b4:eb:6b:99:
         c8:b2:79:09:6c:ff:02:a8:e3:16:cd:d4:cd:62:a5:b8:8c:62:
         8a:f2:0f:d8:6a:63:01:99:a3:f5:b5:6f:49:82:e0:c6:44:63:
         51:2f:8c:21:24:c1:59:03:5e:96:6e:61:0e:e2:b7:aa:d6:a1:
         fd:bf:65:e4:49:3b:59:6f:dd:21:9b:0b:12:7c:bb:1f:03:0e:
         d8:39:ef:e0:6a:7f:17:9a:70:85:2d:33:5c:3f:8a:60:8e:c7:
         0b:bc:27:ec:8c:04:ce:ef:04:aa:3a:e8:b5:aa:1c:f6:35:1c:
         0b:9f:7f:fb:ab:f0:16:c4:36:38:72:55:dd:22:da:ec:a6:fa:
         df:e5:90:54:1a:e5:30:87:c7:10:cd:44:3b:1b:a2:bf:a2:69:
         7a:8e:7c:cf:5d:eb:83:37:b8:68:0d:92:47:73:26:31:78:fd:
         87:84:b3:e2:6f:99:94:7b:b1:5d:4d:cc:20:d7:19:8f:96:ef:
         72:1b:0c:fa:84:93:43:04:0a:83:b0:29:6e:86:8d:fc:31:c8:
         ef:2f:e9:28
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZddk7ykLF3+PNkEnYndjvTmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY5ODU0YTU3YWIwZDhhM2M5MjJjOGY2YTc5YWE4ZmU4YTZh
MmMwOWUwHhcNMjUwNjExMDYwMDUyWhcNMjUwNjEyMDYwMDUyWjAzMTEwLwYDVQQD
EygyZDdhOTJjOWI1OTJjMTYwYWM2YjVlMDMyMDdiNThlNTk5ZWQ2Njg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzJ1viNKvQUVOrKsMgj8qSvFlRZMe
V15P8WJtqyTnX8HxJ78MI3mm2Hmq+SP4h6d9VF7xpcHzqJoiG14Oowd8LYKnN5mF
j1+U4w+k4Bnr7drWO5jDgax3I7WZIMRIuttDnW3BeB/HnWSu07XLHkjtkkB52jfY
UGkFTfOBs7U+ODAkBWGg9ul26nyUeZrOsssX//1dUGgJgU8INGb9XBmmkt/yPTQn
qgUgqUzljCcM4n5xhFC6fmvuUl00x96vwejGq1KD/NXw5npYiUvwouCypsNgKR/u
YZRK02iJYaiVlGQkOR4xRfuJFfaZFGvQvQgmlQf8X8BjdqMGebtUKg7FKQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFC16ksm1ksFgrGteAyB7WOWZ7WaFMB8GA1UdIwQY
MBaAFGmFSlerDYo8kiyPanmqj+imosCeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYVlWS1Y2c05panlTTEk5cWVhcVA2S2Fpd0o0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMS8zZjgxMDctZmMxNS00YzcxLTgxZDQt
NTIzOGIwMzU0NWNhLzEvYVlWS1Y2c05panlTTEk5cWVhcVA2S2Fpd0o0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMS8zZjgxMDctZmMxNS00YzcxLTgxZDQtNTIzOGIwMzU0NWNh
LzEvYVlWS1Y2c05panlTTEk5cWVhcVA2S2Fpd0o0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXGohBjjS
DrZjSoGjyUNFK3QqZIzo3uBwwEkQRtfjpu47/8JYmhyK3uzYdkaxoU3QT5W062uZ
yLJ5CWz/AqjjFs3UzWKluIxiivIP2GpjAZmj9bVvSYLgxkRjUS+MISTBWQNelm5h
DuK3qtah/b9l5Ek7WW/dIZsLEny7HwMO2Dnv4Gp/F5pwhS0zXD+KYI7HC7wn7IwE
zu8Eqjrotaoc9jUcC59/+6vwFsQ2OHJV3SLa7Kb63+WQVBrlMIfHEM1EOxuiv6Jp
eo58z13rgze4aA2SR3MmMXj9h4Sz4m+ZlHuxXU3MINcZj5bvchsM+oSTQwQKg7Ap
boaN/DHI7y/pKA==
-----END CERTIFICATE-----
Generated at Wed Jun 11 14:28:31 2025 by rpki-client