Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/0c2320-ba95-4531-8c81-22295df12b27/1/XeYTaCVSAQKY86aUoA18WQYGC5U.mft
File:                     XeYTaCVSAQKY86aUoA18WQYGC5U.mft (raw, json)
Hash identifier:          sZmQgCUziRCzY3YR6rEGjoWfNdOewkXLTttjL7ekOM8=
Subject key identifier:   93:2F:64:83:DF:97:43:98:BD:66:DF:7B:F5:55:BA:C4:42:7D:1D:92
Authority key identifier: 5D:E6:13:68:25:52:01:02:98:F3:A6:94:A0:0D:7C:59:06:06:0B:95
Certificate issuer:       /CN=5de613682552010298f3a694a00d7c5906060b95
Certificate serial:       0197681722A89B5719CF2DA981A31E816D7A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/XeYTaCVSAQKY86aUoA18WQYGC5U.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/33/0c2320-ba95-4531-8c81-22295df12b27/1/XeYTaCVSAQKY86aUoA18WQYGC5U.mft
Manifest number:          158F
Signing time:             Fri 13 Jun 2025 07:00:35 +0000
Manifest this update:     Fri 13 Jun 2025 07:00:35 +0000
Manifest next update:     Sat 14 Jun 2025 07:00:35 +0000
Files and hashes:         1: XeYTaCVSAQKY86aUoA18WQYGC5U.crl (hash: 44Ob8TmynTz+FYF42gNzBTp/LlFhDzQqTBJWhtDPmOo=)
                          2: auYlcZnEp-yqavQsok9_TPLHAq0.roa (hash: kbe3quRrlIxTjuDhfKrAisNkV8HOTBuxWR/raJshlU4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/33/0c2320-ba95-4531-8c81-22295df12b27/1/XeYTaCVSAQKY86aUoA18WQYGC5U.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/33/0c2320-ba95-4531-8c81-22295df12b27/1/XeYTaCVSAQKY86aUoA18WQYGC5U.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/XeYTaCVSAQKY86aUoA18WQYGC5U.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 14 Jun 2025 07:00:18 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:68:17:22:a8:9b:57:19:cf:2d:a9:81:a3:1e:81:6d:7a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5de613682552010298f3a694a00d7c5906060b95
        Validity
            Not Before: Jun 13 07:00:35 2025 GMT
            Not After : Jun 14 07:00:35 2025 GMT
        Subject: CN=932f6483df974398bd66df7bf555bac4427d1d92
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:db:76:31:78:ee:98:72:3f:08:0f:4f:0b:46:46:
                    0f:30:5b:c2:10:00:cc:60:e4:6e:dc:2b:50:ed:84:
                    7e:0d:4f:48:73:01:bd:46:0e:e9:c6:e1:11:49:ef:
                    7a:1a:ef:6f:66:22:50:32:f6:8b:c1:0d:8f:57:5e:
                    b6:c4:b4:2d:85:83:d3:d0:07:42:ab:ac:0c:d5:2c:
                    53:64:75:43:be:b7:12:b9:cb:b9:39:ef:da:0f:a4:
                    4e:46:a3:d5:e4:42:85:7b:4f:16:83:a9:3b:61:40:
                    bf:6e:a6:71:10:e6:67:72:9d:7d:1c:2d:23:36:ff:
                    b0:2f:7c:9f:28:93:79:d5:34:36:46:96:85:f3:2a:
                    f8:eb:00:83:11:86:ce:67:16:37:9a:e2:37:d4:01:
                    d1:3b:5e:3a:89:48:9f:90:24:1b:21:c9:ad:8d:ed:
                    e6:48:bb:ee:f3:13:06:fa:71:c1:37:51:50:e9:9b:
                    cf:6e:5a:3d:9d:e5:58:57:e1:4e:93:d2:a1:c5:ee:
                    b8:47:7f:09:a4:b4:e3:2c:52:19:8d:ae:50:ce:06:
                    2b:de:85:3f:b7:7e:13:38:c6:03:c2:b1:c3:95:4e:
                    e0:02:05:8c:dd:6b:84:f8:4f:6a:36:85:3d:0c:12:
                    8b:d7:b4:21:0b:55:eb:c6:79:bf:42:03:d7:6f:4d:
                    f1:45
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                93:2F:64:83:DF:97:43:98:BD:66:DF:7B:F5:55:BA:C4:42:7D:1D:92
            X509v3 Authority Key Identifier:
                keyid:5D:E6:13:68:25:52:01:02:98:F3:A6:94:A0:0D:7C:59:06:06:0B:95

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XeYTaCVSAQKY86aUoA18WQYGC5U.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/0c2320-ba95-4531-8c81-22295df12b27/1/XeYTaCVSAQKY86aUoA18WQYGC5U.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/33/0c2320-ba95-4531-8c81-22295df12b27/1/XeYTaCVSAQKY86aUoA18WQYGC5U.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         61:a5:eb:89:c0:03:ee:41:e0:95:18:58:13:91:d5:56:8f:3f:
         cc:37:1a:19:e2:c5:c3:55:fb:a0:9b:e1:4a:42:55:f2:2c:00:
         9b:95:24:ae:76:12:1b:c1:80:3f:e2:a6:22:c5:85:7d:05:88:
         86:c3:69:7a:db:a0:00:2b:d1:35:04:75:92:c7:57:dc:37:1a:
         e4:fd:c7:5e:2c:b8:75:98:28:7f:5c:be:f6:a4:3f:ad:85:61:
         f8:21:24:61:9a:92:7c:02:41:59:00:35:67:29:bf:0c:4b:9d:
         07:63:10:88:f2:7f:69:60:f2:f5:08:26:c9:5c:0c:05:b6:4c:
         84:77:74:c1:1a:72:b2:12:f8:d4:81:80:1a:32:8e:37:34:49:
         a3:5c:56:e3:be:32:79:0e:b6:bf:9b:aa:c2:65:a8:ed:68:b9:
         af:8d:1c:ee:08:77:31:52:68:70:86:c2:a7:e0:11:89:a2:8b:
         39:13:06:14:04:8d:a1:69:b3:f7:61:14:f1:75:5e:88:0d:80:
         73:41:fb:d2:61:e2:62:d5:7d:5e:d5:74:22:91:58:65:45:6d:
         47:29:70:99:89:e1:d9:4c:98:7a:78:00:9c:61:8b:5c:2a:c3:
         15:bc:90:c8:12:95:d4:ff:ed:cb:69:69:5f:27:02:f1:90:7f:
         db:52:b3:b4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdoFyKom1cZzy2pgaMegW16MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkZTYxMzY4MjU1MjAxMDI5OGYzYTY5NGEwMGQ3YzU5MDYw
NjBiOTUwHhcNMjUwNjEzMDcwMDM1WhcNMjUwNjE0MDcwMDM1WjAzMTEwLwYDVQQD
Eyg5MzJmNjQ4M2RmOTc0Mzk4YmQ2NmRmN2JmNTU1YmFjNDQyN2QxZDkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA23YxeO6Ycj8ID08LRkYPMFvCEADM
YORu3CtQ7YR+DU9IcwG9Rg7pxuERSe96Gu9vZiJQMvaLwQ2PV162xLQthYPT0AdC
q6wM1SxTZHVDvrcSucu5Oe/aD6RORqPV5EKFe08Wg6k7YUC/bqZxEOZncp19HC0j
Nv+wL3yfKJN51TQ2RpaF8yr46wCDEYbOZxY3muI31AHRO146iUifkCQbIcmtje3m
SLvu8xMG+nHBN1FQ6ZvPblo9neVYV+FOk9Khxe64R38JpLTjLFIZja5QzgYr3oU/
t34TOMYDwrHDlU7gAgWM3WuE+E9qNoU9DBKL17QhC1Xrxnm/QgPXb03xRQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJMvZIPfl0OYvWbfe/VVusRCfR2SMB8GA1UdIwQY
MBaAFF3mE2glUgECmPOmlKANfFkGBguVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGVZVGFDVlNBUUtZODZhVW9BMThXUVlHQzVVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy8wYzIzMjAtYmE5NS00NTMxLThjODEt
MjIyOTVkZjEyYjI3LzEvWGVZVGFDVlNBUUtZODZhVW9BMThXUVlHQzVVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMy8wYzIzMjAtYmE5NS00NTMxLThjODEtMjIyOTVkZjEyYjI3
LzEvWGVZVGFDVlNBUUtZODZhVW9BMThXUVlHQzVVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYaXricAD
7kHglRhYE5HVVo8/zDcaGeLFw1X7oJvhSkJV8iwAm5UkrnYSG8GAP+KmIsWFfQWI
hsNpetugACvRNQR1ksdX3Dca5P3HXiy4dZgof1y+9qQ/rYVh+CEkYZqSfAJBWQA1
Zym/DEudB2MQiPJ/aWDy9QgmyVwMBbZMhHd0wRpyshL41IGAGjKONzRJo1xW474y
eQ62v5uqwmWo7Wi5r40c7gh3MVJocIbCp+ARiaKLORMGFASNoWmz92EU8XVeiA2A
c0H70mHiYtV9XtV0IpFYZUVtRylwmYnh2UyYengAnGGLXCrDFbyQyBKV1P/ty2lp
XycC8ZB/21KztA==
-----END CERTIFICATE-----
Generated at Fri Jun 13 14:57:07 2025 by rpki-client