Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/0c2320-ba95-4531-8c81-22295df12b27/1/XeYTaCVSAQKY86aUoA18WQYGC5U.mft
File:                     XeYTaCVSAQKY86aUoA18WQYGC5U.mft (raw, json)
Hash identifier:          A7ymYk/eoLaFB7mMzvozEvPLI9i48tkkJLcPZ/jNiT0=
Subject key identifier:   3C:6D:3A:43:E3:B1:56:2A:BA:BB:9B:10:A5:01:6A:71:72:BD:CC:1A
Authority key identifier: 5D:E6:13:68:25:52:01:02:98:F3:A6:94:A0:0D:7C:59:06:06:0B:95
Certificate issuer:       /CN=5de613682552010298f3a694a00d7c5906060b95
Certificate serial:       0197605D77C654EF70243D67CB4EB73FB095
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/XeYTaCVSAQKY86aUoA18WQYGC5U.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/33/0c2320-ba95-4531-8c81-22295df12b27/1/XeYTaCVSAQKY86aUoA18WQYGC5U.mft
Manifest number:          158B
Signing time:             Wed 11 Jun 2025 19:00:27 +0000
Manifest this update:     Wed 11 Jun 2025 19:00:27 +0000
Manifest next update:     Thu 12 Jun 2025 19:00:27 +0000
Files and hashes:         1: XeYTaCVSAQKY86aUoA18WQYGC5U.crl (hash: EYKCi//tKbXyAC7hYAknoPxvNAHX384x7lfqSTA2FcM=)
                          2: auYlcZnEp-yqavQsok9_TPLHAq0.roa (hash: kbe3quRrlIxTjuDhfKrAisNkV8HOTBuxWR/raJshlU4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/33/0c2320-ba95-4531-8c81-22295df12b27/1/XeYTaCVSAQKY86aUoA18WQYGC5U.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/33/0c2320-ba95-4531-8c81-22295df12b27/1/XeYTaCVSAQKY86aUoA18WQYGC5U.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/XeYTaCVSAQKY86aUoA18WQYGC5U.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 12 Jun 2025 15:40:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:60:5d:77:c6:54:ef:70:24:3d:67:cb:4e:b7:3f:b0:95
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5de613682552010298f3a694a00d7c5906060b95
        Validity
            Not Before: Jun 11 19:00:27 2025 GMT
            Not After : Jun 12 19:00:27 2025 GMT
        Subject: CN=3c6d3a43e3b1562ababb9b10a5016a7172bdcc1a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:f9:3d:73:8c:b2:06:3e:b8:af:90:8c:e2:b9:
                    9d:d1:2a:18:9f:f6:7c:ff:7e:7f:35:60:b5:ee:e3:
                    e1:f8:54:c4:74:33:28:f6:bb:f7:bc:e1:c0:6a:f2:
                    65:05:08:f7:13:90:ac:56:03:8c:3e:cb:a9:82:69:
                    1c:cc:b8:83:50:42:1d:dd:93:5b:ba:15:38:5b:97:
                    51:ff:4c:56:2b:3f:9d:b0:57:f4:96:17:8b:01:5e:
                    fb:5b:f4:f8:dc:61:71:e0:fa:18:3c:17:69:74:23:
                    52:10:c2:60:49:ac:5f:46:9e:6f:59:af:4a:0e:c9:
                    83:04:2c:a5:87:ac:5a:7c:3c:35:3f:5f:56:c9:c6:
                    70:a2:29:c6:ac:dc:5b:ee:cb:f6:58:88:ed:37:07:
                    f9:3f:8f:fa:c4:f8:4b:25:01:0f:85:6c:84:6a:02:
                    4b:4b:96:1f:7a:38:dc:45:5d:1a:93:9f:96:ee:8e:
                    10:96:92:cb:55:a1:33:94:8f:8b:83:21:92:ab:68:
                    b4:c8:1d:29:a6:47:68:98:0a:42:3a:54:3b:93:90:
                    d0:af:db:ab:85:70:76:b5:d6:02:db:ba:e1:4b:cc:
                    25:44:a6:00:24:d6:bc:f5:85:2c:7e:37:61:3c:56:
                    0f:c4:94:59:8d:f2:85:97:2c:dc:1d:d9:fd:a0:05:
                    cf:17
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3C:6D:3A:43:E3:B1:56:2A:BA:BB:9B:10:A5:01:6A:71:72:BD:CC:1A
            X509v3 Authority Key Identifier:
                keyid:5D:E6:13:68:25:52:01:02:98:F3:A6:94:A0:0D:7C:59:06:06:0B:95

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XeYTaCVSAQKY86aUoA18WQYGC5U.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/0c2320-ba95-4531-8c81-22295df12b27/1/XeYTaCVSAQKY86aUoA18WQYGC5U.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/33/0c2320-ba95-4531-8c81-22295df12b27/1/XeYTaCVSAQKY86aUoA18WQYGC5U.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         91:ee:0d:f3:37:e4:55:6b:3c:84:b7:b8:7c:5e:d0:1f:79:2b:
         20:b2:a0:eb:be:4b:57:ed:1e:51:3c:25:66:a2:84:f2:d7:8b:
         61:00:d1:08:d5:cf:bd:6e:34:7c:4a:a4:89:f1:ce:02:8c:54:
         76:63:34:57:76:fc:32:ed:3b:a4:61:9c:86:44:aa:b6:50:9a:
         c8:50:d0:4e:ee:42:5f:51:62:cc:f7:76:b9:1c:f1:d7:e0:af:
         a6:2a:fc:00:42:c7:5e:0d:2c:89:33:2b:23:36:47:9f:d5:83:
         db:e2:c9:dd:cf:de:7a:bd:0c:f2:07:4c:49:11:2f:f7:ab:05:
         c0:7c:0d:5d:07:75:c7:0e:81:ae:ae:68:b6:5d:2e:72:1a:49:
         17:af:1e:1b:4c:92:31:5b:94:63:7f:66:fe:d9:0d:c5:d4:3c:
         d4:ba:20:a7:76:a2:e6:b5:79:fb:a2:a5:53:3a:03:a7:61:db:
         ff:dc:a9:4e:be:bb:ec:ab:21:1b:6e:8c:14:1e:87:52:5a:8a:
         51:10:aa:4a:b0:53:ac:e2:89:3a:6b:68:c4:c7:c8:e3:fa:31:
         00:4a:ee:e7:78:17:e1:bd:16:6a:e0:95:ae:45:45:fe:a6:29:
         11:26:3c:d9:13:3d:31:64:ea:a7:82:16:ea:a4:96:11:00:e7:
         0a:b3:f8:1d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdgXXfGVO9wJD1ny063P7CVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkZTYxMzY4MjU1MjAxMDI5OGYzYTY5NGEwMGQ3YzU5MDYw
NjBiOTUwHhcNMjUwNjExMTkwMDI3WhcNMjUwNjEyMTkwMDI3WjAzMTEwLwYDVQQD
EygzYzZkM2E0M2UzYjE1NjJhYmFiYjliMTBhNTAxNmE3MTcyYmRjYzFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw/k9c4yyBj64r5CM4rmd0SoYn/Z8
/35/NWC17uPh+FTEdDMo9rv3vOHAavJlBQj3E5CsVgOMPsupgmkczLiDUEId3ZNb
uhU4W5dR/0xWKz+dsFf0lheLAV77W/T43GFx4PoYPBdpdCNSEMJgSaxfRp5vWa9K
DsmDBCylh6xafDw1P19WycZwoinGrNxb7sv2WIjtNwf5P4/6xPhLJQEPhWyEagJL
S5YfejjcRV0ak5+W7o4QlpLLVaEzlI+LgyGSq2i0yB0ppkdomApCOlQ7k5DQr9ur
hXB2tdYC27rhS8wlRKYAJNa89YUsfjdhPFYPxJRZjfKFlyzcHdn9oAXPFwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDxtOkPjsVYqurubEKUBanFyvcwaMB8GA1UdIwQY
MBaAFF3mE2glUgECmPOmlKANfFkGBguVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGVZVGFDVlNBUUtZODZhVW9BMThXUVlHQzVVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy8wYzIzMjAtYmE5NS00NTMxLThjODEt
MjIyOTVkZjEyYjI3LzEvWGVZVGFDVlNBUUtZODZhVW9BMThXUVlHQzVVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMy8wYzIzMjAtYmE5NS00NTMxLThjODEtMjIyOTVkZjEyYjI3
LzEvWGVZVGFDVlNBUUtZODZhVW9BMThXUVlHQzVVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAke4N8zfk
VWs8hLe4fF7QH3krILKg675LV+0eUTwlZqKE8teLYQDRCNXPvW40fEqkifHOAoxU
dmM0V3b8Mu07pGGchkSqtlCayFDQTu5CX1FizPd2uRzx1+Cvpir8AELHXg0siTMr
IzZHn9WD2+LJ3c/eer0M8gdMSREv96sFwHwNXQd1xw6Brq5otl0uchpJF68eG0yS
MVuUY39m/tkNxdQ81Logp3ai5rV5+6KlUzoDp2Hb/9ypTr677KshG26MFB6HUlqK
URCqSrBTrOKJOmtoxMfI4/oxAEru53gX4b0WauCVrkVF/qYpESY82RM9MWTqp4IW
6qSWEQDnCrP4HQ==
-----END CERTIFICATE-----
Generated at Wed Jun 11 22:02:35 2025 by rpki-client