Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/64658d-d5eb-489b-bc15-3855698fb57f/1/9MZJlOJNSu_cQqiDH-Dc4g1gRok.mft
File:                     9MZJlOJNSu_cQqiDH-Dc4g1gRok.mft (raw, json)
Hash identifier:          wmnVIwWkS0zAd/AQVpW+Ey4ybOkksC+s9o4niypyoOI=
Subject key identifier:   DB:8D:02:9F:9E:4F:DD:4B:93:3B:56:73:5C:45:76:B9:F1:1A:01:1F
Authority key identifier: F4:C6:49:94:E2:4D:4A:EF:DC:42:A8:83:1F:E0:DC:E2:0D:60:46:89
Certificate issuer:       /CN=f4c64994e24d4aefdc42a8831fe0dce20d604689
Certificate serial:       01975FEFCE007514FA76477E7232CAF5342F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/9MZJlOJNSu_cQqiDH-Dc4g1gRok.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/33/64658d-d5eb-489b-bc15-3855698fb57f/1/9MZJlOJNSu_cQqiDH-Dc4g1gRok.mft
Manifest number:          158A
Signing time:             Wed 11 Jun 2025 17:00:40 +0000
Manifest this update:     Wed 11 Jun 2025 17:00:40 +0000
Manifest next update:     Thu 12 Jun 2025 17:00:40 +0000
Files and hashes:         1: 9MZJlOJNSu_cQqiDH-Dc4g1gRok.crl (hash: CbvhgZgcHrzjmZ4sZIGIAH+kx4kzh9ozVv7+DlgkkW0=)
                          2: bRo1FpRQdGW3rrEgf9LP2ZyYMbs.roa (hash: ZwgslFPNqU25lgzTk3XOIv2Nozx6fjcmPWKTGmYvfPU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/33/64658d-d5eb-489b-bc15-3855698fb57f/1/9MZJlOJNSu_cQqiDH-Dc4g1gRok.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/33/64658d-d5eb-489b-bc15-3855698fb57f/1/9MZJlOJNSu_cQqiDH-Dc4g1gRok.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/9MZJlOJNSu_cQqiDH-Dc4g1gRok.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 12 Jun 2025 15:40:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:5f:ef:ce:00:75:14:fa:76:47:7e:72:32:ca:f5:34:2f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f4c64994e24d4aefdc42a8831fe0dce20d604689
        Validity
            Not Before: Jun 11 17:00:40 2025 GMT
            Not After : Jun 12 17:00:40 2025 GMT
        Subject: CN=db8d029f9e4fdd4b933b56735c4576b9f11a011f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c6:4e:f0:98:aa:44:7c:92:60:1f:21:e5:70:94:
                    5f:49:ea:d7:2e:1f:1d:fa:68:b6:10:81:bc:97:10:
                    14:4e:c1:96:d8:d7:bf:0e:94:5e:b0:ac:52:0e:51:
                    e0:a3:bf:a9:9f:06:ab:cf:7d:66:f3:93:76:95:a5:
                    cc:42:0e:36:d4:40:f6:79:27:88:82:f5:ad:96:95:
                    12:ad:2f:c3:cb:4c:10:40:20:22:05:70:a6:7a:d4:
                    80:80:36:a0:8b:4b:e7:1c:d5:d3:30:69:19:4e:d0:
                    c6:f5:b9:e9:bf:1c:56:68:a9:cb:da:53:11:1b:9e:
                    9e:a2:60:f9:93:d5:d4:8e:99:e1:e6:58:54:1d:97:
                    be:3d:e0:10:f1:a5:43:54:29:51:6c:29:89:3f:bd:
                    91:bf:e0:e8:a0:9e:ce:2d:72:9c:5f:33:ef:3e:61:
                    7e:63:7b:81:1c:50:cb:5d:bc:31:20:46:2d:b3:26:
                    9b:fc:60:6c:50:cd:38:d7:c8:2e:63:a6:97:2d:42:
                    36:ec:29:68:52:f8:e6:39:95:a6:28:c2:fd:e6:25:
                    36:4b:72:f7:bd:da:85:70:38:85:51:af:39:35:6f:
                    94:01:48:ac:b9:92:42:99:d8:a3:48:75:00:3c:94:
                    d1:ad:3e:b7:44:53:1d:bb:00:06:ab:83:38:85:c9:
                    3a:af
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DB:8D:02:9F:9E:4F:DD:4B:93:3B:56:73:5C:45:76:B9:F1:1A:01:1F
            X509v3 Authority Key Identifier:
                keyid:F4:C6:49:94:E2:4D:4A:EF:DC:42:A8:83:1F:E0:DC:E2:0D:60:46:89

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9MZJlOJNSu_cQqiDH-Dc4g1gRok.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/64658d-d5eb-489b-bc15-3855698fb57f/1/9MZJlOJNSu_cQqiDH-Dc4g1gRok.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/33/64658d-d5eb-489b-bc15-3855698fb57f/1/9MZJlOJNSu_cQqiDH-Dc4g1gRok.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0f:bd:d2:79:3c:b9:99:32:87:89:fa:8d:2b:bc:f9:cd:92:56:
         41:d8:dc:b4:ae:6b:5f:0b:be:53:3c:db:eb:f1:5e:40:b4:42:
         ff:5b:ce:eb:83:c9:ca:83:cb:6b:3e:1e:fd:5b:11:94:89:83:
         de:40:0b:53:8a:a5:ae:44:56:83:81:45:b3:9f:27:2c:83:33:
         be:74:71:99:a8:ce:70:8c:92:46:b9:46:10:08:9c:2e:7d:a4:
         49:7f:f4:5a:43:a5:31:f0:d1:f9:be:43:50:07:cf:f1:2e:49:
         99:71:d8:33:5b:b6:28:4d:96:f8:3a:5e:25:d9:14:05:db:18:
         30:b1:fb:21:aa:18:50:e5:0d:3e:a3:e1:a1:a8:06:2b:96:f8:
         f7:08:a1:f4:1b:1d:23:4f:bb:57:2c:39:da:b2:1a:3c:a1:8c:
         83:da:38:bb:b4:49:5d:a9:d9:dd:a1:5a:8f:56:2f:22:0c:a7:
         b5:4c:46:f1:7a:a2:23:d9:8c:6b:ed:ed:15:91:4c:5f:2e:a4:
         69:fd:ee:25:49:38:e2:ab:51:85:f2:2c:f9:3b:1e:89:4d:cf:
         2d:46:70:5b:1d:8e:d0:ae:47:a4:90:f5:bd:46:d1:48:5c:ad:
         35:34:ce:5d:b9:67:ef:9b:d0:e6:1f:8d:19:60:77:4f:c6:44:
         88:b5:a3:e8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdf784AdRT6dkd+cjLK9TQvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY0YzY0OTk0ZTI0ZDRhZWZkYzQyYTg4MzFmZTBkY2UyMGQ2
MDQ2ODkwHhcNMjUwNjExMTcwMDQwWhcNMjUwNjEyMTcwMDQwWjAzMTEwLwYDVQQD
EyhkYjhkMDI5ZjllNGZkZDRiOTMzYjU2NzM1YzQ1NzZiOWYxMWEwMTFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxk7wmKpEfJJgHyHlcJRfSerXLh8d
+mi2EIG8lxAUTsGW2Ne/DpResKxSDlHgo7+pnwarz31m85N2laXMQg421ED2eSeI
gvWtlpUSrS/Dy0wQQCAiBXCmetSAgDagi0vnHNXTMGkZTtDG9bnpvxxWaKnL2lMR
G56eomD5k9XUjpnh5lhUHZe+PeAQ8aVDVClRbCmJP72Rv+DooJ7OLXKcXzPvPmF+
Y3uBHFDLXbwxIEYtsyab/GBsUM0418guY6aXLUI27CloUvjmOZWmKML95iU2S3L3
vdqFcDiFUa85NW+UAUisuZJCmdijSHUAPJTRrT63RFMduwAGq4M4hck6rwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNuNAp+eT91LkztWc1xFdrnxGgEfMB8GA1UdIwQY
MBaAFPTGSZTiTUrv3EKogx/g3OINYEaJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOU1aSmxPSk5TdV9jUXFpREgtRGM0ZzFnUm9rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy82NDY1OGQtZDVlYi00ODliLWJjMTUt
Mzg1NTY5OGZiNTdmLzEvOU1aSmxPSk5TdV9jUXFpREgtRGM0ZzFnUm9rLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMy82NDY1OGQtZDVlYi00ODliLWJjMTUtMzg1NTY5OGZiNTdm
LzEvOU1aSmxPSk5TdV9jUXFpREgtRGM0ZzFnUm9rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAD73SeTy5
mTKHifqNK7z5zZJWQdjctK5rXwu+Uzzb6/FeQLRC/1vO64PJyoPLaz4e/VsRlImD
3kALU4qlrkRWg4FFs58nLIMzvnRxmajOcIySRrlGEAicLn2kSX/0WkOlMfDR+b5D
UAfP8S5JmXHYM1u2KE2W+DpeJdkUBdsYMLH7IaoYUOUNPqPhoagGK5b49wih9Bsd
I0+7Vyw52rIaPKGMg9o4u7RJXanZ3aFaj1YvIgyntUxG8XqiI9mMa+3tFZFMXy6k
af3uJUk44qtRhfIs+TseiU3PLUZwWx2O0K5HpJD1vUbRSFytNTTOXbln75vQ5h+N
GWB3T8ZEiLWj6A==
-----END CERTIFICATE-----
Generated at Wed Jun 11 20:40:47 2025 by rpki-client