Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/64658d-d5eb-489b-bc15-3855698fb57f/1/9MZJlOJNSu_cQqiDH-Dc4g1gRok.mft
File:                     9MZJlOJNSu_cQqiDH-Dc4g1gRok.mft (raw, json)
Hash identifier:          GgNu3+oEd4fAZ1F8HgAPyev1u2ko23u3E+Bj/wPIjA4=
Subject key identifier:   5C:22:FA:94:62:11:BD:9D:65:99:F1:16:DC:34:FC:C0:01:FC:16:68
Authority key identifier: F4:C6:49:94:E2:4D:4A:EF:DC:42:A8:83:1F:E0:DC:E2:0D:60:46:89
Certificate issuer:       /CN=f4c64994e24d4aefdc42a8831fe0dce20d604689
Certificate serial:       01975C1347B4E4E9A35A4A6BB556D55BBD60
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/9MZJlOJNSu_cQqiDH-Dc4g1gRok.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/33/64658d-d5eb-489b-bc15-3855698fb57f/1/9MZJlOJNSu_cQqiDH-Dc4g1gRok.mft
Manifest number:          1588
Signing time:             Tue 10 Jun 2025 23:00:56 +0000
Manifest this update:     Tue 10 Jun 2025 23:00:56 +0000
Manifest next update:     Wed 11 Jun 2025 23:00:56 +0000
Files and hashes:         1: 9MZJlOJNSu_cQqiDH-Dc4g1gRok.crl (hash: 0eZZ8ve6WJijSf4OpNKVhF73p4hX352pNBGdSDwZMAI=)
                          2: bRo1FpRQdGW3rrEgf9LP2ZyYMbs.roa (hash: ZwgslFPNqU25lgzTk3XOIv2Nozx6fjcmPWKTGmYvfPU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/33/64658d-d5eb-489b-bc15-3855698fb57f/1/9MZJlOJNSu_cQqiDH-Dc4g1gRok.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/33/64658d-d5eb-489b-bc15-3855698fb57f/1/9MZJlOJNSu_cQqiDH-Dc4g1gRok.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/9MZJlOJNSu_cQqiDH-Dc4g1gRok.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 11 Jun 2025 23:00:18 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:5c:13:47:b4:e4:e9:a3:5a:4a:6b:b5:56:d5:5b:bd:60
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f4c64994e24d4aefdc42a8831fe0dce20d604689
        Validity
            Not Before: Jun 10 23:00:56 2025 GMT
            Not After : Jun 11 23:00:56 2025 GMT
        Subject: CN=5c22fa946211bd9d6599f116dc34fcc001fc1668
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:99:7c:85:c8:09:f6:41:70:23:7a:21:68:22:7c:
                    c1:7a:fc:99:78:15:d1:53:4c:8d:07:9e:e4:1c:98:
                    1a:a7:76:de:39:b7:78:bb:f5:6a:2a:b4:31:ad:c0:
                    46:fe:ca:61:69:a1:78:c9:15:51:b3:61:2e:9c:48:
                    d1:95:a6:fb:99:1e:61:cd:3f:7d:d6:32:5e:2e:06:
                    ab:5b:2d:46:5f:63:86:77:5a:1b:44:7a:bc:bc:04:
                    d2:d4:bc:7e:2a:98:8a:7b:37:41:38:6e:3e:33:6d:
                    5d:c4:85:bb:6b:99:7d:71:e0:21:d5:81:50:68:0c:
                    e6:19:af:07:ae:37:32:33:66:77:fa:ea:0f:bf:14:
                    07:88:0a:2e:63:27:2c:ea:20:1c:d1:fb:d2:a4:d2:
                    2d:25:7d:95:23:85:c9:83:5f:59:bf:5d:6c:db:db:
                    b1:d1:2a:62:5b:f4:e5:85:72:29:97:76:07:27:36:
                    4a:51:21:b4:f0:55:f2:dc:e0:0d:2c:84:a7:6e:83:
                    2b:32:14:ba:c2:94:5c:ee:19:df:dc:1c:04:24:09:
                    6e:f4:d3:57:79:59:18:ed:e6:82:f4:e8:0a:18:a2:
                    61:17:36:5e:e7:02:ca:96:b5:d4:07:2e:a0:b2:f1:
                    24:6f:40:6c:1d:46:68:7a:43:4d:63:0c:63:98:3c:
                    25:0f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5C:22:FA:94:62:11:BD:9D:65:99:F1:16:DC:34:FC:C0:01:FC:16:68
            X509v3 Authority Key Identifier:
                keyid:F4:C6:49:94:E2:4D:4A:EF:DC:42:A8:83:1F:E0:DC:E2:0D:60:46:89

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9MZJlOJNSu_cQqiDH-Dc4g1gRok.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/64658d-d5eb-489b-bc15-3855698fb57f/1/9MZJlOJNSu_cQqiDH-Dc4g1gRok.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/33/64658d-d5eb-489b-bc15-3855698fb57f/1/9MZJlOJNSu_cQqiDH-Dc4g1gRok.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         76:8e:49:d7:5d:65:9a:47:2b:2c:8b:6f:3f:42:8f:91:bf:66:
         4c:71:6f:4c:1c:57:49:fe:4b:58:46:49:ea:05:04:d2:e6:88:
         5f:19:ad:c6:21:02:40:10:ea:de:89:4e:a8:8d:95:01:0f:64:
         ac:94:6d:cd:1c:19:2a:7a:04:9b:9d:ab:12:9f:ad:97:65:49:
         39:0e:f3:22:a2:5d:c7:d0:46:e2:a8:b3:02:66:f5:d1:87:e9:
         f3:20:de:b9:c6:39:c6:41:ab:1e:a6:3b:34:ed:c8:e3:44:e4:
         b7:b6:6f:f4:56:6f:6e:30:a2:fb:8d:96:21:8d:bc:33:19:03:
         e9:ba:25:e4:95:58:85:ee:26:a4:60:d7:a0:25:c4:f1:f0:69:
         cd:ec:b8:ec:d9:ce:5e:1e:7a:32:f9:91:7c:f6:56:34:90:82:
         9d:bc:5e:e0:cb:99:6c:53:79:e8:3d:18:02:13:45:4c:47:45:
         27:67:7a:ef:86:8a:6f:28:ea:95:14:4e:48:dd:90:4f:9d:3d:
         81:6a:93:7f:ae:b9:ba:81:85:36:9c:f3:92:eb:ab:3e:15:bb:
         ac:d4:6f:c5:c8:1f:8d:ac:53:cf:42:10:ef:58:08:1d:40:8e:
         74:fe:60:70:f9:a4:df:26:63:d1:cd:66:91:e3:f5:18:a5:2a:
         bd:5d:8a:07
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdcE0e05OmjWkprtVbVW71gMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY0YzY0OTk0ZTI0ZDRhZWZkYzQyYTg4MzFmZTBkY2UyMGQ2
MDQ2ODkwHhcNMjUwNjEwMjMwMDU2WhcNMjUwNjExMjMwMDU2WjAzMTEwLwYDVQQD
Eyg1YzIyZmE5NDYyMTFiZDlkNjU5OWYxMTZkYzM0ZmNjMDAxZmMxNjY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmXyFyAn2QXAjeiFoInzBevyZeBXR
U0yNB57kHJgap3beObd4u/VqKrQxrcBG/sphaaF4yRVRs2EunEjRlab7mR5hzT99
1jJeLgarWy1GX2OGd1obRHq8vATS1Lx+KpiKezdBOG4+M21dxIW7a5l9ceAh1YFQ
aAzmGa8HrjcyM2Z3+uoPvxQHiAouYycs6iAc0fvSpNItJX2VI4XJg19Zv11s29ux
0SpiW/TlhXIpl3YHJzZKUSG08FXy3OANLISnboMrMhS6wpRc7hnf3BwEJAlu9NNX
eVkY7eaC9OgKGKJhFzZe5wLKlrXUBy6gsvEkb0BsHUZoekNNYwxjmDwlDwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFwi+pRiEb2dZZnxFtw0/MAB/BZoMB8GA1UdIwQY
MBaAFPTGSZTiTUrv3EKogx/g3OINYEaJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOU1aSmxPSk5TdV9jUXFpREgtRGM0ZzFnUm9rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy82NDY1OGQtZDVlYi00ODliLWJjMTUt
Mzg1NTY5OGZiNTdmLzEvOU1aSmxPSk5TdV9jUXFpREgtRGM0ZzFnUm9rLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMy82NDY1OGQtZDVlYi00ODliLWJjMTUtMzg1NTY5OGZiNTdm
LzEvOU1aSmxPSk5TdV9jUXFpREgtRGM0ZzFnUm9rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAdo5J111l
mkcrLItvP0KPkb9mTHFvTBxXSf5LWEZJ6gUE0uaIXxmtxiECQBDq3olOqI2VAQ9k
rJRtzRwZKnoEm52rEp+tl2VJOQ7zIqJdx9BG4qizAmb10Yfp8yDeucY5xkGrHqY7
NO3I40Tkt7Zv9FZvbjCi+42WIY28MxkD6bol5JVYhe4mpGDXoCXE8fBpzey47NnO
Xh56MvmRfPZWNJCCnbxe4MuZbFN56D0YAhNFTEdFJ2d674aKbyjqlRROSN2QT509
gWqTf665uoGFNpzzkuurPhW7rNRvxcgfjaxTz0IQ71gIHUCOdP5gcPmk3yZj0c1m
keP1GKUqvV2KBw==
-----END CERTIFICATE-----
Generated at Wed Jun 11 09:46:18 2025 by rpki-client