Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/64658d-d5eb-489b-bc15-3855698fb57f/1/9MZJlOJNSu_cQqiDH-Dc4g1gRok.mft
File:                     9MZJlOJNSu_cQqiDH-Dc4g1gRok.mft (raw, json)
Hash identifier:          4GX6dEJvxCLyouGpgakL2VlkX1w63hhBHyJUZS1GmY4=
Subject key identifier:   06:82:CD:7E:C3:8F:5C:4F:BE:5B:60:BE:1F:54:6D:E9:4C:DF:F7:A2
Authority key identifier: F4:C6:49:94:E2:4D:4A:EF:DC:42:A8:83:1F:E0:DC:E2:0D:60:46:89
Certificate issuer:       /CN=f4c64994e24d4aefdc42a8831fe0dce20d604689
Certificate serial:       019763CC7471AF7C2BEED4878DE1B4462D0D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/9MZJlOJNSu_cQqiDH-Dc4g1gRok.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/33/64658d-d5eb-489b-bc15-3855698fb57f/1/9MZJlOJNSu_cQqiDH-Dc4g1gRok.mft
Manifest number:          158C
Signing time:             Thu 12 Jun 2025 11:00:32 +0000
Manifest this update:     Thu 12 Jun 2025 11:00:32 +0000
Manifest next update:     Fri 13 Jun 2025 11:00:32 +0000
Files and hashes:         1: 9MZJlOJNSu_cQqiDH-Dc4g1gRok.crl (hash: v9pgtuXaPeqOgQQgA8rwsU6xeyp8kan2+Z6JJGJTXTY=)
                          2: bRo1FpRQdGW3rrEgf9LP2ZyYMbs.roa (hash: ZwgslFPNqU25lgzTk3XOIv2Nozx6fjcmPWKTGmYvfPU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/33/64658d-d5eb-489b-bc15-3855698fb57f/1/9MZJlOJNSu_cQqiDH-Dc4g1gRok.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/33/64658d-d5eb-489b-bc15-3855698fb57f/1/9MZJlOJNSu_cQqiDH-Dc4g1gRok.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/9MZJlOJNSu_cQqiDH-Dc4g1gRok.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 13 Jun 2025 11:00:32 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:63:cc:74:71:af:7c:2b:ee:d4:87:8d:e1:b4:46:2d:0d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f4c64994e24d4aefdc42a8831fe0dce20d604689
        Validity
            Not Before: Jun 12 11:00:32 2025 GMT
            Not After : Jun 13 11:00:32 2025 GMT
        Subject: CN=0682cd7ec38f5c4fbe5b60be1f546de94cdff7a2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f2:ea:b3:9a:19:55:9a:b7:c3:e2:8b:b6:31:c8:
                    9d:3c:fb:25:41:1d:17:06:92:9c:8a:3b:a3:f6:03:
                    5e:01:da:cf:f9:63:14:1a:de:c6:e3:b2:0b:67:61:
                    5e:65:37:de:d2:a8:17:31:7f:d8:84:6a:ce:f1:1e:
                    e4:9c:bd:4c:41:7e:0e:df:2c:e4:6a:f7:67:9c:5f:
                    d2:d1:1a:08:41:b6:d9:ec:05:14:e7:ec:7a:b5:1f:
                    58:ea:5d:55:ea:e9:a6:11:7d:db:a2:20:e3:90:bd:
                    67:af:4b:cd:0f:8b:d8:22:0f:c6:14:0a:fb:d9:91:
                    fa:fc:5b:8c:c4:75:b1:c0:86:b4:54:3c:ad:e9:fa:
                    84:f5:67:ca:52:df:f9:48:c7:a0:9b:6a:6f:16:00:
                    7d:88:78:39:2a:ff:4e:5e:1f:67:93:b8:26:4a:e4:
                    b9:b3:c2:41:ed:34:28:3e:21:88:f7:eb:2f:be:dd:
                    23:56:d1:98:47:75:c7:b5:a7:77:04:45:f0:37:50:
                    1f:d5:d8:cd:b3:1e:21:9c:a7:e8:6f:ab:0d:83:ed:
                    1e:c6:96:b7:7d:4e:e2:28:60:5f:05:92:4c:11:48:
                    1f:30:85:c5:83:77:8d:f1:c2:16:03:1c:58:a1:74:
                    d6:15:a6:f3:fb:36:e7:fa:ca:cf:2d:16:f2:1c:4a:
                    88:3d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                06:82:CD:7E:C3:8F:5C:4F:BE:5B:60:BE:1F:54:6D:E9:4C:DF:F7:A2
            X509v3 Authority Key Identifier:
                keyid:F4:C6:49:94:E2:4D:4A:EF:DC:42:A8:83:1F:E0:DC:E2:0D:60:46:89

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9MZJlOJNSu_cQqiDH-Dc4g1gRok.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/64658d-d5eb-489b-bc15-3855698fb57f/1/9MZJlOJNSu_cQqiDH-Dc4g1gRok.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/33/64658d-d5eb-489b-bc15-3855698fb57f/1/9MZJlOJNSu_cQqiDH-Dc4g1gRok.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         99:25:a0:86:9f:b2:c9:b4:86:19:93:5e:5b:22:f4:26:62:58:
         f3:d2:72:83:57:8b:09:69:47:d9:55:5c:0b:83:04:78:eb:23:
         aa:88:84:e7:d8:41:b3:26:00:7d:17:7e:65:5a:65:b9:91:b9:
         be:5b:f4:eb:6f:b9:a2:28:94:0f:98:93:67:0a:4c:07:10:ed:
         eb:0f:78:2b:09:82:02:04:4b:4a:61:ba:4c:34:01:5d:d1:56:
         a1:a1:c4:13:ca:56:d1:eb:fa:eb:0c:b1:00:42:0d:b1:04:05:
         ad:a7:52:b9:9c:49:90:69:08:88:9a:0e:0b:ac:54:f9:c9:89:
         46:ea:18:5a:55:62:4f:35:c7:43:96:08:00:fb:2d:bb:a3:49:
         6b:7c:52:50:e1:da:cb:e2:5c:5c:33:de:fe:ea:55:e4:7a:9b:
         c8:f0:44:95:3d:81:9f:3d:5d:16:8a:cc:1d:e6:70:3f:02:e6:
         ad:37:21:3b:63:c4:59:71:63:20:eb:f8:ca:ac:2f:71:02:9d:
         40:40:47:d5:7a:89:20:55:7f:81:bd:2a:55:d6:4c:38:f5:22:
         4c:c8:b1:23:0f:38:fc:43:08:d9:cb:68:33:d0:ac:a3:d6:08:
         26:ac:56:2a:6a:e5:05:43:4f:47:15:86:61:30:04:5c:da:d3:
         88:58:f3:12
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdjzHRxr3wr7tSHjeG0Ri0NMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY0YzY0OTk0ZTI0ZDRhZWZkYzQyYTg4MzFmZTBkY2UyMGQ2
MDQ2ODkwHhcNMjUwNjEyMTEwMDMyWhcNMjUwNjEzMTEwMDMyWjAzMTEwLwYDVQQD
EygwNjgyY2Q3ZWMzOGY1YzRmYmU1YjYwYmUxZjU0NmRlOTRjZGZmN2EyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8uqzmhlVmrfD4ou2McidPPslQR0X
BpKcijuj9gNeAdrP+WMUGt7G47ILZ2FeZTfe0qgXMX/YhGrO8R7knL1MQX4O3yzk
avdnnF/S0RoIQbbZ7AUU5+x6tR9Y6l1V6ummEX3boiDjkL1nr0vND4vYIg/GFAr7
2ZH6/FuMxHWxwIa0VDyt6fqE9WfKUt/5SMegm2pvFgB9iHg5Kv9OXh9nk7gmSuS5
s8JB7TQoPiGI9+svvt0jVtGYR3XHtad3BEXwN1Af1djNsx4hnKfob6sNg+0expa3
fU7iKGBfBZJMEUgfMIXFg3eN8cIWAxxYoXTWFabz+zbn+srPLRbyHEqIPQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAaCzX7Dj1xPvltgvh9UbelM3/eiMB8GA1UdIwQY
MBaAFPTGSZTiTUrv3EKogx/g3OINYEaJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOU1aSmxPSk5TdV9jUXFpREgtRGM0ZzFnUm9rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy82NDY1OGQtZDVlYi00ODliLWJjMTUt
Mzg1NTY5OGZiNTdmLzEvOU1aSmxPSk5TdV9jUXFpREgtRGM0ZzFnUm9rLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMy82NDY1OGQtZDVlYi00ODliLWJjMTUtMzg1NTY5OGZiNTdm
LzEvOU1aSmxPSk5TdV9jUXFpREgtRGM0ZzFnUm9rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAmSWghp+y
ybSGGZNeWyL0JmJY89Jyg1eLCWlH2VVcC4MEeOsjqoiE59hBsyYAfRd+ZVpluZG5
vlv062+5oiiUD5iTZwpMBxDt6w94KwmCAgRLSmG6TDQBXdFWoaHEE8pW0ev66wyx
AEINsQQFradSuZxJkGkIiJoOC6xU+cmJRuoYWlViTzXHQ5YIAPstu6NJa3xSUOHa
y+JcXDPe/upV5HqbyPBElT2Bnz1dForMHeZwPwLmrTchO2PEWXFjIOv4yqwvcQKd
QEBH1XqJIFV/gb0qVdZMOPUiTMixIw84/EMI2ctoM9Cso9YIJqxWKmrlBUNPRxWG
YTAEXNrTiFjzEg==
-----END CERTIFICATE-----
Generated at Thu Jun 12 18:06:52 2025 by rpki-client