Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/098d13-6d6d-4294-9753-a8773de768f7/1/AK_2tO_-fDY-8gD28-WIi5FbpoE.mft
File:                     AK_2tO_-fDY-8gD28-WIi5FbpoE.mft (raw, json)
Hash identifier:          FsnHR5y8NwBHTKVz4vdX6uAX8Vsgm011HovpGltwnJI=
Subject key identifier:   F7:9E:C0:14:41:35:58:78:C7:01:09:7A:AD:4B:7A:50:09:B4:10:BF
Authority key identifier: 00:AF:F6:B4:EF:FE:7C:36:3E:F2:00:F6:F3:E5:88:8B:91:5B:A6:81
Certificate issuer:       /CN=00aff6b4effe7c363ef200f6f3e5888b915ba681
Certificate serial:       01976CCFE7852F002B6A821273C103421D33
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/AK_2tO_-fDY-8gD28-WIi5FbpoE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/34/098d13-6d6d-4294-9753-a8773de768f7/1/AK_2tO_-fDY-8gD28-WIi5FbpoE.mft
Manifest number:          10AF
Signing time:             Sat 14 Jun 2025 05:00:53 +0000
Manifest this update:     Sat 14 Jun 2025 05:00:53 +0000
Manifest next update:     Sun 15 Jun 2025 05:00:53 +0000
Files and hashes:         1: 1qEPEFv1rtnBwjLrj05KhcsiGsw.roa (hash: efBys1jy+DGmejYCRhYEDwHiZZBi2kJ2HO+RtvkHBG0=)
                          2: AK_2tO_-fDY-8gD28-WIi5FbpoE.crl (hash: cdfH0gblMVVhWjfxa99IcwBUszWDe72gFEURwnVWZ5w=)
                          3: KSQbuvMpaNtmYtn-yiQgu6gs4Xg.roa (hash: rY+o5Ow6fjFdTk2as4zdZu/IZVXbQNeVsHdG3L6c1Us=)
                          4: ZOyHJ4Yqv0XVd9AATFKr91oKlKQ.roa (hash: UP88f3uzMOFhKaWDsZtlJomj/zgPQgChtV7gCg0+LOM=)
                          5: _K1pDCbBWOfBSTY7iYXwJMRFvTE.roa (hash: CNOL6bgt/D7RlzA1qOVvWQYBYhtShOyl6CF9OeXYBvk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/34/098d13-6d6d-4294-9753-a8773de768f7/1/AK_2tO_-fDY-8gD28-WIi5FbpoE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/34/098d13-6d6d-4294-9753-a8773de768f7/1/AK_2tO_-fDY-8gD28-WIi5FbpoE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/AK_2tO_-fDY-8gD28-WIi5FbpoE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 15 Jun 2025 05:00:53 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:6c:cf:e7:85:2f:00:2b:6a:82:12:73:c1:03:42:1d:33
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=00aff6b4effe7c363ef200f6f3e5888b915ba681
        Validity
            Not Before: Jun 14 05:00:53 2025 GMT
            Not After : Jun 15 05:00:53 2025 GMT
        Subject: CN=f79ec01441355878c701097aad4b7a5009b410bf
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:70:62:42:64:8e:1e:58:ea:5b:c5:aa:a6:26:
                    56:3f:41:d8:a0:ee:62:b7:c4:4f:a5:51:3f:69:6c:
                    50:c2:7d:a2:c7:7d:ab:45:7a:40:87:49:50:29:b9:
                    0b:d0:c1:e3:cb:bf:87:98:5c:0a:92:1a:dc:ff:f1:
                    13:89:60:c3:8c:1b:fb:bf:3c:85:17:c6:11:fe:65:
                    38:b1:b2:ed:88:23:fe:64:a2:29:ee:e2:d2:e2:80:
                    aa:29:d3:a8:fb:a1:86:c9:29:8e:0e:af:63:0c:d8:
                    06:cf:b3:46:9b:55:0d:9b:80:47:1c:51:23:72:4d:
                    0d:b9:cc:c1:88:df:e1:d8:b8:76:11:fd:04:99:61:
                    b6:cd:e4:dd:58:98:39:0d:72:b9:0b:6b:01:78:81:
                    f7:b8:cc:38:af:40:f3:8a:17:46:fc:59:e0:50:3c:
                    2b:bd:6a:94:60:11:c3:57:ad:59:5b:0c:4f:ae:d3:
                    9e:cd:83:26:96:81:7b:32:55:7c:f9:ef:75:03:b9:
                    7a:81:73:c6:46:8e:34:14:f3:08:9f:54:31:b2:fc:
                    f4:34:1c:d0:30:87:1c:2d:82:2e:1c:7f:0c:3e:35:
                    fd:4b:a5:c4:54:eb:38:df:ec:71:d0:dd:54:59:18:
                    51:d0:07:7c:34:43:f0:cb:bf:fa:e5:dc:78:ad:ca:
                    94:3d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F7:9E:C0:14:41:35:58:78:C7:01:09:7A:AD:4B:7A:50:09:B4:10:BF
            X509v3 Authority Key Identifier:
                keyid:00:AF:F6:B4:EF:FE:7C:36:3E:F2:00:F6:F3:E5:88:8B:91:5B:A6:81

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AK_2tO_-fDY-8gD28-WIi5FbpoE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/098d13-6d6d-4294-9753-a8773de768f7/1/AK_2tO_-fDY-8gD28-WIi5FbpoE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/34/098d13-6d6d-4294-9753-a8773de768f7/1/AK_2tO_-fDY-8gD28-WIi5FbpoE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         09:7a:a4:e7:d1:83:c5:0b:1c:6c:c6:10:a1:3e:29:29:4f:18:
         dd:50:3a:80:d1:5c:5f:1c:31:cc:06:20:67:49:04:da:12:0b:
         32:7d:3a:0c:4e:44:1a:81:6b:37:c0:f5:97:cf:f9:0b:d8:c0:
         97:41:e8:49:de:bc:75:68:07:52:da:74:f8:a0:cd:97:22:82:
         b7:c0:cd:3a:f3:66:aa:f7:38:2a:ac:97:48:55:8e:cc:60:a7:
         24:bc:c4:94:a2:5d:9f:6a:8c:72:f3:ff:7c:67:46:a3:8a:01:
         dd:cb:19:c5:60:a3:55:2a:d1:1d:8f:47:37:3c:fc:fc:21:75:
         2e:b7:16:52:a6:ce:c0:f7:00:d9:1c:cf:96:19:91:da:3b:30:
         e5:9e:3b:2e:39:fc:48:e2:7d:89:63:0f:17:6e:d2:07:46:a8:
         0d:fd:20:44:89:68:88:6f:1f:71:6a:c0:c5:4b:8c:1c:32:f4:
         d8:66:dc:45:6d:b5:87:8f:bc:08:f5:e2:65:fe:09:20:42:3d:
         c5:7f:f9:37:7b:70:6f:a6:63:c9:79:44:a5:ca:ae:44:ed:b9:
         6c:e0:8c:15:5f:f9:56:13:43:59:59:60:19:6f:eb:75:e8:f0:
         65:d7:80:25:b8:de:09:8b:e2:74:00:63:2c:8a:e1:f1:ed:d5:
         41:0a:56:d1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdsz+eFLwAraoISc8EDQh0zMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAwYWZmNmI0ZWZmZTdjMzYzZWYyMDBmNmYzZTU4ODhiOTE1
YmE2ODEwHhcNMjUwNjE0MDUwMDUzWhcNMjUwNjE1MDUwMDUzWjAzMTEwLwYDVQQD
EyhmNzllYzAxNDQxMzU1ODc4YzcwMTA5N2FhZDRiN2E1MDA5YjQxMGJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwXBiQmSOHljqW8WqpiZWP0HYoO5i
t8RPpVE/aWxQwn2ix32rRXpAh0lQKbkL0MHjy7+HmFwKkhrc//ETiWDDjBv7vzyF
F8YR/mU4sbLtiCP+ZKIp7uLS4oCqKdOo+6GGySmODq9jDNgGz7NGm1UNm4BHHFEj
ck0NuczBiN/h2Lh2Ef0EmWG2zeTdWJg5DXK5C2sBeIH3uMw4r0DzihdG/FngUDwr
vWqUYBHDV61ZWwxPrtOezYMmloF7MlV8+e91A7l6gXPGRo40FPMIn1Qxsvz0NBzQ
MIccLYIuHH8MPjX9S6XEVOs43+xx0N1UWRhR0Ad8NEPwy7/65dx4rcqUPQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPeewBRBNVh4xwEJeq1LelAJtBC/MB8GA1UdIwQY
MBaAFACv9rTv/nw2PvIA9vPliIuRW6aBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQUtfMnRPXy1mRFktOGdEMjgtV0lpNUZicG9FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC8wOThkMTMtNmQ2ZC00Mjk0LTk3NTMt
YTg3NzNkZTc2OGY3LzEvQUtfMnRPXy1mRFktOGdEMjgtV0lpNUZicG9FLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC8wOThkMTMtNmQ2ZC00Mjk0LTk3NTMtYTg3NzNkZTc2OGY3
LzEvQUtfMnRPXy1mRFktOGdEMjgtV0lpNUZicG9FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACXqk59GD
xQscbMYQoT4pKU8Y3VA6gNFcXxwxzAYgZ0kE2hILMn06DE5EGoFrN8D1l8/5C9jA
l0HoSd68dWgHUtp0+KDNlyKCt8DNOvNmqvc4KqyXSFWOzGCnJLzElKJdn2qMcvP/
fGdGo4oB3csZxWCjVSrRHY9HNzz8/CF1LrcWUqbOwPcA2RzPlhmR2jsw5Z47Ljn8
SOJ9iWMPF27SB0aoDf0gRIloiG8fcWrAxUuMHDL02GbcRW21h4+8CPXiZf4JIEI9
xX/5N3twb6ZjyXlEpcquRO25bOCMFV/5VhNDWVlgGW/rdejwZdeAJbjeCYvidABj
LIrh8e3VQQpW0Q==
-----END CERTIFICATE-----
Generated at Sat Jun 14 14:26:11 2025 by rpki-client