Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/6e3246-fba6-4e1d-8089-4ff33338361e/1/2fGfBczyIhOYRpwL6N3ATOFOE1o.mft
File:                     2fGfBczyIhOYRpwL6N3ATOFOE1o.mft (raw, json)
Hash identifier:          sGMrLdHSGjspufBMzPdrxv0seLESUH4bRFc1qWCDlms=
Subject key identifier:   83:B8:4F:C5:9A:C3:78:68:4B:9E:76:E6:C0:6C:0D:C2:5F:5F:18:12
Authority key identifier: D9:F1:9F:05:CC:F2:22:13:98:46:9C:0B:E8:DD:C0:4C:E1:4E:13:5A
Certificate issuer:       /CN=d9f19f05ccf2221398469c0be8ddc04ce14e135a
Certificate serial:       01975D5CBA6B7BD97E374C4E2153CDC530A0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2fGfBczyIhOYRpwL6N3ATOFOE1o.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/35/6e3246-fba6-4e1d-8089-4ff33338361e/1/2fGfBczyIhOYRpwL6N3ATOFOE1o.mft
Manifest number:          1154
Signing time:             Wed 11 Jun 2025 05:00:47 +0000
Manifest this update:     Wed 11 Jun 2025 05:00:47 +0000
Manifest next update:     Thu 12 Jun 2025 05:00:47 +0000
Files and hashes:         1: 2fGfBczyIhOYRpwL6N3ATOFOE1o.crl (hash: ikCJ/4Y7l/26ltJTYTFbf4akU/y9PwNomv5N9VV3Jwc=)
                          2: B9-JyKOh9vcA8Yt248kp1OHsLjE.roa (hash: IbF0FRhBYEIf5hZ2KcvfEljtf1YgGGazPG/5I71dHJ4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/35/6e3246-fba6-4e1d-8089-4ff33338361e/1/2fGfBczyIhOYRpwL6N3ATOFOE1o.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/35/6e3246-fba6-4e1d-8089-4ff33338361e/1/2fGfBczyIhOYRpwL6N3ATOFOE1o.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2fGfBczyIhOYRpwL6N3ATOFOE1o.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 11 Jun 2025 23:00:18 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:5d:5c:ba:6b:7b:d9:7e:37:4c:4e:21:53:cd:c5:30:a0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d9f19f05ccf2221398469c0be8ddc04ce14e135a
        Validity
            Not Before: Jun 11 05:00:47 2025 GMT
            Not After : Jun 12 05:00:47 2025 GMT
        Subject: CN=83b84fc59ac378684b9e76e6c06c0dc25f5f1812
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ce:d5:96:5e:42:6a:0c:9a:65:3e:45:e0:03:8a:
                    3b:d5:fe:2f:75:19:d1:c6:7a:22:be:1d:70:86:07:
                    7f:62:d1:4d:11:fa:18:99:11:77:34:e1:c1:1e:02:
                    42:04:27:f3:89:23:4b:21:3d:77:71:22:a6:5b:3d:
                    81:96:83:eb:56:57:a5:c8:3b:40:bb:e5:f4:fe:06:
                    53:21:3f:88:8e:cd:d7:44:8c:fd:f2:94:51:aa:61:
                    f0:ae:f1:e6:55:69:cc:69:dc:fd:d1:e1:40:68:13:
                    80:8d:40:79:c6:74:9a:ab:a7:ab:9b:7d:04:a3:43:
                    21:53:14:2a:79:1b:e6:5a:6f:6b:96:d7:3c:11:8a:
                    cc:70:e2:2a:15:6e:28:f1:c2:29:03:1c:2e:23:20:
                    6a:7a:e7:f2:b5:e5:f2:b1:a0:e9:83:ec:27:63:6e:
                    4d:12:12:5a:52:01:56:2f:fd:00:dd:64:dd:cf:ec:
                    d0:43:a5:0d:9e:a5:b0:d6:3a:5c:c9:80:f5:08:03:
                    48:05:87:da:5b:43:81:8d:77:69:82:04:1d:aa:67:
                    92:93:b8:bc:3e:72:9c:04:7b:8b:81:3c:8c:55:19:
                    4c:83:e9:98:15:bb:88:b4:58:21:d7:48:41:d9:a7:
                    f9:af:df:32:ab:69:be:61:e8:96:d8:b4:53:7c:50:
                    4a:9d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                83:B8:4F:C5:9A:C3:78:68:4B:9E:76:E6:C0:6C:0D:C2:5F:5F:18:12
            X509v3 Authority Key Identifier:
                keyid:D9:F1:9F:05:CC:F2:22:13:98:46:9C:0B:E8:DD:C0:4C:E1:4E:13:5A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2fGfBczyIhOYRpwL6N3ATOFOE1o.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/6e3246-fba6-4e1d-8089-4ff33338361e/1/2fGfBczyIhOYRpwL6N3ATOFOE1o.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/35/6e3246-fba6-4e1d-8089-4ff33338361e/1/2fGfBczyIhOYRpwL6N3ATOFOE1o.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         79:be:e4:46:8a:0b:d6:a7:a9:53:80:10:cc:1d:4a:ed:6c:7e:
         30:d4:5b:a8:0b:96:f7:89:f3:01:e4:f8:1d:92:ea:7d:b2:fb:
         35:33:9b:bf:61:34:38:fd:14:3b:40:b1:37:c2:1a:9b:be:74:
         c9:c7:21:93:5d:b0:2d:b3:8a:1a:ee:05:a9:5b:f1:6a:59:63:
         fe:88:e4:7f:ba:3a:af:e8:75:d9:d7:72:30:51:e0:df:55:2e:
         a2:c0:8e:e6:92:2d:40:00:24:4e:5f:51:53:f3:c8:ac:5e:ef:
         13:4f:d3:47:07:48:6a:76:9c:b9:47:1b:87:db:47:13:bf:93:
         a0:18:2c:74:31:81:9f:7e:63:30:40:f5:b5:85:2c:a6:a3:5e:
         cc:6f:91:ba:c4:77:5f:1d:46:7d:73:a2:bf:62:2f:68:c4:5c:
         81:30:c4:94:41:b8:f0:b0:33:5c:b0:c5:ee:ea:ce:32:9d:bf:
         81:a2:9f:71:c2:72:6a:9b:0b:a7:56:c3:59:cf:2d:ae:c8:8c:
         b8:39:5c:92:be:64:ec:03:09:d6:96:25:e4:bc:a3:e3:fa:85:
         3e:ba:bd:91:07:7e:f0:ed:10:9c:b4:45:de:13:ec:02:67:fa:
         65:27:b0:ce:28:2a:48:94:6b:26:30:c3:d2:57:9e:b1:b8:4f:
         f8:c4:b3:6d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZddXLpre9l+N0xOIVPNxTCgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5ZjE5ZjA1Y2NmMjIyMTM5ODQ2OWMwYmU4ZGRjMDRjZTE0
ZTEzNWEwHhcNMjUwNjExMDUwMDQ3WhcNMjUwNjEyMDUwMDQ3WjAzMTEwLwYDVQQD
Eyg4M2I4NGZjNTlhYzM3ODY4NGI5ZTc2ZTZjMDZjMGRjMjVmNWYxODEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAztWWXkJqDJplPkXgA4o71f4vdRnR
xnoivh1whgd/YtFNEfoYmRF3NOHBHgJCBCfziSNLIT13cSKmWz2BloPrVlelyDtA
u+X0/gZTIT+Ijs3XRIz98pRRqmHwrvHmVWnMadz90eFAaBOAjUB5xnSaq6erm30E
o0MhUxQqeRvmWm9rltc8EYrMcOIqFW4o8cIpAxwuIyBqeufyteXysaDpg+wnY25N
EhJaUgFWL/0A3WTdz+zQQ6UNnqWw1jpcyYD1CANIBYfaW0OBjXdpggQdqmeSk7i8
PnKcBHuLgTyMVRlMg+mYFbuItFgh10hB2af5r98yq2m+YeiW2LRTfFBKnQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIO4T8Waw3hoS5525sBsDcJfXxgSMB8GA1UdIwQY
MBaAFNnxnwXM8iITmEacC+jdwEzhThNaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmZHZkJjenlJaE9ZUnB3TDZOM0FUT0ZPRTFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS82ZTMyNDYtZmJhNi00ZTFkLTgwODkt
NGZmMzMzMzgzNjFlLzEvMmZHZkJjenlJaE9ZUnB3TDZOM0FUT0ZPRTFvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS82ZTMyNDYtZmJhNi00ZTFkLTgwODktNGZmMzMzMzgzNjFl
LzEvMmZHZkJjenlJaE9ZUnB3TDZOM0FUT0ZPRTFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAeb7kRooL
1qepU4AQzB1K7Wx+MNRbqAuW94nzAeT4HZLqfbL7NTObv2E0OP0UO0CxN8Iam750
ycchk12wLbOKGu4FqVvxallj/ojkf7o6r+h12ddyMFHg31UuosCO5pItQAAkTl9R
U/PIrF7vE0/TRwdIanacuUcbh9tHE7+ToBgsdDGBn35jMED1tYUspqNezG+RusR3
Xx1GfXOiv2IvaMRcgTDElEG48LAzXLDF7urOMp2/gaKfccJyapsLp1bDWc8trsiM
uDlckr5k7AMJ1pYl5Lyj4/qFPrq9kQd+8O0QnLRF3hPsAmf6ZSewzigqSJRrJjDD
0leesbhP+MSzbQ==
-----END CERTIFICATE-----
Generated at Wed Jun 11 06:45:49 2025 by rpki-client