Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/6e3246-fba6-4e1d-8089-4ff33338361e/1/2fGfBczyIhOYRpwL6N3ATOFOE1o.mft
File:                     2fGfBczyIhOYRpwL6N3ATOFOE1o.mft (raw, json)
Hash identifier:          kHf83QQ8hZ11sZfZQwm1ZBgjo/h+uBMHvPYYj0NyoWc=
Subject key identifier:   AD:20:17:EB:21:CD:92:45:76:91:15:F7:6A:96:80:AC:68:0D:C7:0D
Authority key identifier: D9:F1:9F:05:CC:F2:22:13:98:46:9C:0B:E8:DD:C0:4C:E1:4E:13:5A
Certificate issuer:       /CN=d9f19f05ccf2221398469c0be8ddc04ce14e135a
Certificate serial:       01976704B4402221E370D6CED3A9DC7D16B5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2fGfBczyIhOYRpwL6N3ATOFOE1o.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/35/6e3246-fba6-4e1d-8089-4ff33338361e/1/2fGfBczyIhOYRpwL6N3ATOFOE1o.mft
Manifest number:          1159
Signing time:             Fri 13 Jun 2025 02:00:50 +0000
Manifest this update:     Fri 13 Jun 2025 02:00:50 +0000
Manifest next update:     Sat 14 Jun 2025 02:00:50 +0000
Files and hashes:         1: 2fGfBczyIhOYRpwL6N3ATOFOE1o.crl (hash: uFqFqJnJoDt3LbLAxBTcODJmuirMKeyImWFmQv3KLPI=)
                          2: B9-JyKOh9vcA8Yt248kp1OHsLjE.roa (hash: IbF0FRhBYEIf5hZ2KcvfEljtf1YgGGazPG/5I71dHJ4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/35/6e3246-fba6-4e1d-8089-4ff33338361e/1/2fGfBczyIhOYRpwL6N3ATOFOE1o.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/35/6e3246-fba6-4e1d-8089-4ff33338361e/1/2fGfBczyIhOYRpwL6N3ATOFOE1o.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2fGfBczyIhOYRpwL6N3ATOFOE1o.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 13 Jun 2025 22:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:67:04:b4:40:22:21:e3:70:d6:ce:d3:a9:dc:7d:16:b5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d9f19f05ccf2221398469c0be8ddc04ce14e135a
        Validity
            Not Before: Jun 13 02:00:50 2025 GMT
            Not After : Jun 14 02:00:50 2025 GMT
        Subject: CN=ad2017eb21cd9245769115f76a9680ac680dc70d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a4:1c:5f:c1:c1:23:a9:9f:67:a7:c2:f5:f3:5e:
                    e8:81:3e:b7:d4:76:0d:96:e0:f9:e8:98:3e:6f:c1:
                    32:5b:bf:8b:e2:41:c5:f2:57:7c:b4:91:02:d1:1b:
                    11:8e:17:00:aa:6e:bf:04:c5:89:e2:95:56:5c:95:
                    50:1d:49:fe:97:bf:2e:b6:2d:48:8b:4a:12:11:15:
                    1e:9b:e0:72:b1:87:af:24:cb:2b:d4:81:0e:91:ea:
                    cb:75:62:82:09:38:7f:a9:af:d1:b3:3f:d4:14:74:
                    2c:4b:83:62:9d:a7:85:ac:a1:da:b2:0b:90:c1:94:
                    cd:29:0c:09:95:6e:f7:07:21:23:f5:00:45:6c:1e:
                    c2:b1:30:0e:a5:87:7b:96:8f:d7:d2:7b:aa:b3:31:
                    da:52:02:55:d4:02:1d:74:91:e9:33:7d:19:a5:11:
                    4c:5f:a6:a1:78:91:cd:7e:5e:c0:19:7c:39:18:0c:
                    66:90:de:5e:9b:e3:b8:44:60:67:83:7d:0a:63:20:
                    a4:5f:d2:4e:1f:ed:dd:15:eb:82:1c:51:4d:72:39:
                    04:d4:4a:0e:4a:6a:2f:41:58:3f:a8:24:99:e3:76:
                    03:2c:ca:73:04:ac:6e:7b:0c:58:07:28:70:25:2f:
                    b2:7f:3a:6c:53:ce:52:b0:bf:de:95:68:39:32:bd:
                    40:b3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AD:20:17:EB:21:CD:92:45:76:91:15:F7:6A:96:80:AC:68:0D:C7:0D
            X509v3 Authority Key Identifier:
                keyid:D9:F1:9F:05:CC:F2:22:13:98:46:9C:0B:E8:DD:C0:4C:E1:4E:13:5A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2fGfBczyIhOYRpwL6N3ATOFOE1o.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/6e3246-fba6-4e1d-8089-4ff33338361e/1/2fGfBczyIhOYRpwL6N3ATOFOE1o.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/35/6e3246-fba6-4e1d-8089-4ff33338361e/1/2fGfBczyIhOYRpwL6N3ATOFOE1o.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a2:5f:db:00:8a:29:8d:c6:e5:7c:c1:a8:68:d1:31:8a:48:fb:
         0c:a4:31:ef:10:2a:7b:98:e2:83:e7:b9:72:35:99:b0:69:05:
         1c:0c:76:0b:a5:f7:11:76:16:54:73:27:bc:14:9a:14:d7:46:
         e1:c7:a4:9a:42:59:d5:46:c3:51:21:69:bf:53:87:b9:e0:72:
         53:ed:74:fb:99:3b:c0:6a:4f:f7:69:87:5d:e0:46:11:02:4b:
         61:3d:d7:81:e7:d2:0c:52:52:1d:84:09:62:79:44:05:6c:69:
         cd:20:09:74:f5:b9:7f:17:47:61:27:65:31:de:28:37:1a:9c:
         1c:8f:df:e5:6a:f1:db:0b:f0:90:07:0b:44:bf:6d:d4:65:d0:
         6f:67:64:59:06:47:a4:3c:05:2f:45:1c:79:aa:06:05:76:e0:
         79:e6:ff:25:fd:cd:2c:ae:c9:ae:14:0f:26:42:54:73:a1:9f:
         8a:4f:81:96:c6:f4:7a:73:26:8b:cd:38:e4:80:85:db:02:d0:
         a9:60:2f:02:c3:5f:3f:ae:78:32:32:f0:f1:10:62:fd:1b:6a:
         21:4a:12:f8:d9:ff:52:e4:76:99:1d:c8:a1:42:fc:e6:da:b3:
         06:fa:6e:64:e0:7b:5a:46:45:92:a1:07:1f:07:5c:41:c6:93:
         4d:ce:64:72
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdnBLRAIiHjcNbO06ncfRa1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5ZjE5ZjA1Y2NmMjIyMTM5ODQ2OWMwYmU4ZGRjMDRjZTE0
ZTEzNWEwHhcNMjUwNjEzMDIwMDUwWhcNMjUwNjE0MDIwMDUwWjAzMTEwLwYDVQQD
EyhhZDIwMTdlYjIxY2Q5MjQ1NzY5MTE1Zjc2YTk2ODBhYzY4MGRjNzBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApBxfwcEjqZ9np8L1817ogT631HYN
luD56Jg+b8EyW7+L4kHF8ld8tJEC0RsRjhcAqm6/BMWJ4pVWXJVQHUn+l78uti1I
i0oSERUem+BysYevJMsr1IEOkerLdWKCCTh/qa/Rsz/UFHQsS4NinaeFrKHasguQ
wZTNKQwJlW73ByEj9QBFbB7CsTAOpYd7lo/X0nuqszHaUgJV1AIddJHpM30ZpRFM
X6aheJHNfl7AGXw5GAxmkN5em+O4RGBng30KYyCkX9JOH+3dFeuCHFFNcjkE1EoO
SmovQVg/qCSZ43YDLMpzBKxuewxYByhwJS+yfzpsU85SsL/elWg5Mr1AswIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFK0gF+shzZJFdpEV92qWgKxoDccNMB8GA1UdIwQY
MBaAFNnxnwXM8iITmEacC+jdwEzhThNaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmZHZkJjenlJaE9ZUnB3TDZOM0FUT0ZPRTFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS82ZTMyNDYtZmJhNi00ZTFkLTgwODkt
NGZmMzMzMzgzNjFlLzEvMmZHZkJjenlJaE9ZUnB3TDZOM0FUT0ZPRTFvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS82ZTMyNDYtZmJhNi00ZTFkLTgwODktNGZmMzMzMzgzNjFl
LzEvMmZHZkJjenlJaE9ZUnB3TDZOM0FUT0ZPRTFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAol/bAIop
jcblfMGoaNExikj7DKQx7xAqe5jig+e5cjWZsGkFHAx2C6X3EXYWVHMnvBSaFNdG
4cekmkJZ1UbDUSFpv1OHueByU+10+5k7wGpP92mHXeBGEQJLYT3XgefSDFJSHYQJ
YnlEBWxpzSAJdPW5fxdHYSdlMd4oNxqcHI/f5Wrx2wvwkAcLRL9t1GXQb2dkWQZH
pDwFL0UceaoGBXbgeeb/Jf3NLK7JrhQPJkJUc6Gfik+Blsb0enMmi8045ICF2wLQ
qWAvAsNfP654MjLw8RBi/RtqIUoS+Nn/UuR2mR3IoUL85tqzBvpuZOB7WkZFkqEH
HwdcQcaTTc5kcg==
-----END CERTIFICATE-----
Generated at Fri Jun 13 07:04:49 2025 by rpki-client