Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/6e3246-fba6-4e1d-8089-4ff33338361e/1/2fGfBczyIhOYRpwL6N3ATOFOE1o.mft
File:                     2fGfBczyIhOYRpwL6N3ATOFOE1o.mft (raw, json)
Hash identifier:          qPDD8SXXxv9hm+1BHboyWmjJInw1WDUjzRV3AulYqbY=
Subject key identifier:   E3:FF:51:A9:7A:F4:4F:A7:0E:BC:82:63:61:20:2E:AD:4A:C3:61:6F
Authority key identifier: D9:F1:9F:05:CC:F2:22:13:98:46:9C:0B:E8:DD:C0:4C:E1:4E:13:5A
Certificate issuer:       /CN=d9f19f05ccf2221398469c0be8ddc04ce14e135a
Certificate serial:       0197597FFC013E38EB4637F9913F1CF3ED46
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2fGfBczyIhOYRpwL6N3ATOFOE1o.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/35/6e3246-fba6-4e1d-8089-4ff33338361e/1/2fGfBczyIhOYRpwL6N3ATOFOE1o.mft
Manifest number:          1152
Signing time:             Tue 10 Jun 2025 11:00:49 +0000
Manifest this update:     Tue 10 Jun 2025 11:00:49 +0000
Manifest next update:     Wed 11 Jun 2025 11:00:49 +0000
Files and hashes:         1: 2fGfBczyIhOYRpwL6N3ATOFOE1o.crl (hash: x4MC2c4+vSLRwKMzUjwClzU6zwoDXr5d/kLU2v92R5g=)
                          2: B9-JyKOh9vcA8Yt248kp1OHsLjE.roa (hash: IbF0FRhBYEIf5hZ2KcvfEljtf1YgGGazPG/5I71dHJ4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/35/6e3246-fba6-4e1d-8089-4ff33338361e/1/2fGfBczyIhOYRpwL6N3ATOFOE1o.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/35/6e3246-fba6-4e1d-8089-4ff33338361e/1/2fGfBczyIhOYRpwL6N3ATOFOE1o.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2fGfBczyIhOYRpwL6N3ATOFOE1o.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 11 Jun 2025 11:00:49 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:59:7f:fc:01:3e:38:eb:46:37:f9:91:3f:1c:f3:ed:46
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d9f19f05ccf2221398469c0be8ddc04ce14e135a
        Validity
            Not Before: Jun 10 11:00:49 2025 GMT
            Not After : Jun 11 11:00:49 2025 GMT
        Subject: CN=e3ff51a97af44fa70ebc826361202ead4ac3616f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:57:a9:90:e2:a3:e9:e0:6a:c5:9b:3f:80:00:
                    dc:35:ce:6c:c3:55:0b:c9:28:fd:36:0a:63:2e:06:
                    00:05:ff:81:11:82:75:06:dc:c2:7c:16:33:a5:a1:
                    24:17:94:39:38:f3:55:b9:a0:47:d6:26:5e:0b:0a:
                    50:e5:e5:00:6f:7b:2a:e3:c7:2c:de:7b:31:1b:6e:
                    cf:3e:0c:80:84:99:50:87:2d:d6:4d:30:16:11:75:
                    99:0e:94:5d:5e:b4:70:7f:d5:97:0e:79:66:03:e5:
                    4f:c9:ac:7e:de:f5:7d:3e:4e:a0:c7:c1:c6:7e:bf:
                    7e:3a:d9:79:6d:5e:e1:01:c8:7b:d8:75:9f:f8:32:
                    9c:c0:6e:6e:4b:76:f9:3a:80:dc:2b:42:82:d0:90:
                    07:69:84:bb:82:78:89:1c:1e:f2:93:0d:9b:a6:86:
                    4a:be:8d:73:a0:c0:f6:67:87:2b:64:f4:8c:37:35:
                    fe:d8:84:da:41:57:9a:94:a4:07:25:15:80:c5:57:
                    6e:94:53:37:b4:dd:cc:98:bd:8b:be:4d:e1:25:84:
                    f3:85:17:72:10:14:ab:05:43:ab:ce:c9:a4:02:1f:
                    de:d4:20:1c:4d:cd:76:84:63:7b:11:6d:76:0b:3a:
                    ea:44:a2:ec:26:91:7a:65:c6:40:d0:08:a5:a0:9d:
                    19:4d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E3:FF:51:A9:7A:F4:4F:A7:0E:BC:82:63:61:20:2E:AD:4A:C3:61:6F
            X509v3 Authority Key Identifier:
                keyid:D9:F1:9F:05:CC:F2:22:13:98:46:9C:0B:E8:DD:C0:4C:E1:4E:13:5A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2fGfBczyIhOYRpwL6N3ATOFOE1o.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/6e3246-fba6-4e1d-8089-4ff33338361e/1/2fGfBczyIhOYRpwL6N3ATOFOE1o.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/35/6e3246-fba6-4e1d-8089-4ff33338361e/1/2fGfBczyIhOYRpwL6N3ATOFOE1o.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         67:ba:56:4e:ac:80:85:99:59:68:e8:30:1b:56:5a:fc:f5:9c:
         28:83:05:cb:4c:90:a2:c3:55:9a:1c:17:50:4e:5e:55:4d:56:
         c9:a2:d7:4d:e6:c6:97:9d:d1:46:73:22:43:29:8d:91:fe:15:
         cb:fc:21:61:ca:b4:c4:fa:9f:70:bf:5a:1f:6c:e2:28:a4:d8:
         65:16:85:9f:e3:c4:c8:ac:fd:94:da:23:a5:de:3a:b3:ec:00:
         69:01:3b:5a:44:e2:be:20:4d:df:72:e9:dc:ce:ee:67:72:0b:
         06:d9:dd:1d:42:0f:cc:e4:bc:ef:9f:5e:65:50:be:19:9b:82:
         79:4f:b9:ea:78:c6:f4:7b:9b:11:60:61:1b:48:8d:8e:d6:91:
         b1:61:1b:d4:74:e3:9a:d8:47:90:b0:d8:7b:40:0d:fb:54:bf:
         11:54:e8:a5:5a:a0:6c:34:f3:f9:82:c6:37:90:39:cb:46:ae:
         b2:5d:d6:db:c2:6c:07:3e:94:a6:9d:e3:bd:5d:ae:f1:46:2c:
         74:47:43:c3:84:b3:86:6e:fd:7e:a1:20:2e:44:80:8b:96:c4:
         13:9e:06:cb:f3:ed:b3:12:27:41:df:2d:3e:c1:68:0c:0f:82:
         4d:d0:18:c7:a2:25:c3:a3:1e:e3:17:a4:48:ad:0a:3d:d3:c7:
         8f:57:50:c3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdZf/wBPjjrRjf5kT8c8+1GMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5ZjE5ZjA1Y2NmMjIyMTM5ODQ2OWMwYmU4ZGRjMDRjZTE0
ZTEzNWEwHhcNMjUwNjEwMTEwMDQ5WhcNMjUwNjExMTEwMDQ5WjAzMTEwLwYDVQQD
EyhlM2ZmNTFhOTdhZjQ0ZmE3MGViYzgyNjM2MTIwMmVhZDRhYzM2MTZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyFepkOKj6eBqxZs/gADcNc5sw1UL
ySj9NgpjLgYABf+BEYJ1BtzCfBYzpaEkF5Q5OPNVuaBH1iZeCwpQ5eUAb3sq48cs
3nsxG27PPgyAhJlQhy3WTTAWEXWZDpRdXrRwf9WXDnlmA+VPyax+3vV9Pk6gx8HG
fr9+Otl5bV7hAch72HWf+DKcwG5uS3b5OoDcK0KC0JAHaYS7gniJHB7ykw2bpoZK
vo1zoMD2Z4crZPSMNzX+2ITaQVealKQHJRWAxVdulFM3tN3MmL2Lvk3hJYTzhRdy
EBSrBUOrzsmkAh/e1CAcTc12hGN7EW12CzrqRKLsJpF6ZcZA0AiloJ0ZTQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOP/Ual69E+nDryCY2EgLq1Kw2FvMB8GA1UdIwQY
MBaAFNnxnwXM8iITmEacC+jdwEzhThNaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmZHZkJjenlJaE9ZUnB3TDZOM0FUT0ZPRTFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS82ZTMyNDYtZmJhNi00ZTFkLTgwODkt
NGZmMzMzMzgzNjFlLzEvMmZHZkJjenlJaE9ZUnB3TDZOM0FUT0ZPRTFvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS82ZTMyNDYtZmJhNi00ZTFkLTgwODktNGZmMzMzMzgzNjFl
LzEvMmZHZkJjenlJaE9ZUnB3TDZOM0FUT0ZPRTFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZ7pWTqyA
hZlZaOgwG1Za/PWcKIMFy0yQosNVmhwXUE5eVU1WyaLXTebGl53RRnMiQymNkf4V
y/whYcq0xPqfcL9aH2ziKKTYZRaFn+PEyKz9lNojpd46s+wAaQE7WkTiviBN33Lp
3M7uZ3ILBtndHUIPzOS8759eZVC+GZuCeU+56njG9HubEWBhG0iNjtaRsWEb1HTj
mthHkLDYe0AN+1S/EVTopVqgbDTz+YLGN5A5y0ausl3W28JsBz6Upp3jvV2u8UYs
dEdDw4Szhm79fqEgLkSAi5bEE54Gy/PtsxInQd8tPsFoDA+CTdAYx6Ilw6Me4xek
SK0KPdPHj1dQww==
-----END CERTIFICATE-----
Generated at Tue Jun 10 16:43:04 2025 by rpki-client