Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/af161b-ef51-44bd-8e0a-9eb3c682b009/1/KH4cl_cfNVhn4_uHfyGqUTC2z10.mft
File:                     KH4cl_cfNVhn4_uHfyGqUTC2z10.mft (raw, json)
Hash identifier:          e8EarZYiSvVKBm6VZiQxsTaxa0V3GKBUMBUvfDFqXR8=
Subject key identifier:   BC:3F:7E:E3:FB:78:45:6D:63:6F:FC:D3:D9:A1:AC:D5:39:0C:21:89
Authority key identifier: 28:7E:1C:97:F7:1F:35:58:67:E3:FB:87:7F:21:AA:51:30:B6:CF:5D
Certificate issuer:       /CN=287e1c97f71f355867e3fb877f21aa5130b6cf5d
Certificate serial:       01975B37419288F9878087012123837F6704
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/KH4cl_cfNVhn4_uHfyGqUTC2z10.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/35/af161b-ef51-44bd-8e0a-9eb3c682b009/1/KH4cl_cfNVhn4_uHfyGqUTC2z10.mft
Manifest number:          09D0
Signing time:             Tue 10 Jun 2025 19:00:37 +0000
Manifest this update:     Tue 10 Jun 2025 19:00:37 +0000
Manifest next update:     Wed 11 Jun 2025 19:00:37 +0000
Files and hashes:         1: HlpYPKfUTSJ7pDq2oQziu1OJN70.roa (hash: 2/lnsP1apTOPlsNH0YhFprUwFbQM2G9j3yZLF5vZFt4=)
                          2: KH4cl_cfNVhn4_uHfyGqUTC2z10.crl (hash: LpmtU6SOxpZJ72gywwETexFsujqiv1PSffsDelaB2v4=)
                          3: n82Q14Y2YDik1JFdwsQlLlmUXCU.roa (hash: Pqu0KJ3PErrtF3waClxiFcaMqimhO+E9Mo28nI/aapw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/35/af161b-ef51-44bd-8e0a-9eb3c682b009/1/KH4cl_cfNVhn4_uHfyGqUTC2z10.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/35/af161b-ef51-44bd-8e0a-9eb3c682b009/1/KH4cl_cfNVhn4_uHfyGqUTC2z10.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/KH4cl_cfNVhn4_uHfyGqUTC2z10.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 11 Jun 2025 14:55:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:5b:37:41:92:88:f9:87:80:87:01:21:23:83:7f:67:04
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=287e1c97f71f355867e3fb877f21aa5130b6cf5d
        Validity
            Not Before: Jun 10 19:00:37 2025 GMT
            Not After : Jun 11 19:00:37 2025 GMT
        Subject: CN=bc3f7ee3fb78456d636ffcd3d9a1acd5390c2189
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cc:9a:34:c8:a7:c0:08:be:5f:01:28:f7:40:45:
                    d7:29:15:29:3f:a0:32:78:85:dd:70:c5:42:42:c3:
                    5b:6a:fe:b3:9e:69:cf:99:17:8f:92:b1:06:b2:d4:
                    ef:3c:0a:6e:f4:5c:4b:15:a6:07:aa:be:1d:ce:67:
                    75:d4:2d:86:b0:ca:ae:7f:82:14:81:a1:ca:cc:a3:
                    e7:7f:16:46:23:fd:91:b8:c1:4f:94:b6:7d:b6:52:
                    41:7a:76:3b:ba:32:5a:69:4b:dc:01:c5:9e:b1:fd:
                    00:59:a0:ec:7f:58:01:e0:28:4f:bd:2e:c4:96:cb:
                    b6:b3:a1:08:f0:09:9b:f0:4a:a5:1f:bc:05:4f:9e:
                    cd:36:5a:ee:c8:07:d2:7c:d3:62:4d:f1:44:1d:17:
                    4e:fd:5d:bf:7c:43:8b:26:5d:5b:cb:74:c4:d5:d0:
                    91:72:fc:06:5a:80:cf:31:bd:e8:28:a1:b4:c6:7f:
                    45:2d:99:2a:46:a9:ca:c8:ce:3f:ce:52:86:5a:de:
                    c3:b8:73:c4:7d:8b:76:29:7b:5b:14:92:69:ad:6f:
                    0b:fe:31:72:53:01:3b:49:54:41:39:ed:43:97:df:
                    70:7a:3d:cc:00:a1:95:33:e5:6c:05:7f:da:28:4d:
                    9d:8b:25:5f:4b:83:3b:e1:2f:3d:c9:99:66:36:71:
                    b2:0d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BC:3F:7E:E3:FB:78:45:6D:63:6F:FC:D3:D9:A1:AC:D5:39:0C:21:89
            X509v3 Authority Key Identifier:
                keyid:28:7E:1C:97:F7:1F:35:58:67:E3:FB:87:7F:21:AA:51:30:B6:CF:5D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KH4cl_cfNVhn4_uHfyGqUTC2z10.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/af161b-ef51-44bd-8e0a-9eb3c682b009/1/KH4cl_cfNVhn4_uHfyGqUTC2z10.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/35/af161b-ef51-44bd-8e0a-9eb3c682b009/1/KH4cl_cfNVhn4_uHfyGqUTC2z10.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         73:17:2e:2e:70:db:9a:ec:fd:8a:41:b2:51:b3:01:3d:00:30:
         95:f2:85:ac:bc:46:21:5c:a7:52:77:de:1f:91:4a:cc:e0:83:
         d0:6e:0f:78:1f:34:18:97:bb:4c:ad:61:41:20:4e:38:3b:9e:
         c5:9f:77:53:84:f4:3d:30:59:f1:0d:a0:e7:eb:73:17:31:6c:
         a9:62:1f:a6:59:d4:37:7b:5c:54:ad:70:d1:b9:89:b9:ba:af:
         5e:50:fa:9a:ef:62:86:26:f7:40:f5:f7:c9:32:81:d2:77:16:
         34:c8:8d:41:40:1f:78:02:c4:10:35:4f:07:f6:f1:41:75:00:
         d6:41:8e:43:ed:cf:17:5c:01:ef:ed:af:87:1e:52:fb:ab:d3:
         7b:56:c7:93:2c:be:00:48:e2:2a:32:40:b9:ff:ef:20:f6:17:
         8f:51:3e:92:ea:e9:41:57:e2:88:55:a8:c6:39:c0:bc:a5:83:
         81:f3:3b:55:cf:ba:58:93:ce:ed:c9:dd:ac:de:8d:00:5a:e7:
         e8:54:f4:29:34:83:ef:c0:b6:46:38:7a:f4:65:52:86:1d:13:
         bb:80:3c:4c:6b:a2:82:eb:4f:5c:31:5b:28:7d:e5:76:2e:48:
         34:6d:a3:fd:01:f8:3f:03:05:34:80:df:62:7f:7c:26:73:16:
         68:f4:43:2b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdbN0GSiPmHgIcBISODf2cEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI4N2UxYzk3ZjcxZjM1NTg2N2UzZmI4NzdmMjFhYTUxMzBi
NmNmNWQwHhcNMjUwNjEwMTkwMDM3WhcNMjUwNjExMTkwMDM3WjAzMTEwLwYDVQQD
EyhiYzNmN2VlM2ZiNzg0NTZkNjM2ZmZjZDNkOWExYWNkNTM5MGMyMTg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzJo0yKfACL5fASj3QEXXKRUpP6Ay
eIXdcMVCQsNbav6znmnPmRePkrEGstTvPApu9FxLFaYHqr4dzmd11C2GsMquf4IU
gaHKzKPnfxZGI/2RuMFPlLZ9tlJBenY7ujJaaUvcAcWesf0AWaDsf1gB4ChPvS7E
lsu2s6EI8Amb8EqlH7wFT57NNlruyAfSfNNiTfFEHRdO/V2/fEOLJl1by3TE1dCR
cvwGWoDPMb3oKKG0xn9FLZkqRqnKyM4/zlKGWt7DuHPEfYt2KXtbFJJprW8L/jFy
UwE7SVRBOe1Dl99wej3MAKGVM+VsBX/aKE2diyVfS4M74S89yZlmNnGyDQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLw/fuP7eEVtY2/809mhrNU5DCGJMB8GA1UdIwQY
MBaAFCh+HJf3HzVYZ+P7h38hqlEwts9dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS0g0Y2xfY2ZOVmhuNF91SGZ5R3FVVEMyejEwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS9hZjE2MWItZWY1MS00NGJkLThlMGEt
OWViM2M2ODJiMDA5LzEvS0g0Y2xfY2ZOVmhuNF91SGZ5R3FVVEMyejEwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS9hZjE2MWItZWY1MS00NGJkLThlMGEtOWViM2M2ODJiMDA5
LzEvS0g0Y2xfY2ZOVmhuNF91SGZ5R3FVVEMyejEwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAcxcuLnDb
muz9ikGyUbMBPQAwlfKFrLxGIVynUnfeH5FKzOCD0G4PeB80GJe7TK1hQSBOODue
xZ93U4T0PTBZ8Q2g5+tzFzFsqWIfplnUN3tcVK1w0bmJubqvXlD6mu9ihib3QPX3
yTKB0ncWNMiNQUAfeALEEDVPB/bxQXUA1kGOQ+3PF1wB7+2vhx5S+6vTe1bHkyy+
AEjiKjJAuf/vIPYXj1E+kurpQVfiiFWoxjnAvKWDgfM7Vc+6WJPO7cndrN6NAFrn
6FT0KTSD78C2Rjh69GVShh0Tu4A8TGuigutPXDFbKH3ldi5ING2j/QH4PwMFNIDf
Yn98JnMWaPRDKw==
-----END CERTIFICATE-----
Generated at Tue Jun 10 20:54:11 2025 by rpki-client