Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/89fb99-9049-482f-95dc-9e3cd0d9d77a/1/kYMWq06hPrtUVgwaZwQtR-lm2CM.mft
File:                     kYMWq06hPrtUVgwaZwQtR-lm2CM.mft (raw, json)
Hash identifier:          1UNuJvhTylM4OhEaIg+YXlV/JibYWqxGcyQNeaeJd/g=
Subject key identifier:   B8:31:08:34:08:9C:B1:8D:87:B4:7C:3B:9F:6F:AF:07:9B:05:5A:32
Authority key identifier: 91:83:16:AB:4E:A1:3E:BB:54:56:0C:1A:67:04:2D:47:E9:66:D8:23
Certificate issuer:       /CN=918316ab4ea13ebb54560c1a67042d47e966d823
Certificate serial:       019757FF58C89229429617339A625C392AB1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/kYMWq06hPrtUVgwaZwQtR-lm2CM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/36/89fb99-9049-482f-95dc-9e3cd0d9d77a/1/kYMWq06hPrtUVgwaZwQtR-lm2CM.mft
Manifest number:          1587
Signing time:             Tue 10 Jun 2025 04:00:41 +0000
Manifest this update:     Tue 10 Jun 2025 04:00:41 +0000
Manifest next update:     Wed 11 Jun 2025 04:00:41 +0000
Files and hashes:         1: 1pItkF34I0T0XrYWSJRD7pj_ja0.roa (hash: xX/gcWJfZ1minzry/xWMxIOizMCvErT51ZVCYZljegM=)
                          2: kYMWq06hPrtUVgwaZwQtR-lm2CM.crl (hash: 2+d/DcVEeETEXbJl3eBmOQeWf2c7HqE9bbbw0zNnEyo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/36/89fb99-9049-482f-95dc-9e3cd0d9d77a/1/kYMWq06hPrtUVgwaZwQtR-lm2CM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/36/89fb99-9049-482f-95dc-9e3cd0d9d77a/1/kYMWq06hPrtUVgwaZwQtR-lm2CM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/kYMWq06hPrtUVgwaZwQtR-lm2CM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 11 Jun 2025 04:00:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:57:ff:58:c8:92:29:42:96:17:33:9a:62:5c:39:2a:b1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=918316ab4ea13ebb54560c1a67042d47e966d823
        Validity
            Not Before: Jun 10 04:00:41 2025 GMT
            Not After : Jun 11 04:00:41 2025 GMT
        Subject: CN=b8310834089cb18d87b47c3b9f6faf079b055a32
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:4f:25:0c:1f:15:32:0f:b7:0f:4e:3a:a6:b4:
                    88:c8:fb:9d:81:1c:ad:f7:29:51:56:a8:18:b7:84:
                    c2:ba:53:ac:bc:ca:e0:01:34:a2:b8:c9:d1:bc:b9:
                    9f:14:aa:14:07:76:89:f3:8f:bb:cf:09:dc:03:9c:
                    fe:c3:e0:77:46:d3:47:b1:0f:8f:ab:18:f0:52:c2:
                    f5:b1:b0:dc:ca:e0:13:0c:49:1d:19:3e:28:e8:11:
                    4f:ad:9c:4f:02:a0:52:ee:b4:d8:7a:12:51:fd:42:
                    28:39:17:54:cc:ed:8a:d9:e1:70:99:b2:36:21:24:
                    94:97:57:8d:0a:14:09:99:de:04:9c:e7:fd:a5:fb:
                    eb:5f:7d:bf:e6:e0:ec:be:82:6f:0a:71:4b:67:68:
                    a1:bc:c9:a5:7d:10:24:cc:3b:5d:4a:c8:79:e3:67:
                    ce:99:0e:3f:87:a6:71:b4:44:3b:63:d1:ba:46:4c:
                    21:56:52:9e:e7:d4:14:b3:21:3a:d4:4f:eb:f7:8f:
                    f7:ef:c8:14:02:fe:32:7e:c8:f1:04:b3:92:08:8c:
                    7e:21:d2:eb:d5:21:76:10:5d:54:27:21:7c:cd:5e:
                    7a:b3:c0:bf:68:6b:76:18:88:ad:e0:1d:4e:31:42:
                    65:a9:37:9d:a3:91:57:63:8b:a9:9d:8a:3a:2a:2d:
                    1a:0f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B8:31:08:34:08:9C:B1:8D:87:B4:7C:3B:9F:6F:AF:07:9B:05:5A:32
            X509v3 Authority Key Identifier:
                keyid:91:83:16:AB:4E:A1:3E:BB:54:56:0C:1A:67:04:2D:47:E9:66:D8:23

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kYMWq06hPrtUVgwaZwQtR-lm2CM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/89fb99-9049-482f-95dc-9e3cd0d9d77a/1/kYMWq06hPrtUVgwaZwQtR-lm2CM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/36/89fb99-9049-482f-95dc-9e3cd0d9d77a/1/kYMWq06hPrtUVgwaZwQtR-lm2CM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1e:42:3b:71:43:8d:4f:75:59:b9:1b:02:c7:30:1e:65:53:be:
         da:47:3c:5a:a8:72:74:46:cb:07:9d:f2:0f:d1:dd:d2:a6:72:
         47:25:ee:d7:ba:55:62:92:c3:bd:de:54:74:2b:ff:d9:e4:8a:
         0b:91:62:ff:37:cd:df:95:3a:63:60:0c:50:be:ae:89:d8:8f:
         cf:54:d8:6d:b2:00:90:20:96:59:c7:fb:5a:d3:2f:2e:4e:94:
         75:bd:8b:61:53:6b:ed:61:5f:8d:f8:88:66:5c:c6:23:01:8a:
         b6:88:28:aa:03:7f:17:6d:d5:a1:91:00:42:20:c0:6f:26:a6:
         1d:89:db:75:c3:c1:c4:d8:e4:67:0a:0c:36:b3:3f:57:0b:41:
         45:de:5b:c7:56:d5:b7:57:89:6e:53:6e:54:3a:90:e4:a1:58:
         c6:91:bc:59:31:93:00:b8:7a:e3:86:0f:f6:b7:2f:97:f2:d9:
         b3:cb:e1:e4:93:c3:93:68:02:c6:6d:58:4e:de:74:cc:b0:e6:
         0a:2c:d2:30:2e:66:8e:cb:f9:c5:30:d5:19:cb:aa:d4:17:50:
         fa:af:0f:fa:15:59:1f:19:c7:f0:81:47:92:95:3f:63:73:c2:
         5c:7f:b1:0e:7a:84:71:ef:31:b5:7c:c8:d3:0d:9c:ba:13:73:
         a2:17:5f:f2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdX/1jIkilClhczmmJcOSqxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkxODMxNmFiNGVhMTNlYmI1NDU2MGMxYTY3MDQyZDQ3ZTk2
NmQ4MjMwHhcNMjUwNjEwMDQwMDQxWhcNMjUwNjExMDQwMDQxWjAzMTEwLwYDVQQD
EyhiODMxMDgzNDA4OWNiMThkODdiNDdjM2I5ZjZmYWYwNzliMDU1YTMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsk8lDB8VMg+3D046prSIyPudgRyt
9ylRVqgYt4TCulOsvMrgATSiuMnRvLmfFKoUB3aJ84+7zwncA5z+w+B3RtNHsQ+P
qxjwUsL1sbDcyuATDEkdGT4o6BFPrZxPAqBS7rTYehJR/UIoORdUzO2K2eFwmbI2
ISSUl1eNChQJmd4EnOf9pfvrX32/5uDsvoJvCnFLZ2ihvMmlfRAkzDtdSsh542fO
mQ4/h6ZxtEQ7Y9G6RkwhVlKe59QUsyE61E/r94/378gUAv4yfsjxBLOSCIx+IdLr
1SF2EF1UJyF8zV56s8C/aGt2GIit4B1OMUJlqTedo5FXY4upnYo6Ki0aDwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLgxCDQInLGNh7R8O59vrwebBVoyMB8GA1UdIwQY
MBaAFJGDFqtOoT67VFYMGmcELUfpZtgjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva1lNV3EwNmhQcnRVVmd3YVp3UXRSLWxtMkNNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi84OWZiOTktOTA0OS00ODJmLTk1ZGMt
OWUzY2QwZDlkNzdhLzEva1lNV3EwNmhQcnRVVmd3YVp3UXRSLWxtMkNNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi84OWZiOTktOTA0OS00ODJmLTk1ZGMtOWUzY2QwZDlkNzdh
LzEva1lNV3EwNmhQcnRVVmd3YVp3UXRSLWxtMkNNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHkI7cUON
T3VZuRsCxzAeZVO+2kc8WqhydEbLB53yD9Hd0qZyRyXu17pVYpLDvd5UdCv/2eSK
C5Fi/zfN35U6Y2AMUL6uidiPz1TYbbIAkCCWWcf7WtMvLk6Udb2LYVNr7WFfjfiI
ZlzGIwGKtogoqgN/F23VoZEAQiDAbyamHYnbdcPBxNjkZwoMNrM/VwtBRd5bx1bV
t1eJblNuVDqQ5KFYxpG8WTGTALh644YP9rcvl/LZs8vh5JPDk2gCxm1YTt50zLDm
CizSMC5mjsv5xTDVGcuq1BdQ+q8P+hVZHxnH8IFHkpU/Y3PCXH+xDnqEce8xtXzI
0w2cuhNzohdf8g==
-----END CERTIFICATE-----
Generated at Tue Jun 10 12:32:50 2025 by rpki-client