Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/89fb99-9049-482f-95dc-9e3cd0d9d77a/1/kYMWq06hPrtUVgwaZwQtR-lm2CM.mft
File:                     kYMWq06hPrtUVgwaZwQtR-lm2CM.mft (raw, json)
Hash identifier:          mDZfAPpZHVDFwXBziXgWz6mXGmsgS5tssS94VNNjV4I=
Subject key identifier:   AD:89:1E:C9:6A:21:FC:B5:63:24:63:1D:2B:76:01:96:5E:3A:4B:51
Authority key identifier: 91:83:16:AB:4E:A1:3E:BB:54:56:0C:1A:67:04:2D:47:E9:66:D8:23
Certificate issuer:       /CN=918316ab4ea13ebb54560c1a67042d47e966d823
Certificate serial:       01975422BB160E264ADD19A93BDF7A133A3B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/kYMWq06hPrtUVgwaZwQtR-lm2CM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/36/89fb99-9049-482f-95dc-9e3cd0d9d77a/1/kYMWq06hPrtUVgwaZwQtR-lm2CM.mft
Manifest number:          1585
Signing time:             Mon 09 Jun 2025 10:00:51 +0000
Manifest this update:     Mon 09 Jun 2025 10:00:51 +0000
Manifest next update:     Tue 10 Jun 2025 10:00:51 +0000
Files and hashes:         1: 1pItkF34I0T0XrYWSJRD7pj_ja0.roa (hash: xX/gcWJfZ1minzry/xWMxIOizMCvErT51ZVCYZljegM=)
                          2: kYMWq06hPrtUVgwaZwQtR-lm2CM.crl (hash: RY0E7dsi336mqgxYAMLU0elvM+XiCBzmLjCMaIdrfrw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/36/89fb99-9049-482f-95dc-9e3cd0d9d77a/1/kYMWq06hPrtUVgwaZwQtR-lm2CM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/36/89fb99-9049-482f-95dc-9e3cd0d9d77a/1/kYMWq06hPrtUVgwaZwQtR-lm2CM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/kYMWq06hPrtUVgwaZwQtR-lm2CM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 10 Jun 2025 06:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:54:22:bb:16:0e:26:4a:dd:19:a9:3b:df:7a:13:3a:3b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=918316ab4ea13ebb54560c1a67042d47e966d823
        Validity
            Not Before: Jun  9 10:00:51 2025 GMT
            Not After : Jun 10 10:00:51 2025 GMT
        Subject: CN=ad891ec96a21fcb56324631d2b7601965e3a4b51
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:eb:d9:58:ad:fd:3b:7b:71:de:de:2d:0b:d5:
                    78:b1:73:1f:78:33:48:d9:8c:11:e0:84:7f:fd:df:
                    62:5e:76:e5:c3:98:aa:e0:4c:f4:77:91:05:b0:1f:
                    95:89:ae:ce:49:1f:ea:c8:df:e8:b5:94:6f:84:eb:
                    96:b8:70:44:49:7e:a3:79:5a:70:e5:90:05:41:f8:
                    a5:82:5e:4b:8f:fc:05:7c:99:66:3e:45:c8:a0:2a:
                    81:c5:5b:74:f0:07:1a:d5:45:02:f5:df:f7:cb:9f:
                    5b:56:a6:df:22:da:41:35:40:7f:f5:6d:8c:13:be:
                    95:c1:55:d5:70:e3:e8:26:bc:02:b1:0f:c8:22:79:
                    47:e8:9c:47:8a:15:80:0e:95:b3:d3:2c:91:cf:03:
                    d3:73:42:2c:ae:d4:05:4d:fa:a0:20:94:24:19:97:
                    9a:9c:3a:0e:6c:e6:23:86:8e:cb:0a:b4:15:41:90:
                    1c:69:3d:5a:e0:f4:92:6f:70:38:a6:0b:ba:a7:d6:
                    e0:7a:58:aa:a5:fa:04:47:65:45:65:47:2b:c9:75:
                    a1:4c:d1:2d:0d:38:f4:be:bc:6b:66:97:01:81:1e:
                    54:8d:89:a1:f5:9a:b3:1c:cf:0f:f4:59:04:06:ea:
                    e0:01:07:5a:38:81:20:b1:54:b3:86:7d:be:e3:dc:
                    4c:6b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AD:89:1E:C9:6A:21:FC:B5:63:24:63:1D:2B:76:01:96:5E:3A:4B:51
            X509v3 Authority Key Identifier:
                keyid:91:83:16:AB:4E:A1:3E:BB:54:56:0C:1A:67:04:2D:47:E9:66:D8:23

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kYMWq06hPrtUVgwaZwQtR-lm2CM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/89fb99-9049-482f-95dc-9e3cd0d9d77a/1/kYMWq06hPrtUVgwaZwQtR-lm2CM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/36/89fb99-9049-482f-95dc-9e3cd0d9d77a/1/kYMWq06hPrtUVgwaZwQtR-lm2CM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         77:92:36:c3:dd:d2:fa:31:25:89:60:67:80:66:07:67:b2:56:
         45:b6:1e:1e:48:fe:d0:55:75:ea:ec:22:34:e6:3e:ed:e0:0a:
         62:1d:58:ef:9a:e3:45:62:b7:7d:19:3e:ed:80:7f:ac:1a:15:
         51:0c:62:76:bd:54:c0:b9:6f:fc:76:35:05:85:16:df:8c:8d:
         f5:3b:80:00:d8:06:da:d7:ba:11:2e:09:8b:c9:0c:6e:8d:00:
         61:e1:ad:07:4f:68:f8:17:97:66:90:8f:10:9f:70:37:36:e1:
         9d:f2:95:0b:db:96:6a:4d:87:2d:0f:19:ac:ed:5f:66:40:c9:
         72:1c:05:ae:32:85:6a:64:35:57:10:6b:70:a0:4a:a9:0a:40:
         09:43:4e:1e:3a:4e:0d:b1:24:72:d1:ae:cf:5f:ce:7f:73:91:
         8a:23:47:0b:ef:cc:83:36:b5:81:56:b4:3f:02:91:5a:5e:73:
         7e:8f:c6:d3:f3:a0:8d:4d:dc:34:f2:03:57:e8:15:19:eb:70:
         94:87:7a:8c:58:66:0a:08:12:ae:fa:b8:5d:bc:af:64:d7:69:
         c6:6e:fe:2c:99:41:40:0d:e4:2b:e0:86:11:38:fa:8c:c7:8b:
         15:41:c3:af:3b:24:da:6f:2e:31:37:30:90:6c:8f:1e:e2:2f:
         ce:e0:16:86
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdUIrsWDiZK3RmpO996Ezo7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkxODMxNmFiNGVhMTNlYmI1NDU2MGMxYTY3MDQyZDQ3ZTk2
NmQ4MjMwHhcNMjUwNjA5MTAwMDUxWhcNMjUwNjEwMTAwMDUxWjAzMTEwLwYDVQQD
EyhhZDg5MWVjOTZhMjFmY2I1NjMyNDYzMWQyYjc2MDE5NjVlM2E0YjUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApevZWK39O3tx3t4tC9V4sXMfeDNI
2YwR4IR//d9iXnblw5iq4Ez0d5EFsB+Via7OSR/qyN/otZRvhOuWuHBESX6jeVpw
5ZAFQfilgl5Lj/wFfJlmPkXIoCqBxVt08Aca1UUC9d/3y59bVqbfItpBNUB/9W2M
E76VwVXVcOPoJrwCsQ/IInlH6JxHihWADpWz0yyRzwPTc0IsrtQFTfqgIJQkGZea
nDoObOYjho7LCrQVQZAcaT1a4PSSb3A4pgu6p9bgeliqpfoER2VFZUcryXWhTNEt
DTj0vrxrZpcBgR5UjYmh9ZqzHM8P9FkEBurgAQdaOIEgsVSzhn2+49xMawIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFK2JHslqIfy1YyRjHSt2AZZeOktRMB8GA1UdIwQY
MBaAFJGDFqtOoT67VFYMGmcELUfpZtgjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva1lNV3EwNmhQcnRVVmd3YVp3UXRSLWxtMkNNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi84OWZiOTktOTA0OS00ODJmLTk1ZGMt
OWUzY2QwZDlkNzdhLzEva1lNV3EwNmhQcnRVVmd3YVp3UXRSLWxtMkNNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi84OWZiOTktOTA0OS00ODJmLTk1ZGMtOWUzY2QwZDlkNzdh
LzEva1lNV3EwNmhQcnRVVmd3YVp3UXRSLWxtMkNNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAd5I2w93S
+jEliWBngGYHZ7JWRbYeHkj+0FV16uwiNOY+7eAKYh1Y75rjRWK3fRk+7YB/rBoV
UQxidr1UwLlv/HY1BYUW34yN9TuAANgG2te6ES4Ji8kMbo0AYeGtB09o+BeXZpCP
EJ9wNzbhnfKVC9uWak2HLQ8ZrO1fZkDJchwFrjKFamQ1VxBrcKBKqQpACUNOHjpO
DbEkctGuz1/Of3ORiiNHC+/Mgza1gVa0PwKRWl5zfo/G0/OgjU3cNPIDV+gVGetw
lId6jFhmCggSrvq4XbyvZNdpxm7+LJlBQA3kK+CGETj6jMeLFUHDrzsk2m8uMTcw
kGyPHuIvzuAWhg==
-----END CERTIFICATE-----
Generated at Mon Jun 9 14:48:34 2025 by rpki-client