Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/37/988768-f17b-4f59-be09-2deb14c290ed/1/iBmVbdzq4CLP4SPaNzxrERZANo0.mft
File:                     iBmVbdzq4CLP4SPaNzxrERZANo0.mft (raw, json)
Hash identifier:          +ktfeJwAbhPKW0BFsxV5Q6DFW0qdzVVj2JWVbJZ9i/U=
Subject key identifier:   FF:BE:CC:C1:D2:49:00:7F:D2:4C:3A:AF:92:97:EE:B8:D7:C6:F5:6B
Authority key identifier: 88:19:95:6D:DC:EA:E0:22:CF:E1:23:DA:37:3C:6B:11:16:40:36:8D
Certificate issuer:       /CN=8819956ddceae022cfe123da373c6b111640368d
Certificate serial:       01976884EB5847B3F7E544D27626B32E5B23
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/iBmVbdzq4CLP4SPaNzxrERZANo0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/37/988768-f17b-4f59-be09-2deb14c290ed/1/iBmVbdzq4CLP4SPaNzxrERZANo0.mft
Manifest number:          119E
Signing time:             Fri 13 Jun 2025 09:00:30 +0000
Manifest this update:     Fri 13 Jun 2025 09:00:30 +0000
Manifest next update:     Sat 14 Jun 2025 09:00:30 +0000
Files and hashes:         1: JZQSwG4wbJPMZQTbI1xSGViuvto.roa (hash: 7nxSYve4K7+DiIBeaX8vSWVp7u4kFJYyJFHRolTK/UI=)
                          2: iBmVbdzq4CLP4SPaNzxrERZANo0.crl (hash: jbsJJ3LmEUSCLzMJrKKp4aPBf+r2y9rZWtcyhvsa5zY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/37/988768-f17b-4f59-be09-2deb14c290ed/1/iBmVbdzq4CLP4SPaNzxrERZANo0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/37/988768-f17b-4f59-be09-2deb14c290ed/1/iBmVbdzq4CLP4SPaNzxrERZANo0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/iBmVbdzq4CLP4SPaNzxrERZANo0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 14 Jun 2025 07:00:18 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:68:84:eb:58:47:b3:f7:e5:44:d2:76:26:b3:2e:5b:23
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8819956ddceae022cfe123da373c6b111640368d
        Validity
            Not Before: Jun 13 09:00:30 2025 GMT
            Not After : Jun 14 09:00:30 2025 GMT
        Subject: CN=ffbeccc1d249007fd24c3aaf9297eeb8d7c6f56b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cd:a1:fd:5c:48:04:a5:19:3e:fb:da:4d:9e:86:
                    b6:60:20:2d:28:53:2c:da:35:07:32:fb:1e:7d:61:
                    53:c8:84:2f:51:f7:b4:4a:b7:de:3d:ab:66:88:49:
                    7d:cc:43:c0:90:ca:1f:e2:c2:53:b9:5a:65:bf:0b:
                    f2:a8:88:22:02:9a:0d:7c:d9:5f:4e:46:20:c1:39:
                    12:2c:25:b0:a3:3d:a3:32:47:08:73:ea:5e:d9:35:
                    69:76:ab:ef:5b:f3:0d:8a:d3:73:fc:d9:4b:82:e8:
                    86:c0:cb:c4:33:fa:f8:02:92:6d:06:04:29:93:41:
                    9e:e8:1c:67:2d:de:df:20:b4:a2:00:39:19:85:ef:
                    a7:02:49:01:1a:d0:aa:0f:54:c9:90:09:e9:11:83:
                    2a:5a:44:9c:c2:65:b2:f2:c5:d5:01:2e:00:67:75:
                    99:ee:da:93:d0:76:b8:aa:79:0a:12:b2:1c:c3:3e:
                    f3:c1:4d:bc:18:24:15:5d:18:4c:ff:ff:fb:e7:17:
                    9b:bb:cb:70:a6:4a:bf:99:d3:a8:33:24:68:80:65:
                    cd:f6:d8:90:98:a0:ed:de:99:e7:d5:fe:0b:88:13:
                    c2:05:52:32:ca:3f:77:52:f9:39:da:a8:cc:ec:5d:
                    aa:e8:cb:08:15:11:f6:43:f5:f6:ce:15:fb:3b:d5:
                    82:d1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FF:BE:CC:C1:D2:49:00:7F:D2:4C:3A:AF:92:97:EE:B8:D7:C6:F5:6B
            X509v3 Authority Key Identifier:
                keyid:88:19:95:6D:DC:EA:E0:22:CF:E1:23:DA:37:3C:6B:11:16:40:36:8D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iBmVbdzq4CLP4SPaNzxrERZANo0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/37/988768-f17b-4f59-be09-2deb14c290ed/1/iBmVbdzq4CLP4SPaNzxrERZANo0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/37/988768-f17b-4f59-be09-2deb14c290ed/1/iBmVbdzq4CLP4SPaNzxrERZANo0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         64:60:a9:ac:73:56:e8:5c:bb:4f:04:02:98:48:35:ef:04:7e:
         cb:4c:e4:46:ae:70:d4:1b:5b:7c:c8:7a:43:85:f0:9c:7e:0c:
         2a:7c:ae:30:c6:ac:9f:84:57:bd:6d:28:12:43:23:97:eb:6f:
         3d:09:1b:6d:7f:27:2c:18:6a:35:24:c7:ec:20:b0:f3:64:d3:
         d8:24:29:6c:09:e9:e5:78:6f:f1:cb:dc:66:8b:84:8f:84:fc:
         7a:b7:10:05:3b:0e:60:9a:20:5c:ff:5b:e0:e3:7b:59:70:10:
         a1:b9:22:26:4c:f1:27:20:0a:50:71:e2:1a:b3:13:0e:22:28:
         0d:be:fa:70:72:f7:f5:38:24:f2:74:96:f9:23:4d:2d:7d:37:
         2d:0d:27:18:86:5e:84:fd:1c:bd:35:bf:c9:dd:e6:aa:63:f0:
         b9:50:d9:15:4a:f0:da:1c:48:a5:3a:6a:1e:86:74:c8:27:07:
         0c:ac:f2:70:10:56:ef:36:e0:fc:91:c9:da:be:d6:aa:4e:50:
         c5:8d:c8:e2:94:b0:20:53:a4:6e:df:8a:0a:0e:44:4f:1a:dd:
         c3:55:de:68:ae:4d:4b:54:83:07:7d:f5:66:b2:45:a9:c9:ff:
         b2:13:3e:c0:67:d6:fd:54:bd:e2:02:9f:6d:a4:42:fe:b9:c0:
         83:d8:20:aa
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdohOtYR7P35UTSdiazLlsjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4MTk5NTZkZGNlYWUwMjJjZmUxMjNkYTM3M2M2YjExMTY0
MDM2OGQwHhcNMjUwNjEzMDkwMDMwWhcNMjUwNjE0MDkwMDMwWjAzMTEwLwYDVQQD
EyhmZmJlY2NjMWQyNDkwMDdmZDI0YzNhYWY5Mjk3ZWViOGQ3YzZmNTZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzaH9XEgEpRk++9pNnoa2YCAtKFMs
2jUHMvsefWFTyIQvUfe0SrfePatmiEl9zEPAkMof4sJTuVplvwvyqIgiApoNfNlf
TkYgwTkSLCWwoz2jMkcIc+pe2TVpdqvvW/MNitNz/NlLguiGwMvEM/r4ApJtBgQp
k0Ge6BxnLd7fILSiADkZhe+nAkkBGtCqD1TJkAnpEYMqWkScwmWy8sXVAS4AZ3WZ
7tqT0Ha4qnkKErIcwz7zwU28GCQVXRhM///75xebu8twpkq/mdOoMyRogGXN9tiQ
mKDt3pnn1f4LiBPCBVIyyj93Uvk52qjM7F2q6MsIFRH2Q/X2zhX7O9WC0QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFP++zMHSSQB/0kw6r5KX7rjXxvVrMB8GA1UdIwQY
MBaAFIgZlW3c6uAiz+Ej2jc8axEWQDaNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaUJtVmJkenE0Q0xQNFNQYU56eHJFUlpBTm8wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNy85ODg3NjgtZjE3Yi00ZjU5LWJlMDkt
MmRlYjE0YzI5MGVkLzEvaUJtVmJkenE0Q0xQNFNQYU56eHJFUlpBTm8wLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNy85ODg3NjgtZjE3Yi00ZjU5LWJlMDktMmRlYjE0YzI5MGVk
LzEvaUJtVmJkenE0Q0xQNFNQYU56eHJFUlpBTm8wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZGCprHNW
6Fy7TwQCmEg17wR+y0zkRq5w1BtbfMh6Q4XwnH4MKnyuMMasn4RXvW0oEkMjl+tv
PQkbbX8nLBhqNSTH7CCw82TT2CQpbAnp5Xhv8cvcZouEj4T8ercQBTsOYJogXP9b
4ON7WXAQobkiJkzxJyAKUHHiGrMTDiIoDb76cHL39Tgk8nSW+SNNLX03LQ0nGIZe
hP0cvTW/yd3mqmPwuVDZFUrw2hxIpTpqHoZ0yCcHDKzycBBW7zbg/JHJ2r7Wqk5Q
xY3I4pSwIFOkbt+KCg5ETxrdw1XeaK5NS1SDB331ZrJFqcn/shM+wGfW/VS94gKf
baRC/rnAg9ggqg==
-----END CERTIFICATE-----
Generated at Fri Jun 13 13:07:50 2025 by rpki-client