Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/37/988768-f17b-4f59-be09-2deb14c290ed/1/iBmVbdzq4CLP4SPaNzxrERZANo0.mft
File:                     iBmVbdzq4CLP4SPaNzxrERZANo0.mft (raw, json)
Hash identifier:          d9Z4U82g+gZHUxksl53CQ4BLgcm+acveJSiWvPz3OYY=
Subject key identifier:   CF:33:22:D0:8B:E5:E3:3B:B7:0F:D4:75:94:29:24:48:35:EF:4C:52
Authority key identifier: 88:19:95:6D:DC:EA:E0:22:CF:E1:23:DA:37:3C:6B:11:16:40:36:8D
Certificate issuer:       /CN=8819956ddceae022cfe123da373c6b111640368d
Certificate serial:       01975723CD2A6933F9BBCE3DD25D146E0326
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/iBmVbdzq4CLP4SPaNzxrERZANo0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/37/988768-f17b-4f59-be09-2deb14c290ed/1/iBmVbdzq4CLP4SPaNzxrERZANo0.mft
Manifest number:          1195
Signing time:             Tue 10 Jun 2025 00:00:53 +0000
Manifest this update:     Tue 10 Jun 2025 00:00:53 +0000
Manifest next update:     Wed 11 Jun 2025 00:00:53 +0000
Files and hashes:         1: JZQSwG4wbJPMZQTbI1xSGViuvto.roa (hash: 7nxSYve4K7+DiIBeaX8vSWVp7u4kFJYyJFHRolTK/UI=)
                          2: iBmVbdzq4CLP4SPaNzxrERZANo0.crl (hash: NwPpYOk5q2pm0wV1Nwfy0aZhvEHdfrrGE1oKlaAbLhw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/37/988768-f17b-4f59-be09-2deb14c290ed/1/iBmVbdzq4CLP4SPaNzxrERZANo0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/37/988768-f17b-4f59-be09-2deb14c290ed/1/iBmVbdzq4CLP4SPaNzxrERZANo0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/iBmVbdzq4CLP4SPaNzxrERZANo0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 11 Jun 2025 00:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:57:23:cd:2a:69:33:f9:bb:ce:3d:d2:5d:14:6e:03:26
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8819956ddceae022cfe123da373c6b111640368d
        Validity
            Not Before: Jun 10 00:00:53 2025 GMT
            Not After : Jun 11 00:00:53 2025 GMT
        Subject: CN=cf3322d08be5e33bb70fd4759429244835ef4c52
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dd:04:1d:ae:97:97:08:be:de:21:1f:51:e2:ee:
                    d2:ae:d5:2d:d5:4e:fe:19:3d:64:f5:f2:87:c6:b5:
                    98:dd:37:41:61:08:bb:d9:72:fa:ab:4c:36:04:30:
                    a6:4c:1b:b3:0b:ac:ad:c9:99:5e:89:0c:86:c6:52:
                    03:6a:54:e2:4e:00:01:07:4a:0a:5c:e0:55:e1:b0:
                    66:28:4d:f2:dc:15:98:7a:ba:18:b4:8d:62:9f:70:
                    ca:89:a3:b4:e8:8c:04:48:f0:bd:80:90:3b:6e:9f:
                    81:c4:9f:f1:74:37:d5:05:29:f8:bd:3c:47:cc:4a:
                    a7:91:75:f1:c8:79:bd:0c:9b:37:70:d8:60:f5:34:
                    f0:d2:55:bd:d2:dd:ec:d9:a2:df:0a:b1:fc:a2:9c:
                    8f:1e:6a:71:99:4c:24:2a:92:3c:09:69:3d:47:ed:
                    b9:2b:26:4b:26:3a:bb:5c:13:e9:0a:6d:05:8c:d6:
                    39:87:8b:e0:07:3a:8f:17:b4:31:07:7c:a4:bb:ae:
                    a4:cc:7c:b0:c7:e4:45:89:da:26:e0:d8:db:fb:9d:
                    fb:aa:4f:1d:56:bf:ef:ab:a9:85:c8:80:56:14:4b:
                    f6:23:f8:75:a5:c1:a7:fa:92:4b:65:3c:57:b7:70:
                    0b:8b:6f:06:66:8f:c1:4e:7a:49:f6:8e:d3:a7:c4:
                    0a:c1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CF:33:22:D0:8B:E5:E3:3B:B7:0F:D4:75:94:29:24:48:35:EF:4C:52
            X509v3 Authority Key Identifier:
                keyid:88:19:95:6D:DC:EA:E0:22:CF:E1:23:DA:37:3C:6B:11:16:40:36:8D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iBmVbdzq4CLP4SPaNzxrERZANo0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/37/988768-f17b-4f59-be09-2deb14c290ed/1/iBmVbdzq4CLP4SPaNzxrERZANo0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/37/988768-f17b-4f59-be09-2deb14c290ed/1/iBmVbdzq4CLP4SPaNzxrERZANo0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         9b:37:01:76:bc:18:3c:25:e8:e7:08:1d:d6:34:e0:e6:36:08:
         ab:39:b1:27:2c:fa:a3:41:9c:1a:22:d9:1b:1e:5e:3b:f0:bb:
         d6:2a:f5:35:34:86:0d:11:b0:86:a2:58:e9:6d:d2:86:f4:e0:
         3f:6c:94:7c:ce:04:84:af:6c:18:02:75:57:80:33:a3:30:85:
         11:b4:b9:65:4c:04:3d:c5:d6:e3:ee:8c:48:4a:dc:b2:25:47:
         5b:40:ea:7d:e3:bd:25:d5:bf:cd:21:40:60:6f:81:8f:80:f9:
         9a:bb:12:fe:23:5c:cc:4e:e9:11:25:8d:21:8b:e1:49:2a:d1:
         26:80:4f:bb:70:3b:7b:e8:5d:80:38:19:09:6a:60:5b:9b:d7:
         78:75:cf:05:2e:6e:1f:ef:82:5b:ff:a6:e9:6b:63:6f:23:55:
         d0:e9:0e:b4:a0:2d:ae:cf:02:2c:08:37:b6:aa:d0:2e:45:de:
         35:33:3e:6b:42:3b:c4:a4:35:cd:fd:02:f6:da:3c:dd:43:69:
         18:70:77:38:b9:2f:c2:f9:fe:25:93:08:70:1e:fb:ac:f8:92:
         cb:a3:9b:22:ba:8c:7f:42:d7:58:ba:ad:25:df:e5:a9:02:66:
         24:47:21:b2:ad:a1:91:cf:25:2e:6c:24:f5:bb:b8:0d:63:53:
         2e:60:fb:52
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdXI80qaTP5u8490l0UbgMmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4MTk5NTZkZGNlYWUwMjJjZmUxMjNkYTM3M2M2YjExMTY0
MDM2OGQwHhcNMjUwNjEwMDAwMDUzWhcNMjUwNjExMDAwMDUzWjAzMTEwLwYDVQQD
EyhjZjMzMjJkMDhiZTVlMzNiYjcwZmQ0NzU5NDI5MjQ0ODM1ZWY0YzUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3QQdrpeXCL7eIR9R4u7SrtUt1U7+
GT1k9fKHxrWY3TdBYQi72XL6q0w2BDCmTBuzC6ytyZleiQyGxlIDalTiTgABB0oK
XOBV4bBmKE3y3BWYeroYtI1in3DKiaO06IwESPC9gJA7bp+BxJ/xdDfVBSn4vTxH
zEqnkXXxyHm9DJs3cNhg9TTw0lW90t3s2aLfCrH8opyPHmpxmUwkKpI8CWk9R+25
KyZLJjq7XBPpCm0FjNY5h4vgBzqPF7QxB3yku66kzHywx+RFidom4Njb+537qk8d
Vr/vq6mFyIBWFEv2I/h1pcGn+pJLZTxXt3ALi28GZo/BTnpJ9o7Tp8QKwQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFM8zItCL5eM7tw/UdZQpJEg170xSMB8GA1UdIwQY
MBaAFIgZlW3c6uAiz+Ej2jc8axEWQDaNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaUJtVmJkenE0Q0xQNFNQYU56eHJFUlpBTm8wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNy85ODg3NjgtZjE3Yi00ZjU5LWJlMDkt
MmRlYjE0YzI5MGVkLzEvaUJtVmJkenE0Q0xQNFNQYU56eHJFUlpBTm8wLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNy85ODg3NjgtZjE3Yi00ZjU5LWJlMDktMmRlYjE0YzI5MGVk
LzEvaUJtVmJkenE0Q0xQNFNQYU56eHJFUlpBTm8wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAmzcBdrwY
PCXo5wgd1jTg5jYIqzmxJyz6o0GcGiLZGx5eO/C71ir1NTSGDRGwhqJY6W3ShvTg
P2yUfM4EhK9sGAJ1V4AzozCFEbS5ZUwEPcXW4+6MSErcsiVHW0DqfeO9JdW/zSFA
YG+Bj4D5mrsS/iNczE7pESWNIYvhSSrRJoBPu3A7e+hdgDgZCWpgW5vXeHXPBS5u
H++CW/+m6WtjbyNV0OkOtKAtrs8CLAg3tqrQLkXeNTM+a0I7xKQ1zf0C9to83UNp
GHB3OLkvwvn+JZMIcB77rPiSy6ObIrqMf0LXWLqtJd/lqQJmJEchsq2hkc8lLmwk
9bu4DWNTLmD7Ug==
-----END CERTIFICATE-----
Generated at Tue Jun 10 07:33:46 2025 by rpki-client