Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/589db9-e22b-4d64-94b4-8ecf751057ac/1/bRRgVvD7veYYv_ARwPIrp0pYMrc.mft
File:                     bRRgVvD7veYYv_ARwPIrp0pYMrc.mft (raw, json)
Hash identifier:          yz9qcRZuJKrrNhFLKoEPzlblKtO8DJR1OwGuzJWo7Pg=
Subject key identifier:   C7:FF:AB:5B:77:0C:EB:AC:B6:3A:28:70:6A:56:32:DD:62:63:5E:F6
Authority key identifier: 6D:14:60:56:F0:FB:BD:E6:18:BF:F0:11:C0:F2:2B:A7:4A:58:32:B7
Certificate issuer:       /CN=6d146056f0fbbde618bff011c0f22ba74a5832b7
Certificate serial:       01976C2B4134FCF789EBF14655F9851F9712
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/bRRgVvD7veYYv_ARwPIrp0pYMrc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3a/589db9-e22b-4d64-94b4-8ecf751057ac/1/bRRgVvD7veYYv_ARwPIrp0pYMrc.mft
Manifest number:          158F
Signing time:             Sat 14 Jun 2025 02:01:03 +0000
Manifest this update:     Sat 14 Jun 2025 02:01:03 +0000
Manifest next update:     Sun 15 Jun 2025 02:01:03 +0000
Files and hashes:         1: PWSDM2wQmRNxztAKQ8wgaZS7VDM.roa (hash: d9Wa5FwcE+PxgkYEzEZPmnpoKU1tHYNjbElNCRhvEFk=)
                          2: bRRgVvD7veYYv_ARwPIrp0pYMrc.crl (hash: zFskK6SprWqHctede/poyf3ZBNZ1SWAVQWxpGlZRvGs=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3a/589db9-e22b-4d64-94b4-8ecf751057ac/1/bRRgVvD7veYYv_ARwPIrp0pYMrc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3a/589db9-e22b-4d64-94b4-8ecf751057ac/1/bRRgVvD7veYYv_ARwPIrp0pYMrc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/bRRgVvD7veYYv_ARwPIrp0pYMrc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 15 Jun 2025 01:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:6c:2b:41:34:fc:f7:89:eb:f1:46:55:f9:85:1f:97:12
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6d146056f0fbbde618bff011c0f22ba74a5832b7
        Validity
            Not Before: Jun 14 02:01:03 2025 GMT
            Not After : Jun 15 02:01:03 2025 GMT
        Subject: CN=c7ffab5b770cebacb63a28706a5632dd62635ef6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:5c:32:2e:0d:0d:b7:7f:28:c3:fb:5e:5b:ef:
                    6f:8e:41:4f:48:90:14:24:59:be:99:32:f8:94:b1:
                    eb:46:d6:99:80:70:c4:46:f2:fc:bc:ff:62:80:9e:
                    6b:85:13:f3:43:0c:43:ea:90:80:7b:50:b6:b8:3b:
                    1f:e7:fd:75:28:aa:19:55:68:87:23:2f:45:b0:9c:
                    94:89:47:1c:32:82:2f:27:98:90:e6:f3:74:32:a8:
                    e7:25:0a:b3:9a:3a:c5:cc:d5:3e:b8:9e:19:ff:fe:
                    cc:87:1a:23:69:1c:c3:98:f7:af:e4:a7:b7:f5:fa:
                    76:7e:57:cc:46:81:9e:0a:23:96:e4:c1:fb:f5:de:
                    0f:cc:eb:4e:d1:b4:0d:4e:23:03:7a:9e:34:72:1f:
                    8a:f4:b9:e2:11:63:9c:20:f3:3a:8c:68:e5:83:05:
                    0c:3a:6f:0d:18:f8:ba:df:f1:03:bb:6f:33:40:2f:
                    70:5f:32:da:0f:e6:fc:e7:3d:30:17:67:d4:13:3d:
                    da:f0:2f:4f:e9:bf:73:9f:ff:a2:b8:a5:6d:25:ee:
                    0e:bc:fa:df:19:db:0e:82:f0:d9:dd:52:67:c0:0f:
                    d3:cb:20:5d:0c:50:3d:cd:3a:0f:d1:c5:63:d3:37:
                    bc:36:16:ba:ac:89:c6:fc:90:2b:b6:dc:1d:e3:54:
                    6d:39
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C7:FF:AB:5B:77:0C:EB:AC:B6:3A:28:70:6A:56:32:DD:62:63:5E:F6
            X509v3 Authority Key Identifier:
                keyid:6D:14:60:56:F0:FB:BD:E6:18:BF:F0:11:C0:F2:2B:A7:4A:58:32:B7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bRRgVvD7veYYv_ARwPIrp0pYMrc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/589db9-e22b-4d64-94b4-8ecf751057ac/1/bRRgVvD7veYYv_ARwPIrp0pYMrc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/589db9-e22b-4d64-94b4-8ecf751057ac/1/bRRgVvD7veYYv_ARwPIrp0pYMrc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         ac:97:dc:e4:4b:77:e5:d4:60:df:a2:78:de:1e:e1:45:64:4c:
         61:75:b3:fc:9f:dd:9c:a8:54:f5:9c:7b:01:22:01:eb:48:6e:
         60:f3:f0:c2:1f:91:e9:c5:a3:23:09:c1:3b:a6:d5:05:a7:15:
         e3:3f:d0:2c:29:7a:b0:e7:d2:c2:a4:d8:1e:76:c3:fb:b1:9a:
         b2:e4:5f:f6:bb:8d:48:cd:df:50:50:86:ac:e3:aa:e9:f2:7c:
         ef:0f:e6:a7:d6:e9:c1:83:2c:ce:df:74:6c:13:40:c0:9c:3b:
         c5:e3:a3:35:ef:7d:46:f6:f5:57:34:80:83:ea:46:f2:ca:bf:
         cb:99:d1:ae:eb:93:ea:a9:0f:71:a7:59:38:3f:3f:7b:ea:f3:
         6e:85:5e:d3:f2:d9:98:49:ef:46:8b:f7:2f:e4:8f:f5:e8:3e:
         f9:93:d7:cd:a9:5a:ed:f8:13:d6:5a:e7:4e:80:60:68:a7:94:
         ec:09:1a:56:ac:2f:ef:8c:8d:fb:62:e7:66:49:d7:3f:0f:99:
         8d:04:a8:51:fe:0b:f7:df:a5:98:e1:cc:ce:19:8d:1f:d3:ee:
         c9:06:c0:66:df:bf:36:73:1b:d3:3b:5b:0c:65:5b:ce:d0:57:
         0f:15:0f:90:5d:46:99:2b:1b:25:52:cf:9d:cc:e4:b9:0f:59:
         1a:b4:6d:f4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdsK0E0/PeJ6/FGVfmFH5cSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkMTQ2MDU2ZjBmYmJkZTYxOGJmZjAxMWMwZjIyYmE3NGE1
ODMyYjcwHhcNMjUwNjE0MDIwMTAzWhcNMjUwNjE1MDIwMTAzWjAzMTEwLwYDVQQD
EyhjN2ZmYWI1Yjc3MGNlYmFjYjYzYTI4NzA2YTU2MzJkZDYyNjM1ZWY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsFwyLg0Nt38ow/teW+9vjkFPSJAU
JFm+mTL4lLHrRtaZgHDERvL8vP9igJ5rhRPzQwxD6pCAe1C2uDsf5/11KKoZVWiH
Iy9FsJyUiUccMoIvJ5iQ5vN0MqjnJQqzmjrFzNU+uJ4Z//7MhxojaRzDmPev5Ke3
9fp2flfMRoGeCiOW5MH79d4PzOtO0bQNTiMDep40ch+K9LniEWOcIPM6jGjlgwUM
Om8NGPi63/EDu28zQC9wXzLaD+b85z0wF2fUEz3a8C9P6b9zn/+iuKVtJe4OvPrf
GdsOgvDZ3VJnwA/TyyBdDFA9zToP0cVj0ze8Nha6rInG/JArttwd41RtOQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMf/q1t3DOustjoocGpWMt1iY172MB8GA1UdIwQY
MBaAFG0UYFbw+73mGL/wEcDyK6dKWDK3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYlJSZ1Z2RDd2ZVlZdl9BUndQSXJwMHBZTXJjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS81ODlkYjktZTIyYi00ZDY0LTk0YjQt
OGVjZjc1MTA1N2FjLzEvYlJSZ1Z2RDd2ZVlZdl9BUndQSXJwMHBZTXJjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS81ODlkYjktZTIyYi00ZDY0LTk0YjQtOGVjZjc1MTA1N2Fj
LzEvYlJSZ1Z2RDd2ZVlZdl9BUndQSXJwMHBZTXJjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEArJfc5Et3
5dRg36J43h7hRWRMYXWz/J/dnKhU9Zx7ASIB60huYPPwwh+R6cWjIwnBO6bVBacV
4z/QLCl6sOfSwqTYHnbD+7GasuRf9ruNSM3fUFCGrOOq6fJ87w/mp9bpwYMszt90
bBNAwJw7xeOjNe99Rvb1VzSAg+pG8sq/y5nRruuT6qkPcadZOD8/e+rzboVe0/LZ
mEnvRov3L+SP9eg++ZPXzala7fgT1lrnToBgaKeU7AkaVqwv74yN+2LnZknXPw+Z
jQSoUf4L99+lmOHMzhmNH9PuyQbAZt+/NnMb0ztbDGVbztBXDxUPkF1GmSsbJVLP
nczkuQ9ZGrRt9A==
-----END CERTIFICATE-----
Generated at Sat Jun 14 09:33:21 2025 by rpki-client