Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3b/2434f8-0566-45fc-b714-31a3ecf1bdb6/1/xaAZy1TXAKGxxQ6PkOvuKl7qV7s.mft
File:                     xaAZy1TXAKGxxQ6PkOvuKl7qV7s.mft (raw, json)
Hash identifier:          McE1VX1iCureCQG7komHXSfq9MTWXY7MCvdbUSEoywY=
Subject key identifier:   71:FA:73:26:97:98:FC:C5:08:03:73:84:D1:D7:48:98:C8:72:46:BF
Authority key identifier: C5:A0:19:CB:54:D7:00:A1:B1:C5:0E:8F:90:EB:EE:2A:5E:EA:57:BB
Certificate issuer:       /CN=c5a019cb54d700a1b1c50e8f90ebee2a5eea57bb
Certificate serial:       019758003028DAE3843ADE43F9AA856ACA56
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/xaAZy1TXAKGxxQ6PkOvuKl7qV7s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3b/2434f8-0566-45fc-b714-31a3ecf1bdb6/1/xaAZy1TXAKGxxQ6PkOvuKl7qV7s.mft
Manifest number:          1517
Signing time:             Tue 10 Jun 2025 04:01:36 +0000
Manifest this update:     Tue 10 Jun 2025 04:01:36 +0000
Manifest next update:     Wed 11 Jun 2025 04:01:36 +0000
Files and hashes:         1: kFAWzJxAiMhkm4NOvHOiD5PY66g.roa (hash: QJZEuzHLkJsVvRtJ8dcL8i0clH/1NRZmPUpPgEFazCw=)
                          2: xaAZy1TXAKGxxQ6PkOvuKl7qV7s.crl (hash: oPweSkOLdcVDz30J2cxoS1UeOsCVozaATi4cinkQijY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3b/2434f8-0566-45fc-b714-31a3ecf1bdb6/1/xaAZy1TXAKGxxQ6PkOvuKl7qV7s.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3b/2434f8-0566-45fc-b714-31a3ecf1bdb6/1/xaAZy1TXAKGxxQ6PkOvuKl7qV7s.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/xaAZy1TXAKGxxQ6PkOvuKl7qV7s.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 11 Jun 2025 04:01:36 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:58:00:30:28:da:e3:84:3a:de:43:f9:aa:85:6a:ca:56
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c5a019cb54d700a1b1c50e8f90ebee2a5eea57bb
        Validity
            Not Before: Jun 10 04:01:36 2025 GMT
            Not After : Jun 11 04:01:36 2025 GMT
        Subject: CN=71fa73269798fcc508037384d1d74898c87246bf
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:1b:7e:e9:d0:b3:cf:b7:4d:c6:87:da:00:f6:
                    90:db:e3:f8:54:a6:38:7a:5a:75:0b:30:e9:dd:a2:
                    d6:78:99:bf:a7:0b:cf:90:c7:28:92:93:ec:a5:45:
                    d7:bb:18:f3:e7:fd:1f:17:00:bb:cb:af:f5:e2:64:
                    ea:41:a2:4b:a6:3b:eb:83:7c:32:56:71:aa:f6:5c:
                    e2:17:b8:11:86:a2:44:f9:80:5a:ce:e1:1c:3b:3f:
                    12:0d:ab:fb:07:47:49:e2:57:fd:0e:20:45:bd:a3:
                    31:12:a3:3f:f0:39:9e:ed:4a:f7:5c:a2:7f:d5:0d:
                    cd:8b:79:8a:0c:60:e5:27:61:a7:a0:aa:16:71:c3:
                    37:66:4a:5e:c8:c0:1e:7b:b6:48:fc:1f:9b:88:bf:
                    9c:c1:31:9e:be:c8:d5:02:04:dd:6b:df:d5:42:40:
                    01:8b:f2:fc:2c:4b:60:20:62:91:ef:95:7f:cf:88:
                    8f:ba:ed:71:f1:41:ba:59:cd:30:5e:7d:f4:1f:3e:
                    27:3b:67:a1:51:e8:a4:9d:f6:f4:bc:2f:e3:cd:43:
                    59:af:ac:e6:b8:05:5f:df:09:28:b5:3d:7f:b2:07:
                    ba:2e:67:d2:41:07:44:79:14:fd:52:fb:e0:c5:62:
                    77:44:99:82:a2:e3:c1:ff:f6:c9:69:cf:f5:b1:9e:
                    04:7f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                71:FA:73:26:97:98:FC:C5:08:03:73:84:D1:D7:48:98:C8:72:46:BF
            X509v3 Authority Key Identifier:
                keyid:C5:A0:19:CB:54:D7:00:A1:B1:C5:0E:8F:90:EB:EE:2A:5E:EA:57:BB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xaAZy1TXAKGxxQ6PkOvuKl7qV7s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/2434f8-0566-45fc-b714-31a3ecf1bdb6/1/xaAZy1TXAKGxxQ6PkOvuKl7qV7s.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/2434f8-0566-45fc-b714-31a3ecf1bdb6/1/xaAZy1TXAKGxxQ6PkOvuKl7qV7s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         8c:d0:b3:a7:db:5a:1e:40:2e:54:ec:13:7f:e7:76:97:a0:1c:
         a7:b7:22:6e:c2:ca:c6:3e:10:58:6e:69:41:a9:d1:b8:be:56:
         66:2e:ff:06:c6:39:20:e1:c1:bf:86:ae:51:04:3b:07:c2:33:
         44:75:19:0a:7f:0b:57:c0:f5:ac:d4:ee:07:f7:46:07:a3:00:
         ba:06:f2:9f:78:4e:5c:e0:d5:fc:4c:df:02:8b:6c:6c:c4:0c:
         4b:b6:ea:a5:88:8f:12:d3:6a:2b:d8:e5:a4:51:89:f8:0f:06:
         e0:ad:ef:a7:41:86:57:9c:84:e8:82:6c:cf:39:d1:f3:1e:6e:
         fb:8a:23:1b:9c:a4:25:a9:a4:84:73:96:e6:90:93:74:e9:8a:
         ec:6d:34:82:69:fc:26:40:31:80:3f:9b:ee:da:e2:3d:51:d4:
         37:7e:7d:ea:ae:26:42:29:28:d5:15:d4:43:76:d5:8e:b9:b5:
         14:32:bd:27:93:1f:7e:35:be:60:ea:71:e6:bd:d6:96:78:39:
         3c:41:98:88:79:74:f6:09:7f:81:86:1b:11:6d:7b:c4:a6:01:
         d1:e1:af:a8:cf:e6:6f:7e:1e:61:1a:3a:d4:a0:85:01:aa:4f:
         d2:df:52:9e:1d:fb:da:f3:36:4d:7a:c8:44:ae:85:a3:75:13:
         cf:81:2f:ee
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdYADAo2uOEOt5D+aqFaspWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM1YTAxOWNiNTRkNzAwYTFiMWM1MGU4ZjkwZWJlZTJhNWVl
YTU3YmIwHhcNMjUwNjEwMDQwMTM2WhcNMjUwNjExMDQwMTM2WjAzMTEwLwYDVQQD
Eyg3MWZhNzMyNjk3OThmY2M1MDgwMzczODRkMWQ3NDg5OGM4NzI0NmJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtxt+6dCzz7dNxofaAPaQ2+P4VKY4
elp1CzDp3aLWeJm/pwvPkMcokpPspUXXuxjz5/0fFwC7y6/14mTqQaJLpjvrg3wy
VnGq9lziF7gRhqJE+YBazuEcOz8SDav7B0dJ4lf9DiBFvaMxEqM/8Dme7Ur3XKJ/
1Q3Ni3mKDGDlJ2GnoKoWccM3ZkpeyMAee7ZI/B+biL+cwTGevsjVAgTda9/VQkAB
i/L8LEtgIGKR75V/z4iPuu1x8UG6Wc0wXn30Hz4nO2ehUeiknfb0vC/jzUNZr6zm
uAVf3wkotT1/sge6LmfSQQdEeRT9UvvgxWJ3RJmCouPB//bJac/1sZ4EfwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHH6cyaXmPzFCANzhNHXSJjIcka/MB8GA1UdIwQY
MBaAFMWgGctU1wChscUOj5Dr7ipe6le7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveGFBWnkxVFhBS0d4eFE2UGtPdnVLbDdxVjdzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYi8yNDM0ZjgtMDU2Ni00NWZjLWI3MTQt
MzFhM2VjZjFiZGI2LzEveGFBWnkxVFhBS0d4eFE2UGtPdnVLbDdxVjdzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYi8yNDM0ZjgtMDU2Ni00NWZjLWI3MTQtMzFhM2VjZjFiZGI2
LzEveGFBWnkxVFhBS0d4eFE2UGtPdnVLbDdxVjdzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAjNCzp9ta
HkAuVOwTf+d2l6Acp7cibsLKxj4QWG5pQanRuL5WZi7/BsY5IOHBv4auUQQ7B8Iz
RHUZCn8LV8D1rNTuB/dGB6MAugbyn3hOXODV/EzfAotsbMQMS7bqpYiPEtNqK9jl
pFGJ+A8G4K3vp0GGV5yE6IJszznR8x5u+4ojG5ykJamkhHOW5pCTdOmK7G00gmn8
JkAxgD+b7triPVHUN3596q4mQiko1RXUQ3bVjrm1FDK9J5MffjW+YOpx5r3Wlng5
PEGYiHl09gl/gYYbEW17xKYB0eGvqM/mb34eYRo61KCFAapP0t9Snh372vM2TXrI
RK6Fo3UTz4Ev7g==
-----END CERTIFICATE-----
Generated at Tue Jun 10 13:45:43 2025 by rpki-client