Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3b/2434f8-0566-45fc-b714-31a3ecf1bdb6/1/xaAZy1TXAKGxxQ6PkOvuKl7qV7s.mft
File:                     xaAZy1TXAKGxxQ6PkOvuKl7qV7s.mft (raw, json)
Hash identifier:          lrNB0pA3S9YsqA/TpJ351EItXAX64ZTJN6eMIk0brps=
Subject key identifier:   72:D9:90:89:ED:38:71:40:BE:71:11:8F:AB:F0:C9:DC:0F:73:7B:25
Authority key identifier: C5:A0:19:CB:54:D7:00:A1:B1:C5:0E:8F:90:EB:EE:2A:5E:EA:57:BB
Certificate issuer:       /CN=c5a019cb54d700a1b1c50e8f90ebee2a5eea57bb
Certificate serial:       01978E12DE8F910ED4AB8D85437D8ABEC810
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/xaAZy1TXAKGxxQ6PkOvuKl7qV7s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3b/2434f8-0566-45fc-b714-31a3ecf1bdb6/1/xaAZy1TXAKGxxQ6PkOvuKl7qV7s.mft
Manifest number:          1533
Signing time:             Fri 20 Jun 2025 16:01:30 +0000
Manifest this update:     Fri 20 Jun 2025 16:01:30 +0000
Manifest next update:     Sat 21 Jun 2025 16:01:30 +0000
Files and hashes:         1: kFAWzJxAiMhkm4NOvHOiD5PY66g.roa (hash: QJZEuzHLkJsVvRtJ8dcL8i0clH/1NRZmPUpPgEFazCw=)
                          2: xaAZy1TXAKGxxQ6PkOvuKl7qV7s.crl (hash: U7Sym6V+G9cdVGmrY66Pc/LdmgCel0gHnyJnKFGnpyo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3b/2434f8-0566-45fc-b714-31a3ecf1bdb6/1/xaAZy1TXAKGxxQ6PkOvuKl7qV7s.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3b/2434f8-0566-45fc-b714-31a3ecf1bdb6/1/xaAZy1TXAKGxxQ6PkOvuKl7qV7s.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/xaAZy1TXAKGxxQ6PkOvuKl7qV7s.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 21 Jun 2025 13:00:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:8e:12:de:8f:91:0e:d4:ab:8d:85:43:7d:8a:be:c8:10
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c5a019cb54d700a1b1c50e8f90ebee2a5eea57bb
        Validity
            Not Before: Jun 20 16:01:30 2025 GMT
            Not After : Jun 21 16:01:30 2025 GMT
        Subject: CN=72d99089ed387140be71118fabf0c9dc0f737b25
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:99:23:17:c9:70:c1:86:3a:c6:6c:e8:75:72:
                    fb:58:cf:83:5f:c5:da:4a:f5:e9:46:ad:b7:f1:c8:
                    db:f3:21:22:cc:50:d0:dd:44:a4:28:fa:8d:93:4b:
                    83:2c:54:b7:f5:2e:82:cc:77:fc:e4:7c:8c:f2:7e:
                    ce:23:93:5d:e6:cd:03:5e:83:7d:20:96:67:35:3b:
                    68:11:d2:38:58:bf:47:f0:c2:b0:89:1a:11:0a:31:
                    f2:54:d5:ba:d4:94:e9:d0:72:c7:66:43:98:6a:53:
                    ee:be:f0:44:f9:98:f8:f3:c5:a8:12:2e:b7:c7:42:
                    3e:04:82:64:73:0e:00:35:63:75:be:87:14:6b:f0:
                    b1:d8:32:23:db:7f:6e:69:d2:a9:74:02:a0:9e:9b:
                    2a:4b:20:45:34:3c:fe:da:ed:f9:ec:5a:ba:90:ac:
                    9b:84:5c:b3:22:a4:b5:5d:ae:11:46:26:ff:62:7e:
                    ee:a0:bd:dd:57:f0:1d:e3:37:d8:f0:09:80:e6:a3:
                    3b:67:a6:1e:df:45:61:90:55:fb:1b:81:25:a2:96:
                    51:31:7b:56:dd:35:5d:4f:a0:5b:03:02:14:d0:5e:
                    df:c3:5f:e5:30:76:99:b6:1e:cc:ab:a8:7c:41:fc:
                    fb:84:cd:97:d6:c2:b7:27:de:b9:38:da:86:3a:ae:
                    e1:31
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                72:D9:90:89:ED:38:71:40:BE:71:11:8F:AB:F0:C9:DC:0F:73:7B:25
            X509v3 Authority Key Identifier:
                keyid:C5:A0:19:CB:54:D7:00:A1:B1:C5:0E:8F:90:EB:EE:2A:5E:EA:57:BB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xaAZy1TXAKGxxQ6PkOvuKl7qV7s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/2434f8-0566-45fc-b714-31a3ecf1bdb6/1/xaAZy1TXAKGxxQ6PkOvuKl7qV7s.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/2434f8-0566-45fc-b714-31a3ecf1bdb6/1/xaAZy1TXAKGxxQ6PkOvuKl7qV7s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7d:a6:84:eb:53:a3:ca:ea:99:2c:ad:73:88:55:2c:5d:b1:0f:
         65:4c:97:1a:4a:68:24:b4:d6:95:99:7b:ca:bc:61:66:55:72:
         ff:a4:30:5e:92:28:b8:17:63:fd:ec:f2:8b:39:0a:0f:f5:c0:
         f5:05:24:e5:a1:9b:b3:0d:dd:69:15:75:01:85:7c:6b:5a:ec:
         21:0a:f2:10:6c:06:94:d8:3a:dc:28:f8:72:17:38:2c:e2:1e:
         40:c1:e2:ea:69:45:79:58:62:02:44:e0:1d:45:b6:d7:e3:ef:
         90:f8:ef:5d:37:70:46:24:a5:85:d1:d4:03:6c:0b:ef:c6:e5:
         c7:27:1e:41:30:b6:45:36:0b:75:a1:e4:e1:24:5c:1c:14:f5:
         97:c4:d2:84:36:20:02:5e:2a:f0:10:10:39:54:fb:d9:aa:53:
         c3:36:1b:9d:ed:c6:94:f0:f2:05:5f:48:48:24:24:a7:00:00:
         1a:4b:d3:5d:76:42:f3:55:49:49:4a:c0:51:20:73:ab:ef:6e:
         fb:03:56:16:de:5f:a3:7b:f9:40:40:b8:98:24:77:96:9b:1f:
         aa:ac:3c:e9:3a:30:a0:09:90:fd:72:78:c6:f9:f6:15:e1:8e:
         2e:b0:4f:5e:24:77:ad:05:68:fc:a6:92:18:a1:23:f4:bd:12:
         8f:1b:2d:cb
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZeOEt6PkQ7Uq42FQ32KvsgQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM1YTAxOWNiNTRkNzAwYTFiMWM1MGU4ZjkwZWJlZTJhNWVl
YTU3YmIwHhcNMjUwNjIwMTYwMTMwWhcNMjUwNjIxMTYwMTMwWjAzMTEwLwYDVQQD
Eyg3MmQ5OTA4OWVkMzg3MTQwYmU3MTExOGZhYmYwYzlkYzBmNzM3YjI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvpkjF8lwwYY6xmzodXL7WM+DX8Xa
SvXpRq238cjb8yEizFDQ3USkKPqNk0uDLFS39S6CzHf85HyM8n7OI5Nd5s0DXoN9
IJZnNTtoEdI4WL9H8MKwiRoRCjHyVNW61JTp0HLHZkOYalPuvvBE+Zj488WoEi63
x0I+BIJkcw4ANWN1vocUa/Cx2DIj239uadKpdAKgnpsqSyBFNDz+2u357Fq6kKyb
hFyzIqS1Xa4RRib/Yn7uoL3dV/Ad4zfY8AmA5qM7Z6Ye30VhkFX7G4ElopZRMXtW
3TVdT6BbAwIU0F7fw1/lMHaZth7Mq6h8Qfz7hM2X1sK3J965ONqGOq7hMQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHLZkIntOHFAvnERj6vwydwPc3slMB8GA1UdIwQY
MBaAFMWgGctU1wChscUOj5Dr7ipe6le7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveGFBWnkxVFhBS0d4eFE2UGtPdnVLbDdxVjdzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYi8yNDM0ZjgtMDU2Ni00NWZjLWI3MTQt
MzFhM2VjZjFiZGI2LzEveGFBWnkxVFhBS0d4eFE2UGtPdnVLbDdxVjdzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYi8yNDM0ZjgtMDU2Ni00NWZjLWI3MTQtMzFhM2VjZjFiZGI2
LzEveGFBWnkxVFhBS0d4eFE2UGtPdnVLbDdxVjdzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAfaaE61Oj
yuqZLK1ziFUsXbEPZUyXGkpoJLTWlZl7yrxhZlVy/6QwXpIouBdj/ezyizkKD/XA
9QUk5aGbsw3daRV1AYV8a1rsIQryEGwGlNg63Cj4chc4LOIeQMHi6mlFeVhiAkTg
HUW21+PvkPjvXTdwRiSlhdHUA2wL78blxyceQTC2RTYLdaHk4SRcHBT1l8TShDYg
Al4q8BAQOVT72apTwzYbne3GlPDyBV9ISCQkpwAAGkvTXXZC81VJSUrAUSBzq+9u
+wNWFt5fo3v5QEC4mCR3lpsfqqw86TowoAmQ/XJ4xvn2FeGOLrBPXiR3rQVo/KaS
GKEj9L0Sjxstyw==
-----END CERTIFICATE-----
Generated at Fri Jun 20 19:28:16 2025 by rpki-client