Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3d/2818b6-1c13-4724-be92-8cd438b5f260/1/xhMnbLymeTwzRXqb8i_BCzgjAfQ.mft
File:                     xhMnbLymeTwzRXqb8i_BCzgjAfQ.mft (raw, json)
Hash identifier:          EN+wI7Ey9e3Re+XCVAnQ47hcavTM66fINk1rA/+kcVI=
Subject key identifier:   28:99:E9:E1:D2:1A:84:0E:77:9B:F7:81:14:00:D1:7E:72:E3:C6:A4
Authority key identifier: C6:13:27:6C:BC:A6:79:3C:33:45:7A:9B:F2:2F:C1:0B:38:23:01:F4
Certificate issuer:       /CN=c613276cbca6793c33457a9bf22fc10b382301f4
Certificate serial:       01976B17F1CAC6A435288D6372046EEAC4C9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/xhMnbLymeTwzRXqb8i_BCzgjAfQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3d/2818b6-1c13-4724-be92-8cd438b5f260/1/xhMnbLymeTwzRXqb8i_BCzgjAfQ.mft
Manifest number:          1590
Signing time:             Fri 13 Jun 2025 21:00:20 +0000
Manifest this update:     Fri 13 Jun 2025 21:00:20 +0000
Manifest next update:     Sat 14 Jun 2025 21:00:20 +0000
Files and hashes:         1: b9YzzhOPHDVo_soINWMmjLB7fhk.roa (hash: lwz89foq6Y4dt/R5BV0uIhhLjFL2sOp+mEH46qLg0yk=)
                          2: xhMnbLymeTwzRXqb8i_BCzgjAfQ.crl (hash: 2xSAEvmKU9Zc5T2n/M97dPqjNGOJ4eHLhLWrdo+Ql9A=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3d/2818b6-1c13-4724-be92-8cd438b5f260/1/xhMnbLymeTwzRXqb8i_BCzgjAfQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3d/2818b6-1c13-4724-be92-8cd438b5f260/1/xhMnbLymeTwzRXqb8i_BCzgjAfQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/xhMnbLymeTwzRXqb8i_BCzgjAfQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 14 Jun 2025 21:00:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:6b:17:f1:ca:c6:a4:35:28:8d:63:72:04:6e:ea:c4:c9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c613276cbca6793c33457a9bf22fc10b382301f4
        Validity
            Not Before: Jun 13 21:00:20 2025 GMT
            Not After : Jun 14 21:00:20 2025 GMT
        Subject: CN=2899e9e1d21a840e779bf7811400d17e72e3c6a4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:36:92:19:e9:c1:87:36:85:16:17:73:39:05:
                    02:66:b7:fb:b9:95:91:9e:bd:db:1a:07:7d:c9:47:
                    13:48:48:eb:ea:a3:62:6e:82:c9:2a:d0:fd:63:4c:
                    3e:0b:f1:08:e6:d2:cd:9d:89:7f:2f:1f:f8:3f:e0:
                    02:d6:8d:7b:37:a6:b4:a6:8e:b4:74:d7:92:06:a1:
                    31:cf:42:8b:6c:70:e0:9b:7e:bf:eb:b6:7a:f3:c0:
                    27:1c:77:6a:11:f9:70:f9:0e:ba:76:97:2e:0b:88:
                    77:d8:bd:cd:7b:48:63:8b:7f:5f:3a:68:aa:d8:4e:
                    0f:38:67:6a:83:28:f7:51:b3:10:53:22:d8:5a:33:
                    df:bf:3f:0d:e5:a3:85:4e:19:84:a9:33:cf:48:ea:
                    32:da:96:eb:7b:35:bf:63:f7:a4:35:7b:78:90:88:
                    48:f7:96:ec:3e:56:14:78:09:6d:7a:59:1e:3b:fa:
                    a9:e5:bb:5e:e5:11:65:c9:1f:43:29:d6:ee:32:a7:
                    7d:25:60:7c:53:d4:3d:1b:5f:c1:71:b6:b5:b1:fd:
                    82:9a:f7:5c:77:70:9d:ef:79:20:4c:6d:41:f6:ad:
                    7b:f9:54:70:07:f9:5f:22:fe:16:d2:48:68:8a:f3:
                    b9:b4:8c:ac:6f:6b:73:33:2f:1b:9d:4a:31:94:ff:
                    e4:f5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                28:99:E9:E1:D2:1A:84:0E:77:9B:F7:81:14:00:D1:7E:72:E3:C6:A4
            X509v3 Authority Key Identifier:
                keyid:C6:13:27:6C:BC:A6:79:3C:33:45:7A:9B:F2:2F:C1:0B:38:23:01:F4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xhMnbLymeTwzRXqb8i_BCzgjAfQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/2818b6-1c13-4724-be92-8cd438b5f260/1/xhMnbLymeTwzRXqb8i_BCzgjAfQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/2818b6-1c13-4724-be92-8cd438b5f260/1/xhMnbLymeTwzRXqb8i_BCzgjAfQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         99:98:10:c0:12:a5:9f:b3:82:b1:14:ab:55:c1:b3:dd:34:5a:
         74:4c:c3:9a:c1:3f:8b:09:82:6f:9e:be:3b:13:80:74:0b:c2:
         10:ed:8f:b5:90:99:8f:b2:7c:73:46:b9:74:de:6f:66:d8:e7:
         c5:c9:09:23:da:0f:3a:7e:2d:b2:50:51:b1:b4:0c:b5:fc:4d:
         5b:2a:3a:5a:1b:31:c7:b2:dc:7f:bf:4c:08:35:4e:a3:ef:7f:
         ca:07:af:4b:72:62:b1:6d:26:f3:c2:e4:c6:38:4d:f3:6d:70:
         b4:1d:b0:db:ea:02:cb:fe:17:74:0b:c5:32:b6:89:c8:40:db:
         87:0e:99:45:84:e3:e3:84:56:a4:54:00:7f:dc:46:73:72:37:
         41:2a:a7:70:28:31:2f:59:e5:8f:79:de:83:ea:4c:4d:41:a5:
         07:aa:03:83:c0:f8:87:b3:b8:03:91:33:d5:64:1e:c8:74:ea:
         b7:6f:8d:cd:11:f7:e1:02:0a:d3:f9:d7:fb:38:6f:c2:69:4e:
         66:e8:73:f7:54:8b:7a:a2:34:b1:84:2c:de:97:51:7a:15:f2:
         32:ff:1a:1d:19:5a:20:12:3e:65:83:6d:9e:95:40:4c:6e:ca:
         7e:51:3b:93:e3:e1:f2:81:4c:c4:60:7f:d9:11:74:bf:fd:e6:
         6a:b1:d7:ee
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdrF/HKxqQ1KI1jcgRu6sTJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2MTMyNzZjYmNhNjc5M2MzMzQ1N2E5YmYyMmZjMTBiMzgy
MzAxZjQwHhcNMjUwNjEzMjEwMDIwWhcNMjUwNjE0MjEwMDIwWjAzMTEwLwYDVQQD
EygyODk5ZTllMWQyMWE4NDBlNzc5YmY3ODExNDAwZDE3ZTcyZTNjNmE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApjaSGenBhzaFFhdzOQUCZrf7uZWR
nr3bGgd9yUcTSEjr6qNiboLJKtD9Y0w+C/EI5tLNnYl/Lx/4P+AC1o17N6a0po60
dNeSBqExz0KLbHDgm36/67Z688AnHHdqEflw+Q66dpcuC4h32L3Ne0hji39fOmiq
2E4POGdqgyj3UbMQUyLYWjPfvz8N5aOFThmEqTPPSOoy2pbrezW/Y/ekNXt4kIhI
95bsPlYUeAltelkeO/qp5bte5RFlyR9DKdbuMqd9JWB8U9Q9G1/Bcba1sf2Cmvdc
d3Cd73kgTG1B9q17+VRwB/lfIv4W0khoivO5tIysb2tzMy8bnUoxlP/k9QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCiZ6eHSGoQOd5v3gRQA0X5y48akMB8GA1UdIwQY
MBaAFMYTJ2y8pnk8M0V6m/IvwQs4IwH0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveGhNbmJMeW1lVHd6UlhxYjhpX0JDemdqQWZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZC8yODE4YjYtMWMxMy00NzI0LWJlOTIt
OGNkNDM4YjVmMjYwLzEveGhNbmJMeW1lVHd6UlhxYjhpX0JDemdqQWZRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZC8yODE4YjYtMWMxMy00NzI0LWJlOTItOGNkNDM4YjVmMjYw
LzEveGhNbmJMeW1lVHd6UlhxYjhpX0JDemdqQWZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAmZgQwBKl
n7OCsRSrVcGz3TRadEzDmsE/iwmCb56+OxOAdAvCEO2PtZCZj7J8c0a5dN5vZtjn
xckJI9oPOn4tslBRsbQMtfxNWyo6Whsxx7Lcf79MCDVOo+9/ygevS3JisW0m88Lk
xjhN821wtB2w2+oCy/4XdAvFMraJyEDbhw6ZRYTj44RWpFQAf9xGc3I3QSqncCgx
L1nlj3neg+pMTUGlB6oDg8D4h7O4A5Ez1WQeyHTqt2+NzRH34QIK0/nX+zhvwmlO
Zuhz91SLeqI0sYQs3pdRehXyMv8aHRlaIBI+ZYNtnpVATG7KflE7k+Ph8oFMxGB/
2RF0v/3marHX7g==
-----END CERTIFICATE-----
Generated at Sat Jun 14 06:49:39 2025 by rpki-client