Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3d/2818b6-1c13-4724-be92-8cd438b5f260/1/xhMnbLymeTwzRXqb8i_BCzgjAfQ.mft
File:                     xhMnbLymeTwzRXqb8i_BCzgjAfQ.mft (raw, json)
Hash identifier:          OwUOdk01JYI4mCaL1Qrn5yWkDeKPD1Ed9qfweits9+U=
Subject key identifier:   A3:A2:9F:D9:F1:7B:D6:78:FC:2E:1F:78:BE:EB:A4:80:CC:9E:CD:C6
Authority key identifier: C6:13:27:6C:BC:A6:79:3C:33:45:7A:9B:F2:2F:C1:0B:38:23:01:F4
Certificate issuer:       /CN=c613276cbca6793c33457a9bf22fc10b382301f4
Certificate serial:       0197654CDAA820315610015F50C986479FA6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/xhMnbLymeTwzRXqb8i_BCzgjAfQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3d/2818b6-1c13-4724-be92-8cd438b5f260/1/xhMnbLymeTwzRXqb8i_BCzgjAfQ.mft
Manifest number:          158D
Signing time:             Thu 12 Jun 2025 18:00:24 +0000
Manifest this update:     Thu 12 Jun 2025 18:00:24 +0000
Manifest next update:     Fri 13 Jun 2025 18:00:24 +0000
Files and hashes:         1: b9YzzhOPHDVo_soINWMmjLB7fhk.roa (hash: lwz89foq6Y4dt/R5BV0uIhhLjFL2sOp+mEH46qLg0yk=)
                          2: xhMnbLymeTwzRXqb8i_BCzgjAfQ.crl (hash: YOnc2eE1JbLU/T2oCdhwx/NI18YuBJoO42gzEPP1BAw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3d/2818b6-1c13-4724-be92-8cd438b5f260/1/xhMnbLymeTwzRXqb8i_BCzgjAfQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3d/2818b6-1c13-4724-be92-8cd438b5f260/1/xhMnbLymeTwzRXqb8i_BCzgjAfQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/xhMnbLymeTwzRXqb8i_BCzgjAfQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 13 Jun 2025 13:55:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:65:4c:da:a8:20:31:56:10:01:5f:50:c9:86:47:9f:a6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c613276cbca6793c33457a9bf22fc10b382301f4
        Validity
            Not Before: Jun 12 18:00:24 2025 GMT
            Not After : Jun 13 18:00:24 2025 GMT
        Subject: CN=a3a29fd9f17bd678fc2e1f78beeba480cc9ecdc6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:29:a5:b9:a4:9a:2e:62:12:5a:84:bf:86:3f:
                    37:f6:b5:35:3e:6f:d4:47:bb:cc:6e:3a:b7:d1:25:
                    48:1d:05:40:4b:76:4a:d6:fe:5c:78:3d:be:97:ab:
                    3f:e4:27:de:d9:38:6e:06:80:62:72:27:7e:e8:05:
                    d9:8a:5c:d7:c0:f4:5f:7f:f5:c5:ed:26:8b:6e:af:
                    89:f6:b5:5c:c6:1a:58:fd:20:a4:9d:e6:36:d3:18:
                    6d:f2:1d:17:1f:22:b8:d0:4e:20:10:24:79:5b:52:
                    5e:c6:b2:7a:21:19:09:f1:3d:81:8a:40:93:29:c2:
                    c5:14:cf:53:85:3e:62:3f:bd:be:55:42:eb:b3:e5:
                    86:ea:d4:be:26:f1:ac:75:cc:49:20:89:8b:14:be:
                    3f:0f:00:53:af:6f:d1:da:41:2f:ef:c3:82:38:f1:
                    92:c9:94:08:41:9d:35:ae:dd:b3:b4:af:3c:40:df:
                    d6:22:d4:a3:1a:e1:09:47:50:46:2e:6c:23:d4:3a:
                    44:16:8b:30:df:ef:10:22:50:1c:0f:2e:a6:9e:b6:
                    93:09:35:de:07:78:3f:c3:6b:19:5c:7a:a6:dd:e7:
                    e0:b0:c6:6a:41:27:06:22:18:e8:2c:4d:3e:f2:1c:
                    f6:cd:52:60:67:f0:4c:6b:63:62:93:7d:29:c2:ad:
                    39:03
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A3:A2:9F:D9:F1:7B:D6:78:FC:2E:1F:78:BE:EB:A4:80:CC:9E:CD:C6
            X509v3 Authority Key Identifier:
                keyid:C6:13:27:6C:BC:A6:79:3C:33:45:7A:9B:F2:2F:C1:0B:38:23:01:F4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xhMnbLymeTwzRXqb8i_BCzgjAfQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/2818b6-1c13-4724-be92-8cd438b5f260/1/xhMnbLymeTwzRXqb8i_BCzgjAfQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/2818b6-1c13-4724-be92-8cd438b5f260/1/xhMnbLymeTwzRXqb8i_BCzgjAfQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         b8:96:00:78:b3:73:fa:b4:ec:31:ce:13:2d:ed:97:7b:1c:db:
         12:83:2b:36:f6:15:2a:d0:a5:1c:b2:81:de:36:3f:0f:51:30:
         7f:8a:7b:25:b2:81:96:0d:e4:07:f0:40:67:49:f1:76:d7:e3:
         71:26:b2:fd:d9:f2:5c:f4:3b:48:b4:8f:3b:3c:82:e0:f6:d6:
         0a:5c:af:7f:65:4d:cc:12:f5:87:fd:21:e7:e1:81:03:a6:4f:
         89:81:bc:7c:d0:53:93:16:79:0b:b4:b1:b2:83:e1:5d:3f:e2:
         d4:86:0d:5c:3b:11:66:f8:9b:68:5f:7c:09:1c:cd:27:9c:fa:
         dc:76:4f:0a:5a:c5:38:69:ae:97:ef:b4:8a:57:4f:c5:54:10:
         6a:05:a5:4a:79:b1:75:97:9e:83:d5:a0:8c:c2:ae:bc:b1:d3:
         df:94:44:5c:77:61:c4:bd:3f:01:9a:67:0b:9b:a0:f1:0d:f6:
         02:09:4d:23:14:fe:13:42:70:5f:6c:cf:56:64:93:38:f7:fa:
         f1:e9:dc:cd:cf:99:92:44:f8:18:04:50:6a:50:2e:a8:cc:fc:
         0a:0d:7b:5a:b1:28:8c:9d:af:a4:23:73:19:30:64:d8:22:a4:
         66:e8:ac:98:8b:37:d0:77:20:bf:26:40:f5:72:35:9e:60:8f:
         89:cb:05:88
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdlTNqoIDFWEAFfUMmGR5+mMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2MTMyNzZjYmNhNjc5M2MzMzQ1N2E5YmYyMmZjMTBiMzgy
MzAxZjQwHhcNMjUwNjEyMTgwMDI0WhcNMjUwNjEzMTgwMDI0WjAzMTEwLwYDVQQD
EyhhM2EyOWZkOWYxN2JkNjc4ZmMyZTFmNzhiZWViYTQ4MGNjOWVjZGM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsymluaSaLmISWoS/hj839rU1Pm/U
R7vMbjq30SVIHQVAS3ZK1v5ceD2+l6s/5Cfe2ThuBoBicid+6AXZilzXwPRff/XF
7SaLbq+J9rVcxhpY/SCkneY20xht8h0XHyK40E4gECR5W1JexrJ6IRkJ8T2BikCT
KcLFFM9ThT5iP72+VULrs+WG6tS+JvGsdcxJIImLFL4/DwBTr2/R2kEv78OCOPGS
yZQIQZ01rt2ztK88QN/WItSjGuEJR1BGLmwj1DpEFosw3+8QIlAcDy6mnraTCTXe
B3g/w2sZXHqm3efgsMZqQScGIhjoLE0+8hz2zVJgZ/BMa2Nik30pwq05AwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKOin9nxe9Z4/C4feL7rpIDMns3GMB8GA1UdIwQY
MBaAFMYTJ2y8pnk8M0V6m/IvwQs4IwH0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveGhNbmJMeW1lVHd6UlhxYjhpX0JDemdqQWZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZC8yODE4YjYtMWMxMy00NzI0LWJlOTIt
OGNkNDM4YjVmMjYwLzEveGhNbmJMeW1lVHd6UlhxYjhpX0JDemdqQWZRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZC8yODE4YjYtMWMxMy00NzI0LWJlOTItOGNkNDM4YjVmMjYw
LzEveGhNbmJMeW1lVHd6UlhxYjhpX0JDemdqQWZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAuJYAeLNz
+rTsMc4TLe2XexzbEoMrNvYVKtClHLKB3jY/D1Ewf4p7JbKBlg3kB/BAZ0nxdtfj
cSay/dnyXPQ7SLSPOzyC4PbWClyvf2VNzBL1h/0h5+GBA6ZPiYG8fNBTkxZ5C7Sx
soPhXT/i1IYNXDsRZvibaF98CRzNJ5z63HZPClrFOGmul++0ildPxVQQagWlSnmx
dZeeg9WgjMKuvLHT35REXHdhxL0/AZpnC5ug8Q32AglNIxT+E0JwX2zPVmSTOPf6
8enczc+ZkkT4GARQalAuqMz8Cg17WrEojJ2vpCNzGTBk2CKkZuismIs30HcgvyZA
9XI1nmCPicsFiA==
-----END CERTIFICATE-----
Generated at Thu Jun 12 20:53:20 2025 by rpki-client