Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3d/2818b6-1c13-4724-be92-8cd438b5f260/1/xhMnbLymeTwzRXqb8i_BCzgjAfQ.mft
File:                     xhMnbLymeTwzRXqb8i_BCzgjAfQ.mft (raw, json)
Hash identifier:          plMl41TpZNNAtGgCyufdSRhHZHYyGvH2vDSCAPOvhlQ=
Subject key identifier:   D5:CF:92:A8:C5:D3:AF:6A:50:1E:72:A5:F0:74:15:92:6C:D0:22:78
Authority key identifier: C6:13:27:6C:BC:A6:79:3C:33:45:7A:9B:F2:2F:C1:0B:38:23:01:F4
Certificate issuer:       /CN=c613276cbca6793c33457a9bf22fc10b382301f4
Certificate serial:       019757C8938F68893F0360DD4FA814207977
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/xhMnbLymeTwzRXqb8i_BCzgjAfQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3d/2818b6-1c13-4724-be92-8cd438b5f260/1/xhMnbLymeTwzRXqb8i_BCzgjAfQ.mft
Manifest number:          1586
Signing time:             Tue 10 Jun 2025 03:00:52 +0000
Manifest this update:     Tue 10 Jun 2025 03:00:52 +0000
Manifest next update:     Wed 11 Jun 2025 03:00:52 +0000
Files and hashes:         1: b9YzzhOPHDVo_soINWMmjLB7fhk.roa (hash: lwz89foq6Y4dt/R5BV0uIhhLjFL2sOp+mEH46qLg0yk=)
                          2: xhMnbLymeTwzRXqb8i_BCzgjAfQ.crl (hash: or9TIbKUSbm+6giEj4sUiv4ct4Z6V677Mxf1guGtkI8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3d/2818b6-1c13-4724-be92-8cd438b5f260/1/xhMnbLymeTwzRXqb8i_BCzgjAfQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3d/2818b6-1c13-4724-be92-8cd438b5f260/1/xhMnbLymeTwzRXqb8i_BCzgjAfQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/xhMnbLymeTwzRXqb8i_BCzgjAfQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 11 Jun 2025 03:00:52 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:57:c8:93:8f:68:89:3f:03:60:dd:4f:a8:14:20:79:77
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c613276cbca6793c33457a9bf22fc10b382301f4
        Validity
            Not Before: Jun 10 03:00:52 2025 GMT
            Not After : Jun 11 03:00:52 2025 GMT
        Subject: CN=d5cf92a8c5d3af6a501e72a5f07415926cd02278
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:4d:b1:3e:e2:f6:28:34:61:23:be:4f:21:e9:
                    72:73:48:31:5e:b2:41:95:e1:89:73:fe:ae:62:75:
                    9e:30:f3:20:12:2c:41:8f:28:62:51:25:dc:c4:72:
                    01:80:95:d4:68:4a:7b:e7:87:ac:75:47:28:32:6f:
                    01:f6:ee:0e:64:d5:67:d4:03:13:eb:46:cd:cd:8c:
                    0f:60:dc:a0:9e:2a:ca:45:42:a7:75:cd:d6:28:cb:
                    b0:68:42:2b:4f:af:be:6b:6c:72:d5:46:72:8a:13:
                    d9:16:7c:0d:92:d4:45:61:4d:4f:58:d7:b5:7b:76:
                    02:8f:bd:6b:4b:98:c1:d3:a7:8c:96:93:8f:45:8f:
                    10:6a:17:b1:c0:28:a8:f6:61:a9:94:8a:03:fd:67:
                    d2:d6:ac:6e:45:31:6f:d9:6d:54:25:b2:8d:ff:38:
                    93:d9:62:95:13:59:e5:25:3d:15:87:ce:70:be:dd:
                    e5:33:7e:cb:f8:3c:e0:8f:39:2f:40:02:60:d8:18:
                    0e:d2:ee:9e:53:7e:a6:1f:f3:af:fe:33:a0:4e:b0:
                    a6:1f:c4:9b:be:8a:07:59:22:af:1c:ba:c9:c8:b1:
                    c9:bf:63:ba:f3:ce:3f:fe:33:08:5c:6b:e5:47:b1:
                    c5:ed:fa:57:e1:b9:37:3f:d9:80:e5:ae:f1:ed:bf:
                    b3:cd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D5:CF:92:A8:C5:D3:AF:6A:50:1E:72:A5:F0:74:15:92:6C:D0:22:78
            X509v3 Authority Key Identifier:
                keyid:C6:13:27:6C:BC:A6:79:3C:33:45:7A:9B:F2:2F:C1:0B:38:23:01:F4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xhMnbLymeTwzRXqb8i_BCzgjAfQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/2818b6-1c13-4724-be92-8cd438b5f260/1/xhMnbLymeTwzRXqb8i_BCzgjAfQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/2818b6-1c13-4724-be92-8cd438b5f260/1/xhMnbLymeTwzRXqb8i_BCzgjAfQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         8c:75:d7:7d:a9:a9:73:2a:23:25:e8:f5:17:59:ac:bf:aa:81:
         97:c3:3a:f8:85:68:3d:c6:5e:5e:24:25:7d:a9:2e:b5:69:4c:
         b1:a4:59:f0:85:43:84:34:86:62:1e:e3:1d:57:fa:ea:3f:41:
         82:73:6c:dc:67:db:0c:d9:78:17:89:80:ea:ec:f4:c1:a9:58:
         7f:d8:59:a7:83:ce:00:30:d7:db:d6:f1:14:09:75:61:6c:89:
         e0:8d:da:5d:bf:82:6a:dc:fb:3a:cf:91:31:cf:eb:58:c4:9d:
         7b:d9:eb:40:f8:aa:d4:54:18:72:1f:60:0e:76:af:c9:a7:38:
         d1:4b:ad:46:68:b8:0f:cb:19:b0:6f:e1:e1:d0:11:f4:5a:c2:
         9e:4c:f9:9a:b3:d2:75:bb:36:8c:bc:02:6f:c0:54:17:21:63:
         e8:de:cf:78:6e:07:4d:e2:e9:c6:d3:54:ad:0a:db:f2:aa:1d:
         a8:c7:46:c8:1b:ba:89:56:ed:82:51:31:9a:7c:6a:14:97:32:
         69:c5:b1:61:c1:81:a7:69:57:e8:4e:26:7f:75:79:82:90:d4:
         22:7a:8b:a7:35:77:79:70:4d:9e:7a:de:08:e3:44:d8:a1:8a:
         47:88:b8:e7:ea:4b:cd:8f:18:7e:da:a3:33:6b:f7:07:0e:ee:
         6a:c0:bf:cf
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdXyJOPaIk/A2DdT6gUIHl3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2MTMyNzZjYmNhNjc5M2MzMzQ1N2E5YmYyMmZjMTBiMzgy
MzAxZjQwHhcNMjUwNjEwMDMwMDUyWhcNMjUwNjExMDMwMDUyWjAzMTEwLwYDVQQD
EyhkNWNmOTJhOGM1ZDNhZjZhNTAxZTcyYTVmMDc0MTU5MjZjZDAyMjc4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwE2xPuL2KDRhI75PIelyc0gxXrJB
leGJc/6uYnWeMPMgEixBjyhiUSXcxHIBgJXUaEp754esdUcoMm8B9u4OZNVn1AMT
60bNzYwPYNygnirKRUKndc3WKMuwaEIrT6++a2xy1UZyihPZFnwNktRFYU1PWNe1
e3YCj71rS5jB06eMlpOPRY8QahexwCio9mGplIoD/WfS1qxuRTFv2W1UJbKN/ziT
2WKVE1nlJT0Vh85wvt3lM37L+DzgjzkvQAJg2BgO0u6eU36mH/Ov/jOgTrCmH8Sb
vooHWSKvHLrJyLHJv2O6884//jMIXGvlR7HF7fpX4bk3P9mA5a7x7b+zzQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNXPkqjF069qUB5ypfB0FZJs0CJ4MB8GA1UdIwQY
MBaAFMYTJ2y8pnk8M0V6m/IvwQs4IwH0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveGhNbmJMeW1lVHd6UlhxYjhpX0JDemdqQWZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZC8yODE4YjYtMWMxMy00NzI0LWJlOTIt
OGNkNDM4YjVmMjYwLzEveGhNbmJMeW1lVHd6UlhxYjhpX0JDemdqQWZRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZC8yODE4YjYtMWMxMy00NzI0LWJlOTItOGNkNDM4YjVmMjYw
LzEveGhNbmJMeW1lVHd6UlhxYjhpX0JDemdqQWZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAjHXXfamp
cyojJej1F1msv6qBl8M6+IVoPcZeXiQlfakutWlMsaRZ8IVDhDSGYh7jHVf66j9B
gnNs3GfbDNl4F4mA6uz0walYf9hZp4POADDX29bxFAl1YWyJ4I3aXb+Catz7Os+R
Mc/rWMSde9nrQPiq1FQYch9gDnavyac40UutRmi4D8sZsG/h4dAR9FrCnkz5mrPS
dbs2jLwCb8BUFyFj6N7PeG4HTeLpxtNUrQrb8qodqMdGyBu6iVbtglExmnxqFJcy
acWxYcGBp2lX6E4mf3V5gpDUInqLpzV3eXBNnnreCONE2KGKR4i45+pLzY8Yftqj
M2v3Bw7uasC/zw==
-----END CERTIFICATE-----
Generated at Tue Jun 10 13:09:40 2025 by rpki-client