Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3d/2818b6-1c13-4724-be92-8cd438b5f260/1/xhMnbLymeTwzRXqb8i_BCzgjAfQ.mft
File:                     xhMnbLymeTwzRXqb8i_BCzgjAfQ.mft (raw, json)
Hash identifier:          XKYdxH2azYND2L6RENYBDYe98nSKYSMJMTTosJCmp7Q=
Subject key identifier:   9D:8F:BD:2E:C5:30:A8:EC:3F:63:CD:9D:5D:97:84:BF:04:0F:0D:4F
Authority key identifier: C6:13:27:6C:BC:A6:79:3C:33:45:7A:9B:F2:2F:C1:0B:38:23:01:F4
Certificate issuer:       /CN=c613276cbca6793c33457a9bf22fc10b382301f4
Certificate serial:       01975F8232BA6887EEED8F22F4596DB388A7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/xhMnbLymeTwzRXqb8i_BCzgjAfQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3d/2818b6-1c13-4724-be92-8cd438b5f260/1/xhMnbLymeTwzRXqb8i_BCzgjAfQ.mft
Manifest number:          158A
Signing time:             Wed 11 Jun 2025 15:00:57 +0000
Manifest this update:     Wed 11 Jun 2025 15:00:57 +0000
Manifest next update:     Thu 12 Jun 2025 15:00:57 +0000
Files and hashes:         1: b9YzzhOPHDVo_soINWMmjLB7fhk.roa (hash: lwz89foq6Y4dt/R5BV0uIhhLjFL2sOp+mEH46qLg0yk=)
                          2: xhMnbLymeTwzRXqb8i_BCzgjAfQ.crl (hash: ZehlAfdp4YiWVJMhOcPKu4tSyXI8dvxvbTcClLmouzw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3d/2818b6-1c13-4724-be92-8cd438b5f260/1/xhMnbLymeTwzRXqb8i_BCzgjAfQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3d/2818b6-1c13-4724-be92-8cd438b5f260/1/xhMnbLymeTwzRXqb8i_BCzgjAfQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/xhMnbLymeTwzRXqb8i_BCzgjAfQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 12 Jun 2025 15:00:57 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:5f:82:32:ba:68:87:ee:ed:8f:22:f4:59:6d:b3:88:a7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c613276cbca6793c33457a9bf22fc10b382301f4
        Validity
            Not Before: Jun 11 15:00:57 2025 GMT
            Not After : Jun 12 15:00:57 2025 GMT
        Subject: CN=9d8fbd2ec530a8ec3f63cd9d5d9784bf040f0d4f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:d5:9e:54:73:78:e4:eb:78:ae:f1:90:f6:95:
                    b8:69:c8:39:0d:b9:dc:47:c9:d5:76:da:34:e9:35:
                    66:5a:35:4f:b3:62:94:51:74:a1:88:d6:88:fd:65:
                    de:0a:87:41:2c:c7:55:cf:4a:9f:1d:bc:19:98:85:
                    a9:fe:0f:10:41:27:aa:b0:e6:72:3d:c8:64:03:25:
                    bf:05:56:d6:70:31:97:72:c0:c0:09:9f:d2:1d:d5:
                    87:3b:33:27:45:68:58:67:19:cb:68:fe:99:0c:cd:
                    0a:57:a3:7b:e2:99:b7:54:e7:f8:2a:92:32:bf:af:
                    64:2a:1b:20:09:59:41:13:a3:1c:f7:46:c4:17:aa:
                    f9:38:6c:55:f7:61:d4:3a:9e:c5:ce:73:9c:9a:89:
                    6b:c5:a7:a0:7b:61:fe:ae:3a:26:d8:50:65:71:5a:
                    c1:59:ad:85:27:5a:07:f9:7f:8c:61:9b:e3:e0:54:
                    85:24:bf:11:00:66:f8:c2:72:f6:29:a0:5c:d3:5a:
                    ab:95:c4:2e:d2:d3:92:20:3d:89:2c:13:54:01:ca:
                    1a:d4:10:5c:e0:f7:6e:f4:2b:27:8e:b5:ee:da:71:
                    e3:85:7a:21:84:c8:89:cf:0f:e1:60:98:89:77:7e:
                    ed:ac:52:54:42:35:ac:06:f6:bb:8b:7f:09:9f:99:
                    97:09
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9D:8F:BD:2E:C5:30:A8:EC:3F:63:CD:9D:5D:97:84:BF:04:0F:0D:4F
            X509v3 Authority Key Identifier:
                keyid:C6:13:27:6C:BC:A6:79:3C:33:45:7A:9B:F2:2F:C1:0B:38:23:01:F4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xhMnbLymeTwzRXqb8i_BCzgjAfQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/2818b6-1c13-4724-be92-8cd438b5f260/1/xhMnbLymeTwzRXqb8i_BCzgjAfQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/2818b6-1c13-4724-be92-8cd438b5f260/1/xhMnbLymeTwzRXqb8i_BCzgjAfQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0d:a6:29:1b:c3:11:99:41:e3:ae:30:33:48:23:61:33:5f:25:
         a0:76:78:38:3d:1e:6f:a5:bc:00:38:60:92:e6:a6:49:d4:e6:
         48:0b:04:46:dc:8d:c1:bb:de:e3:c4:fb:e1:2e:62:f0:fb:6f:
         ec:3f:90:28:ed:60:85:8b:2a:c9:c5:f2:a5:b9:f7:ae:10:68:
         5f:ec:b6:c5:2b:e3:d0:71:e1:d3:9c:cf:75:76:0d:15:c4:05:
         e6:30:7b:74:f9:cc:21:a0:5f:13:e4:cd:d7:55:ac:4a:1a:f7:
         17:18:07:67:18:a3:30:61:82:16:91:81:63:15:aa:8f:08:8b:
         05:da:4b:a4:41:1c:1a:2e:fe:cb:38:c1:c5:98:a3:31:90:93:
         c4:0f:68:76:6e:6b:5d:00:bc:22:ff:c8:62:f3:4d:dd:7e:59:
         e3:15:7e:e8:dd:66:c5:8a:3c:2f:0f:f1:e5:53:df:17:cf:ff:
         9a:06:a3:68:fe:90:66:f1:84:74:ad:2d:fc:b6:21:a0:82:e2:
         85:06:e2:f6:9a:90:6f:3f:19:22:ee:01:74:ab:9e:db:0d:07:
         30:ea:5f:b0:eb:d8:7a:66:a3:6a:79:44:2c:b1:5b:12:e6:10:
         bb:cc:6a:92:ff:8d:ce:90:de:a0:f9:72:e6:4f:46:88:e3:49:
         4a:73:76:d7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdfgjK6aIfu7Y8i9Flts4inMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2MTMyNzZjYmNhNjc5M2MzMzQ1N2E5YmYyMmZjMTBiMzgy
MzAxZjQwHhcNMjUwNjExMTUwMDU3WhcNMjUwNjEyMTUwMDU3WjAzMTEwLwYDVQQD
Eyg5ZDhmYmQyZWM1MzBhOGVjM2Y2M2NkOWQ1ZDk3ODRiZjA0MGYwZDRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApdWeVHN45Ot4rvGQ9pW4acg5Dbnc
R8nVdto06TVmWjVPs2KUUXShiNaI/WXeCodBLMdVz0qfHbwZmIWp/g8QQSeqsOZy
PchkAyW/BVbWcDGXcsDACZ/SHdWHOzMnRWhYZxnLaP6ZDM0KV6N74pm3VOf4KpIy
v69kKhsgCVlBE6Mc90bEF6r5OGxV92HUOp7FznOcmolrxaege2H+rjom2FBlcVrB
Wa2FJ1oH+X+MYZvj4FSFJL8RAGb4wnL2KaBc01qrlcQu0tOSID2JLBNUAcoa1BBc
4Pdu9CsnjrXu2nHjhXohhMiJzw/hYJiJd37trFJUQjWsBva7i38Jn5mXCQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJ2PvS7FMKjsP2PNnV2XhL8EDw1PMB8GA1UdIwQY
MBaAFMYTJ2y8pnk8M0V6m/IvwQs4IwH0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveGhNbmJMeW1lVHd6UlhxYjhpX0JDemdqQWZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZC8yODE4YjYtMWMxMy00NzI0LWJlOTIt
OGNkNDM4YjVmMjYwLzEveGhNbmJMeW1lVHd6UlhxYjhpX0JDemdqQWZRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZC8yODE4YjYtMWMxMy00NzI0LWJlOTItOGNkNDM4YjVmMjYw
LzEveGhNbmJMeW1lVHd6UlhxYjhpX0JDemdqQWZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADaYpG8MR
mUHjrjAzSCNhM18loHZ4OD0eb6W8ADhgkuamSdTmSAsERtyNwbve48T74S5i8Ptv
7D+QKO1ghYsqycXypbn3rhBoX+y2xSvj0HHh05zPdXYNFcQF5jB7dPnMIaBfE+TN
11WsShr3FxgHZxijMGGCFpGBYxWqjwiLBdpLpEEcGi7+yzjBxZijMZCTxA9odm5r
XQC8Iv/IYvNN3X5Z4xV+6N1mxYo8Lw/x5VPfF8//mgajaP6QZvGEdK0t/LYhoILi
hQbi9pqQbz8ZIu4BdKue2w0HMOpfsOvYemajanlELLFbEuYQu8xqkv+NzpDeoPly
5k9GiONJSnN21w==
-----END CERTIFICATE-----
Generated at Wed Jun 11 21:18:06 2025 by rpki-client