Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/0347d3-e54c-44c0-8f7a-4514374e6ffa/1/kcHIW_XFNHGpl--fqZnQwWvoVEQ.mft
File:                     kcHIW_XFNHGpl--fqZnQwWvoVEQ.mft (raw, json)
Hash identifier:          exghTagbFb3T6Y7eZhoIQ/9bsIKNzxTd3j8w25qpqXE=
Subject key identifier:   B0:98:01:11:29:D2:4C:F8:0D:E5:41:27:DA:C1:DA:3B:B4:52:D1:96
Authority key identifier: 91:C1:C8:5B:F5:C5:34:71:A9:97:EF:9F:A9:99:D0:C1:6B:E8:54:44
Certificate issuer:       /CN=91c1c85bf5c53471a997ef9fa999d0c16be85444
Certificate serial:       0197635EE75B7D5603AA48BB9D3FB51CD9F5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/kcHIW_XFNHGpl--fqZnQwWvoVEQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/40/0347d3-e54c-44c0-8f7a-4514374e6ffa/1/kcHIW_XFNHGpl--fqZnQwWvoVEQ.mft
Manifest number:          1594
Signing time:             Thu 12 Jun 2025 09:00:53 +0000
Manifest this update:     Thu 12 Jun 2025 09:00:53 +0000
Manifest next update:     Fri 13 Jun 2025 09:00:53 +0000
Files and hashes:         1: Lx4QL8l0KgaffC4QXEWzVHcEawc.roa (hash: DxG2rV8lArm7XTxrRaRlBv42lE1FblGks/y6Gbm7tWY=)
                          2: kcHIW_XFNHGpl--fqZnQwWvoVEQ.crl (hash: zhuK6Wfkued6xxo91/nCi5QaOX7GaMKpvowwHyJ62Ms=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/40/0347d3-e54c-44c0-8f7a-4514374e6ffa/1/kcHIW_XFNHGpl--fqZnQwWvoVEQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/40/0347d3-e54c-44c0-8f7a-4514374e6ffa/1/kcHIW_XFNHGpl--fqZnQwWvoVEQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/kcHIW_XFNHGpl--fqZnQwWvoVEQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 13 Jun 2025 09:00:53 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:63:5e:e7:5b:7d:56:03:aa:48:bb:9d:3f:b5:1c:d9:f5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=91c1c85bf5c53471a997ef9fa999d0c16be85444
        Validity
            Not Before: Jun 12 09:00:53 2025 GMT
            Not After : Jun 13 09:00:53 2025 GMT
        Subject: CN=b098011129d24cf80de54127dac1da3bb452d196
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:77:aa:e2:d1:52:b2:8b:d3:1e:66:e6:ab:8d:
                    de:27:f3:50:a2:6f:1a:52:36:94:b8:61:b5:c9:5e:
                    6f:37:36:e0:39:f2:eb:a6:9d:7f:d3:b8:5d:aa:13:
                    23:92:37:09:65:2a:8e:70:e7:64:33:44:d1:d6:bd:
                    44:79:b4:55:a6:93:3f:db:91:97:fe:a2:ee:41:88:
                    7c:c5:de:cb:02:77:a8:ce:8c:1c:84:58:fc:e7:08:
                    ef:73:5c:82:5d:cf:c6:66:d6:ac:4a:54:18:13:84:
                    07:24:e6:ba:98:0e:de:2a:9d:95:55:16:45:5a:34:
                    79:92:26:3d:f5:67:67:22:3c:bd:b4:37:dd:f9:64:
                    ea:8d:b4:ea:87:64:cf:e3:29:e8:d8:2c:66:00:7e:
                    29:51:af:b8:9c:43:a8:fc:29:4c:de:06:94:05:9f:
                    53:db:3a:b9:1c:7b:15:22:9e:62:2f:a6:dd:7e:35:
                    d0:ac:0e:d9:01:ac:22:27:8a:d2:b0:05:f2:9d:de:
                    0c:76:f1:ff:63:aa:72:94:bf:3a:9e:41:b0:e6:2f:
                    7a:88:86:de:58:17:5b:cd:63:bc:2a:d2:c3:cb:e8:
                    cd:f3:a8:9b:84:23:7d:db:6e:43:77:5e:56:27:65:
                    ca:41:82:a7:7a:32:66:3e:49:db:be:22:f6:32:ed:
                    6d:39
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B0:98:01:11:29:D2:4C:F8:0D:E5:41:27:DA:C1:DA:3B:B4:52:D1:96
            X509v3 Authority Key Identifier:
                keyid:91:C1:C8:5B:F5:C5:34:71:A9:97:EF:9F:A9:99:D0:C1:6B:E8:54:44

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kcHIW_XFNHGpl--fqZnQwWvoVEQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/0347d3-e54c-44c0-8f7a-4514374e6ffa/1/kcHIW_XFNHGpl--fqZnQwWvoVEQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/40/0347d3-e54c-44c0-8f7a-4514374e6ffa/1/kcHIW_XFNHGpl--fqZnQwWvoVEQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         02:68:78:03:7a:bd:f1:3d:79:99:ec:42:79:cf:76:f4:93:0d:
         4e:a9:63:d9:21:3a:37:3f:87:ce:40:90:a9:c9:58:db:f2:1b:
         e8:79:2f:d1:e2:32:fe:74:ce:ff:49:36:72:f1:87:4a:4f:7a:
         74:4b:15:8d:0f:62:f0:3a:3a:9a:54:b2:57:1f:93:ba:24:10:
         31:82:8b:87:bd:5c:cd:0e:29:cf:6d:95:dc:c0:8c:06:6f:86:
         bd:5a:55:8d:52:52:f3:70:23:4c:f9:a0:bb:cf:4b:03:12:02:
         7b:9b:b5:d5:cb:8c:29:05:7b:95:52:bc:a7:05:a0:de:2e:99:
         fa:f6:25:17:15:19:b1:4f:da:16:1a:97:86:7b:6b:56:d3:bc:
         67:7c:c2:2f:d0:fd:fd:31:00:a8:c1:12:30:84:f3:ae:c2:b2:
         e8:e8:04:b2:50:a9:7f:44:2c:16:b1:8a:d6:1c:7c:e0:50:67:
         f4:ff:41:ff:d9:0f:78:a8:73:37:d7:a1:2c:2d:c7:c4:e4:af:
         3e:47:4d:45:4b:19:56:27:9c:83:d3:fc:42:ef:9e:47:cf:ef:
         59:c6:c9:e8:61:7f:07:a2:da:13:27:17:b3:15:73:d7:91:e9:
         f7:2c:8d:be:e1:4e:30:13:35:91:d9:f0:b6:71:c3:07:f2:45:
         cd:b5:d5:41
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdjXudbfVYDqki7nT+1HNn1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkxYzFjODViZjVjNTM0NzFhOTk3ZWY5ZmE5OTlkMGMxNmJl
ODU0NDQwHhcNMjUwNjEyMDkwMDUzWhcNMjUwNjEzMDkwMDUzWjAzMTEwLwYDVQQD
EyhiMDk4MDExMTI5ZDI0Y2Y4MGRlNTQxMjdkYWMxZGEzYmI0NTJkMTk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApXeq4tFSsovTHmbmq43eJ/NQom8a
UjaUuGG1yV5vNzbgOfLrpp1/07hdqhMjkjcJZSqOcOdkM0TR1r1EebRVppM/25GX
/qLuQYh8xd7LAneozowchFj85wjvc1yCXc/GZtasSlQYE4QHJOa6mA7eKp2VVRZF
WjR5kiY99WdnIjy9tDfd+WTqjbTqh2TP4yno2CxmAH4pUa+4nEOo/ClM3gaUBZ9T
2zq5HHsVIp5iL6bdfjXQrA7ZAawiJ4rSsAXynd4MdvH/Y6pylL86nkGw5i96iIbe
WBdbzWO8KtLDy+jN86ibhCN9225Dd15WJ2XKQYKnejJmPknbviL2Mu1tOQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLCYAREp0kz4DeVBJ9rB2ju0UtGWMB8GA1UdIwQY
MBaAFJHByFv1xTRxqZfvn6mZ0MFr6FREMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva2NISVdfWEZOSEdwbC0tZnFablF3V3ZvVkVRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC8wMzQ3ZDMtZTU0Yy00NGMwLThmN2Et
NDUxNDM3NGU2ZmZhLzEva2NISVdfWEZOSEdwbC0tZnFablF3V3ZvVkVRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC8wMzQ3ZDMtZTU0Yy00NGMwLThmN2EtNDUxNDM3NGU2ZmZh
LzEva2NISVdfWEZOSEdwbC0tZnFablF3V3ZvVkVRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAAmh4A3q9
8T15mexCec929JMNTqlj2SE6Nz+HzkCQqclY2/Ib6Hkv0eIy/nTO/0k2cvGHSk96
dEsVjQ9i8Do6mlSyVx+TuiQQMYKLh71czQ4pz22V3MCMBm+GvVpVjVJS83AjTPmg
u89LAxICe5u11cuMKQV7lVK8pwWg3i6Z+vYlFxUZsU/aFhqXhntrVtO8Z3zCL9D9
/TEAqMESMITzrsKy6OgEslCpf0QsFrGK1hx84FBn9P9B/9kPeKhzN9ehLC3HxOSv
PkdNRUsZViecg9P8Qu+eR8/vWcbJ6GF/B6LaEycXsxVz15Hp9yyNvuFOMBM1kdnw
tnHDB/JFzbXVQQ==
-----END CERTIFICATE-----
Generated at Thu Jun 12 18:02:04 2025 by rpki-client