Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/0347d3-e54c-44c0-8f7a-4514374e6ffa/1/kcHIW_XFNHGpl--fqZnQwWvoVEQ.mft
File:                     kcHIW_XFNHGpl--fqZnQwWvoVEQ.mft (raw, json)
Hash identifier:          RqxpIwf3KQn4jQmLrRP340oJdjRFuXfGFSNVAVUkfBo=
Subject key identifier:   BF:FC:74:B1:65:3B:21:CB:51:14:59:0E:FB:D6:45:AD:C7:29:43:05
Authority key identifier: 91:C1:C8:5B:F5:C5:34:71:A9:97:EF:9F:A9:99:D0:C1:6B:E8:54:44
Certificate issuer:       /CN=91c1c85bf5c53471a997ef9fa999d0c16be85444
Certificate serial:       0197654CEA9FFB2AB80BAD4083A003AAB49F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/kcHIW_XFNHGpl--fqZnQwWvoVEQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/40/0347d3-e54c-44c0-8f7a-4514374e6ffa/1/kcHIW_XFNHGpl--fqZnQwWvoVEQ.mft
Manifest number:          1595
Signing time:             Thu 12 Jun 2025 18:00:29 +0000
Manifest this update:     Thu 12 Jun 2025 18:00:29 +0000
Manifest next update:     Fri 13 Jun 2025 18:00:29 +0000
Files and hashes:         1: Lx4QL8l0KgaffC4QXEWzVHcEawc.roa (hash: DxG2rV8lArm7XTxrRaRlBv42lE1FblGks/y6Gbm7tWY=)
                          2: kcHIW_XFNHGpl--fqZnQwWvoVEQ.crl (hash: OCajV6wq5oKWIo9pzHOScp5qCaBEWVSBD+NXcXZ4jC0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/40/0347d3-e54c-44c0-8f7a-4514374e6ffa/1/kcHIW_XFNHGpl--fqZnQwWvoVEQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/40/0347d3-e54c-44c0-8f7a-4514374e6ffa/1/kcHIW_XFNHGpl--fqZnQwWvoVEQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/kcHIW_XFNHGpl--fqZnQwWvoVEQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 13 Jun 2025 18:00:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:65:4c:ea:9f:fb:2a:b8:0b:ad:40:83:a0:03:aa:b4:9f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=91c1c85bf5c53471a997ef9fa999d0c16be85444
        Validity
            Not Before: Jun 12 18:00:29 2025 GMT
            Not After : Jun 13 18:00:29 2025 GMT
        Subject: CN=bffc74b1653b21cb5114590efbd645adc7294305
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:b4:23:ef:c4:26:7f:13:03:98:4c:6b:ac:88:
                    8e:c3:93:a9:c8:1a:5f:30:4f:6f:61:2c:19:25:a4:
                    86:09:fa:ea:94:b8:3e:13:e3:c8:f9:08:c1:23:0f:
                    e2:ff:4d:c6:77:f2:c2:d3:09:e1:6c:3d:89:40:03:
                    9f:d3:cb:3d:55:02:30:0f:e4:67:a8:74:f2:f7:30:
                    5c:af:34:09:74:c4:f5:61:8d:b4:5b:3f:90:17:a3:
                    09:2c:9b:3c:30:9a:5e:77:e2:cd:74:16:89:4d:3c:
                    f8:4b:75:35:fb:d1:0f:5f:29:b6:95:2e:c8:9c:2a:
                    1e:9d:8f:bc:14:01:93:91:ee:61:f2:14:51:07:2c:
                    1b:4d:43:b9:6c:7a:5d:2d:bc:eb:83:93:1b:cc:62:
                    67:22:7d:39:0a:9a:2a:16:1d:d4:77:00:e4:14:34:
                    40:80:79:46:39:47:4e:9d:84:ff:33:46:9f:e0:d8:
                    78:67:7e:af:73:70:c3:f3:c8:7a:1d:1a:d6:29:94:
                    1d:b3:d2:ae:b0:39:b1:3f:5d:2f:34:20:01:6b:ff:
                    d5:f7:e9:d8:98:d2:ae:ad:3e:49:58:a5:97:e8:6b:
                    20:42:47:c0:6b:86:b6:6d:63:41:a1:db:e1:71:44:
                    9c:f3:3d:0f:c0:a8:40:5a:82:e8:00:b9:5a:24:84:
                    52:e1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BF:FC:74:B1:65:3B:21:CB:51:14:59:0E:FB:D6:45:AD:C7:29:43:05
            X509v3 Authority Key Identifier:
                keyid:91:C1:C8:5B:F5:C5:34:71:A9:97:EF:9F:A9:99:D0:C1:6B:E8:54:44

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kcHIW_XFNHGpl--fqZnQwWvoVEQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/0347d3-e54c-44c0-8f7a-4514374e6ffa/1/kcHIW_XFNHGpl--fqZnQwWvoVEQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/40/0347d3-e54c-44c0-8f7a-4514374e6ffa/1/kcHIW_XFNHGpl--fqZnQwWvoVEQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         06:74:8d:56:60:dc:0b:6f:69:94:60:2d:a2:03:8b:de:d5:55:
         0f:cb:7b:c8:d4:4d:e2:7f:bc:be:c1:7c:1c:f3:66:8d:95:b3:
         ec:d3:4b:e3:80:fe:de:55:6c:6d:b0:c7:c9:b3:3b:3b:38:fb:
         5c:d7:12:94:ef:ca:79:8b:eb:94:6c:b1:05:4e:4f:fb:c0:67:
         57:7b:ed:18:22:76:c0:44:3d:72:a7:d6:73:99:d8:0c:2e:2f:
         a8:2e:dd:48:76:2d:81:54:0b:01:de:83:39:20:e6:e6:f5:23:
         a1:7f:37:ba:84:b8:a4:b0:b3:8b:bd:53:91:2b:40:61:fe:2c:
         dc:31:a0:43:8d:a0:40:fe:77:63:19:b9:68:d6:94:d5:8b:8e:
         98:8e:a1:8d:a7:a5:9f:f2:cf:83:80:fc:4e:9e:f1:14:73:ec:
         cd:50:1e:03:dd:2d:c6:e0:aa:0e:f0:79:7d:aa:32:a6:d2:97:
         c5:61:f1:e9:cd:5b:44:3d:e8:8e:77:07:10:15:1e:2e:4d:90:
         60:81:96:a6:68:9b:a2:ab:97:91:de:51:cb:8e:79:f7:37:e7:
         c0:f8:24:64:cb:b1:a7:c9:4f:c0:cc:47:0d:57:28:4e:ca:9d:
         9e:00:09:70:e1:eb:ef:15:7f:b0:f0:5f:b2:3d:a8:7b:43:e9:
         e4:57:77:c3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdlTOqf+yq4C61Ag6ADqrSfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkxYzFjODViZjVjNTM0NzFhOTk3ZWY5ZmE5OTlkMGMxNmJl
ODU0NDQwHhcNMjUwNjEyMTgwMDI5WhcNMjUwNjEzMTgwMDI5WjAzMTEwLwYDVQQD
EyhiZmZjNzRiMTY1M2IyMWNiNTExNDU5MGVmYmQ2NDVhZGM3Mjk0MzA1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoLQj78QmfxMDmExrrIiOw5OpyBpf
ME9vYSwZJaSGCfrqlLg+E+PI+QjBIw/i/03Gd/LC0wnhbD2JQAOf08s9VQIwD+Rn
qHTy9zBcrzQJdMT1YY20Wz+QF6MJLJs8MJped+LNdBaJTTz4S3U1+9EPXym2lS7I
nCoenY+8FAGTke5h8hRRBywbTUO5bHpdLbzrg5MbzGJnIn05CpoqFh3UdwDkFDRA
gHlGOUdOnYT/M0af4Nh4Z36vc3DD88h6HRrWKZQds9KusDmxP10vNCABa//V9+nY
mNKurT5JWKWX6GsgQkfAa4a2bWNBodvhcUSc8z0PwKhAWoLoALlaJIRS4QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFL/8dLFlOyHLURRZDvvWRa3HKUMFMB8GA1UdIwQY
MBaAFJHByFv1xTRxqZfvn6mZ0MFr6FREMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva2NISVdfWEZOSEdwbC0tZnFablF3V3ZvVkVRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC8wMzQ3ZDMtZTU0Yy00NGMwLThmN2Et
NDUxNDM3NGU2ZmZhLzEva2NISVdfWEZOSEdwbC0tZnFablF3V3ZvVkVRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC8wMzQ3ZDMtZTU0Yy00NGMwLThmN2EtNDUxNDM3NGU2ZmZh
LzEva2NISVdfWEZOSEdwbC0tZnFablF3V3ZvVkVRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEABnSNVmDc
C29plGAtogOL3tVVD8t7yNRN4n+8vsF8HPNmjZWz7NNL44D+3lVsbbDHybM7Ozj7
XNcSlO/KeYvrlGyxBU5P+8BnV3vtGCJ2wEQ9cqfWc5nYDC4vqC7dSHYtgVQLAd6D
OSDm5vUjoX83uoS4pLCzi71TkStAYf4s3DGgQ42gQP53Yxm5aNaU1YuOmI6hjael
n/LPg4D8Tp7xFHPszVAeA90txuCqDvB5faoyptKXxWHx6c1bRD3ojncHEBUeLk2Q
YIGWpmiboquXkd5Ry4559zfnwPgkZMuxp8lPwMxHDVcoTsqdngAJcOHr7xV/sPBf
sj2oe0Pp5Fd3ww==
-----END CERTIFICATE-----
Generated at Fri Jun 13 03:06:40 2025 by rpki-client