Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/0347d3-e54c-44c0-8f7a-4514374e6ffa/1/kcHIW_XFNHGpl--fqZnQwWvoVEQ.mft
File:                     kcHIW_XFNHGpl--fqZnQwWvoVEQ.mft (raw, json)
Hash identifier:          rbT4n4xX/nd0IERRUr6VCs+kWqoiPadIl1sjIQ0we1w=
Subject key identifier:   92:B7:45:EC:18:03:77:0A:46:CC:0F:FF:C2:7D:F5:13:6E:5D:8C:B3
Authority key identifier: 91:C1:C8:5B:F5:C5:34:71:A9:97:EF:9F:A9:99:D0:C1:6B:E8:54:44
Certificate issuer:       /CN=91c1c85bf5c53471a997ef9fa999d0c16be85444
Certificate serial:       01975F81D97C5D0B319F4FB7D234BE7DE996
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/kcHIW_XFNHGpl--fqZnQwWvoVEQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/40/0347d3-e54c-44c0-8f7a-4514374e6ffa/1/kcHIW_XFNHGpl--fqZnQwWvoVEQ.mft
Manifest number:          1592
Signing time:             Wed 11 Jun 2025 15:00:34 +0000
Manifest this update:     Wed 11 Jun 2025 15:00:34 +0000
Manifest next update:     Thu 12 Jun 2025 15:00:34 +0000
Files and hashes:         1: Lx4QL8l0KgaffC4QXEWzVHcEawc.roa (hash: DxG2rV8lArm7XTxrRaRlBv42lE1FblGks/y6Gbm7tWY=)
                          2: kcHIW_XFNHGpl--fqZnQwWvoVEQ.crl (hash: 70DrssNtmM7H1mRAB8CQu/62M8yoJndzc4zx77/l+GI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/40/0347d3-e54c-44c0-8f7a-4514374e6ffa/1/kcHIW_XFNHGpl--fqZnQwWvoVEQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/40/0347d3-e54c-44c0-8f7a-4514374e6ffa/1/kcHIW_XFNHGpl--fqZnQwWvoVEQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/kcHIW_XFNHGpl--fqZnQwWvoVEQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 12 Jun 2025 15:00:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:5f:81:d9:7c:5d:0b:31:9f:4f:b7:d2:34:be:7d:e9:96
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=91c1c85bf5c53471a997ef9fa999d0c16be85444
        Validity
            Not Before: Jun 11 15:00:34 2025 GMT
            Not After : Jun 12 15:00:34 2025 GMT
        Subject: CN=92b745ec1803770a46cc0fffc27df5136e5d8cb3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cc:4f:df:d3:d5:9c:6e:20:52:bd:7b:dd:37:6d:
                    0b:23:58:0b:4c:2d:ea:f5:ce:e9:98:d3:c3:ee:5a:
                    d7:49:25:af:80:7a:40:bb:04:89:18:fa:82:b8:7c:
                    08:47:91:76:a2:71:b1:47:33:21:f5:95:97:f3:4e:
                    e1:c0:40:be:7f:2d:27:7b:08:6e:32:07:ce:44:15:
                    99:ee:f0:e9:d5:54:f4:c7:07:7e:53:0c:05:ab:73:
                    5f:89:ab:37:22:28:94:9c:55:25:43:c7:26:75:69:
                    00:b7:d6:6f:6f:0a:e0:30:d7:a6:a4:6c:ce:dc:ea:
                    ef:82:02:c2:34:9c:52:45:fe:36:26:b9:0f:d8:93:
                    a5:ee:00:6d:09:0e:d1:87:0c:7d:eb:86:6e:9e:b9:
                    2f:cf:89:c0:7b:8a:95:0f:ff:64:4e:35:0d:4a:4a:
                    33:fa:3b:58:2b:05:90:87:b2:2a:aa:c8:c8:30:8d:
                    5c:ba:6d:d4:5a:de:96:55:db:09:8a:4b:65:a8:03:
                    2a:5f:ee:c8:76:f0:c4:22:e7:cd:51:c2:7a:cd:a6:
                    95:a4:88:2d:e5:65:8b:67:ae:8c:e0:74:39:e4:ea:
                    2e:09:ac:a6:ec:78:7a:3e:6a:86:1b:b1:b7:12:41:
                    e7:c8:8a:17:29:88:14:53:4a:6e:b4:a0:46:58:c2:
                    03:19
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                92:B7:45:EC:18:03:77:0A:46:CC:0F:FF:C2:7D:F5:13:6E:5D:8C:B3
            X509v3 Authority Key Identifier:
                keyid:91:C1:C8:5B:F5:C5:34:71:A9:97:EF:9F:A9:99:D0:C1:6B:E8:54:44

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kcHIW_XFNHGpl--fqZnQwWvoVEQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/0347d3-e54c-44c0-8f7a-4514374e6ffa/1/kcHIW_XFNHGpl--fqZnQwWvoVEQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/40/0347d3-e54c-44c0-8f7a-4514374e6ffa/1/kcHIW_XFNHGpl--fqZnQwWvoVEQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         13:7e:76:70:74:e6:0b:d0:49:b4:55:4b:ed:67:0f:65:d3:e7:
         00:3e:7f:47:bb:53:be:23:12:dc:d9:b8:2d:de:1e:28:c2:1d:
         60:fc:09:a5:17:ac:68:29:44:fe:b9:0f:cd:00:04:17:af:bf:
         0b:28:b5:08:2f:01:c6:8b:1d:51:cd:2f:74:4d:c3:d2:17:e8:
         bc:d5:69:09:12:2d:1a:a1:d8:f9:14:76:f4:62:59:6f:dd:d1:
         42:e3:b1:a6:0e:9c:c7:ab:4a:68:31:de:4d:13:28:5e:a1:70:
         b7:8d:9f:1f:35:96:3d:93:75:07:1e:84:1e:c2:55:0e:72:2e:
         58:7b:54:46:c5:68:04:ba:de:cc:d8:79:f3:24:fe:eb:03:75:
         c6:f7:07:7d:55:84:49:9c:14:ac:5f:ed:be:23:a9:cf:ec:57:
         0f:81:70:22:90:08:fe:89:c0:52:f5:47:28:2b:d0:eb:05:41:
         02:1a:d0:50:5c:46:ab:ce:a6:06:d5:c2:d6:5a:05:bd:bf:90:
         04:6e:b9:11:1c:c1:d1:7e:d6:48:00:38:a6:66:7d:48:43:96:
         96:0f:be:3e:88:3f:18:84:83:30:a2:67:c6:74:a3:f6:f4:cb:
         f7:a8:1a:93:de:ca:b8:ae:53:cd:82:f7:3b:90:1e:0f:a2:7f:
         f7:25:72:94
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdfgdl8XQsxn0+30jS+femWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkxYzFjODViZjVjNTM0NzFhOTk3ZWY5ZmE5OTlkMGMxNmJl
ODU0NDQwHhcNMjUwNjExMTUwMDM0WhcNMjUwNjEyMTUwMDM0WjAzMTEwLwYDVQQD
Eyg5MmI3NDVlYzE4MDM3NzBhNDZjYzBmZmZjMjdkZjUxMzZlNWQ4Y2IzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzE/f09WcbiBSvXvdN20LI1gLTC3q
9c7pmNPD7lrXSSWvgHpAuwSJGPqCuHwIR5F2onGxRzMh9ZWX807hwEC+fy0newhu
MgfORBWZ7vDp1VT0xwd+UwwFq3Nfias3IiiUnFUlQ8cmdWkAt9ZvbwrgMNempGzO
3OrvggLCNJxSRf42JrkP2JOl7gBtCQ7Rhwx964Zunrkvz4nAe4qVD/9kTjUNSkoz
+jtYKwWQh7IqqsjIMI1cum3UWt6WVdsJiktlqAMqX+7IdvDEIufNUcJ6zaaVpIgt
5WWLZ66M4HQ55OouCaym7Hh6PmqGG7G3EkHnyIoXKYgUU0putKBGWMIDGQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJK3RewYA3cKRswP/8J99RNuXYyzMB8GA1UdIwQY
MBaAFJHByFv1xTRxqZfvn6mZ0MFr6FREMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva2NISVdfWEZOSEdwbC0tZnFablF3V3ZvVkVRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC8wMzQ3ZDMtZTU0Yy00NGMwLThmN2Et
NDUxNDM3NGU2ZmZhLzEva2NISVdfWEZOSEdwbC0tZnFablF3V3ZvVkVRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC8wMzQ3ZDMtZTU0Yy00NGMwLThmN2EtNDUxNDM3NGU2ZmZh
LzEva2NISVdfWEZOSEdwbC0tZnFablF3V3ZvVkVRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAE352cHTm
C9BJtFVL7WcPZdPnAD5/R7tTviMS3Nm4Ld4eKMIdYPwJpResaClE/rkPzQAEF6+/
Cyi1CC8BxosdUc0vdE3D0hfovNVpCRItGqHY+RR29GJZb93RQuOxpg6cx6tKaDHe
TRMoXqFwt42fHzWWPZN1Bx6EHsJVDnIuWHtURsVoBLrezNh58yT+6wN1xvcHfVWE
SZwUrF/tviOpz+xXD4FwIpAI/onAUvVHKCvQ6wVBAhrQUFxGq86mBtXC1loFvb+Q
BG65ERzB0X7WSAA4pmZ9SEOWlg++Pog/GISDMKJnxnSj9vTL96gak97KuK5TzYL3
O5AeD6J/9yVylA==
-----END CERTIFICATE-----
Generated at Wed Jun 11 20:35:13 2025 by rpki-client