Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/0347d3-e54c-44c0-8f7a-4514374e6ffa/1/kcHIW_XFNHGpl--fqZnQwWvoVEQ.mft
File:                     kcHIW_XFNHGpl--fqZnQwWvoVEQ.mft (raw, json)
Hash identifier:          E18dfGjXaQQiRIdWnD4iCbmps6AyuvPzw/ty/T3oL0Q=
Subject key identifier:   15:04:83:7B:DB:73:98:76:1B:EB:23:C1:63:EE:1A:C0:4D:DF:26:EB
Authority key identifier: 91:C1:C8:5B:F5:C5:34:71:A9:97:EF:9F:A9:99:D0:C1:6B:E8:54:44
Certificate issuer:       /CN=91c1c85bf5c53471a997ef9fa999d0c16be85444
Certificate serial:       019759B6A888EB5C04C5327E3BC9066437D4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/kcHIW_XFNHGpl--fqZnQwWvoVEQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/40/0347d3-e54c-44c0-8f7a-4514374e6ffa/1/kcHIW_XFNHGpl--fqZnQwWvoVEQ.mft
Manifest number:          158F
Signing time:             Tue 10 Jun 2025 12:00:32 +0000
Manifest this update:     Tue 10 Jun 2025 12:00:32 +0000
Manifest next update:     Wed 11 Jun 2025 12:00:32 +0000
Files and hashes:         1: Lx4QL8l0KgaffC4QXEWzVHcEawc.roa (hash: DxG2rV8lArm7XTxrRaRlBv42lE1FblGks/y6Gbm7tWY=)
                          2: kcHIW_XFNHGpl--fqZnQwWvoVEQ.crl (hash: 9PnwEx8Zr8u4hOR856Uy49ZRNWi6qPSchbopCMdUzrk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/40/0347d3-e54c-44c0-8f7a-4514374e6ffa/1/kcHIW_XFNHGpl--fqZnQwWvoVEQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/40/0347d3-e54c-44c0-8f7a-4514374e6ffa/1/kcHIW_XFNHGpl--fqZnQwWvoVEQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/kcHIW_XFNHGpl--fqZnQwWvoVEQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 11 Jun 2025 12:00:32 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:59:b6:a8:88:eb:5c:04:c5:32:7e:3b:c9:06:64:37:d4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=91c1c85bf5c53471a997ef9fa999d0c16be85444
        Validity
            Not Before: Jun 10 12:00:32 2025 GMT
            Not After : Jun 11 12:00:32 2025 GMT
        Subject: CN=1504837bdb7398761beb23c163ee1ac04ddf26eb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:8f:72:98:d0:0e:67:4c:95:e0:16:2d:5f:35:
                    50:bc:be:46:4f:1d:41:2a:5c:7a:64:40:bf:01:9f:
                    bb:b5:b4:9b:d2:d2:9a:28:cb:4c:d0:60:76:c7:23:
                    47:61:21:7c:ff:a1:98:01:02:22:d5:4b:01:2a:7e:
                    db:d9:e5:ce:d8:7a:a6:59:c1:d1:3d:cb:a9:39:69:
                    f4:2b:67:f7:47:a3:96:55:ea:7e:d9:d5:71:f3:3c:
                    66:23:5d:11:25:69:17:e0:64:b5:e1:8b:0e:f1:0e:
                    2e:88:5f:f4:5f:bf:5e:c4:12:e9:8c:dd:6a:2b:3a:
                    40:3b:78:29:38:5b:8c:55:24:1e:8e:38:5e:88:4a:
                    25:be:1f:06:90:a2:3d:7f:c3:64:f7:c1:8d:d7:28:
                    2b:96:5d:e4:6f:72:31:92:89:74:83:00:b8:20:e9:
                    67:b8:1f:c3:58:77:2b:d5:43:06:e2:62:71:59:6f:
                    1e:f0:e8:71:95:3c:47:6d:40:47:dd:5c:b2:24:7e:
                    a9:82:01:f9:a8:8c:a5:a0:94:bf:1c:37:ce:ff:84:
                    c3:12:a2:07:32:04:56:e6:fe:cd:1b:6d:0c:ba:4b:
                    1c:6b:ef:a9:a3:f6:1d:f2:87:db:15:93:a7:87:d3:
                    1a:70:6c:06:9a:89:ed:47:8b:2a:ee:46:fc:dd:f2:
                    ad:41
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                15:04:83:7B:DB:73:98:76:1B:EB:23:C1:63:EE:1A:C0:4D:DF:26:EB
            X509v3 Authority Key Identifier:
                keyid:91:C1:C8:5B:F5:C5:34:71:A9:97:EF:9F:A9:99:D0:C1:6B:E8:54:44

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kcHIW_XFNHGpl--fqZnQwWvoVEQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/0347d3-e54c-44c0-8f7a-4514374e6ffa/1/kcHIW_XFNHGpl--fqZnQwWvoVEQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/40/0347d3-e54c-44c0-8f7a-4514374e6ffa/1/kcHIW_XFNHGpl--fqZnQwWvoVEQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         af:1f:cf:69:f7:7d:34:16:27:42:fe:91:3b:78:88:25:55:cb:
         0f:5d:64:b8:4e:5f:73:dd:17:8b:53:3a:42:a7:7f:aa:15:1b:
         41:47:cf:8f:c3:2f:ce:f4:98:6b:60:36:b3:aa:c1:1a:1c:7f:
         e9:3c:12:e7:a3:4a:cb:25:fc:9d:dd:63:9c:68:f0:21:82:e2:
         36:db:1d:aa:61:62:1f:e1:fa:8e:84:01:24:53:14:a3:c1:6d:
         fd:5b:27:98:d9:52:8f:17:c2:10:e7:bc:76:d8:2e:2c:1c:c8:
         9d:56:e6:36:65:2a:a4:b1:e6:1f:2a:95:78:36:7c:ad:18:b6:
         a6:35:09:9e:b1:1e:75:8c:4a:a6:7c:49:0a:0b:f7:71:ee:2f:
         17:ae:49:8d:1b:09:d9:ce:0b:89:19:7b:64:6c:ff:1c:88:d3:
         11:50:89:0b:6d:e6:28:7e:6b:b4:fd:55:a7:87:88:4c:cb:bd:
         fa:38:16:24:f6:fa:c3:49:76:af:1d:39:af:59:79:a0:6f:94:
         72:56:05:3d:fd:30:69:33:cf:f7:57:0c:5c:3d:84:6e:35:78:
         cb:10:c7:01:ac:b7:a3:78:45:fd:c2:50:41:72:9e:71:3f:c4:
         c7:33:f6:11:c9:f8:2e:aa:0a:61:eb:c4:dd:c0:d7:18:b5:09:
         79:e5:3d:52
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdZtqiI61wExTJ+O8kGZDfUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkxYzFjODViZjVjNTM0NzFhOTk3ZWY5ZmE5OTlkMGMxNmJl
ODU0NDQwHhcNMjUwNjEwMTIwMDMyWhcNMjUwNjExMTIwMDMyWjAzMTEwLwYDVQQD
EygxNTA0ODM3YmRiNzM5ODc2MWJlYjIzYzE2M2VlMWFjMDRkZGYyNmViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAso9ymNAOZ0yV4BYtXzVQvL5GTx1B
Klx6ZEC/AZ+7tbSb0tKaKMtM0GB2xyNHYSF8/6GYAQIi1UsBKn7b2eXO2HqmWcHR
PcupOWn0K2f3R6OWVep+2dVx8zxmI10RJWkX4GS14YsO8Q4uiF/0X79exBLpjN1q
KzpAO3gpOFuMVSQejjheiEolvh8GkKI9f8Nk98GN1ygrll3kb3Ixkol0gwC4IOln
uB/DWHcr1UMG4mJxWW8e8OhxlTxHbUBH3VyyJH6pggH5qIyloJS/HDfO/4TDEqIH
MgRW5v7NG20Muksca++po/Yd8ofbFZOnh9MacGwGmontR4sq7kb83fKtQQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBUEg3vbc5h2G+sjwWPuGsBN3ybrMB8GA1UdIwQY
MBaAFJHByFv1xTRxqZfvn6mZ0MFr6FREMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva2NISVdfWEZOSEdwbC0tZnFablF3V3ZvVkVRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC8wMzQ3ZDMtZTU0Yy00NGMwLThmN2Et
NDUxNDM3NGU2ZmZhLzEva2NISVdfWEZOSEdwbC0tZnFablF3V3ZvVkVRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC8wMzQ3ZDMtZTU0Yy00NGMwLThmN2EtNDUxNDM3NGU2ZmZh
LzEva2NISVdfWEZOSEdwbC0tZnFablF3V3ZvVkVRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEArx/Pafd9
NBYnQv6RO3iIJVXLD11kuE5fc90Xi1M6Qqd/qhUbQUfPj8MvzvSYa2A2s6rBGhx/
6TwS56NKyyX8nd1jnGjwIYLiNtsdqmFiH+H6joQBJFMUo8Ft/VsnmNlSjxfCEOe8
dtguLBzInVbmNmUqpLHmHyqVeDZ8rRi2pjUJnrEedYxKpnxJCgv3ce4vF65JjRsJ
2c4LiRl7ZGz/HIjTEVCJC23mKH5rtP1Vp4eITMu9+jgWJPb6w0l2rx05r1l5oG+U
clYFPf0waTPP91cMXD2EbjV4yxDHAay3o3hF/cJQQXKecT/ExzP2Ecn4LqoKYevE
3cDXGLUJeeU9Ug==
-----END CERTIFICATE-----
Generated at Tue Jun 10 20:54:24 2025 by rpki-client