Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/41/6c4131-365c-4c14-9e0b-502a957fdaf8/1/Hes_qoOIVJtVyz86vUxsFRBs9Ts.mft
File:                     Hes_qoOIVJtVyz86vUxsFRBs9Ts.mft (raw, json)
Hash identifier:          PxdFadAMGiBHuJsSriua5OQW9p4AHmV2JSR6KcgsKPU=
Subject key identifier:   D4:19:65:86:2A:D2:BF:99:DC:C0:AB:19:A6:47:7A:CA:FC:80:FB:3A
Authority key identifier: 1D:EB:3F:AA:83:88:54:9B:55:CB:3F:3A:BD:4C:6C:15:10:6C:F5:3B
Certificate issuer:       /CN=1deb3faa8388549b55cb3f3abd4c6c15106cf53b
Certificate serial:       019757C825068B69B0ACEEF2E68B4C2CE2F2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Hes_qoOIVJtVyz86vUxsFRBs9Ts.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/41/6c4131-365c-4c14-9e0b-502a957fdaf8/1/Hes_qoOIVJtVyz86vUxsFRBs9Ts.mft
Manifest number:          04D2
Signing time:             Tue 10 Jun 2025 03:00:23 +0000
Manifest this update:     Tue 10 Jun 2025 03:00:23 +0000
Manifest next update:     Wed 11 Jun 2025 03:00:23 +0000
Files and hashes:         1: 1-i_f4gNCAnPwT26M-00faBCZ1ec.roa (hash: rf9DtMiWGOZOoz1U+iRouParfUgOp6ltk1lTfbvhGLM=)
                          2: Hes_qoOIVJtVyz86vUxsFRBs9Ts.crl (hash: tXXg7A8jkBr9BLBgu46Ny9xTqqRk4UL8M99HyQwPzGQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/41/6c4131-365c-4c14-9e0b-502a957fdaf8/1/Hes_qoOIVJtVyz86vUxsFRBs9Ts.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/41/6c4131-365c-4c14-9e0b-502a957fdaf8/1/Hes_qoOIVJtVyz86vUxsFRBs9Ts.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Hes_qoOIVJtVyz86vUxsFRBs9Ts.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 11 Jun 2025 00:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:57:c8:25:06:8b:69:b0:ac:ee:f2:e6:8b:4c:2c:e2:f2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1deb3faa8388549b55cb3f3abd4c6c15106cf53b
        Validity
            Not Before: Jun 10 03:00:23 2025 GMT
            Not After : Jun 11 03:00:23 2025 GMT
        Subject: CN=d41965862ad2bf99dcc0ab19a6477acafc80fb3a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:28:8d:f8:6c:09:65:99:1b:46:1c:be:1b:82:
                    4d:43:38:f2:a7:e5:12:fd:1e:fe:72:0a:68:41:92:
                    74:f9:78:ab:82:20:ad:ee:c1:75:80:b1:aa:ef:2e:
                    4f:06:6f:ee:19:65:29:4d:3f:49:47:96:78:ee:65:
                    c2:ce:52:fc:97:b1:61:7a:9d:30:b7:8c:0a:cb:0c:
                    f1:a0:15:37:0d:8e:21:75:bd:5e:0a:43:9c:0c:14:
                    a6:20:da:00:d7:a3:ae:05:6e:4b:28:78:f2:0f:64:
                    0e:29:f8:24:b7:42:b7:19:a9:11:a1:50:bb:64:8f:
                    3c:5e:06:81:4f:d8:94:e7:22:52:02:c6:29:3e:d9:
                    fc:48:5a:4f:9d:ac:90:87:fe:77:3c:96:51:22:66:
                    51:54:c7:4f:46:09:5d:21:47:98:e4:40:70:5a:c9:
                    2f:78:97:72:92:48:8d:ff:fa:d4:79:fc:64:cd:90:
                    74:5d:50:92:5e:41:71:00:c2:01:fd:61:6f:1f:bc:
                    ca:80:35:3f:d3:94:90:53:d7:a0:47:07:47:91:69:
                    0b:3e:e2:b2:e9:5f:c1:ae:68:26:e7:1f:62:1d:16:
                    19:3a:e9:c6:b5:83:69:aa:86:35:c2:59:a5:ba:c5:
                    67:f0:11:0b:2c:b6:27:7e:e7:17:f5:30:e3:74:c3:
                    70:db
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D4:19:65:86:2A:D2:BF:99:DC:C0:AB:19:A6:47:7A:CA:FC:80:FB:3A
            X509v3 Authority Key Identifier:
                keyid:1D:EB:3F:AA:83:88:54:9B:55:CB:3F:3A:BD:4C:6C:15:10:6C:F5:3B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Hes_qoOIVJtVyz86vUxsFRBs9Ts.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/41/6c4131-365c-4c14-9e0b-502a957fdaf8/1/Hes_qoOIVJtVyz86vUxsFRBs9Ts.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/41/6c4131-365c-4c14-9e0b-502a957fdaf8/1/Hes_qoOIVJtVyz86vUxsFRBs9Ts.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5c:f2:bf:50:33:64:6a:5c:cc:ff:5c:26:00:ec:c0:13:c6:a7:
         95:ea:18:74:aa:8b:7e:ba:70:4f:df:3a:7e:6b:38:37:d6:b3:
         ef:9b:30:96:d7:8e:35:18:45:e2:82:f2:bd:d6:2a:4c:20:b2:
         c0:7f:f1:c6:49:10:b2:fe:d8:f3:0a:c5:a3:b7:bd:fa:f7:90:
         27:95:67:84:69:be:06:cd:c3:6b:23:20:06:b4:9b:ce:47:49:
         da:37:82:49:06:4d:83:6e:9d:5d:df:99:96:54:d1:11:9f:48:
         83:96:89:25:30:3f:39:b6:8d:d9:58:a4:28:2b:7d:b7:d9:fc:
         f0:41:bd:6c:6d:16:93:40:b8:0a:fe:3f:4d:a1:6c:c0:d1:80:
         82:0c:5f:b6:26:2e:0a:72:7f:14:28:5b:79:e7:23:28:b4:06:
         cb:80:0e:ac:22:da:bf:a8:af:8e:74:72:5a:3c:f9:f7:e0:95:
         aa:ea:a1:3a:6e:9c:be:13:09:e5:39:08:2e:8c:86:97:b6:ff:
         c2:50:27:da:d0:55:2c:dd:49:d6:fd:27:94:84:85:56:22:44:
         7f:f5:c2:c7:ad:80:2d:88:76:b1:b6:1f:ec:52:e0:79:e4:fb:
         c3:bf:74:de:6b:e6:65:e9:66:3f:f1:28:35:34:42:e4:92:05:
         dd:ea:e8:71
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdXyCUGi2mwrO7y5otMLOLyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFkZWIzZmFhODM4ODU0OWI1NWNiM2YzYWJkNGM2YzE1MTA2
Y2Y1M2IwHhcNMjUwNjEwMDMwMDIzWhcNMjUwNjExMDMwMDIzWjAzMTEwLwYDVQQD
EyhkNDE5NjU4NjJhZDJiZjk5ZGNjMGFiMTlhNjQ3N2FjYWZjODBmYjNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArSiN+GwJZZkbRhy+G4JNQzjyp+US
/R7+cgpoQZJ0+XirgiCt7sF1gLGq7y5PBm/uGWUpTT9JR5Z47mXCzlL8l7Fhep0w
t4wKywzxoBU3DY4hdb1eCkOcDBSmINoA16OuBW5LKHjyD2QOKfgkt0K3GakRoVC7
ZI88XgaBT9iU5yJSAsYpPtn8SFpPnayQh/53PJZRImZRVMdPRgldIUeY5EBwWskv
eJdykkiN//rUefxkzZB0XVCSXkFxAMIB/WFvH7zKgDU/05SQU9egRwdHkWkLPuKy
6V/Brmgm5x9iHRYZOunGtYNpqoY1wlmlusVn8BELLLYnfucX9TDjdMNw2wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNQZZYYq0r+Z3MCrGaZHesr8gPs6MB8GA1UdIwQY
MBaAFB3rP6qDiFSbVcs/Or1MbBUQbPU7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSGVzX3FvT0lWSnRWeXo4NnZVeHNGUkJzOVRzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MS82YzQxMzEtMzY1Yy00YzE0LTllMGIt
NTAyYTk1N2ZkYWY4LzEvSGVzX3FvT0lWSnRWeXo4NnZVeHNGUkJzOVRzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MS82YzQxMzEtMzY1Yy00YzE0LTllMGItNTAyYTk1N2ZkYWY4
LzEvSGVzX3FvT0lWSnRWeXo4NnZVeHNGUkJzOVRzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXPK/UDNk
alzM/1wmAOzAE8anleoYdKqLfrpwT986fms4N9az75swlteONRhF4oLyvdYqTCCy
wH/xxkkQsv7Y8wrFo7e9+veQJ5VnhGm+Bs3DayMgBrSbzkdJ2jeCSQZNg26dXd+Z
llTREZ9Ig5aJJTA/ObaN2VikKCt9t9n88EG9bG0Wk0C4Cv4/TaFswNGAggxftiYu
CnJ/FChbeecjKLQGy4AOrCLav6ivjnRyWjz59+CVquqhOm6cvhMJ5TkILoyGl7b/
wlAn2tBVLN1J1v0nlISFViJEf/XCx62ALYh2sbYf7FLgeeT7w7903mvmZelmP/Eo
NTRC5JIF3erocQ==
-----END CERTIFICATE-----
Generated at Tue Jun 10 07:49:45 2025 by rpki-client