Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/41/6c4131-365c-4c14-9e0b-502a957fdaf8/1/Hes_qoOIVJtVyz86vUxsFRBs9Ts.mft
File:                     Hes_qoOIVJtVyz86vUxsFRBs9Ts.mft (raw, json)
Hash identifier:          xDoQwokVZNvgzM7VXgOcOJKnJxxWWff5QBLf00bFNMI=
Subject key identifier:   54:57:67:45:40:2C:0C:DB:FD:D8:F3:05:4A:34:FA:46:B1:5C:A2:20
Authority key identifier: 1D:EB:3F:AA:83:88:54:9B:55:CB:3F:3A:BD:4C:6C:15:10:6C:F5:3B
Certificate issuer:       /CN=1deb3faa8388549b55cb3f3abd4c6c15106cf53b
Certificate serial:       019759B685D43EDC08566191EE5F2BF0251B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Hes_qoOIVJtVyz86vUxsFRBs9Ts.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/41/6c4131-365c-4c14-9e0b-502a957fdaf8/1/Hes_qoOIVJtVyz86vUxsFRBs9Ts.mft
Manifest number:          04D3
Signing time:             Tue 10 Jun 2025 12:00:23 +0000
Manifest this update:     Tue 10 Jun 2025 12:00:23 +0000
Manifest next update:     Wed 11 Jun 2025 12:00:23 +0000
Files and hashes:         1: 1-i_f4gNCAnPwT26M-00faBCZ1ec.roa (hash: rf9DtMiWGOZOoz1U+iRouParfUgOp6ltk1lTfbvhGLM=)
                          2: Hes_qoOIVJtVyz86vUxsFRBs9Ts.crl (hash: PMyCMwVc6XOP46DqiRmIX0UMjHFdzlNlgHU+wyKwrno=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/41/6c4131-365c-4c14-9e0b-502a957fdaf8/1/Hes_qoOIVJtVyz86vUxsFRBs9Ts.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/41/6c4131-365c-4c14-9e0b-502a957fdaf8/1/Hes_qoOIVJtVyz86vUxsFRBs9Ts.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Hes_qoOIVJtVyz86vUxsFRBs9Ts.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 11 Jun 2025 12:00:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:59:b6:85:d4:3e:dc:08:56:61:91:ee:5f:2b:f0:25:1b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1deb3faa8388549b55cb3f3abd4c6c15106cf53b
        Validity
            Not Before: Jun 10 12:00:23 2025 GMT
            Not After : Jun 11 12:00:23 2025 GMT
        Subject: CN=54576745402c0cdbfdd8f3054a34fa46b15ca220
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:3d:52:7b:1a:c6:fe:19:62:41:19:7a:c7:96:
                    30:d9:cd:83:4a:0d:1b:5e:2c:ca:92:5c:ec:e2:ad:
                    26:5f:4f:e0:dd:2f:63:88:c6:c6:63:85:66:6d:b4:
                    6a:92:1f:d6:84:09:b2:b3:59:f8:f1:ba:8b:c1:a6:
                    dc:d6:a9:f0:74:c6:6b:d0:69:7e:d1:6f:d6:5c:1e:
                    1f:d5:2a:ac:9d:37:50:c2:e6:89:2e:a9:dd:84:51:
                    27:7a:76:9e:35:ab:5a:81:7a:d2:84:8b:fb:f7:ea:
                    48:61:70:d5:09:c2:fc:b5:71:8d:ff:78:c4:bc:f2:
                    52:17:63:ac:bc:f8:e7:06:e3:06:ad:84:57:6c:3a:
                    90:29:2d:0b:e3:97:f4:52:e4:b1:0d:94:65:f7:e6:
                    33:35:f5:28:24:99:c7:1c:3c:50:63:d4:78:55:f3:
                    f0:2e:1c:50:35:48:0a:c1:e9:f7:88:bc:ea:65:a8:
                    f3:4d:00:e5:50:06:3b:13:3d:99:93:17:ff:b4:5c:
                    49:17:5d:7b:5b:22:2f:b8:6c:11:2e:27:8c:d3:9c:
                    ec:54:b3:81:50:04:84:e3:d0:ad:fe:64:df:c0:19:
                    93:37:c9:e0:28:97:d9:7c:4f:f4:6c:f1:45:2f:fa:
                    6e:b9:4d:34:6c:0b:dd:95:8b:ad:29:8f:95:6e:43:
                    ff:c1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                54:57:67:45:40:2C:0C:DB:FD:D8:F3:05:4A:34:FA:46:B1:5C:A2:20
            X509v3 Authority Key Identifier:
                keyid:1D:EB:3F:AA:83:88:54:9B:55:CB:3F:3A:BD:4C:6C:15:10:6C:F5:3B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Hes_qoOIVJtVyz86vUxsFRBs9Ts.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/41/6c4131-365c-4c14-9e0b-502a957fdaf8/1/Hes_qoOIVJtVyz86vUxsFRBs9Ts.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/41/6c4131-365c-4c14-9e0b-502a957fdaf8/1/Hes_qoOIVJtVyz86vUxsFRBs9Ts.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         63:2a:cb:af:af:27:a8:ce:45:be:28:ef:36:60:96:6c:88:ef:
         86:c4:d4:37:0d:67:00:d7:86:1c:a7:a6:6b:1b:aa:5f:7a:7e:
         fb:5e:81:30:fa:e9:d9:63:99:e3:87:e1:d2:54:6e:89:55:2d:
         57:93:76:c9:9b:1b:cb:8a:ca:92:9a:5b:c4:44:0c:51:bf:ae:
         33:d9:30:fe:4e:8f:7b:00:77:b7:78:cf:96:99:0e:5a:4e:53:
         c7:2e:91:3c:a5:05:03:5e:df:12:7b:65:39:14:ff:58:7e:e4:
         67:22:3b:c4:9b:07:e4:78:80:de:cb:d8:f5:a5:17:9e:00:9d:
         40:3a:41:d1:db:2d:cb:37:10:92:76:48:10:be:7e:a0:49:b7:
         4d:f7:59:7b:d9:a9:4b:ed:3a:52:64:7f:52:8b:9a:6a:7c:04:
         ea:bf:11:bf:a4:fd:6d:de:16:1c:a4:cf:12:c7:3b:a2:9f:5d:
         94:ac:33:cb:32:41:9e:53:c4:c2:bd:9b:7f:a5:95:64:8c:f1:
         58:f3:6b:58:a0:7f:99:58:d7:08:6c:2d:fb:22:49:6b:07:ac:
         5d:38:4b:36:d1:1b:8b:2a:58:ac:e8:7f:9c:42:7d:ae:e8:e7:
         26:c7:d4:a0:95:cb:2d:ca:c1:1a:87:99:85:03:aa:f2:bf:df:
         05:57:e8:78
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdZtoXUPtwIVmGR7l8r8CUbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFkZWIzZmFhODM4ODU0OWI1NWNiM2YzYWJkNGM2YzE1MTA2
Y2Y1M2IwHhcNMjUwNjEwMTIwMDIzWhcNMjUwNjExMTIwMDIzWjAzMTEwLwYDVQQD
Eyg1NDU3Njc0NTQwMmMwY2RiZmRkOGYzMDU0YTM0ZmE0NmIxNWNhMjIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwD1SexrG/hliQRl6x5Yw2c2DSg0b
XizKklzs4q0mX0/g3S9jiMbGY4VmbbRqkh/WhAmys1n48bqLwabc1qnwdMZr0Gl+
0W/WXB4f1SqsnTdQwuaJLqndhFEnenaeNatagXrShIv79+pIYXDVCcL8tXGN/3jE
vPJSF2OsvPjnBuMGrYRXbDqQKS0L45f0UuSxDZRl9+YzNfUoJJnHHDxQY9R4VfPw
LhxQNUgKwen3iLzqZajzTQDlUAY7Ez2Zkxf/tFxJF117WyIvuGwRLieM05zsVLOB
UASE49Ct/mTfwBmTN8ngKJfZfE/0bPFFL/puuU00bAvdlYutKY+VbkP/wQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFRXZ0VALAzb/djzBUo0+kaxXKIgMB8GA1UdIwQY
MBaAFB3rP6qDiFSbVcs/Or1MbBUQbPU7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSGVzX3FvT0lWSnRWeXo4NnZVeHNGUkJzOVRzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MS82YzQxMzEtMzY1Yy00YzE0LTllMGIt
NTAyYTk1N2ZkYWY4LzEvSGVzX3FvT0lWSnRWeXo4NnZVeHNGUkJzOVRzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MS82YzQxMzEtMzY1Yy00YzE0LTllMGItNTAyYTk1N2ZkYWY4
LzEvSGVzX3FvT0lWSnRWeXo4NnZVeHNGUkJzOVRzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYyrLr68n
qM5FvijvNmCWbIjvhsTUNw1nANeGHKemaxuqX3p++16BMPrp2WOZ44fh0lRuiVUt
V5N2yZsby4rKkppbxEQMUb+uM9kw/k6PewB3t3jPlpkOWk5Txy6RPKUFA17fEntl
ORT/WH7kZyI7xJsH5HiA3svY9aUXngCdQDpB0dstyzcQknZIEL5+oEm3TfdZe9mp
S+06UmR/UouaanwE6r8Rv6T9bd4WHKTPEsc7op9dlKwzyzJBnlPEwr2bf6WVZIzx
WPNrWKB/mVjXCGwt+yJJawesXThLNtEbiypYrOh/nEJ9rujnJsfUoJXLLcrBGoeZ
hQOq8r/fBVfoeA==
-----END CERTIFICATE-----
Generated at Tue Jun 10 23:36:31 2025 by rpki-client