Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/41/70db9b-e07a-4fbf-9eba-06d498f620a3/1/Goj0Ke3Iaqh7s6F3F86nHHCHOvI.mft
File:                     Goj0Ke3Iaqh7s6F3F86nHHCHOvI.mft (raw, json)
Hash identifier:          4uJ8oY38VjsRM0Mc/0TSOXU5wihKtkFa9HAjgfnTXk0=
Subject key identifier:   1F:10:15:E8:9F:DC:AA:20:DA:CF:32:AF:08:FD:01:49:E6:E4:6B:4B
Authority key identifier: 1A:88:F4:29:ED:C8:6A:A8:7B:B3:A1:77:17:CE:A7:1C:70:87:3A:F2
Certificate issuer:       /CN=1a88f429edc86aa87bb3a17717cea71c70873af2
Certificate serial:       01975422DDC2488DD40D81C50E07BA9E211B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Goj0Ke3Iaqh7s6F3F86nHHCHOvI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/41/70db9b-e07a-4fbf-9eba-06d498f620a3/1/Goj0Ke3Iaqh7s6F3F86nHHCHOvI.mft
Manifest number:          11D4
Signing time:             Mon 09 Jun 2025 10:01:00 +0000
Manifest this update:     Mon 09 Jun 2025 10:01:00 +0000
Manifest next update:     Tue 10 Jun 2025 10:01:00 +0000
Files and hashes:         1: Goj0Ke3Iaqh7s6F3F86nHHCHOvI.crl (hash: r/dMyjFnOSjUy//ARlL5Vcwa9wy565GHzMwlI8xBAqA=)
                          2: UujBfWNQbvUkl0lkMK4V-9QiUlw.roa (hash: FohKwxny7khcmiCsTnlSJI6D8Cw6gmfD+vVquMBYGNg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/41/70db9b-e07a-4fbf-9eba-06d498f620a3/1/Goj0Ke3Iaqh7s6F3F86nHHCHOvI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/41/70db9b-e07a-4fbf-9eba-06d498f620a3/1/Goj0Ke3Iaqh7s6F3F86nHHCHOvI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Goj0Ke3Iaqh7s6F3F86nHHCHOvI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 10 Jun 2025 06:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:54:22:dd:c2:48:8d:d4:0d:81:c5:0e:07:ba:9e:21:1b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1a88f429edc86aa87bb3a17717cea71c70873af2
        Validity
            Not Before: Jun  9 10:01:00 2025 GMT
            Not After : Jun 10 10:01:00 2025 GMT
        Subject: CN=1f1015e89fdcaa20dacf32af08fd0149e6e46b4b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cc:b8:b5:75:5a:dc:4c:3a:c3:1c:a1:86:b1:c7:
                    3d:fb:1f:82:46:be:75:1b:db:68:c3:af:dc:72:de:
                    b6:09:8f:4c:7e:77:b8:45:cd:4d:d4:98:39:74:f5:
                    f5:ae:87:81:85:b9:b9:f3:00:fe:22:70:c1:e2:78:
                    49:a1:b9:91:7b:2d:7c:76:ae:e1:bf:93:f0:20:c7:
                    d9:8a:ab:17:80:a2:bc:d3:94:49:31:8b:1a:47:3d:
                    78:0f:05:26:ed:fb:67:bf:a1:ae:cb:b2:e0:ba:8c:
                    92:63:d0:89:43:16:cb:57:49:41:de:9b:96:08:d9:
                    92:8a:4e:a0:16:56:8f:09:1d:17:55:fd:5f:d1:12:
                    fa:04:dd:2f:ac:2a:47:91:fa:c7:91:c4:54:64:d6:
                    34:3b:6b:51:30:70:f3:16:b3:8e:f6:08:a8:a4:69:
                    26:9b:a2:73:f1:79:11:f5:49:96:c6:3d:36:d3:62:
                    4a:d6:2d:28:46:57:e0:0e:67:8d:2e:a1:03:02:6e:
                    04:70:db:9d:64:d3:74:29:20:63:bd:c1:ad:6d:26:
                    4e:00:68:21:ae:56:7a:cc:9b:df:de:ef:dc:d9:79:
                    98:98:e2:c4:46:57:18:ea:c3:06:14:75:ab:7e:ea:
                    9d:1e:83:cc:9a:e8:bd:56:e3:26:72:81:3d:a0:39:
                    9e:f1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1F:10:15:E8:9F:DC:AA:20:DA:CF:32:AF:08:FD:01:49:E6:E4:6B:4B
            X509v3 Authority Key Identifier:
                keyid:1A:88:F4:29:ED:C8:6A:A8:7B:B3:A1:77:17:CE:A7:1C:70:87:3A:F2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Goj0Ke3Iaqh7s6F3F86nHHCHOvI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/41/70db9b-e07a-4fbf-9eba-06d498f620a3/1/Goj0Ke3Iaqh7s6F3F86nHHCHOvI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/41/70db9b-e07a-4fbf-9eba-06d498f620a3/1/Goj0Ke3Iaqh7s6F3F86nHHCHOvI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         39:03:06:7d:81:42:cb:3a:be:b9:2d:12:47:2d:32:36:cb:57:
         aa:7d:4f:f8:ac:ba:f1:e7:bd:ec:99:ce:81:81:9b:e8:5d:53:
         da:62:16:b2:77:4d:7b:9d:aa:08:b1:0e:e6:37:70:d4:27:25:
         df:56:a9:09:68:8a:2f:7d:d8:96:09:6c:95:c5:b3:d8:31:97:
         df:fd:67:62:43:ef:42:2b:82:1c:3b:c3:ab:18:76:8c:ad:f5:
         6a:76:0a:37:46:27:6d:f6:f7:7a:19:bd:75:d4:b6:dd:ff:ce:
         5b:79:9e:5b:50:54:a4:b6:12:69:c8:09:7a:bf:b7:8f:02:92:
         81:69:30:7f:11:1b:75:68:67:d5:b9:4b:c8:c4:62:55:f5:59:
         74:e6:9e:61:dd:56:3f:c9:b8:aa:04:a3:09:2c:07:4a:5b:20:
         7b:c6:be:02:b7:92:65:80:35:5a:30:b7:46:9e:b4:f1:21:66:
         b1:6b:d3:ab:12:cb:23:01:36:d0:64:bb:3e:be:49:d1:1e:c9:
         22:29:b1:4a:65:ee:c1:38:3a:ac:17:d8:a4:25:e1:a5:87:d6:
         73:39:2f:d1:67:31:7e:9f:a9:b3:01:58:0a:0f:da:cd:f5:50:
         e1:e5:41:0c:a8:3a:ea:33:a3:57:b1:05:91:36:5c:7d:c2:e1:
         a9:19:dd:b3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdUIt3CSI3UDYHFDge6niEbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFhODhmNDI5ZWRjODZhYTg3YmIzYTE3NzE3Y2VhNzFjNzA4
NzNhZjIwHhcNMjUwNjA5MTAwMTAwWhcNMjUwNjEwMTAwMTAwWjAzMTEwLwYDVQQD
EygxZjEwMTVlODlmZGNhYTIwZGFjZjMyYWYwOGZkMDE0OWU2ZTQ2YjRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzLi1dVrcTDrDHKGGscc9+x+CRr51
G9tow6/cct62CY9Mfne4Rc1N1Jg5dPX1roeBhbm58wD+InDB4nhJobmRey18dq7h
v5PwIMfZiqsXgKK805RJMYsaRz14DwUm7ftnv6Guy7LguoySY9CJQxbLV0lB3puW
CNmSik6gFlaPCR0XVf1f0RL6BN0vrCpHkfrHkcRUZNY0O2tRMHDzFrOO9giopGkm
m6Jz8XkR9UmWxj0202JK1i0oRlfgDmeNLqEDAm4EcNudZNN0KSBjvcGtbSZOAGgh
rlZ6zJvf3u/c2XmYmOLERlcY6sMGFHWrfuqdHoPMmui9VuMmcoE9oDme8QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFB8QFeif3Kog2s8yrwj9AUnm5GtLMB8GA1UdIwQY
MBaAFBqI9CntyGqoe7OhdxfOpxxwhzryMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR29qMEtlM0lhcWg3czZGM0Y4Nm5ISENIT3ZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MS83MGRiOWItZTA3YS00ZmJmLTllYmEt
MDZkNDk4ZjYyMGEzLzEvR29qMEtlM0lhcWg3czZGM0Y4Nm5ISENIT3ZJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MS83MGRiOWItZTA3YS00ZmJmLTllYmEtMDZkNDk4ZjYyMGEz
LzEvR29qMEtlM0lhcWg3czZGM0Y4Nm5ISENIT3ZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAOQMGfYFC
yzq+uS0SRy0yNstXqn1P+Ky68ee97JnOgYGb6F1T2mIWsndNe52qCLEO5jdw1Ccl
31apCWiKL33YlglslcWz2DGX3/1nYkPvQiuCHDvDqxh2jK31anYKN0Ynbfb3ehm9
ddS23f/OW3meW1BUpLYSacgJer+3jwKSgWkwfxEbdWhn1blLyMRiVfVZdOaeYd1W
P8m4qgSjCSwHSlsge8a+AreSZYA1WjC3Rp608SFmsWvTqxLLIwE20GS7Pr5J0R7J
IimxSmXuwTg6rBfYpCXhpYfWczkv0Wcxfp+pswFYCg/azfVQ4eVBDKg66jOjV7EF
kTZcfcLhqRndsw==
-----END CERTIFICATE-----
Generated at Mon Jun 9 14:39:44 2025 by rpki-client