Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/41/70db9b-e07a-4fbf-9eba-06d498f620a3/1/Goj0Ke3Iaqh7s6F3F86nHHCHOvI.mft
File:                     Goj0Ke3Iaqh7s6F3F86nHHCHOvI.mft (raw, json)
Hash identifier:          EyuGojdiV6yTkqPwMr8VMVcSYPIGUXWj96r8vztE+IQ=
Subject key identifier:   20:F7:FF:9D:5D:BC:F2:0B:18:28:D6:3F:0C:0B:1B:E1:B8:55:E9:24
Authority key identifier: 1A:88:F4:29:ED:C8:6A:A8:7B:B3:A1:77:17:CE:A7:1C:70:87:3A:F2
Certificate issuer:       /CN=1a88f429edc86aa87bb3a17717cea71c70873af2
Certificate serial:       01975DCB51193C9D566B11934A437D808869
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Goj0Ke3Iaqh7s6F3F86nHHCHOvI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/41/70db9b-e07a-4fbf-9eba-06d498f620a3/1/Goj0Ke3Iaqh7s6F3F86nHHCHOvI.mft
Manifest number:          11D9
Signing time:             Wed 11 Jun 2025 07:01:34 +0000
Manifest this update:     Wed 11 Jun 2025 07:01:34 +0000
Manifest next update:     Thu 12 Jun 2025 07:01:34 +0000
Files and hashes:         1: Goj0Ke3Iaqh7s6F3F86nHHCHOvI.crl (hash: InCcHRyqp+EulOXp5D6bGGCh61XYJNIppLq1vEZjHfc=)
                          2: UujBfWNQbvUkl0lkMK4V-9QiUlw.roa (hash: FohKwxny7khcmiCsTnlSJI6D8Cw6gmfD+vVquMBYGNg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/41/70db9b-e07a-4fbf-9eba-06d498f620a3/1/Goj0Ke3Iaqh7s6F3F86nHHCHOvI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/41/70db9b-e07a-4fbf-9eba-06d498f620a3/1/Goj0Ke3Iaqh7s6F3F86nHHCHOvI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Goj0Ke3Iaqh7s6F3F86nHHCHOvI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 11 Jun 2025 23:00:18 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:5d:cb:51:19:3c:9d:56:6b:11:93:4a:43:7d:80:88:69
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1a88f429edc86aa87bb3a17717cea71c70873af2
        Validity
            Not Before: Jun 11 07:01:34 2025 GMT
            Not After : Jun 12 07:01:34 2025 GMT
        Subject: CN=20f7ff9d5dbcf20b1828d63f0c0b1be1b855e924
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dd:57:36:5b:64:4d:16:b1:e8:73:b9:1e:fd:21:
                    cb:df:3c:a4:9d:f6:6d:85:98:aa:1e:88:77:0b:f5:
                    45:2f:99:b8:79:f2:f6:31:d3:6c:34:30:95:90:40:
                    92:43:46:57:4f:2f:58:93:71:9a:26:62:51:4a:a6:
                    a3:38:80:e2:4e:d6:00:42:88:7c:ed:5d:b4:05:ec:
                    d9:83:73:b3:3c:a5:80:67:45:24:96:d5:81:23:53:
                    a5:a0:16:58:93:3d:d1:4b:ff:36:0e:9c:4d:4b:90:
                    11:c3:8c:19:d5:8a:99:11:7f:de:5e:80:58:a8:3f:
                    6b:ef:57:e4:5c:d0:53:dd:46:ba:d6:cd:92:bb:46:
                    e8:1e:39:f5:bf:c3:e8:d7:46:47:76:f5:d6:84:9c:
                    14:a2:96:a4:f7:60:da:1e:c8:b9:a3:7f:8d:07:ca:
                    f7:2f:86:2a:97:16:e1:7a:bf:d6:65:db:c5:45:4f:
                    f6:04:39:3c:84:a2:81:aa:d5:19:22:2a:d3:15:b1:
                    b5:a5:99:61:ff:bf:ed:c4:53:01:0d:6c:28:63:da:
                    1d:2d:9c:e7:0a:97:84:c9:06:d8:9f:48:85:6d:74:
                    48:55:bf:d8:2a:c0:5a:c8:f7:25:ca:c2:14:49:d5:
                    e2:d0:3d:4d:02:8e:ef:f4:fc:45:70:f8:09:a6:87:
                    98:8d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                20:F7:FF:9D:5D:BC:F2:0B:18:28:D6:3F:0C:0B:1B:E1:B8:55:E9:24
            X509v3 Authority Key Identifier:
                keyid:1A:88:F4:29:ED:C8:6A:A8:7B:B3:A1:77:17:CE:A7:1C:70:87:3A:F2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Goj0Ke3Iaqh7s6F3F86nHHCHOvI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/41/70db9b-e07a-4fbf-9eba-06d498f620a3/1/Goj0Ke3Iaqh7s6F3F86nHHCHOvI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/41/70db9b-e07a-4fbf-9eba-06d498f620a3/1/Goj0Ke3Iaqh7s6F3F86nHHCHOvI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         21:80:c3:14:34:79:c4:2d:d3:4b:fb:f9:13:4d:30:c5:1a:0f:
         3c:12:70:91:54:26:d1:15:a4:f9:46:40:f4:b6:9e:ad:33:d5:
         f0:55:ad:fc:d1:a7:7e:8a:e4:40:ad:0f:05:1c:3d:91:11:59:
         50:f8:e3:34:85:03:97:54:e0:99:1a:45:b8:c9:10:55:19:46:
         51:b9:77:1d:4e:4b:19:a8:fe:83:ad:f0:83:7d:7f:63:79:57:
         0c:05:3b:fc:53:b6:81:4a:b2:8d:d6:ba:52:d9:30:f6:c1:08:
         d9:1b:82:72:d1:f6:c9:f6:cf:a2:61:19:e9:1c:0f:fa:16:c2:
         cb:47:4b:58:0a:06:d3:47:bf:12:56:15:bb:46:5e:e8:f2:41:
         8a:c4:70:41:5f:cb:41:9d:f8:6d:10:a1:7b:69:df:03:9e:bf:
         0a:c9:0a:8d:1a:da:89:fb:4f:83:d6:a5:e8:6e:e7:ce:d3:66:
         fe:12:0b:62:79:fb:9a:36:67:82:f9:67:65:4c:0a:aa:3f:cd:
         dd:ba:a3:c5:05:b8:bc:57:f1:cb:e1:5b:da:7a:43:cd:dc:9e:
         ad:94:d8:e6:49:3f:3a:25:51:90:e5:57:cd:c5:b5:6a:59:a8:
         4e:a8:fd:e0:84:41:02:ca:27:40:4b:d4:d9:07:ae:52:fb:56:
         4c:a4:c3:f0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZddy1EZPJ1WaxGTSkN9gIhpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFhODhmNDI5ZWRjODZhYTg3YmIzYTE3NzE3Y2VhNzFjNzA4
NzNhZjIwHhcNMjUwNjExMDcwMTM0WhcNMjUwNjEyMDcwMTM0WjAzMTEwLwYDVQQD
EygyMGY3ZmY5ZDVkYmNmMjBiMTgyOGQ2M2YwYzBiMWJlMWI4NTVlOTI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3Vc2W2RNFrHoc7ke/SHL3zyknfZt
hZiqHoh3C/VFL5m4efL2MdNsNDCVkECSQ0ZXTy9Yk3GaJmJRSqajOIDiTtYAQoh8
7V20BezZg3OzPKWAZ0UkltWBI1OloBZYkz3RS/82DpxNS5ARw4wZ1YqZEX/eXoBY
qD9r71fkXNBT3Ua61s2Su0boHjn1v8Po10ZHdvXWhJwUopak92DaHsi5o3+NB8r3
L4Yqlxbher/WZdvFRU/2BDk8hKKBqtUZIirTFbG1pZlh/7/txFMBDWwoY9odLZzn
CpeEyQbYn0iFbXRIVb/YKsBayPclysIUSdXi0D1NAo7v9PxFcPgJpoeYjQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCD3/51dvPILGCjWPwwLG+G4VekkMB8GA1UdIwQY
MBaAFBqI9CntyGqoe7OhdxfOpxxwhzryMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR29qMEtlM0lhcWg3czZGM0Y4Nm5ISENIT3ZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MS83MGRiOWItZTA3YS00ZmJmLTllYmEt
MDZkNDk4ZjYyMGEzLzEvR29qMEtlM0lhcWg3czZGM0Y4Nm5ISENIT3ZJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MS83MGRiOWItZTA3YS00ZmJmLTllYmEtMDZkNDk4ZjYyMGEz
LzEvR29qMEtlM0lhcWg3czZGM0Y4Nm5ISENIT3ZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAIYDDFDR5
xC3TS/v5E00wxRoPPBJwkVQm0RWk+UZA9LaerTPV8FWt/NGnforkQK0PBRw9kRFZ
UPjjNIUDl1TgmRpFuMkQVRlGUbl3HU5LGaj+g63wg31/Y3lXDAU7/FO2gUqyjda6
Utkw9sEI2RuCctH2yfbPomEZ6RwP+hbCy0dLWAoG00e/ElYVu0Ze6PJBisRwQV/L
QZ34bRChe2nfA56/CskKjRraiftPg9al6G7nztNm/hILYnn7mjZngvlnZUwKqj/N
3bqjxQW4vFfxy+Fb2npDzdyerZTY5kk/OiVRkOVXzcW1almoTqj94IRBAsonQEvU
2QeuUvtWTKTD8A==
-----END CERTIFICATE-----
Generated at Wed Jun 11 09:37:03 2025 by rpki-client