Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/41f6f5-cef0-4a57-8e47-0a85986208a9/1/X1G82J639bOrCIBu9Rp8L265jvw.mft
File:                     X1G82J639bOrCIBu9Rp8L265jvw.mft (raw, json)
Hash identifier:          S5haWUOtMBxK8JbFZO29ZwcbkS64AlnmxQj5zEdiyFU=
Subject key identifier:   ED:07:21:A9:FE:D9:63:0B:53:29:1E:61:1E:ED:AA:2D:32:94:4F:89
Authority key identifier: 5F:51:BC:D8:9E:B7:F5:B3:AB:08:80:6E:F5:1A:7C:2F:6E:B9:8E:FC
Certificate issuer:       /CN=5f51bcd89eb7f5b3ab08806ef51a7c2f6eb98efc
Certificate serial:       0197580086CF9AC58735B24AD6AD65E49A44
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/X1G82J639bOrCIBu9Rp8L265jvw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/42/41f6f5-cef0-4a57-8e47-0a85986208a9/1/X1G82J639bOrCIBu9Rp8L265jvw.mft
Manifest number:          158A
Signing time:             Tue 10 Jun 2025 04:01:58 +0000
Manifest this update:     Tue 10 Jun 2025 04:01:58 +0000
Manifest next update:     Wed 11 Jun 2025 04:01:58 +0000
Files and hashes:         1: X1G82J639bOrCIBu9Rp8L265jvw.crl (hash: G5pwtvAPL2TJKB2/Cw8t092FIU4W3LPRo6mLIOleppo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/42/41f6f5-cef0-4a57-8e47-0a85986208a9/1/X1G82J639bOrCIBu9Rp8L265jvw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/42/41f6f5-cef0-4a57-8e47-0a85986208a9/1/X1G82J639bOrCIBu9Rp8L265jvw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/X1G82J639bOrCIBu9Rp8L265jvw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 11 Jun 2025 00:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:58:00:86:cf:9a:c5:87:35:b2:4a:d6:ad:65:e4:9a:44
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5f51bcd89eb7f5b3ab08806ef51a7c2f6eb98efc
        Validity
            Not Before: Jun 10 04:01:58 2025 GMT
            Not After : Jun 11 04:01:58 2025 GMT
        Subject: CN=ed0721a9fed9630b53291e611eedaa2d32944f89
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d5:90:43:f7:50:07:c9:1a:de:cc:3f:13:93:c4:
                    f5:37:7e:15:e7:a8:83:f2:1d:55:3a:bf:56:df:9a:
                    42:12:20:c8:30:c4:07:51:07:52:14:fa:96:7e:26:
                    18:bf:c7:94:09:a3:39:57:5b:41:38:8c:ab:33:94:
                    d4:c4:96:33:92:ba:d5:2e:98:40:d4:3a:c0:b4:d6:
                    26:b3:ab:50:11:7a:93:1f:c6:64:91:a6:65:89:03:
                    8a:8a:c4:e4:9b:53:33:c8:e2:c4:2d:5b:49:a3:92:
                    b0:fb:99:99:b2:68:e0:40:86:bc:19:08:07:b2:52:
                    78:25:cb:4a:c8:ae:47:93:32:b2:2e:71:c5:fd:c2:
                    e7:07:d7:0a:93:8b:ed:f7:d9:e2:ec:77:c4:58:58:
                    26:65:fd:0f:1f:0f:f0:fe:39:f3:ff:08:9c:a5:45:
                    63:19:be:be:bc:97:83:62:dd:49:d1:c8:8d:d0:20:
                    cb:25:20:ce:94:b0:68:c1:96:22:b6:ad:d5:80:c0:
                    0d:c5:bb:0f:16:7a:c9:42:e3:c2:fb:42:57:10:e9:
                    27:a7:19:ef:15:96:79:dc:58:42:d8:ac:8e:64:3c:
                    7e:4b:1f:24:16:d2:51:1b:17:f7:14:b3:f2:85:7c:
                    71:68:dc:7b:0f:3f:fb:87:b7:1f:5c:d6:22:cb:1b:
                    63:0f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                ED:07:21:A9:FE:D9:63:0B:53:29:1E:61:1E:ED:AA:2D:32:94:4F:89
            X509v3 Authority Key Identifier:
                keyid:5F:51:BC:D8:9E:B7:F5:B3:AB:08:80:6E:F5:1A:7C:2F:6E:B9:8E:FC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/X1G82J639bOrCIBu9Rp8L265jvw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/41f6f5-cef0-4a57-8e47-0a85986208a9/1/X1G82J639bOrCIBu9Rp8L265jvw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/42/41f6f5-cef0-4a57-8e47-0a85986208a9/1/X1G82J639bOrCIBu9Rp8L265jvw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         80:62:c3:f7:12:1d:ac:b7:e1:4c:04:88:eb:6c:45:f0:70:a6:
         01:a7:7b:69:98:b8:4a:19:32:9d:c0:59:73:57:cf:2b:48:c6:
         f3:31:d1:20:03:70:63:8e:48:44:19:86:8c:dc:6a:59:13:32:
         31:6e:b5:ab:1c:d1:7e:07:c9:cc:8d:3a:c4:fc:12:65:6d:d7:
         a1:86:f3:13:ce:df:a9:11:e6:6b:90:1d:4c:b7:9f:46:fd:0a:
         c6:ee:b2:18:6a:e4:51:02:c8:aa:36:26:bc:57:83:3e:8c:0d:
         ec:ab:02:df:6a:4a:96:0f:a7:cd:6b:61:ec:09:09:48:11:33:
         ea:39:62:11:8a:55:01:c9:fe:02:14:78:e4:1e:4a:f8:c4:5b:
         01:d5:8c:5b:94:e0:70:9b:c5:10:10:14:fe:d4:5e:f9:63:48:
         39:2e:05:17:b9:5e:d7:44:0d:08:b8:f5:7c:ca:fb:b6:bf:95:
         b1:9a:bd:1f:c8:b6:e3:51:9b:91:3e:9f:03:48:9c:1e:2d:36:
         99:37:6d:2c:3d:1f:dc:a9:2f:7b:97:dc:ec:64:36:81:a0:aa:
         76:a1:f4:92:1c:9c:57:eb:4e:7c:97:74:f9:61:76:66:af:f5:
         3a:57:de:57:3e:e8:ad:79:e9:d4:2e:65:40:1b:89:95:03:00:
         16:09:ac:73
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdYAIbPmsWHNbJK1q1l5JpEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVmNTFiY2Q4OWViN2Y1YjNhYjA4ODA2ZWY1MWE3YzJmNmVi
OThlZmMwHhcNMjUwNjEwMDQwMTU4WhcNMjUwNjExMDQwMTU4WjAzMTEwLwYDVQQD
EyhlZDA3MjFhOWZlZDk2MzBiNTMyOTFlNjExZWVkYWEyZDMyOTQ0Zjg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1ZBD91AHyRrezD8Tk8T1N34V56iD
8h1VOr9W35pCEiDIMMQHUQdSFPqWfiYYv8eUCaM5V1tBOIyrM5TUxJYzkrrVLphA
1DrAtNYms6tQEXqTH8ZkkaZliQOKisTkm1MzyOLELVtJo5Kw+5mZsmjgQIa8GQgH
slJ4JctKyK5HkzKyLnHF/cLnB9cKk4vt99ni7HfEWFgmZf0PHw/w/jnz/wicpUVj
Gb6+vJeDYt1J0ciN0CDLJSDOlLBowZYitq3VgMANxbsPFnrJQuPC+0JXEOknpxnv
FZZ53FhC2KyOZDx+Sx8kFtJRGxf3FLPyhXxxaNx7Dz/7h7cfXNYiyxtjDwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFO0HIan+2WMLUykeYR7tqi0ylE+JMB8GA1UdIwQY
MBaAFF9RvNiet/WzqwiAbvUafC9uuY78MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWDFHODJKNjM5Yk9yQ0lCdTlScDhMMjY1anZ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi80MWY2ZjUtY2VmMC00YTU3LThlNDct
MGE4NTk4NjIwOGE5LzEvWDFHODJKNjM5Yk9yQ0lCdTlScDhMMjY1anZ3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi80MWY2ZjUtY2VmMC00YTU3LThlNDctMGE4NTk4NjIwOGE5
LzEvWDFHODJKNjM5Yk9yQ0lCdTlScDhMMjY1anZ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAgGLD9xId
rLfhTASI62xF8HCmAad7aZi4ShkyncBZc1fPK0jG8zHRIANwY45IRBmGjNxqWRMy
MW61qxzRfgfJzI06xPwSZW3XoYbzE87fqRHma5AdTLefRv0Kxu6yGGrkUQLIqjYm
vFeDPowN7KsC32pKlg+nzWth7AkJSBEz6jliEYpVAcn+AhR45B5K+MRbAdWMW5Tg
cJvFEBAU/tRe+WNIOS4FF7le10QNCLj1fMr7tr+VsZq9H8i241GbkT6fA0icHi02
mTdtLD0f3Kkve5fc7GQ2gaCqdqH0khycV+tOfJd0+WF2Zq/1OlfeVz7orXnp1C5l
QBuJlQMAFgmscw==
-----END CERTIFICATE-----
Generated at Tue Jun 10 10:21:26 2025 by rpki-client