Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/44/645f6a-2653-4d31-bb4e-1f87976137a0/1/tAifhEgwV6w2RkfIChsjyXa5MBY.mft
File:                     tAifhEgwV6w2RkfIChsjyXa5MBY.mft (raw, json)
Hash identifier:          TsFCOjfZyGVEy/sTwiOCu1CGS7bjRn5SVEam9uIR2RA=
Subject key identifier:   09:ED:B9:5A:01:16:64:A0:97:20:9E:02:17:41:74:BA:63:E4:24:45
Authority key identifier: B4:08:9F:84:48:30:57:AC:36:46:47:C8:0A:1B:23:C9:76:B9:30:16
Certificate issuer:       /CN=b4089f84483057ac364647c80a1b23c976b93016
Certificate serial:       01976D3DE0BFBF3BE51A15A0652E5D161CEE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/tAifhEgwV6w2RkfIChsjyXa5MBY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/44/645f6a-2653-4d31-bb4e-1f87976137a0/1/tAifhEgwV6w2RkfIChsjyXa5MBY.mft
Manifest number:          158F
Signing time:             Sat 14 Jun 2025 07:01:01 +0000
Manifest this update:     Sat 14 Jun 2025 07:01:01 +0000
Manifest next update:     Sun 15 Jun 2025 07:01:01 +0000
Files and hashes:         1: ZZlyR1qePInNwWMshU_T-zKOIRs.roa (hash: 1/uH+W7Kksp46/1+HMCQDG/zqQ+/+VqifvgRn9tMf2U=)
                          2: tAifhEgwV6w2RkfIChsjyXa5MBY.crl (hash: 6ueZvy8zSpgCdotULgo+wEADa6XDVniZZ728HVqj9m8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/44/645f6a-2653-4d31-bb4e-1f87976137a0/1/tAifhEgwV6w2RkfIChsjyXa5MBY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/44/645f6a-2653-4d31-bb4e-1f87976137a0/1/tAifhEgwV6w2RkfIChsjyXa5MBY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/tAifhEgwV6w2RkfIChsjyXa5MBY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 15 Jun 2025 01:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:6d:3d:e0:bf:bf:3b:e5:1a:15:a0:65:2e:5d:16:1c:ee
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b4089f84483057ac364647c80a1b23c976b93016
        Validity
            Not Before: Jun 14 07:01:01 2025 GMT
            Not After : Jun 15 07:01:01 2025 GMT
        Subject: CN=09edb95a011664a097209e02174174ba63e42445
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:63:ee:2b:00:21:35:c8:59:7c:d5:73:c1:b2:
                    a0:98:6d:29:1c:10:72:d5:a6:85:51:d6:b4:50:7b:
                    79:f1:84:de:0b:be:a4:de:54:5b:4c:fa:ff:20:06:
                    31:15:f9:b7:5a:50:c6:f4:46:cf:70:33:e5:cd:f1:
                    dc:3f:1a:4d:34:89:29:47:94:00:95:37:e8:6a:f0:
                    8a:5d:fe:57:44:89:38:93:3e:44:92:1f:8b:01:b8:
                    64:df:04:46:fe:be:d2:42:10:7a:7e:94:03:13:fb:
                    de:26:3c:85:16:81:96:3f:23:e9:b8:53:5c:fb:4d:
                    ea:ff:be:9d:a7:53:20:57:80:33:06:d1:38:95:39:
                    5d:60:f9:87:0f:70:28:02:4d:32:de:83:92:6b:cd:
                    eb:35:9f:a1:e3:77:9a:1e:af:46:1a:70:53:cf:bf:
                    ec:6f:5c:8b:f0:3e:79:c7:36:13:87:c5:e3:21:15:
                    9a:97:65:0e:6d:6a:1e:c5:13:91:1b:6a:f0:fa:41:
                    0b:a4:8a:4f:af:ca:d6:5b:0e:b9:68:9b:40:3a:31:
                    d9:c9:b1:26:1a:4d:f6:02:a9:9a:82:a5:0b:80:c2:
                    c1:48:51:3e:9f:e3:1a:0f:e9:7a:b2:cd:ce:00:7b:
                    cd:27:d0:99:ff:4c:1c:0c:c5:b8:05:2f:bd:f7:b7:
                    e0:51
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                09:ED:B9:5A:01:16:64:A0:97:20:9E:02:17:41:74:BA:63:E4:24:45
            X509v3 Authority Key Identifier:
                keyid:B4:08:9F:84:48:30:57:AC:36:46:47:C8:0A:1B:23:C9:76:B9:30:16

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tAifhEgwV6w2RkfIChsjyXa5MBY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/44/645f6a-2653-4d31-bb4e-1f87976137a0/1/tAifhEgwV6w2RkfIChsjyXa5MBY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/44/645f6a-2653-4d31-bb4e-1f87976137a0/1/tAifhEgwV6w2RkfIChsjyXa5MBY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         95:96:8f:37:93:0f:ac:a0:3b:19:d4:c8:5b:80:b3:69:e9:1b:
         0f:57:2b:3e:ea:c6:ac:17:aa:0d:a5:6b:a4:bc:ce:b5:b4:4a:
         b4:cd:89:b2:f1:fe:f5:be:c9:a4:de:df:3b:80:6f:33:8a:e3:
         7f:43:66:39:3f:8f:db:bb:6f:d3:3d:0b:b0:4a:d8:7c:55:5b:
         b9:fd:4a:74:e4:ca:a0:f1:e7:81:e6:cf:00:96:f7:68:ce:65:
         aa:c3:ca:df:03:78:66:17:0e:78:fe:4a:ca:28:42:d4:8a:42:
         f0:4c:45:60:03:65:b3:c9:02:5c:14:d8:5f:7f:e2:ee:22:df:
         9b:96:43:b8:8d:ed:34:e0:13:e1:ab:de:5d:ce:13:18:41:d4:
         34:73:68:68:6e:8d:5a:7d:29:f9:5f:39:43:9b:2f:43:11:9d:
         c0:8f:31:21:fd:65:42:47:cd:e1:19:4d:5d:b5:cc:23:ac:f4:
         30:1c:ca:e1:6d:88:67:9f:c8:6c:74:e8:a6:40:bf:82:a0:e4:
         c2:87:d5:44:98:03:cc:b2:1e:ba:e7:04:a2:7a:2e:71:23:59:
         f9:1b:a6:b5:de:db:c4:af:6d:77:76:74:99:76:c6:85:8c:72:
         5b:91:8a:6f:46:36:08:e7:46:27:2b:cb:8a:5b:a8:e0:e6:73:
         6f:30:c2:b5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdtPeC/vzvlGhWgZS5dFhzuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0MDg5Zjg0NDgzMDU3YWMzNjQ2NDdjODBhMWIyM2M5NzZi
OTMwMTYwHhcNMjUwNjE0MDcwMTAxWhcNMjUwNjE1MDcwMTAxWjAzMTEwLwYDVQQD
EygwOWVkYjk1YTAxMTY2NGEwOTcyMDllMDIxNzQxNzRiYTYzZTQyNDQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqmPuKwAhNchZfNVzwbKgmG0pHBBy
1aaFUda0UHt58YTeC76k3lRbTPr/IAYxFfm3WlDG9EbPcDPlzfHcPxpNNIkpR5QA
lTfoavCKXf5XRIk4kz5Ekh+LAbhk3wRG/r7SQhB6fpQDE/veJjyFFoGWPyPpuFNc
+03q/76dp1MgV4AzBtE4lTldYPmHD3AoAk0y3oOSa83rNZ+h43eaHq9GGnBTz7/s
b1yL8D55xzYTh8XjIRWal2UObWoexRORG2rw+kELpIpPr8rWWw65aJtAOjHZybEm
Gk32AqmagqULgMLBSFE+n+MaD+l6ss3OAHvNJ9CZ/0wcDMW4BS+997fgUQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAntuVoBFmSglyCeAhdBdLpj5CRFMB8GA1UdIwQY
MBaAFLQIn4RIMFesNkZHyAobI8l2uTAWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdEFpZmhFZ3dWNncyUmtmSUNoc2p5WGE1TUJZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NC82NDVmNmEtMjY1My00ZDMxLWJiNGUt
MWY4Nzk3NjEzN2EwLzEvdEFpZmhFZ3dWNncyUmtmSUNoc2p5WGE1TUJZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NC82NDVmNmEtMjY1My00ZDMxLWJiNGUtMWY4Nzk3NjEzN2Ew
LzEvdEFpZmhFZ3dWNncyUmtmSUNoc2p5WGE1TUJZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAlZaPN5MP
rKA7GdTIW4CzaekbD1crPurGrBeqDaVrpLzOtbRKtM2JsvH+9b7JpN7fO4BvM4rj
f0NmOT+P27tv0z0LsErYfFVbuf1KdOTKoPHngebPAJb3aM5lqsPK3wN4ZhcOeP5K
yihC1IpC8ExFYANls8kCXBTYX3/i7iLfm5ZDuI3tNOAT4aveXc4TGEHUNHNoaG6N
Wn0p+V85Q5svQxGdwI8xIf1lQkfN4RlNXbXMI6z0MBzK4W2IZ5/IbHTopkC/gqDk
wofVRJgDzLIeuucEonoucSNZ+Rumtd7bxK9td3Z0mXbGhYxyW5GKb0Y2COdGJyvL
iluo4OZzbzDCtQ==
-----END CERTIFICATE-----
Generated at Sat Jun 14 09:17:51 2025 by rpki-client