Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/44/645f6a-2653-4d31-bb4e-1f87976137a0/1/tAifhEgwV6w2RkfIChsjyXa5MBY.mft
File:                     tAifhEgwV6w2RkfIChsjyXa5MBY.mft (raw, json)
Hash identifier:          iYcGoWxBahaLIiXvkjJhrjBe6g4zohiaaceYkQi+l7g=
Subject key identifier:   C5:21:7B:75:05:72:39:03:30:3B:C2:62:05:D0:F8:56:3F:E1:35:6D
Authority key identifier: B4:08:9F:84:48:30:57:AC:36:46:47:C8:0A:1B:23:C9:76:B9:30:16
Certificate issuer:       /CN=b4089f84483057ac364647c80a1b23c976b93016
Certificate serial:       019754236A1BB755D41204AE5BED85653C66
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/tAifhEgwV6w2RkfIChsjyXa5MBY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/44/645f6a-2653-4d31-bb4e-1f87976137a0/1/tAifhEgwV6w2RkfIChsjyXa5MBY.mft
Manifest number:          1582
Signing time:             Mon 09 Jun 2025 10:01:36 +0000
Manifest this update:     Mon 09 Jun 2025 10:01:36 +0000
Manifest next update:     Tue 10 Jun 2025 10:01:36 +0000
Files and hashes:         1: ZZlyR1qePInNwWMshU_T-zKOIRs.roa (hash: 1/uH+W7Kksp46/1+HMCQDG/zqQ+/+VqifvgRn9tMf2U=)
                          2: tAifhEgwV6w2RkfIChsjyXa5MBY.crl (hash: lwhkcomrn/rEX0I3ir2hbWkA/mLYVVYE22KTvSqU3DI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/44/645f6a-2653-4d31-bb4e-1f87976137a0/1/tAifhEgwV6w2RkfIChsjyXa5MBY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/44/645f6a-2653-4d31-bb4e-1f87976137a0/1/tAifhEgwV6w2RkfIChsjyXa5MBY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/tAifhEgwV6w2RkfIChsjyXa5MBY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 10 Jun 2025 02:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:54:23:6a:1b:b7:55:d4:12:04:ae:5b:ed:85:65:3c:66
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b4089f84483057ac364647c80a1b23c976b93016
        Validity
            Not Before: Jun  9 10:01:36 2025 GMT
            Not After : Jun 10 10:01:36 2025 GMT
        Subject: CN=c5217b7505723903303bc26205d0f8563fe1356d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ec:b0:67:28:6e:94:4c:96:2c:ac:2a:fa:91:17:
                    d7:5b:d9:14:89:1a:e5:d9:a1:db:cc:5c:51:af:a8:
                    45:7a:0a:b4:83:83:83:37:ba:9c:45:f2:fc:7a:70:
                    a3:93:e1:88:92:7f:83:a2:6a:37:94:a4:9a:50:dd:
                    97:b8:2e:8d:c7:a0:2c:28:bd:c2:ad:8e:d1:86:cf:
                    e7:4a:8a:e3:49:de:5a:ef:03:f9:4c:6f:b4:c8:5c:
                    d3:fc:90:ac:6b:80:13:3d:bb:2e:48:24:d5:87:3d:
                    68:91:b7:52:9f:c1:28:b8:b6:c1:0a:f3:1f:47:35:
                    80:23:59:20:20:1a:9c:fe:5d:a0:4b:60:d5:9e:94:
                    60:d1:25:f1:7f:70:c4:3b:83:47:77:66:c7:39:a4:
                    04:29:35:d3:49:8a:d6:a5:4f:e4:79:3e:b3:8b:49:
                    fb:e9:e9:20:67:4f:5b:9e:b1:3b:02:f6:88:a3:c7:
                    a0:38:1c:09:fb:d2:53:34:66:31:f3:22:74:4f:1e:
                    1d:0c:ec:46:6e:68:86:f0:b0:b0:de:c7:87:94:36:
                    ea:2a:7c:e1:e5:b4:b2:07:61:84:4e:ee:36:ca:7a:
                    9a:16:0e:9e:6a:96:04:63:51:ee:d2:85:b4:65:66:
                    cc:79:eb:a4:9e:78:73:0e:ee:e0:39:0c:6f:88:47:
                    62:21
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C5:21:7B:75:05:72:39:03:30:3B:C2:62:05:D0:F8:56:3F:E1:35:6D
            X509v3 Authority Key Identifier:
                keyid:B4:08:9F:84:48:30:57:AC:36:46:47:C8:0A:1B:23:C9:76:B9:30:16

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tAifhEgwV6w2RkfIChsjyXa5MBY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/44/645f6a-2653-4d31-bb4e-1f87976137a0/1/tAifhEgwV6w2RkfIChsjyXa5MBY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/44/645f6a-2653-4d31-bb4e-1f87976137a0/1/tAifhEgwV6w2RkfIChsjyXa5MBY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         36:a3:e9:38:4a:55:63:59:07:82:f5:0e:82:dd:43:a8:cd:78:
         01:43:e9:48:9b:d6:ff:de:5a:13:4d:49:ba:fc:71:b2:d1:18:
         33:4e:05:d4:ae:59:1e:a6:37:1f:db:cf:be:1e:32:6e:af:81:
         80:90:3f:c5:b5:c5:a0:2c:48:0e:d4:86:7b:68:75:1b:c6:93:
         b9:a6:3c:6a:82:6e:a2:07:96:6d:e3:8e:39:10:9a:3f:e4:6d:
         f3:1e:1e:0b:8a:17:8c:d7:57:ad:73:c5:6b:ef:b3:58:5b:ee:
         1d:ad:69:3f:b2:3e:77:df:7c:e0:3c:82:68:0c:e8:5e:ec:f5:
         89:2b:7b:a8:c7:93:7f:17:2c:81:c8:1c:14:f7:52:f1:1c:51:
         79:01:9a:e4:a9:ae:96:93:1b:64:42:8a:ff:03:20:1a:8a:06:
         cd:30:44:fe:2c:ee:4e:dd:23:0d:76:05:0e:0e:49:e6:7f:83:
         ef:2d:d0:56:b7:bd:a8:24:97:73:d3:db:20:18:ff:35:c3:2f:
         05:47:27:dd:b0:f1:5d:26:b4:e4:de:fd:27:e2:67:d5:2c:c2:
         7b:6d:13:78:b6:8a:7c:8f:cf:79:d9:16:81:fa:22:32:a3:67:
         29:88:e2:e9:9f:39:06:f0:6a:45:a3:e4:f6:68:f5:c8:c8:31:
         78:d1:fd:a6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdUI2obt1XUEgSuW+2FZTxmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0MDg5Zjg0NDgzMDU3YWMzNjQ2NDdjODBhMWIyM2M5NzZi
OTMwMTYwHhcNMjUwNjA5MTAwMTM2WhcNMjUwNjEwMTAwMTM2WjAzMTEwLwYDVQQD
EyhjNTIxN2I3NTA1NzIzOTAzMzAzYmMyNjIwNWQwZjg1NjNmZTEzNTZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7LBnKG6UTJYsrCr6kRfXW9kUiRrl
2aHbzFxRr6hFegq0g4ODN7qcRfL8enCjk+GIkn+Domo3lKSaUN2XuC6Nx6AsKL3C
rY7Rhs/nSorjSd5a7wP5TG+0yFzT/JCsa4ATPbsuSCTVhz1okbdSn8EouLbBCvMf
RzWAI1kgIBqc/l2gS2DVnpRg0SXxf3DEO4NHd2bHOaQEKTXTSYrWpU/keT6zi0n7
6ekgZ09bnrE7AvaIo8egOBwJ+9JTNGYx8yJ0Tx4dDOxGbmiG8LCw3seHlDbqKnzh
5bSyB2GETu42ynqaFg6eapYEY1Hu0oW0ZWbMeeuknnhzDu7gOQxviEdiIQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMUhe3UFcjkDMDvCYgXQ+FY/4TVtMB8GA1UdIwQY
MBaAFLQIn4RIMFesNkZHyAobI8l2uTAWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdEFpZmhFZ3dWNncyUmtmSUNoc2p5WGE1TUJZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NC82NDVmNmEtMjY1My00ZDMxLWJiNGUt
MWY4Nzk3NjEzN2EwLzEvdEFpZmhFZ3dWNncyUmtmSUNoc2p5WGE1TUJZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NC82NDVmNmEtMjY1My00ZDMxLWJiNGUtMWY4Nzk3NjEzN2Ew
LzEvdEFpZmhFZ3dWNncyUmtmSUNoc2p5WGE1TUJZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANqPpOEpV
Y1kHgvUOgt1DqM14AUPpSJvW/95aE01JuvxxstEYM04F1K5ZHqY3H9vPvh4ybq+B
gJA/xbXFoCxIDtSGe2h1G8aTuaY8aoJuogeWbeOOORCaP+Rt8x4eC4oXjNdXrXPF
a++zWFvuHa1pP7I+d9984DyCaAzoXuz1iSt7qMeTfxcsgcgcFPdS8RxReQGa5Kmu
lpMbZEKK/wMgGooGzTBE/izuTt0jDXYFDg5J5n+D7y3QVre9qCSXc9PbIBj/NcMv
BUcn3bDxXSa05N79J+Jn1SzCe20TeLaKfI/PedkWgfoiMqNnKYji6Z85BvBqRaPk
9mj1yMgxeNH9pg==
-----END CERTIFICATE-----
Generated at Mon Jun 9 11:41:04 2025 by rpki-client