Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4a/4ae99d-f552-476c-8177-ebf5f0433772/1/xZZ4VHbvuud_lh0jBXBX-gNvsn8.mft
File:                     xZZ4VHbvuud_lh0jBXBX-gNvsn8.mft (raw, json)
Hash identifier:          C5za6i9DoEb+H7zMxyuTrxbEBWATPhBFStJpP/OSdV4=
Subject key identifier:   23:46:18:D0:86:62:32:9B:25:DB:13:F1:DE:5A:20:71:BF:CE:47:C6
Authority key identifier: C5:96:78:54:76:EF:BA:E7:7F:96:1D:23:05:70:57:FA:03:6F:B2:7F
Certificate issuer:       /CN=c596785476efbae77f961d23057057fa036fb27f
Certificate serial:       019762831D476DFDC2EC110E3ABA3E765C20
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/xZZ4VHbvuud_lh0jBXBX-gNvsn8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4a/4ae99d-f552-476c-8177-ebf5f0433772/1/xZZ4VHbvuud_lh0jBXBX-gNvsn8.mft
Manifest number:          1435
Signing time:             Thu 12 Jun 2025 05:00:49 +0000
Manifest this update:     Thu 12 Jun 2025 05:00:49 +0000
Manifest next update:     Fri 13 Jun 2025 05:00:49 +0000
Files and hashes:         1: xZZ4VHbvuud_lh0jBXBX-gNvsn8.crl (hash: Wc6O9kRzKwvig9BH2g4r7XjAknYzEn+PaFTCvbgFLhk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/4a/4ae99d-f552-476c-8177-ebf5f0433772/1/xZZ4VHbvuud_lh0jBXBX-gNvsn8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/4a/4ae99d-f552-476c-8177-ebf5f0433772/1/xZZ4VHbvuud_lh0jBXBX-gNvsn8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/xZZ4VHbvuud_lh0jBXBX-gNvsn8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 13 Jun 2025 05:00:49 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:62:83:1d:47:6d:fd:c2:ec:11:0e:3a:ba:3e:76:5c:20
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c596785476efbae77f961d23057057fa036fb27f
        Validity
            Not Before: Jun 12 05:00:49 2025 GMT
            Not After : Jun 13 05:00:49 2025 GMT
        Subject: CN=234618d08662329b25db13f1de5a2071bfce47c6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:6d:65:96:d0:00:cd:fd:60:41:84:66:b0:68:
                    87:98:e3:80:8b:e0:da:1b:4b:2f:43:00:9a:f1:a4:
                    c6:27:85:ef:16:ed:0c:46:af:50:99:03:f3:18:36:
                    01:18:6c:0c:19:13:8e:2f:05:3f:fb:06:53:7f:11:
                    aa:5d:11:3b:aa:b6:c6:8f:4b:3f:8b:c1:4d:d1:67:
                    66:b9:f3:15:b0:d1:fc:01:43:c1:b0:d6:d2:97:2d:
                    21:fb:e3:4e:6e:34:ae:a1:45:1b:69:62:89:70:fd:
                    04:6f:b3:39:71:46:72:53:c0:c9:e3:07:98:4c:e0:
                    3f:6b:69:a7:5d:68:4c:be:60:a8:d6:bc:da:aa:59:
                    19:20:54:dd:24:a0:a9:ad:f2:8c:e0:81:af:c5:dc:
                    2f:2e:db:c5:16:ab:ca:86:55:0a:96:49:bb:86:1a:
                    17:ee:27:5a:c6:73:b8:92:34:a4:c3:13:12:06:75:
                    07:3b:7c:41:fc:da:5d:6c:36:c2:6c:43:78:35:2d:
                    c8:5a:58:f4:3b:2b:a8:a7:fc:81:55:f8:ad:1b:90:
                    bb:25:10:ac:69:97:53:a8:76:99:f1:f1:af:30:b8:
                    e0:a1:fe:7c:fe:95:79:1a:23:3c:86:8e:31:a8:99:
                    e4:44:d5:9c:ba:8f:18:07:aa:b3:a2:e4:fc:48:a1:
                    3c:cd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                23:46:18:D0:86:62:32:9B:25:DB:13:F1:DE:5A:20:71:BF:CE:47:C6
            X509v3 Authority Key Identifier:
                keyid:C5:96:78:54:76:EF:BA:E7:7F:96:1D:23:05:70:57:FA:03:6F:B2:7F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xZZ4VHbvuud_lh0jBXBX-gNvsn8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/4ae99d-f552-476c-8177-ebf5f0433772/1/xZZ4VHbvuud_lh0jBXBX-gNvsn8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/4ae99d-f552-476c-8177-ebf5f0433772/1/xZZ4VHbvuud_lh0jBXBX-gNvsn8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         89:a9:09:da:69:9b:38:f1:5c:2a:ea:9d:80:28:9f:1f:9b:5b:
         80:9f:70:08:0b:22:b9:d2:52:86:06:f3:96:91:94:71:60:9c:
         53:8d:08:0a:fd:e4:91:6f:5e:d7:bb:5b:44:88:d4:4d:17:3b:
         b8:8d:ab:13:60:26:a5:8e:c7:b8:16:30:ed:32:64:a7:66:4b:
         0d:ee:10:6a:98:0b:7d:ba:45:26:f0:9b:11:93:42:c2:f2:e9:
         ec:8e:f9:84:89:a4:f2:53:bc:b7:2c:20:85:09:95:a2:71:12:
         4c:e5:ba:b0:48:29:3a:f0:7b:6f:fc:0c:a3:92:60:b5:70:ac:
         16:00:67:4f:16:47:fa:d6:f8:05:f9:d3:4d:bf:cf:4d:0a:52:
         34:6b:7e:f2:a3:75:88:b6:b9:09:5f:9b:7e:ea:f0:6a:51:7c:
         be:8a:fe:6a:d8:31:79:b0:dc:6f:55:1f:32:fb:f8:51:ca:20:
         fd:5e:2e:c0:ae:c1:3d:ad:75:17:62:68:89:fc:2f:22:33:33:
         6b:40:24:87:e3:b4:11:33:25:2d:ff:db:ff:99:97:05:5e:36:
         19:2e:1d:ff:c3:6b:72:cc:c6:d6:50:8d:ef:e9:0d:5e:1e:88:
         e0:bd:50:27:5a:7a:83:b2:2d:6e:a5:5b:c8:a7:fe:e6:1c:d6:
         af:97:f9:89
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdigx1Hbf3C7BEOOro+dlwgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM1OTY3ODU0NzZlZmJhZTc3Zjk2MWQyMzA1NzA1N2ZhMDM2
ZmIyN2YwHhcNMjUwNjEyMDUwMDQ5WhcNMjUwNjEzMDUwMDQ5WjAzMTEwLwYDVQQD
EygyMzQ2MThkMDg2NjIzMjliMjVkYjEzZjFkZTVhMjA3MWJmY2U0N2M2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApW1lltAAzf1gQYRmsGiHmOOAi+Da
G0svQwCa8aTGJ4XvFu0MRq9QmQPzGDYBGGwMGROOLwU/+wZTfxGqXRE7qrbGj0s/
i8FN0WdmufMVsNH8AUPBsNbSly0h++NObjSuoUUbaWKJcP0Eb7M5cUZyU8DJ4weY
TOA/a2mnXWhMvmCo1rzaqlkZIFTdJKCprfKM4IGvxdwvLtvFFqvKhlUKlkm7hhoX
7idaxnO4kjSkwxMSBnUHO3xB/NpdbDbCbEN4NS3IWlj0Oyuop/yBVfitG5C7JRCs
aZdTqHaZ8fGvMLjgof58/pV5GiM8ho4xqJnkRNWcuo8YB6qzouT8SKE8zQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCNGGNCGYjKbJdsT8d5aIHG/zkfGMB8GA1UdIwQY
MBaAFMWWeFR277rnf5YdIwVwV/oDb7J/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveFpaNFZIYnZ1dWRfbGgwakJYQlgtZ052c244LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80YS80YWU5OWQtZjU1Mi00NzZjLTgxNzct
ZWJmNWYwNDMzNzcyLzEveFpaNFZIYnZ1dWRfbGgwakJYQlgtZ052c244Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80YS80YWU5OWQtZjU1Mi00NzZjLTgxNzctZWJmNWYwNDMzNzcy
LzEveFpaNFZIYnZ1dWRfbGgwakJYQlgtZ052c244LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAiakJ2mmb
OPFcKuqdgCifH5tbgJ9wCAsiudJShgbzlpGUcWCcU40ICv3kkW9e17tbRIjUTRc7
uI2rE2AmpY7HuBYw7TJkp2ZLDe4QapgLfbpFJvCbEZNCwvLp7I75hImk8lO8tywg
hQmVonESTOW6sEgpOvB7b/wMo5JgtXCsFgBnTxZH+tb4BfnTTb/PTQpSNGt+8qN1
iLa5CV+bfurwalF8vor+atgxebDcb1UfMvv4Ucog/V4uwK7BPa11F2JoifwvIjMz
a0Akh+O0ETMlLf/b/5mXBV42GS4d/8NrcszG1lCN7+kNXh6I4L1QJ1p6g7ItbqVb
yKf+5hzWr5f5iQ==
-----END CERTIFICATE-----
Generated at Thu Jun 12 14:47:22 2025 by rpki-client