Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/5fb803-4333-4175-90df-aec14ea17ebf/1/PWq-XEiuzr1KI34VPDaE8wYI1EQ.mft
File:                     PWq-XEiuzr1KI34VPDaE8wYI1EQ.mft (raw, json)
Hash identifier:          3YBVsWWMK6g7bxSpmCCMkVk4xPR0r2zHWLus4KYkw8w=
Subject key identifier:   03:8D:37:B6:45:5F:4C:E1:9A:6D:9D:32:EC:B8:06:E6:65:0B:90:17
Authority key identifier: 3D:6A:BE:5C:48:AE:CE:BD:4A:23:7E:15:3C:36:84:F3:06:08:D4:44
Certificate issuer:       /CN=3d6abe5c48aecebd4a237e153c3684f30608d444
Certificate serial:       01975A5C0DCEFAB079304B13ABD96B96142A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/PWq-XEiuzr1KI34VPDaE8wYI1EQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4d/5fb803-4333-4175-90df-aec14ea17ebf/1/PWq-XEiuzr1KI34VPDaE8wYI1EQ.mft
Manifest number:          038A
Signing time:             Tue 10 Jun 2025 15:01:11 +0000
Manifest this update:     Tue 10 Jun 2025 15:01:11 +0000
Manifest next update:     Wed 11 Jun 2025 15:01:11 +0000
Files and hashes:         1: 0-NbRqc8zQ3-jTIYZOwXbybz260.roa (hash: F4aAH1P/CqccbM0rJQ6/jB1mC+tQi8oCbtTD8Uif+I8=)
                          2: PWq-XEiuzr1KI34VPDaE8wYI1EQ.crl (hash: 0VmkjR9ZH5noNzHVy8T+CH4+XVW+WkYoIpPlf1myAF8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/4d/5fb803-4333-4175-90df-aec14ea17ebf/1/PWq-XEiuzr1KI34VPDaE8wYI1EQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/4d/5fb803-4333-4175-90df-aec14ea17ebf/1/PWq-XEiuzr1KI34VPDaE8wYI1EQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/PWq-XEiuzr1KI34VPDaE8wYI1EQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 11 Jun 2025 14:55:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:5a:5c:0d:ce:fa:b0:79:30:4b:13:ab:d9:6b:96:14:2a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3d6abe5c48aecebd4a237e153c3684f30608d444
        Validity
            Not Before: Jun 10 15:01:11 2025 GMT
            Not After : Jun 11 15:01:11 2025 GMT
        Subject: CN=038d37b6455f4ce19a6d9d32ecb806e6650b9017
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d4:1e:63:7f:d2:9c:0c:f2:fe:a2:9c:d9:27:9b:
                    00:53:fa:29:98:d8:41:20:0b:c9:3f:c9:03:a2:1d:
                    54:53:e8:a8:b8:90:31:8f:2c:4d:b6:7c:f0:d1:9a:
                    c4:3b:e2:6a:3f:3b:35:f0:86:ab:b2:46:df:6c:7a:
                    99:6d:53:ea:f0:69:a3:22:11:47:7d:79:e6:d8:7d:
                    14:f1:94:f8:e9:2a:46:f1:18:a4:a9:b6:51:25:b9:
                    76:82:ef:10:a9:81:72:7f:1c:51:d7:e8:3e:9c:d3:
                    c1:69:af:ff:98:13:0a:29:9b:48:d2:39:d8:84:d2:
                    a4:f1:ea:14:17:f0:28:aa:aa:b4:25:5c:a6:7c:5c:
                    dd:54:0e:5c:ba:82:dd:7b:d3:c2:3f:7e:0a:6e:a2:
                    d4:4b:d4:62:3e:a8:90:8c:58:ab:f5:0d:b3:3f:49:
                    ee:65:a0:1e:f0:47:63:a4:1b:40:75:b7:f0:cc:07:
                    b6:bc:0a:76:3d:12:e7:83:a7:63:c0:9a:ee:fe:61:
                    8c:98:16:0a:12:43:b3:06:34:cc:fb:d7:bc:e3:71:
                    58:c5:ad:90:99:1d:07:3d:26:c2:70:ce:cc:35:c5:
                    aa:f5:9f:21:d5:9e:92:b0:bc:1e:78:1a:a6:2a:8e:
                    8b:c9:73:9d:f1:a8:a9:2a:e6:b9:fa:8d:ef:d1:ec:
                    01:45
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                03:8D:37:B6:45:5F:4C:E1:9A:6D:9D:32:EC:B8:06:E6:65:0B:90:17
            X509v3 Authority Key Identifier:
                keyid:3D:6A:BE:5C:48:AE:CE:BD:4A:23:7E:15:3C:36:84:F3:06:08:D4:44

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PWq-XEiuzr1KI34VPDaE8wYI1EQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/5fb803-4333-4175-90df-aec14ea17ebf/1/PWq-XEiuzr1KI34VPDaE8wYI1EQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/5fb803-4333-4175-90df-aec14ea17ebf/1/PWq-XEiuzr1KI34VPDaE8wYI1EQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         67:81:2b:70:1d:14:55:54:09:29:be:29:aa:a5:be:ff:55:50:
         55:f8:3d:ac:ac:70:fc:e6:5b:12:7e:f8:db:24:ac:4d:c0:f5:
         32:61:bd:03:45:5d:55:cd:cb:46:30:6f:f0:91:c8:e8:4b:d8:
         ba:3d:14:70:1e:cc:8a:f5:d1:d9:64:84:8a:9d:1b:38:fa:4c:
         bb:dc:f1:5b:a1:3c:35:c5:08:78:cd:cf:5e:0d:34:2d:28:99:
         2b:0a:46:5f:a7:9b:22:5d:be:8e:c6:ad:c5:09:e7:42:e3:ea:
         61:a1:a1:30:e5:e4:72:21:ec:f9:f7:a2:8a:4e:45:76:3b:78:
         6c:d4:a4:ab:c0:c8:35:8d:36:83:b8:46:57:c8:92:c2:55:17:
         03:24:1d:d1:f3:92:27:c5:40:45:fc:cf:11:a7:0c:8d:87:0a:
         73:84:95:cd:d5:db:be:94:89:4c:0d:4b:30:d5:22:fd:ab:35:
         46:dd:20:0a:c0:57:cc:2a:57:87:2c:e0:db:30:09:f1:55:4b:
         d3:1b:55:aa:4e:c7:a5:3c:39:1c:07:12:53:27:7d:f4:4d:c1:
         e8:91:42:b1:a6:29:86:90:8e:8d:b6:b6:95:5b:2c:59:35:09:
         63:a0:a3:21:97:eb:da:c8:41:3d:ef:8f:cf:1b:c5:67:30:5c:
         68:a9:71:d3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdaXA3O+rB5MEsTq9lrlhQqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNkNmFiZTVjNDhhZWNlYmQ0YTIzN2UxNTNjMzY4NGYzMDYw
OGQ0NDQwHhcNMjUwNjEwMTUwMTExWhcNMjUwNjExMTUwMTExWjAzMTEwLwYDVQQD
EygwMzhkMzdiNjQ1NWY0Y2UxOWE2ZDlkMzJlY2I4MDZlNjY1MGI5MDE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1B5jf9KcDPL+opzZJ5sAU/opmNhB
IAvJP8kDoh1UU+iouJAxjyxNtnzw0ZrEO+JqPzs18IarskbfbHqZbVPq8GmjIhFH
fXnm2H0U8ZT46SpG8RikqbZRJbl2gu8QqYFyfxxR1+g+nNPBaa//mBMKKZtI0jnY
hNKk8eoUF/Aoqqq0JVymfFzdVA5cuoLde9PCP34KbqLUS9RiPqiQjFir9Q2zP0nu
ZaAe8EdjpBtAdbfwzAe2vAp2PRLng6djwJru/mGMmBYKEkOzBjTM+9e843FYxa2Q
mR0HPSbCcM7MNcWq9Z8h1Z6SsLweeBqmKo6LyXOd8aipKua5+o3v0ewBRQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAONN7ZFX0zhmm2dMuy4BuZlC5AXMB8GA1UdIwQY
MBaAFD1qvlxIrs69SiN+FTw2hPMGCNREMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUFdxLVhFaXV6cjFLSTM0VlBEYUU4d1lJMUVRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC81ZmI4MDMtNDMzMy00MTc1LTkwZGYt
YWVjMTRlYTE3ZWJmLzEvUFdxLVhFaXV6cjFLSTM0VlBEYUU4d1lJMUVRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZC81ZmI4MDMtNDMzMy00MTc1LTkwZGYtYWVjMTRlYTE3ZWJm
LzEvUFdxLVhFaXV6cjFLSTM0VlBEYUU4d1lJMUVRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZ4ErcB0U
VVQJKb4pqqW+/1VQVfg9rKxw/OZbEn742ySsTcD1MmG9A0VdVc3LRjBv8JHI6EvY
uj0UcB7MivXR2WSEip0bOPpMu9zxW6E8NcUIeM3PXg00LSiZKwpGX6ebIl2+jsat
xQnnQuPqYaGhMOXkciHs+feiik5Fdjt4bNSkq8DINY02g7hGV8iSwlUXAyQd0fOS
J8VARfzPEacMjYcKc4SVzdXbvpSJTA1LMNUi/as1Rt0gCsBXzCpXhyzg2zAJ8VVL
0xtVqk7HpTw5HAcSUyd99E3B6JFCsaYphpCOjba2lVssWTUJY6CjIZfr2shBPe+P
zxvFZzBcaKlx0w==
-----END CERTIFICATE-----
Generated at Tue Jun 10 21:57:06 2025 by rpki-client