Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4e/33d226-7c43-4c83-94ad-218289d81c53/1/immKFPthpoevCmP3xlXAAfZwEoI.mft
File:                     immKFPthpoevCmP3xlXAAfZwEoI.mft (raw, json)
Hash identifier:          U1Vlocl4KAP1RPJDmWVwR29077+Z/SA+ma6Gsbx4/dc=
Subject key identifier:   95:14:C0:56:06:5E:6A:C9:C4:68:B9:02:97:7F:D1:68:B0:A1:65:56
Authority key identifier: 8A:69:8A:14:FB:61:A6:87:AF:0A:63:F7:C6:55:C0:01:F6:70:12:82
Certificate issuer:       /CN=8a698a14fb61a687af0a63f7c655c001f6701282
Certificate serial:       0197591243A0A4B3AFF530D7C7A8E6FFEBE5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/immKFPthpoevCmP3xlXAAfZwEoI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4e/33d226-7c43-4c83-94ad-218289d81c53/1/immKFPthpoevCmP3xlXAAfZwEoI.mft
Manifest number:          031E
Signing time:             Tue 10 Jun 2025 09:00:58 +0000
Manifest this update:     Tue 10 Jun 2025 09:00:58 +0000
Manifest next update:     Wed 11 Jun 2025 09:00:58 +0000
Files and hashes:         1: P1m93kQnbl9hCPZ7gjvBSz2QduY.roa (hash: Vw3jwkUFPb+4FTO/pTKFTwQSjK1reP+BMicWKiuZXfs=)
                          2: immKFPthpoevCmP3xlXAAfZwEoI.crl (hash: JzpX5YQ99Tne265mAqr5b4T0MkhaoH629NdFYnLyfys=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/4e/33d226-7c43-4c83-94ad-218289d81c53/1/immKFPthpoevCmP3xlXAAfZwEoI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/4e/33d226-7c43-4c83-94ad-218289d81c53/1/immKFPthpoevCmP3xlXAAfZwEoI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/immKFPthpoevCmP3xlXAAfZwEoI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 11 Jun 2025 09:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:59:12:43:a0:a4:b3:af:f5:30:d7:c7:a8:e6:ff:eb:e5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8a698a14fb61a687af0a63f7c655c001f6701282
        Validity
            Not Before: Jun 10 09:00:58 2025 GMT
            Not After : Jun 11 09:00:58 2025 GMT
        Subject: CN=9514c056065e6ac9c468b902977fd168b0a16556
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:c4:07:6b:b1:15:72:55:d9:cd:94:92:7a:3f:
                    33:91:90:9c:41:53:5c:30:e8:ea:7a:14:b2:64:ed:
                    2d:ba:ec:ac:26:aa:23:bf:14:bd:63:3f:a4:b3:2e:
                    24:95:e0:3e:82:e8:ee:73:81:87:73:53:3b:19:d9:
                    0e:79:9f:f1:cd:bf:bb:aa:76:47:d9:db:07:1a:6f:
                    71:16:65:6c:45:b6:74:6b:e8:14:4a:cc:bc:45:ab:
                    e0:ed:6b:67:08:d5:fb:49:d4:df:34:95:04:85:03:
                    0a:cd:85:5d:9d:6c:0b:8d:b5:fd:c4:18:df:c7:22:
                    e2:3d:7f:27:9b:f0:c4:77:ea:c9:76:33:a5:05:4c:
                    40:32:01:15:39:60:0c:ff:1c:b4:5d:ca:dd:a0:64:
                    35:3d:b2:d5:be:4a:ed:dd:5a:8e:7d:d7:bb:3f:4f:
                    6d:8a:df:e7:c9:e9:c6:d2:34:75:40:cd:87:1a:04:
                    2c:8f:18:92:11:fb:45:3c:b3:57:9a:d1:e5:ec:0d:
                    97:ea:ec:ac:99:5e:29:d2:7d:bf:ef:8e:76:28:74:
                    6f:f2:25:cf:18:45:92:7e:95:0f:f1:45:ac:de:67:
                    2d:6b:84:34:0a:9f:23:23:5c:fa:99:8e:a7:12:2b:
                    58:66:3b:15:a9:29:88:cf:a4:98:86:12:f5:7d:1f:
                    a4:fd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                95:14:C0:56:06:5E:6A:C9:C4:68:B9:02:97:7F:D1:68:B0:A1:65:56
            X509v3 Authority Key Identifier:
                keyid:8A:69:8A:14:FB:61:A6:87:AF:0A:63:F7:C6:55:C0:01:F6:70:12:82

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/immKFPthpoevCmP3xlXAAfZwEoI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/33d226-7c43-4c83-94ad-218289d81c53/1/immKFPthpoevCmP3xlXAAfZwEoI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/33d226-7c43-4c83-94ad-218289d81c53/1/immKFPthpoevCmP3xlXAAfZwEoI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a0:0c:07:7f:5e:19:23:e2:c4:50:ec:60:09:09:c5:6d:1c:53:
         1a:0b:45:bf:25:7b:eb:37:4b:91:d7:1f:23:78:1d:9f:7b:e3:
         64:04:aa:23:7b:89:b6:5f:ac:00:0f:3d:44:3f:9d:93:21:c1:
         3d:96:83:0c:c1:8a:07:51:a3:4d:60:de:59:a9:90:1a:a8:bd:
         5f:3b:b7:c7:73:fd:14:41:a0:3a:07:6d:2a:5d:c5:e0:b7:5a:
         53:38:d9:ed:27:eb:96:0c:84:3c:b4:ca:a5:df:ad:10:9e:d9:
         fe:c0:f1:47:4b:40:c9:0e:7a:59:eb:fd:52:c1:02:30:b0:62:
         1a:74:ae:2f:40:1f:05:45:26:16:04:6c:2e:36:d0:6b:a7:57:
         76:e9:9f:0c:18:87:9c:94:3b:80:ca:08:ed:2c:c3:f7:5a:13:
         04:de:fe:43:c1:0f:83:86:6b:6a:65:9a:56:7c:7d:a8:d1:28:
         41:c8:cf:52:41:37:5b:2e:0b:5b:ed:a8:bf:b2:b1:84:fa:11:
         97:ed:e1:d0:d5:bd:a7:1d:ab:1a:3e:7f:18:df:93:fc:a9:25:
         e4:0d:8c:46:f6:53:ae:03:5e:27:d3:92:06:17:55:83:5c:7b:
         13:15:cc:44:61:4e:1f:64:33:8e:82:8d:f1:a6:6b:6a:2b:ff:
         ce:7b:27:06
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdZEkOgpLOv9TDXx6jm/+vlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhhNjk4YTE0ZmI2MWE2ODdhZjBhNjNmN2M2NTVjMDAxZjY3
MDEyODIwHhcNMjUwNjEwMDkwMDU4WhcNMjUwNjExMDkwMDU4WjAzMTEwLwYDVQQD
Eyg5NTE0YzA1NjA2NWU2YWM5YzQ2OGI5MDI5NzdmZDE2OGIwYTE2NTU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAosQHa7EVclXZzZSSej8zkZCcQVNc
MOjqehSyZO0tuuysJqojvxS9Yz+ksy4kleA+gujuc4GHc1M7GdkOeZ/xzb+7qnZH
2dsHGm9xFmVsRbZ0a+gUSsy8Ravg7WtnCNX7SdTfNJUEhQMKzYVdnWwLjbX9xBjf
xyLiPX8nm/DEd+rJdjOlBUxAMgEVOWAM/xy0XcrdoGQ1PbLVvkrt3VqOfde7P09t
it/nyenG0jR1QM2HGgQsjxiSEftFPLNXmtHl7A2X6uysmV4p0n2/7452KHRv8iXP
GEWSfpUP8UWs3mcta4Q0Cp8jI1z6mY6nEitYZjsVqSmIz6SYhhL1fR+k/QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJUUwFYGXmrJxGi5Apd/0WiwoWVWMB8GA1UdIwQY
MBaAFIppihT7YaaHrwpj98ZVwAH2cBKCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaW1tS0ZQdGhwb2V2Q21QM3hsWEFBZlp3RW9JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZS8zM2QyMjYtN2M0My00YzgzLTk0YWQt
MjE4Mjg5ZDgxYzUzLzEvaW1tS0ZQdGhwb2V2Q21QM3hsWEFBZlp3RW9JLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZS8zM2QyMjYtN2M0My00YzgzLTk0YWQtMjE4Mjg5ZDgxYzUz
LzEvaW1tS0ZQdGhwb2V2Q21QM3hsWEFBZlp3RW9JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAoAwHf14Z
I+LEUOxgCQnFbRxTGgtFvyV76zdLkdcfI3gdn3vjZASqI3uJtl+sAA89RD+dkyHB
PZaDDMGKB1GjTWDeWamQGqi9Xzu3x3P9FEGgOgdtKl3F4LdaUzjZ7SfrlgyEPLTK
pd+tEJ7Z/sDxR0tAyQ56Wev9UsECMLBiGnSuL0AfBUUmFgRsLjbQa6dXdumfDBiH
nJQ7gMoI7SzD91oTBN7+Q8EPg4ZramWaVnx9qNEoQcjPUkE3Wy4LW+2ov7KxhPoR
l+3h0NW9px2rGj5/GN+T/Kkl5A2MRvZTrgNeJ9OSBhdVg1x7ExXMRGFOH2QzjoKN
8aZraiv/znsnBg==
-----END CERTIFICATE-----
Generated at Tue Jun 10 15:32:51 2025 by rpki-client