Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/674496-97bd-4eb0-a886-82119978d6bb/1/XkLDVhL0WvQRA1IK8nYc2qUeOqQ.mft
File:                     XkLDVhL0WvQRA1IK8nYc2qUeOqQ.mft (raw, json)
Hash identifier:          yiPwe+wznQOlN9M/d0pbeul6f7q8cajV4xVEJHBeCIA=
Subject key identifier:   D9:AF:3F:8F:EE:4F:EB:DC:CF:40:30:B9:51:8B:D7:F3:B7:6B:65:84
Authority key identifier: 5E:42:C3:56:12:F4:5A:F4:11:03:52:0A:F2:76:1C:DA:A5:1E:3A:A4
Certificate issuer:       /CN=5e42c35612f45af41103520af2761cdaa51e3aa4
Certificate serial:       01976BBD5AC713B0D05359DAB8CF184AD59D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/XkLDVhL0WvQRA1IK8nYc2qUeOqQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/50/674496-97bd-4eb0-a886-82119978d6bb/1/XkLDVhL0WvQRA1IK8nYc2qUeOqQ.mft
Manifest number:          148D
Signing time:             Sat 14 Jun 2025 00:01:00 +0000
Manifest this update:     Sat 14 Jun 2025 00:01:00 +0000
Manifest next update:     Sun 15 Jun 2025 00:01:00 +0000
Files and hashes:         1: XkLDVhL0WvQRA1IK8nYc2qUeOqQ.crl (hash: k4Tox0M/tzr+lZ8AiKlYDI2On6htKksKq5wl1lp/MXI=)
                          2: xyAqUo1cBCxwcVbYVeKIYjCComY.roa (hash: 5YKuscwS6gvAjWMFAp+aYRLvaxsng69DrIJ3z9uUMo8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/50/674496-97bd-4eb0-a886-82119978d6bb/1/XkLDVhL0WvQRA1IK8nYc2qUeOqQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/50/674496-97bd-4eb0-a886-82119978d6bb/1/XkLDVhL0WvQRA1IK8nYc2qUeOqQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/XkLDVhL0WvQRA1IK8nYc2qUeOqQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 15 Jun 2025 00:01:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:6b:bd:5a:c7:13:b0:d0:53:59:da:b8:cf:18:4a:d5:9d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5e42c35612f45af41103520af2761cdaa51e3aa4
        Validity
            Not Before: Jun 14 00:01:00 2025 GMT
            Not After : Jun 15 00:01:00 2025 GMT
        Subject: CN=d9af3f8fee4febdccf4030b9518bd7f3b76b6584
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:a8:a1:82:cb:0b:33:9e:b9:53:40:bf:27:df:
                    6c:f0:ec:a2:af:0d:7e:a9:6c:ec:c7:44:3b:eb:a9:
                    55:af:d3:be:0c:7d:59:65:4a:5b:8f:26:ca:d3:ae:
                    7c:87:88:a5:37:ae:55:94:95:05:a3:2c:39:ce:3b:
                    e1:3f:83:bd:b7:ce:6b:80:96:33:d4:3f:94:b4:72:
                    f5:a3:e5:28:2e:37:a5:d0:c4:c7:5f:ae:51:5d:25:
                    f5:55:3c:f4:4c:de:85:6a:41:f6:1c:81:ca:4e:6d:
                    99:c6:e6:9b:3d:71:b4:05:4c:12:b5:a7:8d:08:a2:
                    68:dc:21:5d:97:23:2c:00:cf:81:fa:fb:da:ac:ba:
                    10:c7:26:5e:e7:16:2d:36:62:f1:7e:31:d2:3e:96:
                    80:3e:75:47:8d:a0:81:ea:46:23:79:77:6b:f9:d2:
                    35:8b:3e:ad:86:ad:5c:f3:2e:49:2a:9b:c1:4d:21:
                    e5:cc:c4:6f:61:56:af:6c:73:c5:b0:42:da:1d:aa:
                    2d:63:34:8a:f1:d9:8a:21:1a:e0:02:7c:b4:72:ca:
                    e2:86:40:32:fe:8a:59:da:e4:7e:f3:64:59:1e:c1:
                    eb:84:da:4f:56:aa:8a:79:19:28:94:46:f1:a2:8c:
                    59:1a:02:f1:54:92:19:bb:3c:57:99:95:63:85:b8:
                    a2:21
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D9:AF:3F:8F:EE:4F:EB:DC:CF:40:30:B9:51:8B:D7:F3:B7:6B:65:84
            X509v3 Authority Key Identifier:
                keyid:5E:42:C3:56:12:F4:5A:F4:11:03:52:0A:F2:76:1C:DA:A5:1E:3A:A4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XkLDVhL0WvQRA1IK8nYc2qUeOqQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/674496-97bd-4eb0-a886-82119978d6bb/1/XkLDVhL0WvQRA1IK8nYc2qUeOqQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/50/674496-97bd-4eb0-a886-82119978d6bb/1/XkLDVhL0WvQRA1IK8nYc2qUeOqQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         54:7a:2e:49:77:5c:2d:0f:5a:8f:16:ec:92:42:42:22:69:28:
         3b:4a:9e:f7:d3:79:6e:18:85:9c:2b:13:e6:04:07:a5:a7:7c:
         72:31:79:27:d2:b9:1b:f7:f2:ca:16:fe:a8:6c:4b:37:cf:2e:
         6b:1c:b7:5f:45:e1:2f:e0:72:b6:26:ed:c1:1d:ea:45:83:b4:
         3e:d9:db:f3:7d:93:ab:a1:11:e1:20:52:24:5d:8e:28:7b:33:
         09:07:5d:eb:36:41:6e:d6:ff:83:f8:78:05:34:a4:8e:71:5f:
         63:05:8b:e8:72:61:d6:e6:c1:dc:cf:0a:27:0a:3f:2e:30:04:
         52:f5:45:24:9c:ed:4c:61:76:c8:35:4f:07:29:f6:60:f1:af:
         84:3c:44:29:c2:b8:47:33:2b:a2:05:f3:83:ad:60:cf:fd:df:
         b8:1c:f5:63:3f:c3:e8:83:58:b5:2f:01:23:7b:bb:50:38:35:
         81:14:bf:8b:38:46:08:d2:de:d6:c6:b2:72:91:5a:a5:20:b2:
         81:74:c9:20:4a:df:ca:3d:73:f3:98:e8:a3:97:b1:8b:67:e2:
         ac:e6:75:18:ae:48:99:a6:be:6c:77:c1:37:db:31:ff:63:fd:
         1e:fe:7f:1d:da:3c:c9:47:1d:ea:9a:49:e0:49:3a:d4:9c:01:
         cf:63:f9:8b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdrvVrHE7DQU1nauM8YStWdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlNDJjMzU2MTJmNDVhZjQxMTAzNTIwYWYyNzYxY2RhYTUx
ZTNhYTQwHhcNMjUwNjE0MDAwMTAwWhcNMjUwNjE1MDAwMTAwWjAzMTEwLwYDVQQD
EyhkOWFmM2Y4ZmVlNGZlYmRjY2Y0MDMwYjk1MThiZDdmM2I3NmI2NTg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsaihgssLM565U0C/J99s8Oyirw1+
qWzsx0Q766lVr9O+DH1ZZUpbjybK0658h4ilN65VlJUFoyw5zjvhP4O9t85rgJYz
1D+UtHL1o+UoLjel0MTHX65RXSX1VTz0TN6FakH2HIHKTm2ZxuabPXG0BUwStaeN
CKJo3CFdlyMsAM+B+vvarLoQxyZe5xYtNmLxfjHSPpaAPnVHjaCB6kYjeXdr+dI1
iz6thq1c8y5JKpvBTSHlzMRvYVavbHPFsELaHaotYzSK8dmKIRrgAny0csrihkAy
/opZ2uR+82RZHsHrhNpPVqqKeRkolEbxooxZGgLxVJIZuzxXmZVjhbiiIQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNmvP4/uT+vcz0AwuVGL1/O3a2WEMB8GA1UdIwQY
MBaAFF5Cw1YS9Fr0EQNSCvJ2HNqlHjqkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGtMRFZoTDBXdlFSQTFJSzhuWWMycVVlT3FRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MC82NzQ0OTYtOTdiZC00ZWIwLWE4ODYt
ODIxMTk5NzhkNmJiLzEvWGtMRFZoTDBXdlFSQTFJSzhuWWMycVVlT3FRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MC82NzQ0OTYtOTdiZC00ZWIwLWE4ODYtODIxMTk5NzhkNmJi
LzEvWGtMRFZoTDBXdlFSQTFJSzhuWWMycVVlT3FRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVHouSXdc
LQ9ajxbskkJCImkoO0qe99N5bhiFnCsT5gQHpad8cjF5J9K5G/fyyhb+qGxLN88u
axy3X0XhL+BytibtwR3qRYO0Ptnb832Tq6ER4SBSJF2OKHszCQdd6zZBbtb/g/h4
BTSkjnFfYwWL6HJh1ubB3M8KJwo/LjAEUvVFJJztTGF2yDVPByn2YPGvhDxEKcK4
RzMrogXzg61gz/3fuBz1Yz/D6INYtS8BI3u7UDg1gRS/izhGCNLe1saycpFapSCy
gXTJIErfyj1z85joo5exi2firOZ1GK5Imaa+bHfBN9sx/2P9Hv5/Hdo8yUcd6ppJ
4Ek61JwBz2P5iw==
-----END CERTIFICATE-----
Generated at Sat Jun 14 09:56:42 2025 by rpki-client