Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/674496-97bd-4eb0-a886-82119978d6bb/1/XkLDVhL0WvQRA1IK8nYc2qUeOqQ.mft
File:                     XkLDVhL0WvQRA1IK8nYc2qUeOqQ.mft (raw, json)
Hash identifier:          2Pcz5YD/lNQ0YUepVFCJr1KjhrF7mb+SXPGlRgOQgC8=
Subject key identifier:   1D:6C:0F:D7:8C:27:C3:17:5B:04:E5:9B:87:D7:79:FB:A3:42:F0:12
Authority key identifier: 5E:42:C3:56:12:F4:5A:F4:11:03:52:0A:F2:76:1C:DA:A5:1E:3A:A4
Certificate issuer:       /CN=5e42c35612f45af41103520af2761cdaa51e3aa4
Certificate serial:       019769CEDD222CA6845185A885C87732CF9F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/XkLDVhL0WvQRA1IK8nYc2qUeOqQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/50/674496-97bd-4eb0-a886-82119978d6bb/1/XkLDVhL0WvQRA1IK8nYc2qUeOqQ.mft
Manifest number:          148C
Signing time:             Fri 13 Jun 2025 15:00:54 +0000
Manifest this update:     Fri 13 Jun 2025 15:00:54 +0000
Manifest next update:     Sat 14 Jun 2025 15:00:54 +0000
Files and hashes:         1: XkLDVhL0WvQRA1IK8nYc2qUeOqQ.crl (hash: Du0RjKhx6q27C6rc7Xo3F30yr2ak4S0K/vGhZnXKrHc=)
                          2: xyAqUo1cBCxwcVbYVeKIYjCComY.roa (hash: 5YKuscwS6gvAjWMFAp+aYRLvaxsng69DrIJ3z9uUMo8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/50/674496-97bd-4eb0-a886-82119978d6bb/1/XkLDVhL0WvQRA1IK8nYc2qUeOqQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/50/674496-97bd-4eb0-a886-82119978d6bb/1/XkLDVhL0WvQRA1IK8nYc2qUeOqQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/XkLDVhL0WvQRA1IK8nYc2qUeOqQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 14 Jun 2025 15:00:54 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:69:ce:dd:22:2c:a6:84:51:85:a8:85:c8:77:32:cf:9f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5e42c35612f45af41103520af2761cdaa51e3aa4
        Validity
            Not Before: Jun 13 15:00:54 2025 GMT
            Not After : Jun 14 15:00:54 2025 GMT
        Subject: CN=1d6c0fd78c27c3175b04e59b87d779fba342f012
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:26:6b:fc:3e:94:30:b4:70:f3:5d:60:52:cd:
                    a9:9f:6e:f5:f9:6c:3a:b0:95:84:fb:8a:34:74:d3:
                    f1:28:5c:d9:5a:12:2b:89:85:89:9a:d7:67:71:48:
                    1b:30:fe:4e:a5:19:7a:30:9f:67:1c:08:e2:2e:a9:
                    11:d1:06:f4:8a:1b:a1:25:5b:aa:19:f9:2c:82:3c:
                    12:1c:77:c4:62:54:3b:aa:87:6f:a9:66:7b:1a:fb:
                    0e:c5:31:0c:c7:39:3a:60:1d:28:dd:6a:24:2f:27:
                    de:f0:6b:48:86:76:4a:22:65:f8:ce:11:73:e3:fb:
                    2c:ce:8c:75:21:c1:29:4d:52:9a:22:cf:36:0e:1d:
                    e1:25:19:d1:f3:48:75:24:ba:84:d1:65:da:fd:f4:
                    40:67:37:72:71:e6:f1:6c:97:7d:74:52:be:e1:d2:
                    05:10:ba:89:72:44:05:e2:c9:cb:b1:e6:a8:4b:9b:
                    f0:30:99:33:ae:d5:97:24:a2:c3:91:ab:42:99:45:
                    f8:8c:fa:02:1a:49:b7:4a:e0:e3:3b:d7:13:74:81:
                    02:3e:18:bf:55:9d:1d:8d:b4:62:e9:15:12:ed:8f:
                    e4:3d:02:57:e9:c4:92:d7:ff:a9:c3:c7:42:44:1c:
                    7f:17:24:e9:81:42:6d:6e:68:6c:c8:ce:d1:ba:25:
                    29:95
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1D:6C:0F:D7:8C:27:C3:17:5B:04:E5:9B:87:D7:79:FB:A3:42:F0:12
            X509v3 Authority Key Identifier:
                keyid:5E:42:C3:56:12:F4:5A:F4:11:03:52:0A:F2:76:1C:DA:A5:1E:3A:A4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XkLDVhL0WvQRA1IK8nYc2qUeOqQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/674496-97bd-4eb0-a886-82119978d6bb/1/XkLDVhL0WvQRA1IK8nYc2qUeOqQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/50/674496-97bd-4eb0-a886-82119978d6bb/1/XkLDVhL0WvQRA1IK8nYc2qUeOqQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6e:11:b8:fc:48:32:c4:82:23:7a:71:19:91:f4:26:8f:19:fd:
         00:c2:31:8e:0b:94:db:10:e8:3c:47:c5:ab:ca:3c:3c:c0:0d:
         ba:3e:92:3f:12:62:c1:b5:0b:51:a0:77:e7:fd:7d:75:dd:6d:
         37:81:bf:ac:0d:f0:79:e3:28:2d:7b:15:ad:99:5e:0a:a0:10:
         fb:68:c6:c0:8f:0c:56:14:90:b1:90:d9:c4:e7:21:af:4c:6c:
         e0:b5:40:8e:6a:d8:fa:cf:c8:e7:39:d3:38:67:e6:c1:54:45:
         b9:ff:04:c1:62:d0:f3:a8:db:90:5d:51:98:7e:af:bf:a7:e6:
         96:1e:5d:61:4d:b1:9c:b3:47:ab:4f:fa:1e:f9:c5:a6:bc:98:
         34:50:57:59:9b:be:b2:f3:00:fb:42:ae:10:3e:db:e4:51:7c:
         f6:a0:33:4e:32:1c:39:98:49:72:26:27:f9:20:82:e7:59:d1:
         b3:97:9e:f9:a2:64:60:4a:2d:61:05:14:0c:03:d3:2d:08:65:
         dc:ae:24:f9:97:6a:77:2f:68:48:bc:c4:d8:1f:73:42:a8:f7:
         a8:c1:2a:3f:41:65:8c:42:fd:49:3f:8f:80:3d:63:11:d4:59:
         20:5d:45:58:3b:73:0b:ae:2a:6a:1c:f1:3a:74:39:c4:20:34:
         72:47:1b:8f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdpzt0iLKaEUYWohch3Ms+fMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlNDJjMzU2MTJmNDVhZjQxMTAzNTIwYWYyNzYxY2RhYTUx
ZTNhYTQwHhcNMjUwNjEzMTUwMDU0WhcNMjUwNjE0MTUwMDU0WjAzMTEwLwYDVQQD
EygxZDZjMGZkNzhjMjdjMzE3NWIwNGU1OWI4N2Q3NzlmYmEzNDJmMDEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtSZr/D6UMLRw811gUs2pn271+Ww6
sJWE+4o0dNPxKFzZWhIriYWJmtdncUgbMP5OpRl6MJ9nHAjiLqkR0Qb0ihuhJVuq
GfksgjwSHHfEYlQ7qodvqWZ7GvsOxTEMxzk6YB0o3WokLyfe8GtIhnZKImX4zhFz
4/sszox1IcEpTVKaIs82Dh3hJRnR80h1JLqE0WXa/fRAZzdycebxbJd9dFK+4dIF
ELqJckQF4snLseaoS5vwMJkzrtWXJKLDkatCmUX4jPoCGkm3SuDjO9cTdIECPhi/
VZ0djbRi6RUS7Y/kPQJX6cSS1/+pw8dCRBx/FyTpgUJtbmhsyM7RuiUplQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFB1sD9eMJ8MXWwTlm4fXefujQvASMB8GA1UdIwQY
MBaAFF5Cw1YS9Fr0EQNSCvJ2HNqlHjqkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGtMRFZoTDBXdlFSQTFJSzhuWWMycVVlT3FRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MC82NzQ0OTYtOTdiZC00ZWIwLWE4ODYt
ODIxMTk5NzhkNmJiLzEvWGtMRFZoTDBXdlFSQTFJSzhuWWMycVVlT3FRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MC82NzQ0OTYtOTdiZC00ZWIwLWE4ODYtODIxMTk5NzhkNmJi
LzEvWGtMRFZoTDBXdlFSQTFJSzhuWWMycVVlT3FRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAbhG4/Egy
xIIjenEZkfQmjxn9AMIxjguU2xDoPEfFq8o8PMANuj6SPxJiwbULUaB35/19dd1t
N4G/rA3weeMoLXsVrZleCqAQ+2jGwI8MVhSQsZDZxOchr0xs4LVAjmrY+s/I5znT
OGfmwVRFuf8EwWLQ86jbkF1RmH6vv6fmlh5dYU2xnLNHq0/6HvnFpryYNFBXWZu+
svMA+0KuED7b5FF89qAzTjIcOZhJciYn+SCC51nRs5ee+aJkYEotYQUUDAPTLQhl
3K4k+Zdqdy9oSLzE2B9zQqj3qMEqP0FljEL9ST+PgD1jEdRZIF1FWDtzC64qahzx
OnQ5xCA0ckcbjw==
-----END CERTIFICATE-----
Generated at Fri Jun 13 22:35:42 2025 by rpki-client