Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/54/42b179-4790-4520-b174-50505382fd72/1/khtMhcqo2LFmGb-UWi_Wrxx3_Hg.mft
File:                     khtMhcqo2LFmGb-UWi_Wrxx3_Hg.mft (raw, json)
Hash identifier:          d06o278hGYJQEC4e+QDAFao43hqy13u0eKMgQNbDCVo=
Subject key identifier:   CE:1C:D8:64:87:30:E9:EB:A2:F0:D8:14:3D:96:19:F7:70:51:ED:60
Authority key identifier: 92:1B:4C:85:CA:A8:D8:B1:66:19:BF:94:5A:2F:D6:AF:1C:77:FC:78
Certificate issuer:       /CN=921b4c85caa8d8b16619bf945a2fd6af1c77fc78
Certificate serial:       01976214E3F059885E76F3B0E290DF8ABC8E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/khtMhcqo2LFmGb-UWi_Wrxx3_Hg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/54/42b179-4790-4520-b174-50505382fd72/1/khtMhcqo2LFmGb-UWi_Wrxx3_Hg.mft
Manifest number:          1589
Signing time:             Thu 12 Jun 2025 03:00:25 +0000
Manifest this update:     Thu 12 Jun 2025 03:00:25 +0000
Manifest next update:     Fri 13 Jun 2025 03:00:25 +0000
Files and hashes:         1: khtMhcqo2LFmGb-UWi_Wrxx3_Hg.crl (hash: y2n+WrJPfgqzBP4NVUWUoAa0vLbj81rzbv1R9Sqwy+k=)
                          2: yGFlSDdiFlFUJBTzkBDJlODQZoY.roa (hash: 5kgFGMiEYqgnd4sbR3CvLQA6/mpT37R4CFK6/AUcK/Y=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/54/42b179-4790-4520-b174-50505382fd72/1/khtMhcqo2LFmGb-UWi_Wrxx3_Hg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/54/42b179-4790-4520-b174-50505382fd72/1/khtMhcqo2LFmGb-UWi_Wrxx3_Hg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/khtMhcqo2LFmGb-UWi_Wrxx3_Hg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 13 Jun 2025 00:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:62:14:e3:f0:59:88:5e:76:f3:b0:e2:90:df:8a:bc:8e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=921b4c85caa8d8b16619bf945a2fd6af1c77fc78
        Validity
            Not Before: Jun 12 03:00:25 2025 GMT
            Not After : Jun 13 03:00:25 2025 GMT
        Subject: CN=ce1cd8648730e9eba2f0d8143d9619f77051ed60
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:18:e4:ab:9b:f7:0e:98:d7:da:64:58:c7:de:
                    d2:78:f1:58:dd:5c:ea:e2:bb:28:d0:ec:8d:2d:50:
                    f5:ef:6c:b1:46:2d:d2:a7:37:4b:64:df:25:61:6c:
                    4c:8c:11:3c:d5:81:79:90:dd:25:5c:72:9d:3f:b3:
                    4a:8b:ab:c4:b5:1f:b7:1f:65:b0:b9:7d:56:de:00:
                    0c:c2:e1:9d:99:14:d1:d8:f2:8a:a6:93:7e:0d:f5:
                    75:42:95:6e:73:85:44:d7:85:0e:3b:57:f0:da:7f:
                    27:ad:1c:ec:26:af:1c:1a:f1:ce:04:32:9b:fe:d4:
                    4d:77:22:ff:52:0f:95:02:a2:bb:4b:79:49:90:9b:
                    13:8e:5c:99:8c:65:3e:b0:9d:77:3e:44:e2:c5:11:
                    b9:4b:ce:35:76:f7:d7:8d:12:23:17:ba:bb:7f:d7:
                    b9:75:f3:8e:b9:03:ad:2b:c3:61:cb:70:57:ed:8c:
                    2e:4f:c7:8d:bc:ce:11:b7:a3:45:4d:c5:9b:0f:4e:
                    cc:ad:69:22:84:43:89:31:cd:67:64:f4:1a:43:2d:
                    0b:32:3c:4e:61:04:87:38:d8:d0:7c:55:9a:ed:57:
                    6e:ee:dc:50:09:31:dd:53:6b:7e:90:a8:8c:ea:0e:
                    37:d7:5e:12:c9:e1:29:3e:6b:9e:ed:29:9f:51:34:
                    fd:af
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CE:1C:D8:64:87:30:E9:EB:A2:F0:D8:14:3D:96:19:F7:70:51:ED:60
            X509v3 Authority Key Identifier:
                keyid:92:1B:4C:85:CA:A8:D8:B1:66:19:BF:94:5A:2F:D6:AF:1C:77:FC:78

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/khtMhcqo2LFmGb-UWi_Wrxx3_Hg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/54/42b179-4790-4520-b174-50505382fd72/1/khtMhcqo2LFmGb-UWi_Wrxx3_Hg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/54/42b179-4790-4520-b174-50505382fd72/1/khtMhcqo2LFmGb-UWi_Wrxx3_Hg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0b:84:8d:af:48:60:9b:08:2a:5f:c6:06:65:92:7c:bf:8a:2d:
         df:5e:5a:da:f4:29:c2:90:64:91:d6:ac:c1:9b:57:91:5b:39:
         55:61:ed:26:53:c7:df:6e:bb:aa:cb:cb:f3:78:db:a8:72:7d:
         ea:fa:e1:6e:97:32:46:4e:75:3e:23:c6:1c:f5:f7:b2:6c:f3:
         00:22:b8:9f:21:50:1d:30:3a:fd:25:80:44:17:9e:d6:08:98:
         dd:47:29:af:05:3e:27:d5:66:b4:f5:1a:0d:b9:e0:84:50:3b:
         5a:36:7a:90:35:88:cf:45:38:88:93:5e:6b:73:a5:24:2c:8f:
         de:7a:1d:9d:ca:40:bf:aa:fa:b7:cd:4e:83:86:92:88:8e:af:
         55:6f:aa:e4:ec:5e:f7:f7:52:e4:6c:6f:16:3c:8c:e9:67:71:
         cd:4f:a6:09:49:e9:0d:1c:3e:d1:f4:27:98:52:57:89:07:68:
         e1:c7:a8:5c:34:54:e4:1b:50:d9:25:9a:79:b2:9b:de:ee:a0:
         2b:59:c2:92:37:28:56:67:44:66:62:c4:06:40:01:d9:9d:61:
         c7:f6:9c:df:a3:10:c9:62:1d:44:4f:d7:27:d8:ac:6a:70:d7:
         12:b0:be:22:56:1c:17:67:e6:2e:0e:2e:4d:ed:ea:02:c2:4d:
         ce:c3:9a:e4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdiFOPwWYhedvOw4pDfiryOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyMWI0Yzg1Y2FhOGQ4YjE2NjE5YmY5NDVhMmZkNmFmMWM3
N2ZjNzgwHhcNMjUwNjEyMDMwMDI1WhcNMjUwNjEzMDMwMDI1WjAzMTEwLwYDVQQD
EyhjZTFjZDg2NDg3MzBlOWViYTJmMGQ4MTQzZDk2MTlmNzcwNTFlZDYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqBjkq5v3DpjX2mRYx97SePFY3Vzq
4rso0OyNLVD172yxRi3SpzdLZN8lYWxMjBE81YF5kN0lXHKdP7NKi6vEtR+3H2Ww
uX1W3gAMwuGdmRTR2PKKppN+DfV1QpVuc4VE14UOO1fw2n8nrRzsJq8cGvHOBDKb
/tRNdyL/Ug+VAqK7S3lJkJsTjlyZjGU+sJ13PkTixRG5S841dvfXjRIjF7q7f9e5
dfOOuQOtK8Nhy3BX7YwuT8eNvM4Rt6NFTcWbD07MrWkihEOJMc1nZPQaQy0LMjxO
YQSHONjQfFWa7Vdu7txQCTHdU2t+kKiM6g43114SyeEpPmue7SmfUTT9rwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFM4c2GSHMOnrovDYFD2WGfdwUe1gMB8GA1UdIwQY
MBaAFJIbTIXKqNixZhm/lFov1q8cd/x4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva2h0TWhjcW8yTEZtR2ItVVdpX1dyeHgzX0hnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NC80MmIxNzktNDc5MC00NTIwLWIxNzQt
NTA1MDUzODJmZDcyLzEva2h0TWhjcW8yTEZtR2ItVVdpX1dyeHgzX0hnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NC80MmIxNzktNDc5MC00NTIwLWIxNzQtNTA1MDUzODJmZDcy
LzEva2h0TWhjcW8yTEZtR2ItVVdpX1dyeHgzX0hnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAC4SNr0hg
mwgqX8YGZZJ8v4ot315a2vQpwpBkkdaswZtXkVs5VWHtJlPH3267qsvL83jbqHJ9
6vrhbpcyRk51PiPGHPX3smzzACK4nyFQHTA6/SWARBee1giY3UcprwU+J9VmtPUa
DbnghFA7WjZ6kDWIz0U4iJNea3OlJCyP3nodncpAv6r6t81Og4aSiI6vVW+q5Oxe
9/dS5GxvFjyM6WdxzU+mCUnpDRw+0fQnmFJXiQdo4ceoXDRU5BtQ2SWaebKb3u6g
K1nCkjcoVmdEZmLEBkAB2Z1hx/ac36MQyWIdRE/XJ9isanDXErC+IlYcF2fmLg4u
Te3qAsJNzsOa5A==
-----END CERTIFICATE-----
Generated at Thu Jun 12 09:48:41 2025 by rpki-client