Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/55/43eb05-affe-4274-913b-3320271fb3ac/1/o9OQf4EcuD8WuBZ4XjgLwkyKwZM.mft
File:                     o9OQf4EcuD8WuBZ4XjgLwkyKwZM.mft (raw, json)
Hash identifier:          WxK/0zr4f5T27e0JSeeXeI8RZKbq+LuAHe8scXADojU=
Subject key identifier:   5A:4F:89:03:98:E9:A3:84:D0:3A:B9:F9:5A:EF:11:61:BD:28:20:64
Authority key identifier: A3:D3:90:7F:81:1C:B8:3F:16:B8:16:78:5E:38:0B:C2:4C:8A:C1:93
Certificate issuer:       /CN=a3d3907f811cb83f16b816785e380bc24c8ac193
Certificate serial:       0197553531BF8B8F88B2A44A11401565B8E9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/o9OQf4EcuD8WuBZ4XjgLwkyKwZM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/55/43eb05-affe-4274-913b-3320271fb3ac/1/o9OQf4EcuD8WuBZ4XjgLwkyKwZM.mft
Manifest number:          1290
Signing time:             Mon 09 Jun 2025 15:00:38 +0000
Manifest this update:     Mon 09 Jun 2025 15:00:38 +0000
Manifest next update:     Tue 10 Jun 2025 15:00:38 +0000
Files and hashes:         1: KHmBEFAHu1D8g7BNr6DM90HcrdE.roa (hash: cHCWZbVIixRYPkJFTsJoo7AK/4mwhNH2E0rmOh1q4HI=)
                          2: o9OQf4EcuD8WuBZ4XjgLwkyKwZM.crl (hash: HF/GYcBW4vDfbeF1sk8AQiNIltHJB6mwYkloQYAYt/c=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/55/43eb05-affe-4274-913b-3320271fb3ac/1/o9OQf4EcuD8WuBZ4XjgLwkyKwZM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/55/43eb05-affe-4274-913b-3320271fb3ac/1/o9OQf4EcuD8WuBZ4XjgLwkyKwZM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/o9OQf4EcuD8WuBZ4XjgLwkyKwZM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 10 Jun 2025 15:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:55:35:31:bf:8b:8f:88:b2:a4:4a:11:40:15:65:b8:e9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a3d3907f811cb83f16b816785e380bc24c8ac193
        Validity
            Not Before: Jun  9 15:00:38 2025 GMT
            Not After : Jun 10 15:00:38 2025 GMT
        Subject: CN=5a4f890398e9a384d03ab9f95aef1161bd282064
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d6:52:04:b7:06:f4:95:19:07:f6:ab:41:c9:89:
                    ce:2e:71:55:86:71:2b:d7:98:6d:85:9a:d2:69:f2:
                    65:2c:ca:81:08:2c:65:44:0d:c5:3f:7f:6f:e6:4f:
                    32:d9:f6:c6:3c:32:df:42:4e:ea:57:07:d1:cc:09:
                    00:30:fe:92:b8:2c:f9:13:02:01:b2:ea:35:cc:91:
                    7e:bf:00:ef:b3:0d:92:a8:63:df:6b:0e:3b:ee:ae:
                    9a:97:f0:d8:02:70:a5:4e:44:4f:ff:f1:92:2d:54:
                    96:d3:78:f3:ac:60:42:57:ff:87:0e:dc:44:c9:10:
                    71:a6:08:a6:34:4e:36:fd:08:75:3d:8a:91:f8:90:
                    e4:86:0e:ef:fb:e9:c8:10:40:de:93:85:85:11:73:
                    f5:5d:e2:05:d2:06:0b:8d:a0:b4:50:16:e1:3d:10:
                    93:1a:e2:b7:48:65:c7:d9:26:0f:9f:2f:c8:cc:13:
                    ee:f8:f8:6c:34:36:b1:f0:93:55:91:d5:63:5c:ad:
                    e9:da:0b:e8:64:af:4a:f9:92:00:fc:46:b8:59:59:
                    64:ca:ab:e8:2d:5e:1f:7c:00:bc:09:63:90:cb:37:
                    1e:15:45:e0:f4:80:bb:88:6a:26:47:a5:93:7a:fc:
                    d5:ad:d4:41:45:3c:fa:7d:fd:b7:fc:4c:02:4d:b1:
                    39:9d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5A:4F:89:03:98:E9:A3:84:D0:3A:B9:F9:5A:EF:11:61:BD:28:20:64
            X509v3 Authority Key Identifier:
                keyid:A3:D3:90:7F:81:1C:B8:3F:16:B8:16:78:5E:38:0B:C2:4C:8A:C1:93

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/o9OQf4EcuD8WuBZ4XjgLwkyKwZM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/55/43eb05-affe-4274-913b-3320271fb3ac/1/o9OQf4EcuD8WuBZ4XjgLwkyKwZM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/55/43eb05-affe-4274-913b-3320271fb3ac/1/o9OQf4EcuD8WuBZ4XjgLwkyKwZM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5c:5c:41:c2:a8:b4:8d:16:61:ab:10:b9:8c:84:1f:b5:38:51:
         eb:97:9f:6e:35:ae:64:b3:a5:2a:4f:32:90:d1:71:2a:07:e8:
         1e:ee:15:c3:d7:4c:9c:dd:28:e3:a1:ac:e9:f0:0a:18:c9:c8:
         99:35:27:08:05:e2:b3:60:61:e6:01:a8:7d:84:e3:a7:e5:b5:
         3b:83:9e:f9:20:3f:11:4e:ae:fb:ac:70:df:93:25:d2:28:74:
         d2:c8:ad:4c:1a:90:51:c1:f0:eb:5a:39:a2:cc:b7:5c:78:14:
         84:98:ed:87:6e:1b:fc:e5:d6:5c:1c:fa:39:2b:70:fe:37:c1:
         99:31:e0:3e:5e:c8:27:d5:0f:78:92:a6:17:f6:35:ac:46:bb:
         3e:44:a8:51:30:95:5c:d0:47:96:2d:92:22:25:9f:d0:eb:e1:
         b7:da:a9:3c:a7:d1:96:93:95:52:79:0c:d1:9c:44:84:20:a5:
         ae:3e:8f:07:3d:b0:33:25:d4:7c:ee:8c:85:7d:48:b3:c5:86:
         91:44:6c:d1:3d:16:e8:15:46:a2:4b:5e:7e:60:45:34:01:9e:
         41:04:0b:d0:41:6a:21:57:1e:51:f4:77:c6:2c:24:9c:27:5f:
         bb:ba:df:3c:a1:e3:ac:dc:86:8d:fd:db:1e:b5:b8:1a:e3:2d:
         58:d0:a9:14
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdVNTG/i4+IsqRKEUAVZbjpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEzZDM5MDdmODExY2I4M2YxNmI4MTY3ODVlMzgwYmMyNGM4
YWMxOTMwHhcNMjUwNjA5MTUwMDM4WhcNMjUwNjEwMTUwMDM4WjAzMTEwLwYDVQQD
Eyg1YTRmODkwMzk4ZTlhMzg0ZDAzYWI5Zjk1YWVmMTE2MWJkMjgyMDY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1lIEtwb0lRkH9qtByYnOLnFVhnEr
15hthZrSafJlLMqBCCxlRA3FP39v5k8y2fbGPDLfQk7qVwfRzAkAMP6SuCz5EwIB
suo1zJF+vwDvsw2SqGPfaw477q6al/DYAnClTkRP//GSLVSW03jzrGBCV/+HDtxE
yRBxpgimNE42/Qh1PYqR+JDkhg7v++nIEEDek4WFEXP1XeIF0gYLjaC0UBbhPRCT
GuK3SGXH2SYPny/IzBPu+PhsNDax8JNVkdVjXK3p2gvoZK9K+ZIA/Ea4WVlkyqvo
LV4ffAC8CWOQyzceFUXg9IC7iGomR6WTevzVrdRBRTz6ff23/EwCTbE5nQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFpPiQOY6aOE0Dq5+VrvEWG9KCBkMB8GA1UdIwQY
MBaAFKPTkH+BHLg/FrgWeF44C8JMisGTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbzlPUWY0RWN1RDhXdUJaNFhqZ0x3a3lLd1pNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NS80M2ViMDUtYWZmZS00Mjc0LTkxM2It
MzMyMDI3MWZiM2FjLzEvbzlPUWY0RWN1RDhXdUJaNFhqZ0x3a3lLd1pNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NS80M2ViMDUtYWZmZS00Mjc0LTkxM2ItMzMyMDI3MWZiM2Fj
LzEvbzlPUWY0RWN1RDhXdUJaNFhqZ0x3a3lLd1pNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXFxBwqi0
jRZhqxC5jIQftThR65efbjWuZLOlKk8ykNFxKgfoHu4Vw9dMnN0o46Gs6fAKGMnI
mTUnCAXis2Bh5gGofYTjp+W1O4Oe+SA/EU6u+6xw35Ml0ih00sitTBqQUcHw61o5
osy3XHgUhJjth24b/OXWXBz6OStw/jfBmTHgPl7IJ9UPeJKmF/Y1rEa7PkSoUTCV
XNBHli2SIiWf0Ovht9qpPKfRlpOVUnkM0ZxEhCClrj6PBz2wMyXUfO6MhX1Is8WG
kURs0T0W6BVGoktefmBFNAGeQQQL0EFqIVceUfR3xiwknCdfu7rfPKHjrNyGjf3b
HrW4GuMtWNCpFA==
-----END CERTIFICATE-----
Generated at Mon Jun 9 21:19:45 2025 by rpki-client