Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/86d512-499b-418e-a420-c161246c825a/1/FAa0-f1RaOt3gegksUU-mfXmVTw.mft
File:                     FAa0-f1RaOt3gegksUU-mfXmVTw.mft (raw, json)
Hash identifier:          tApb3iCO0KJHIi5PL8jgFe+MO42g37NmZ06QCd+ep3o=
Subject key identifier:   94:03:39:7C:02:95:3E:A2:3E:25:89:5A:27:01:57:40:75:61:2A:EB
Authority key identifier: 14:06:B4:F9:FD:51:68:EB:77:81:E8:24:B1:45:3E:99:F5:E6:55:3C
Certificate issuer:       /CN=1406b4f9fd5168eb7781e824b1453e99f5e6553c
Certificate serial:       019763279A6D9092556AF3A586E60A2DE550
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/FAa0-f1RaOt3gegksUU-mfXmVTw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/58/86d512-499b-418e-a420-c161246c825a/1/FAa0-f1RaOt3gegksUU-mfXmVTw.mft
Manifest number:          1588
Signing time:             Thu 12 Jun 2025 08:00:29 +0000
Manifest this update:     Thu 12 Jun 2025 08:00:29 +0000
Manifest next update:     Fri 13 Jun 2025 08:00:29 +0000
Files and hashes:         1: FAa0-f1RaOt3gegksUU-mfXmVTw.crl (hash: yICzIGc29UdzLEsL7rfQBOGsS3Lppn1GNAhjXpC9D7A=)
                          2: c3go-15xGcBaQkyMFCkLYeR3zYQ.roa (hash: 4H2iOu8gLLffNi536xCsuCivAwnItfPi2vTZ/W207ew=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/58/86d512-499b-418e-a420-c161246c825a/1/FAa0-f1RaOt3gegksUU-mfXmVTw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/58/86d512-499b-418e-a420-c161246c825a/1/FAa0-f1RaOt3gegksUU-mfXmVTw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/FAa0-f1RaOt3gegksUU-mfXmVTw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 13 Jun 2025 08:00:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:63:27:9a:6d:90:92:55:6a:f3:a5:86:e6:0a:2d:e5:50
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1406b4f9fd5168eb7781e824b1453e99f5e6553c
        Validity
            Not Before: Jun 12 08:00:29 2025 GMT
            Not After : Jun 13 08:00:29 2025 GMT
        Subject: CN=9403397c02953ea23e25895a2701574075612aeb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d2:1f:ac:8c:a4:fd:1d:61:a1:02:17:70:02:a9:
                    f1:ad:1e:92:24:30:9d:80:6f:ec:46:b6:f7:93:0f:
                    7f:20:2b:c2:fa:d1:cf:22:f6:d9:74:ef:27:51:31:
                    69:8b:72:76:92:71:92:20:56:39:39:6c:10:d3:9b:
                    e2:db:82:0a:66:85:8a:45:24:46:5a:3d:9b:73:12:
                    1c:6c:07:aa:8a:ae:46:4b:09:b1:db:4a:d4:0f:d9:
                    3d:ad:0e:d5:02:5c:93:e5:3a:c2:89:34:36:5e:6f:
                    43:8f:9a:cb:44:61:70:8e:45:bc:06:c0:7a:3e:8b:
                    dc:32:28:b6:ad:a2:b5:bc:c1:0c:63:57:28:68:86:
                    84:40:db:b7:c8:c8:50:68:0a:48:44:52:b6:6a:67:
                    22:80:3b:e1:56:da:3a:be:c0:b9:18:be:e9:a6:64:
                    0e:e1:43:17:78:33:09:43:89:63:f1:35:28:a7:9e:
                    d9:4c:c8:6f:fb:c4:e5:73:1e:0c:ee:31:8f:74:b3:
                    b6:d3:7c:74:a2:97:81:4d:8d:c9:3b:1c:bf:0c:88:
                    ed:dd:89:37:a4:8f:bb:52:5b:7e:19:3b:7c:93:c2:
                    be:b4:15:95:a5:db:fa:2d:4e:bb:b7:46:14:68:ce:
                    73:e6:5d:2b:bf:34:da:8d:fa:4d:45:38:c3:0e:8b:
                    3d:63
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                94:03:39:7C:02:95:3E:A2:3E:25:89:5A:27:01:57:40:75:61:2A:EB
            X509v3 Authority Key Identifier:
                keyid:14:06:B4:F9:FD:51:68:EB:77:81:E8:24:B1:45:3E:99:F5:E6:55:3C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FAa0-f1RaOt3gegksUU-mfXmVTw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/86d512-499b-418e-a420-c161246c825a/1/FAa0-f1RaOt3gegksUU-mfXmVTw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/58/86d512-499b-418e-a420-c161246c825a/1/FAa0-f1RaOt3gegksUU-mfXmVTw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3b:df:be:1b:3d:d4:32:4f:2b:87:d9:5d:7f:5a:94:0f:53:15:
         39:0b:ce:bc:aa:8a:cd:2b:44:64:5c:af:22:6f:be:78:23:38:
         72:a4:d1:3c:e8:32:c5:69:59:4f:52:01:f1:30:a9:cc:2e:f7:
         d0:c1:13:03:e7:61:5f:be:63:cd:db:49:09:40:99:bf:4b:7f:
         df:04:12:16:aa:0b:5d:0e:a6:d0:ae:4c:3b:70:c3:c3:b3:a5:
         be:f3:22:c0:7a:c4:00:c9:8b:c4:fc:d4:63:4c:72:85:0d:ce:
         52:af:31:fe:e2:2c:ae:34:46:22:f6:2c:94:23:d4:16:74:2c:
         73:ba:4f:72:3c:30:e0:0e:59:2b:e1:a1:57:9d:94:b9:13:22:
         71:75:0e:9c:c9:69:61:5b:66:a6:17:eb:57:74:1c:65:30:80:
         e3:c2:87:6a:9b:91:6e:da:6a:f0:1d:cb:a6:11:f5:05:27:0d:
         2f:76:1f:69:67:a9:db:ea:5c:5c:fa:6b:c8:f5:78:0d:79:4f:
         8f:88:6b:7a:d7:d2:eb:48:84:58:52:93:4d:f7:3a:81:6e:6f:
         a1:45:50:a9:44:eb:d3:8b:0d:76:12:ed:e9:09:1e:83:e2:e0:
         2a:6a:7f:b8:4a:66:83:7e:18:f1:b9:eb:ed:5a:aa:01:d7:0d:
         c0:47:cc:f7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdjJ5ptkJJVavOlhuYKLeVQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE0MDZiNGY5ZmQ1MTY4ZWI3NzgxZTgyNGIxNDUzZTk5ZjVl
NjU1M2MwHhcNMjUwNjEyMDgwMDI5WhcNMjUwNjEzMDgwMDI5WjAzMTEwLwYDVQQD
Eyg5NDAzMzk3YzAyOTUzZWEyM2UyNTg5NWEyNzAxNTc0MDc1NjEyYWViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0h+sjKT9HWGhAhdwAqnxrR6SJDCd
gG/sRrb3kw9/ICvC+tHPIvbZdO8nUTFpi3J2knGSIFY5OWwQ05vi24IKZoWKRSRG
Wj2bcxIcbAeqiq5GSwmx20rUD9k9rQ7VAlyT5TrCiTQ2Xm9Dj5rLRGFwjkW8BsB6
PovcMii2raK1vMEMY1coaIaEQNu3yMhQaApIRFK2amcigDvhVto6vsC5GL7ppmQO
4UMXeDMJQ4lj8TUop57ZTMhv+8Tlcx4M7jGPdLO203x0opeBTY3JOxy/DIjt3Yk3
pI+7Ult+GTt8k8K+tBWVpdv6LU67t0YUaM5z5l0rvzTajfpNRTjDDos9YwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJQDOXwClT6iPiWJWicBV0B1YSrrMB8GA1UdIwQY
MBaAFBQGtPn9UWjrd4HoJLFFPpn15lU8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRkFhMC1mMVJhT3QzZ2Vna3NVVS1tZlhtVlR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC84NmQ1MTItNDk5Yi00MThlLWE0MjAt
YzE2MTI0NmM4MjVhLzEvRkFhMC1mMVJhT3QzZ2Vna3NVVS1tZlhtVlR3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC84NmQ1MTItNDk5Yi00MThlLWE0MjAtYzE2MTI0NmM4MjVh
LzEvRkFhMC1mMVJhT3QzZ2Vna3NVVS1tZlhtVlR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAO9++Gz3U
Mk8rh9ldf1qUD1MVOQvOvKqKzStEZFyvIm++eCM4cqTRPOgyxWlZT1IB8TCpzC73
0META+dhX75jzdtJCUCZv0t/3wQSFqoLXQ6m0K5MO3DDw7OlvvMiwHrEAMmLxPzU
Y0xyhQ3OUq8x/uIsrjRGIvYslCPUFnQsc7pPcjww4A5ZK+GhV52UuRMicXUOnMlp
YVtmphfrV3QcZTCA48KHapuRbtpq8B3LphH1BScNL3YfaWep2+pcXPpryPV4DXlP
j4hretfS60iEWFKTTfc6gW5voUVQqUTr04sNdhLt6Qkeg+LgKmp/uEpmg34Y8bnr
7VqqAdcNwEfM9w==
-----END CERTIFICATE-----
Generated at Thu Jun 12 12:46:26 2025 by rpki-client