Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/86d512-499b-418e-a420-c161246c825a/1/FAa0-f1RaOt3gegksUU-mfXmVTw.mft
File:                     FAa0-f1RaOt3gegksUU-mfXmVTw.mft (raw, json)
Hash identifier:          pSNGYhfPtBRd2o7sf0HjklauCW9kX1KTUDeXRDZZQIM=
Subject key identifier:   5A:B8:50:3C:05:93:00:C3:83:E4:9C:19:09:6F:99:D8:59:2F:D5:1D
Authority key identifier: 14:06:B4:F9:FD:51:68:EB:77:81:E8:24:B1:45:3E:99:F5:E6:55:3C
Certificate issuer:       /CN=1406b4f9fd5168eb7781e824b1453e99f5e6553c
Certificate serial:       01975B6E7C8D72380BF44AB2022F8096414A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/FAa0-f1RaOt3gegksUU-mfXmVTw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/58/86d512-499b-418e-a420-c161246c825a/1/FAa0-f1RaOt3gegksUU-mfXmVTw.mft
Manifest number:          1584
Signing time:             Tue 10 Jun 2025 20:00:56 +0000
Manifest this update:     Tue 10 Jun 2025 20:00:56 +0000
Manifest next update:     Wed 11 Jun 2025 20:00:56 +0000
Files and hashes:         1: FAa0-f1RaOt3gegksUU-mfXmVTw.crl (hash: CXh4DYnyBjM0JcWbEHNk4KukDBOZg+5AHHZShu+yJTs=)
                          2: c3go-15xGcBaQkyMFCkLYeR3zYQ.roa (hash: 4H2iOu8gLLffNi536xCsuCivAwnItfPi2vTZ/W207ew=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/58/86d512-499b-418e-a420-c161246c825a/1/FAa0-f1RaOt3gegksUU-mfXmVTw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/58/86d512-499b-418e-a420-c161246c825a/1/FAa0-f1RaOt3gegksUU-mfXmVTw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/FAa0-f1RaOt3gegksUU-mfXmVTw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 11 Jun 2025 20:00:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:5b:6e:7c:8d:72:38:0b:f4:4a:b2:02:2f:80:96:41:4a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1406b4f9fd5168eb7781e824b1453e99f5e6553c
        Validity
            Not Before: Jun 10 20:00:56 2025 GMT
            Not After : Jun 11 20:00:56 2025 GMT
        Subject: CN=5ab8503c059300c383e49c19096f99d8592fd51d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d0:ad:0e:c1:16:e0:e2:78:c8:8b:01:ca:f4:d2:
                    ab:33:6e:04:d1:34:80:c7:70:ec:12:2a:79:41:e3:
                    b0:12:b9:eb:a5:30:dc:7d:7e:44:03:32:6e:1c:52:
                    0a:8c:37:da:fb:1d:8b:09:c4:b4:9b:02:db:7c:d8:
                    33:15:9e:81:99:e2:39:00:72:f7:c4:3c:5e:f3:20:
                    a6:ba:1b:dc:85:e8:c7:a7:5f:ca:83:d2:9b:68:94:
                    1e:9d:f0:0c:a8:be:85:a8:7f:e4:1e:eb:81:77:32:
                    88:b8:63:16:bf:3a:14:91:84:59:3b:23:50:9f:f2:
                    4c:65:64:77:bd:3c:74:74:c7:4f:e2:47:ab:6e:a2:
                    a6:e8:d0:2d:ce:b3:09:57:2c:35:a1:35:db:d1:9f:
                    e7:9a:b1:3b:b5:b6:bb:b1:87:f9:13:85:55:88:ae:
                    4c:d6:ba:33:c5:2c:e4:af:9b:17:f1:84:58:f0:e4:
                    fc:bf:63:c6:a8:ff:de:94:31:35:1c:ad:e4:4e:51:
                    89:12:ab:0e:f7:60:3e:37:c2:51:45:e6:26:50:8f:
                    65:bd:6a:48:b3:35:0d:42:ea:e3:65:ee:60:51:2b:
                    15:dc:98:24:90:0a:db:f0:d3:f6:c9:74:fc:4e:e1:
                    40:1d:f3:82:de:af:32:21:c1:62:8f:e1:42:ed:c2:
                    53:99
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5A:B8:50:3C:05:93:00:C3:83:E4:9C:19:09:6F:99:D8:59:2F:D5:1D
            X509v3 Authority Key Identifier:
                keyid:14:06:B4:F9:FD:51:68:EB:77:81:E8:24:B1:45:3E:99:F5:E6:55:3C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FAa0-f1RaOt3gegksUU-mfXmVTw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/86d512-499b-418e-a420-c161246c825a/1/FAa0-f1RaOt3gegksUU-mfXmVTw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/58/86d512-499b-418e-a420-c161246c825a/1/FAa0-f1RaOt3gegksUU-mfXmVTw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         98:3f:6a:66:79:7e:d8:5a:cc:54:e5:fa:5e:0d:6f:5e:e5:39:
         aa:40:05:06:0a:24:fd:10:42:0d:05:a5:77:a9:0b:84:c2:b0:
         98:db:3a:de:09:7e:d3:9c:c4:39:0d:89:bf:23:1d:b0:09:b1:
         3b:33:ac:3a:e2:19:20:b0:c9:57:73:9b:86:bf:57:f6:83:cd:
         7d:46:05:62:f1:93:ce:1d:4c:de:4d:18:8b:e8:9c:73:93:0a:
         6f:a4:7b:ab:79:a3:10:69:e0:1f:e7:1f:25:44:5d:54:b1:31:
         78:2d:13:b2:a9:bc:fc:9c:78:5d:b7:2b:5f:ab:0b:74:69:be:
         cc:41:ae:69:12:47:d7:fb:35:86:50:32:cb:88:34:25:5f:bd:
         1b:1c:9f:9a:3b:95:e1:8e:66:2a:4a:b7:89:6f:e8:2f:99:af:
         9b:ce:1f:83:ca:a9:12:59:39:cd:a9:6d:60:a5:69:83:b9:11:
         1c:69:60:fc:66:1c:e5:eb:ef:2a:b9:8a:e2:78:ec:21:d0:9f:
         01:2c:f1:ba:dc:26:94:cc:c0:a4:fd:58:44:34:6c:f0:cc:6e:
         7f:29:4a:20:06:68:ef:6b:d1:57:d2:ce:e8:53:f4:0f:0d:41:
         26:bf:e3:27:af:3a:ab:20:ac:32:24:5b:3a:d8:11:5b:72:1c:
         37:9c:8c:71
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdbbnyNcjgL9EqyAi+AlkFKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE0MDZiNGY5ZmQ1MTY4ZWI3NzgxZTgyNGIxNDUzZTk5ZjVl
NjU1M2MwHhcNMjUwNjEwMjAwMDU2WhcNMjUwNjExMjAwMDU2WjAzMTEwLwYDVQQD
Eyg1YWI4NTAzYzA1OTMwMGMzODNlNDljMTkwOTZmOTlkODU5MmZkNTFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0K0OwRbg4njIiwHK9NKrM24E0TSA
x3DsEip5QeOwErnrpTDcfX5EAzJuHFIKjDfa+x2LCcS0mwLbfNgzFZ6BmeI5AHL3
xDxe8yCmuhvchejHp1/Kg9KbaJQenfAMqL6FqH/kHuuBdzKIuGMWvzoUkYRZOyNQ
n/JMZWR3vTx0dMdP4kerbqKm6NAtzrMJVyw1oTXb0Z/nmrE7tba7sYf5E4VViK5M
1rozxSzkr5sX8YRY8OT8v2PGqP/elDE1HK3kTlGJEqsO92A+N8JRReYmUI9lvWpI
szUNQurjZe5gUSsV3JgkkArb8NP2yXT8TuFAHfOC3q8yIcFij+FC7cJTmQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFq4UDwFkwDDg+ScGQlvmdhZL9UdMB8GA1UdIwQY
MBaAFBQGtPn9UWjrd4HoJLFFPpn15lU8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRkFhMC1mMVJhT3QzZ2Vna3NVVS1tZlhtVlR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC84NmQ1MTItNDk5Yi00MThlLWE0MjAt
YzE2MTI0NmM4MjVhLzEvRkFhMC1mMVJhT3QzZ2Vna3NVVS1tZlhtVlR3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC84NmQ1MTItNDk5Yi00MThlLWE0MjAtYzE2MTI0NmM4MjVh
LzEvRkFhMC1mMVJhT3QzZ2Vna3NVVS1tZlhtVlR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAmD9qZnl+
2FrMVOX6Xg1vXuU5qkAFBgok/RBCDQWld6kLhMKwmNs63gl+05zEOQ2JvyMdsAmx
OzOsOuIZILDJV3Obhr9X9oPNfUYFYvGTzh1M3k0Yi+icc5MKb6R7q3mjEGngH+cf
JURdVLExeC0Tsqm8/Jx4XbcrX6sLdGm+zEGuaRJH1/s1hlAyy4g0JV+9GxyfmjuV
4Y5mKkq3iW/oL5mvm84fg8qpElk5zaltYKVpg7kRHGlg/GYc5evvKrmK4njsIdCf
ASzxutwmlMzApP1YRDRs8MxufylKIAZo72vRV9LO6FP0Dw1BJr/jJ686qyCsMiRb
OtgRW3IcN5yMcQ==
-----END CERTIFICATE-----
Generated at Wed Jun 11 05:08:57 2025 by rpki-client