Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/86d512-499b-418e-a420-c161246c825a/1/FAa0-f1RaOt3gegksUU-mfXmVTw.mft
File:                     FAa0-f1RaOt3gegksUU-mfXmVTw.mft (raw, json)
Hash identifier:          VVvaPnDZBC8+cOJWnhivWdnoBIve89XGB5Zf1xlqM08=
Subject key identifier:   B5:8C:59:FB:5C:98:A4:B0:4B:C1:F4:EC:F0:CD:15:91:2C:13:16:CC
Authority key identifier: 14:06:B4:F9:FD:51:68:EB:77:81:E8:24:B1:45:3E:99:F5:E6:55:3C
Certificate issuer:       /CN=1406b4f9fd5168eb7781e824b1453e99f5e6553c
Certificate serial:       01976CCFD1F6399BC192F4BE786456928864
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/FAa0-f1RaOt3gegksUU-mfXmVTw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/58/86d512-499b-418e-a420-c161246c825a/1/FAa0-f1RaOt3gegksUU-mfXmVTw.mft
Manifest number:          158D
Signing time:             Sat 14 Jun 2025 05:00:48 +0000
Manifest this update:     Sat 14 Jun 2025 05:00:48 +0000
Manifest next update:     Sun 15 Jun 2025 05:00:48 +0000
Files and hashes:         1: FAa0-f1RaOt3gegksUU-mfXmVTw.crl (hash: u1BPvaWG0A9Ov0qQGEzCmkJO6JynWJowGZVYe+yKMQc=)
                          2: c3go-15xGcBaQkyMFCkLYeR3zYQ.roa (hash: 4H2iOu8gLLffNi536xCsuCivAwnItfPi2vTZ/W207ew=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/58/86d512-499b-418e-a420-c161246c825a/1/FAa0-f1RaOt3gegksUU-mfXmVTw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/58/86d512-499b-418e-a420-c161246c825a/1/FAa0-f1RaOt3gegksUU-mfXmVTw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/FAa0-f1RaOt3gegksUU-mfXmVTw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 15 Jun 2025 01:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:6c:cf:d1:f6:39:9b:c1:92:f4:be:78:64:56:92:88:64
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1406b4f9fd5168eb7781e824b1453e99f5e6553c
        Validity
            Not Before: Jun 14 05:00:48 2025 GMT
            Not After : Jun 15 05:00:48 2025 GMT
        Subject: CN=b58c59fb5c98a4b04bc1f4ecf0cd15912c1316cc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:73:d0:17:e9:88:77:bb:40:24:74:d0:0f:33:
                    df:f7:85:36:e6:4e:d1:0f:a0:20:4e:f4:e2:b6:af:
                    35:23:54:18:f0:46:57:82:64:06:d4:b3:61:af:a7:
                    a1:70:24:e8:d0:cf:c1:b8:12:bf:00:92:49:a7:9a:
                    7a:52:c4:a5:c3:38:28:51:ec:89:81:ce:8f:fd:a3:
                    ab:bb:30:8e:98:f0:04:b5:cd:b9:09:c5:8f:27:a4:
                    8f:31:3c:bb:a9:1a:8f:fb:61:b3:87:a3:9f:f8:01:
                    dd:da:80:16:d8:ee:79:86:1a:8a:5d:f2:09:df:32:
                    e8:fc:1f:3e:15:0e:47:0c:5a:bd:73:23:19:4a:94:
                    f8:ad:6f:9a:23:37:b6:99:50:21:b2:e4:ff:8e:21:
                    5c:06:80:04:b2:70:e3:ea:95:18:68:96:8f:d9:f7:
                    58:39:b7:ae:b3:b5:3f:39:52:84:c8:63:95:88:3f:
                    3e:9f:22:02:06:ef:ee:4a:84:92:1c:d3:e2:83:98:
                    79:e7:7c:2c:52:48:36:c6:2c:6a:b1:18:0a:35:df:
                    8a:a4:be:b9:b2:d6:93:29:e3:8b:b8:d4:69:2e:de:
                    6c:25:db:12:de:bc:82:0d:5b:87:1b:fd:cd:77:db:
                    3d:95:8c:06:0a:54:98:d7:d0:61:e5:d4:6b:50:ec:
                    e5:cf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B5:8C:59:FB:5C:98:A4:B0:4B:C1:F4:EC:F0:CD:15:91:2C:13:16:CC
            X509v3 Authority Key Identifier:
                keyid:14:06:B4:F9:FD:51:68:EB:77:81:E8:24:B1:45:3E:99:F5:E6:55:3C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FAa0-f1RaOt3gegksUU-mfXmVTw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/86d512-499b-418e-a420-c161246c825a/1/FAa0-f1RaOt3gegksUU-mfXmVTw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/58/86d512-499b-418e-a420-c161246c825a/1/FAa0-f1RaOt3gegksUU-mfXmVTw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         71:d9:26:11:97:96:a0:67:4b:49:cb:ad:82:69:4a:30:d3:32:
         88:08:06:72:76:30:c5:55:b3:a8:58:96:65:04:35:8a:ac:2a:
         a9:5d:6d:70:67:0d:9d:24:0b:76:04:1c:9b:01:d2:cc:49:ce:
         ca:b6:63:18:81:50:05:6e:0a:da:cb:35:dc:92:66:65:90:58:
         88:2b:64:51:54:44:26:f7:f6:85:71:30:3b:8d:29:33:50:7d:
         ac:9a:91:2a:2d:28:e5:ff:98:55:cb:97:8d:00:7c:56:49:c6:
         16:d2:4e:f2:68:16:b9:97:6c:db:a9:c9:44:fc:7e:f8:e4:18:
         97:fe:2f:ec:48:31:b0:ca:20:b7:81:fe:00:d1:bf:79:dd:7a:
         8b:c3:4a:ee:f0:9e:c4:3e:c8:1b:48:cd:dc:9c:d4:23:60:d8:
         d9:48:91:f8:12:9f:99:d1:b7:d2:b0:45:3d:5f:5f:85:23:30:
         e7:af:00:47:cf:2b:49:a9:b3:55:bb:45:1b:2d:e8:6b:e2:98:
         2b:73:a7:7c:01:b0:95:f0:6c:06:38:b0:ec:a8:d1:49:de:34:
         ab:3d:72:73:e1:f4:86:50:4d:89:08:86:75:36:77:0c:1f:70:
         49:be:39:af:ae:f1:54:57:2b:bb:32:b5:8a:45:e4:f7:c1:ab:
         cc:4d:d4:9e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdsz9H2OZvBkvS+eGRWkohkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE0MDZiNGY5ZmQ1MTY4ZWI3NzgxZTgyNGIxNDUzZTk5ZjVl
NjU1M2MwHhcNMjUwNjE0MDUwMDQ4WhcNMjUwNjE1MDUwMDQ4WjAzMTEwLwYDVQQD
EyhiNThjNTlmYjVjOThhNGIwNGJjMWY0ZWNmMGNkMTU5MTJjMTMxNmNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwXPQF+mId7tAJHTQDzPf94U25k7R
D6AgTvTitq81I1QY8EZXgmQG1LNhr6ehcCTo0M/BuBK/AJJJp5p6UsSlwzgoUeyJ
gc6P/aOruzCOmPAEtc25CcWPJ6SPMTy7qRqP+2Gzh6Of+AHd2oAW2O55hhqKXfIJ
3zLo/B8+FQ5HDFq9cyMZSpT4rW+aIze2mVAhsuT/jiFcBoAEsnDj6pUYaJaP2fdY
Obeus7U/OVKEyGOViD8+nyICBu/uSoSSHNPig5h553wsUkg2xixqsRgKNd+KpL65
staTKeOLuNRpLt5sJdsS3ryCDVuHG/3Nd9s9lYwGClSY19Bh5dRrUOzlzwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLWMWftcmKSwS8H07PDNFZEsExbMMB8GA1UdIwQY
MBaAFBQGtPn9UWjrd4HoJLFFPpn15lU8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRkFhMC1mMVJhT3QzZ2Vna3NVVS1tZlhtVlR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC84NmQ1MTItNDk5Yi00MThlLWE0MjAt
YzE2MTI0NmM4MjVhLzEvRkFhMC1mMVJhT3QzZ2Vna3NVVS1tZlhtVlR3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC84NmQ1MTItNDk5Yi00MThlLWE0MjAtYzE2MTI0NmM4MjVh
LzEvRkFhMC1mMVJhT3QzZ2Vna3NVVS1tZlhtVlR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAcdkmEZeW
oGdLScutgmlKMNMyiAgGcnYwxVWzqFiWZQQ1iqwqqV1tcGcNnSQLdgQcmwHSzEnO
yrZjGIFQBW4K2ss13JJmZZBYiCtkUVREJvf2hXEwO40pM1B9rJqRKi0o5f+YVcuX
jQB8VknGFtJO8mgWuZds26nJRPx++OQYl/4v7EgxsMogt4H+ANG/ed16i8NK7vCe
xD7IG0jN3JzUI2DY2UiR+BKfmdG30rBFPV9fhSMw568AR88rSamzVbtFGy3oa+KY
K3OnfAGwlfBsBjiw7KjRSd40qz1yc+H0hlBNiQiGdTZ3DB9wSb45r67xVFcruzK1
ikXk98GrzE3Ung==
-----END CERTIFICATE-----
Generated at Sat Jun 14 10:28:53 2025 by rpki-client