Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/6062af-53bc-435d-b5fb-a118498325f7/1/YcXtDe2GJbMrZTMgcinyxGclmEg.mft
File:                     YcXtDe2GJbMrZTMgcinyxGclmEg.mft (raw, json)
Hash identifier:          oUlYi2TqNB6M03P9NOKilZ8QFgaO2KtsoIDNMP2x3eE=
Subject key identifier:   D7:3D:A1:05:D9:01:8B:E2:97:85:2E:A7:7B:88:89:51:C2:CE:24:04
Authority key identifier: 61:C5:ED:0D:ED:86:25:B3:2B:65:33:20:72:29:F2:C4:67:25:98:48
Certificate issuer:       /CN=61c5ed0ded8625b32b6533207229f2c467259848
Certificate serial:       0197684E10BCA06186B5F3C612B13B57042E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YcXtDe2GJbMrZTMgcinyxGclmEg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/59/6062af-53bc-435d-b5fb-a118498325f7/1/YcXtDe2GJbMrZTMgcinyxGclmEg.mft
Manifest number:          158D
Signing time:             Fri 13 Jun 2025 08:00:35 +0000
Manifest this update:     Fri 13 Jun 2025 08:00:35 +0000
Manifest next update:     Sat 14 Jun 2025 08:00:35 +0000
Files and hashes:         1: CYWLmYxcCQgki-Xk5YRvuSHALzs.roa (hash: 61Fic0FYH+kK7MaPnl8UV3ohGlvf2gRHDh8nlfVoQGY=)
                          2: YcXtDe2GJbMrZTMgcinyxGclmEg.crl (hash: dJOntnhvRbXnjUWE+nFdCnjbTIsb1NeNTCBQK6tH/vM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/59/6062af-53bc-435d-b5fb-a118498325f7/1/YcXtDe2GJbMrZTMgcinyxGclmEg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/59/6062af-53bc-435d-b5fb-a118498325f7/1/YcXtDe2GJbMrZTMgcinyxGclmEg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/YcXtDe2GJbMrZTMgcinyxGclmEg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 14 Jun 2025 07:00:18 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:68:4e:10:bc:a0:61:86:b5:f3:c6:12:b1:3b:57:04:2e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=61c5ed0ded8625b32b6533207229f2c467259848
        Validity
            Not Before: Jun 13 08:00:35 2025 GMT
            Not After : Jun 14 08:00:35 2025 GMT
        Subject: CN=d73da105d9018be297852ea77b888951c2ce2404
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9f:ee:97:32:13:25:72:01:f8:e6:54:33:90:3f:
                    ea:f1:07:8c:fb:c7:59:e8:88:a1:d2:53:e6:16:dd:
                    3f:cc:d1:c1:00:42:29:fd:c8:18:fe:03:85:55:d0:
                    d8:c1:cf:82:72:e7:7b:ef:00:b6:a3:60:15:56:02:
                    a2:c5:ec:77:a4:c9:ac:32:ad:91:ab:56:25:1f:5e:
                    69:89:16:28:d9:72:01:fb:a2:41:55:44:49:d4:34:
                    1e:b9:86:0f:cc:a4:51:41:bd:33:a4:8c:94:b7:28:
                    ae:b8:d0:24:ac:11:44:ef:60:06:fb:ed:d2:69:cd:
                    c3:53:91:13:3a:bc:33:54:d0:52:7c:00:10:bb:f3:
                    01:a5:7e:fe:19:5d:a6:34:98:47:e1:16:44:d9:c9:
                    88:97:81:39:c1:12:f4:04:35:f9:f8:81:7d:2f:d8:
                    d1:ac:cb:90:a5:59:d6:77:97:c5:ff:69:e2:00:19:
                    31:d7:63:e8:56:12:88:2d:fb:b9:bf:1f:4b:af:27:
                    b9:24:d3:5c:2b:50:bd:88:df:72:cc:e5:d9:3b:58:
                    a8:38:fc:de:ce:05:c1:af:19:28:b0:15:6d:da:be:
                    8d:b7:da:35:85:31:e6:7d:10:71:6c:d9:23:a3:c4:
                    c3:30:29:b1:e4:68:f2:d3:c1:d2:21:22:47:d2:c7:
                    f1:4d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D7:3D:A1:05:D9:01:8B:E2:97:85:2E:A7:7B:88:89:51:C2:CE:24:04
            X509v3 Authority Key Identifier:
                keyid:61:C5:ED:0D:ED:86:25:B3:2B:65:33:20:72:29:F2:C4:67:25:98:48

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YcXtDe2GJbMrZTMgcinyxGclmEg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/6062af-53bc-435d-b5fb-a118498325f7/1/YcXtDe2GJbMrZTMgcinyxGclmEg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/59/6062af-53bc-435d-b5fb-a118498325f7/1/YcXtDe2GJbMrZTMgcinyxGclmEg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         73:00:3c:8e:68:2a:9e:35:b8:45:5d:c7:83:21:b6:4e:ca:80:
         96:91:36:6d:a3:64:10:0b:75:87:aa:02:4f:6b:72:82:8c:bc:
         5a:5b:6c:89:4f:9b:92:d2:3d:ce:02:66:9a:59:ce:73:db:8b:
         f8:2f:f9:66:9b:58:56:97:77:1f:6f:26:4d:81:28:25:6d:58:
         69:06:f2:ef:74:cd:31:34:f9:bf:73:ed:a1:33:e0:90:33:16:
         85:13:6e:d1:25:c5:45:31:25:b2:e7:0f:a4:d2:c9:70:29:8c:
         96:76:36:e2:9b:c6:5b:df:b2:50:8d:5a:5f:06:88:e1:6c:e8:
         e3:62:8e:8d:30:86:10:f3:f9:7b:b3:7a:0d:dc:75:d2:17:b1:
         9f:9e:0e:62:4b:cc:e8:52:f6:56:ab:42:eb:6e:6e:ed:c1:69:
         5e:10:a1:74:06:40:88:a4:b9:f0:b3:5e:71:d6:04:f1:e1:ee:
         d9:6f:ec:f8:76:fb:d8:bb:29:53:0c:03:f4:8e:e6:c8:59:62:
         e1:2a:0f:76:b9:9a:27:fa:09:16:0d:5b:c6:8b:25:ed:e8:64:
         cc:28:ff:b9:90:67:0a:f8:8b:d5:b1:ba:a8:74:99:8f:d2:78:
         c7:be:09:e8:3b:be:2a:20:2a:7b:65:c0:8c:9e:cf:f1:0e:20:
         8a:ba:14:a7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdoThC8oGGGtfPGErE7VwQuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYxYzVlZDBkZWQ4NjI1YjMyYjY1MzMyMDcyMjlmMmM0Njcy
NTk4NDgwHhcNMjUwNjEzMDgwMDM1WhcNMjUwNjE0MDgwMDM1WjAzMTEwLwYDVQQD
EyhkNzNkYTEwNWQ5MDE4YmUyOTc4NTJlYTc3Yjg4ODk1MWMyY2UyNDA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn+6XMhMlcgH45lQzkD/q8QeM+8dZ
6Iih0lPmFt0/zNHBAEIp/cgY/gOFVdDYwc+Ccud77wC2o2AVVgKixex3pMmsMq2R
q1YlH15piRYo2XIB+6JBVURJ1DQeuYYPzKRRQb0zpIyUtyiuuNAkrBFE72AG++3S
ac3DU5ETOrwzVNBSfAAQu/MBpX7+GV2mNJhH4RZE2cmIl4E5wRL0BDX5+IF9L9jR
rMuQpVnWd5fF/2niABkx12PoVhKILfu5vx9Lrye5JNNcK1C9iN9yzOXZO1ioOPze
zgXBrxkosBVt2r6Nt9o1hTHmfRBxbNkjo8TDMCmx5Gjy08HSISJH0sfxTQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNc9oQXZAYvil4Uup3uIiVHCziQEMB8GA1UdIwQY
MBaAFGHF7Q3thiWzK2UzIHIp8sRnJZhIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWNYdERlMkdKYk1yWlRNZ2Npbnl4R2NsbUVnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OS82MDYyYWYtNTNiYy00MzVkLWI1ZmIt
YTExODQ5ODMyNWY3LzEvWWNYdERlMkdKYk1yWlRNZ2Npbnl4R2NsbUVnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OS82MDYyYWYtNTNiYy00MzVkLWI1ZmItYTExODQ5ODMyNWY3
LzEvWWNYdERlMkdKYk1yWlRNZ2Npbnl4R2NsbUVnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAcwA8jmgq
njW4RV3HgyG2TsqAlpE2baNkEAt1h6oCT2tygoy8WltsiU+bktI9zgJmmlnOc9uL
+C/5ZptYVpd3H28mTYEoJW1YaQby73TNMTT5v3PtoTPgkDMWhRNu0SXFRTElsucP
pNLJcCmMlnY24pvGW9+yUI1aXwaI4Wzo42KOjTCGEPP5e7N6Ddx10hexn54OYkvM
6FL2VqtC625u7cFpXhChdAZAiKS58LNecdYE8eHu2W/s+Hb72LspUwwD9I7myFli
4SoPdrmaJ/oJFg1bxosl7ehkzCj/uZBnCviL1bG6qHSZj9J4x74J6Du+KiAqe2XA
jJ7P8Q4giroUpw==
-----END CERTIFICATE-----
Generated at Fri Jun 13 17:40:22 2025 by rpki-client