Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/745fcb-f472-4039-8b1d-44efd130659c/1/Ba5fI9uYP9E2rp1x6H4eUTC89tQ.mft
File:                     Ba5fI9uYP9E2rp1x6H4eUTC89tQ.mft (raw, json)
Hash identifier:          uJrbGZ4VZdpU9RHa4LF7WELYhykWhMVt71sroTtUdt4=
Subject key identifier:   18:D3:5F:A0:76:3B:AC:D7:DF:0C:3C:9B:68:28:BC:A2:EA:30:45:36
Authority key identifier: 05:AE:5F:23:DB:98:3F:D1:36:AE:9D:71:E8:7E:1E:51:30:BC:F6:D4
Certificate issuer:       /CN=05ae5f23db983fd136ae9d71e87e1e5130bcf6d4
Certificate serial:       019761DE2134F1532FDDC285FA759AA8D204
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Ba5fI9uYP9E2rp1x6H4eUTC89tQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/65/745fcb-f472-4039-8b1d-44efd130659c/1/Ba5fI9uYP9E2rp1x6H4eUTC89tQ.mft
Manifest number:          158A
Signing time:             Thu 12 Jun 2025 02:00:36 +0000
Manifest this update:     Thu 12 Jun 2025 02:00:36 +0000
Manifest next update:     Fri 13 Jun 2025 02:00:36 +0000
Files and hashes:         1: Ba5fI9uYP9E2rp1x6H4eUTC89tQ.crl (hash: u5z9ZRcws1VRlceweXZIwxKCXk8fF/1te6r1LzFWNfE=)
                          2: xQ3PdmMDye_3ODxtjF3bxTEbrgU.roa (hash: OnYXJU1mRvo0V2FhsSO8D1b8k47DbXdYSrQ7JN4NAuQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/65/745fcb-f472-4039-8b1d-44efd130659c/1/Ba5fI9uYP9E2rp1x6H4eUTC89tQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/65/745fcb-f472-4039-8b1d-44efd130659c/1/Ba5fI9uYP9E2rp1x6H4eUTC89tQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Ba5fI9uYP9E2rp1x6H4eUTC89tQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 13 Jun 2025 00:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:61:de:21:34:f1:53:2f:dd:c2:85:fa:75:9a:a8:d2:04
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=05ae5f23db983fd136ae9d71e87e1e5130bcf6d4
        Validity
            Not Before: Jun 12 02:00:36 2025 GMT
            Not After : Jun 13 02:00:36 2025 GMT
        Subject: CN=18d35fa0763bacd7df0c3c9b6828bca2ea304536
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9b:0f:6a:11:43:b3:36:03:77:19:de:8d:2d:ef:
                    37:d8:1a:82:20:e3:ed:2a:1b:7e:f5:84:a2:b8:61:
                    80:0e:a8:36:ee:61:60:43:f0:15:53:32:22:de:f7:
                    e3:a8:7c:95:42:ed:3d:ff:a6:36:6b:79:58:89:ec:
                    f6:f1:7e:3e:b7:5a:fd:f9:62:d2:dc:5f:12:4a:7e:
                    64:d2:1c:08:b8:8b:e7:67:ab:68:ae:a2:c3:92:9e:
                    fe:26:5d:8b:f9:43:24:0c:69:3b:55:39:0f:f5:4c:
                    e3:d7:8c:d6:06:02:37:ba:53:42:23:97:82:ec:b7:
                    bf:8c:f3:41:e2:d4:4b:72:89:0e:ea:11:d4:a3:da:
                    1a:c5:8f:14:39:f4:30:c6:4c:dd:aa:35:16:12:c2:
                    cc:43:14:57:88:1f:79:3c:27:e6:93:b2:3f:67:13:
                    10:c6:56:d2:b4:26:ec:5c:8a:41:47:4b:3e:65:6d:
                    60:62:45:42:c4:33:4f:73:15:a1:02:6a:29:6c:1f:
                    07:54:6d:5f:20:bc:7c:22:a6:ed:27:06:76:27:18:
                    88:72:f2:9f:ce:32:6a:9f:31:15:d4:16:b3:fd:0a:
                    5e:0c:8d:6f:f8:d0:5f:4d:d5:9d:a3:ad:d5:80:63:
                    ce:15:14:89:4b:e0:e8:f6:c6:d7:5f:a9:64:98:20:
                    82:e1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                18:D3:5F:A0:76:3B:AC:D7:DF:0C:3C:9B:68:28:BC:A2:EA:30:45:36
            X509v3 Authority Key Identifier:
                keyid:05:AE:5F:23:DB:98:3F:D1:36:AE:9D:71:E8:7E:1E:51:30:BC:F6:D4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ba5fI9uYP9E2rp1x6H4eUTC89tQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/745fcb-f472-4039-8b1d-44efd130659c/1/Ba5fI9uYP9E2rp1x6H4eUTC89tQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/65/745fcb-f472-4039-8b1d-44efd130659c/1/Ba5fI9uYP9E2rp1x6H4eUTC89tQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3f:66:e2:e6:f8:19:80:94:39:ff:34:5b:f3:35:0d:39:01:dc:
         ae:b2:8a:25:6f:82:17:ae:b8:f1:c0:ec:48:f1:5b:32:32:c1:
         5f:0f:a1:6f:bd:27:72:c0:fd:d4:04:af:62:b4:27:04:1c:69:
         4a:a2:27:6a:f6:ea:db:f3:dc:86:37:c0:a2:8f:a5:d0:a7:03:
         83:cf:f8:d5:2b:0d:81:37:8c:9e:ab:fc:ed:e7:1d:c9:13:64:
         6c:9e:78:09:81:b9:10:7c:a8:90:a2:cf:56:02:a0:34:5f:b3:
         a9:f1:2a:1d:cf:ee:2d:e9:f3:d8:6b:0c:61:cb:a8:12:ce:5e:
         2d:42:ee:83:a5:5f:38:b7:e1:b6:e3:3f:35:e1:cc:76:f4:b2:
         f1:b8:ae:ee:05:00:38:dd:58:c3:99:91:ea:67:db:01:31:f0:
         14:c4:4a:dc:90:f0:5a:c1:2f:77:17:c5:ca:19:18:b5:db:b2:
         70:43:21:82:6e:ab:27:2a:26:6a:bc:b7:4d:0f:80:c5:00:aa:
         e2:11:ba:1b:d3:0b:65:f9:7d:25:ce:3a:a2:87:89:b0:ca:d0:
         47:f1:6d:16:f7:a6:e6:59:39:1e:ba:0a:dc:68:81:66:6d:f0:
         db:a7:94:42:b6:45:c9:01:c5:a3:01:95:fa:4f:f5:4c:1d:02:
         c3:b5:e7:ee
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdh3iE08VMv3cKF+nWaqNIEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1YWU1ZjIzZGI5ODNmZDEzNmFlOWQ3MWU4N2UxZTUxMzBi
Y2Y2ZDQwHhcNMjUwNjEyMDIwMDM2WhcNMjUwNjEzMDIwMDM2WjAzMTEwLwYDVQQD
EygxOGQzNWZhMDc2M2JhY2Q3ZGYwYzNjOWI2ODI4YmNhMmVhMzA0NTM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmw9qEUOzNgN3Gd6NLe832BqCIOPt
Kht+9YSiuGGADqg27mFgQ/AVUzIi3vfjqHyVQu09/6Y2a3lYiez28X4+t1r9+WLS
3F8SSn5k0hwIuIvnZ6torqLDkp7+Jl2L+UMkDGk7VTkP9Uzj14zWBgI3ulNCI5eC
7Le/jPNB4tRLcokO6hHUo9oaxY8UOfQwxkzdqjUWEsLMQxRXiB95PCfmk7I/ZxMQ
xlbStCbsXIpBR0s+ZW1gYkVCxDNPcxWhAmopbB8HVG1fILx8IqbtJwZ2JxiIcvKf
zjJqnzEV1Baz/QpeDI1v+NBfTdWdo63VgGPOFRSJS+Do9sbXX6lkmCCC4QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBjTX6B2O6zX3ww8m2govKLqMEU2MB8GA1UdIwQY
MBaAFAWuXyPbmD/RNq6dceh+HlEwvPbUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQmE1Zkk5dVlQOUUycnAxeDZINGVVVEM4OXRRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS83NDVmY2ItZjQ3Mi00MDM5LThiMWQt
NDRlZmQxMzA2NTljLzEvQmE1Zkk5dVlQOUUycnAxeDZINGVVVEM4OXRRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS83NDVmY2ItZjQ3Mi00MDM5LThiMWQtNDRlZmQxMzA2NTlj
LzEvQmE1Zkk5dVlQOUUycnAxeDZINGVVVEM4OXRRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAP2bi5vgZ
gJQ5/zRb8zUNOQHcrrKKJW+CF6648cDsSPFbMjLBXw+hb70ncsD91ASvYrQnBBxp
SqInavbq2/PchjfAoo+l0KcDg8/41SsNgTeMnqv87ecdyRNkbJ54CYG5EHyokKLP
VgKgNF+zqfEqHc/uLenz2GsMYcuoEs5eLULug6VfOLfhtuM/NeHMdvSy8biu7gUA
ON1Yw5mR6mfbATHwFMRK3JDwWsEvdxfFyhkYtduycEMhgm6rJyomary3TQ+AxQCq
4hG6G9MLZfl9Jc46ooeJsMrQR/FtFvem5lk5HroK3GiBZm3w26eUQrZFyQHFowGV
+k/1TB0Cw7Xn7g==
-----END CERTIFICATE-----
Generated at Thu Jun 12 08:39:09 2025 by rpki-client