Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/745fcb-f472-4039-8b1d-44efd130659c/1/Ba5fI9uYP9E2rp1x6H4eUTC89tQ.mft
File:                     Ba5fI9uYP9E2rp1x6H4eUTC89tQ.mft (raw, json)
Hash identifier:          xevhjGiLvYurUef8Adr66AnK5BK/ReHU4ZuqyPcHdVo=
Subject key identifier:   03:5B:7D:7C:BD:52:EA:2F:BB:72:A4:B1:B0:FB:30:04:47:DD:61:82
Authority key identifier: 05:AE:5F:23:DB:98:3F:D1:36:AE:9D:71:E8:7E:1E:51:30:BC:F6:D4
Certificate issuer:       /CN=05ae5f23db983fd136ae9d71e87e1e5130bcf6d4
Certificate serial:       019767A98E6FCD9C5C8B22DAEE4EF2644BEF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Ba5fI9uYP9E2rp1x6H4eUTC89tQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/65/745fcb-f472-4039-8b1d-44efd130659c/1/Ba5fI9uYP9E2rp1x6H4eUTC89tQ.mft
Manifest number:          158D
Signing time:             Fri 13 Jun 2025 05:00:54 +0000
Manifest this update:     Fri 13 Jun 2025 05:00:54 +0000
Manifest next update:     Sat 14 Jun 2025 05:00:54 +0000
Files and hashes:         1: Ba5fI9uYP9E2rp1x6H4eUTC89tQ.crl (hash: gZkICDfbHVUrSP262TfkHgv3R8SFm9YnKXAjMDJbCMY=)
                          2: xQ3PdmMDye_3ODxtjF3bxTEbrgU.roa (hash: OnYXJU1mRvo0V2FhsSO8D1b8k47DbXdYSrQ7JN4NAuQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/65/745fcb-f472-4039-8b1d-44efd130659c/1/Ba5fI9uYP9E2rp1x6H4eUTC89tQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/65/745fcb-f472-4039-8b1d-44efd130659c/1/Ba5fI9uYP9E2rp1x6H4eUTC89tQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Ba5fI9uYP9E2rp1x6H4eUTC89tQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 14 Jun 2025 05:00:54 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:67:a9:8e:6f:cd:9c:5c:8b:22:da:ee:4e:f2:64:4b:ef
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=05ae5f23db983fd136ae9d71e87e1e5130bcf6d4
        Validity
            Not Before: Jun 13 05:00:54 2025 GMT
            Not After : Jun 14 05:00:54 2025 GMT
        Subject: CN=035b7d7cbd52ea2fbb72a4b1b0fb300447dd6182
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:91:f4:7d:54:43:62:48:66:12:2a:02:4d:38:45:
                    fd:74:12:c2:6d:39:1a:40:5e:82:b7:e3:c3:8d:81:
                    3c:3b:b4:23:5e:0c:75:44:5d:4c:2f:b4:1e:6f:d0:
                    83:06:fa:f7:35:81:01:44:2b:dd:61:c7:1f:16:15:
                    f1:4c:71:df:dd:ba:f2:e0:25:a1:53:33:41:35:4c:
                    98:a3:ca:92:a8:4e:33:07:2b:d2:91:e2:5f:bf:a5:
                    7e:7a:60:1c:74:7a:a8:c1:a5:b2:66:bf:d2:1e:a6:
                    15:bf:9b:57:10:5e:5a:ab:48:7a:85:fe:1d:bd:e6:
                    3d:a7:d7:f9:c8:cc:64:8e:3e:c1:ad:6e:ff:8d:a3:
                    48:fd:5e:26:65:d4:c4:ae:57:cc:3c:07:1e:94:be:
                    c6:94:00:fb:83:f3:cb:a9:f3:b4:42:3c:28:f7:93:
                    78:48:92:db:25:78:38:45:51:46:55:c3:35:d2:d3:
                    31:f6:a7:c7:f3:de:f8:70:1e:56:5e:3d:ea:ef:dd:
                    ff:ee:11:0c:c0:e1:e5:ec:11:75:76:7e:b5:0a:7e:
                    41:e4:0b:48:83:72:f8:c4:85:fb:cf:f9:03:01:9c:
                    a9:46:58:17:86:f8:88:7b:55:b5:d0:f5:af:b3:3f:
                    ec:65:d9:99:11:e8:58:a1:aa:81:48:2e:c7:f5:bc:
                    39:55
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                03:5B:7D:7C:BD:52:EA:2F:BB:72:A4:B1:B0:FB:30:04:47:DD:61:82
            X509v3 Authority Key Identifier:
                keyid:05:AE:5F:23:DB:98:3F:D1:36:AE:9D:71:E8:7E:1E:51:30:BC:F6:D4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ba5fI9uYP9E2rp1x6H4eUTC89tQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/745fcb-f472-4039-8b1d-44efd130659c/1/Ba5fI9uYP9E2rp1x6H4eUTC89tQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/65/745fcb-f472-4039-8b1d-44efd130659c/1/Ba5fI9uYP9E2rp1x6H4eUTC89tQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         64:29:7b:3c:a0:e9:c0:c2:78:8a:76:31:5f:79:b6:b5:4e:ca:
         4a:27:6b:7c:01:8f:b0:51:10:1e:be:e0:59:9e:c9:a8:91:14:
         2e:04:81:ff:a0:d1:7c:f9:cb:cf:4c:13:f3:61:22:43:87:a9:
         fa:a3:e3:70:59:ae:67:17:7b:3d:fd:bc:da:dc:c0:a8:95:84:
         22:79:e6:9d:ae:ed:2d:a2:55:51:47:da:6c:2d:59:87:01:21:
         b2:aa:6d:3d:96:c3:2d:ff:76:33:9d:8c:ef:e3:f3:dc:55:db:
         db:80:9d:a6:42:1f:17:ce:a7:4b:ad:53:56:33:e8:ae:0d:3f:
         08:66:d5:26:e8:0e:35:61:b5:1e:9a:8b:1d:50:68:4c:83:a6:
         e5:2a:65:75:b8:cf:0c:6d:a1:3a:f8:0c:e1:7b:cf:4c:41:f7:
         c4:fe:5b:28:ed:79:3f:ef:03:43:97:a3:f7:a0:99:65:f4:72:
         52:a6:0a:07:6b:31:1d:50:98:9d:14:f9:ef:8c:c2:da:74:ac:
         87:0d:4e:9e:0c:5a:6b:0f:7a:d0:8f:59:dd:b2:c0:3d:81:1d:
         81:2c:38:bc:84:b1:ce:39:be:5b:85:8e:e1:45:00:6a:19:93:
         ae:77:aa:89:dc:ff:f9:f7:09:71:8f:4c:5f:a0:35:2a:00:7b:
         61:ef:f2:6c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdnqY5vzZxciyLa7k7yZEvvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1YWU1ZjIzZGI5ODNmZDEzNmFlOWQ3MWU4N2UxZTUxMzBi
Y2Y2ZDQwHhcNMjUwNjEzMDUwMDU0WhcNMjUwNjE0MDUwMDU0WjAzMTEwLwYDVQQD
EygwMzViN2Q3Y2JkNTJlYTJmYmI3MmE0YjFiMGZiMzAwNDQ3ZGQ2MTgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkfR9VENiSGYSKgJNOEX9dBLCbTka
QF6Ct+PDjYE8O7QjXgx1RF1ML7Qeb9CDBvr3NYEBRCvdYccfFhXxTHHf3bry4CWh
UzNBNUyYo8qSqE4zByvSkeJfv6V+emAcdHqowaWyZr/SHqYVv5tXEF5aq0h6hf4d
veY9p9f5yMxkjj7BrW7/jaNI/V4mZdTErlfMPAcelL7GlAD7g/PLqfO0Qjwo95N4
SJLbJXg4RVFGVcM10tMx9qfH8974cB5WXj3q793/7hEMwOHl7BF1dn61Cn5B5AtI
g3L4xIX7z/kDAZypRlgXhviIe1W10PWvsz/sZdmZEehYoaqBSC7H9bw5VQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFANbfXy9Uuovu3KksbD7MARH3WGCMB8GA1UdIwQY
MBaAFAWuXyPbmD/RNq6dceh+HlEwvPbUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQmE1Zkk5dVlQOUUycnAxeDZINGVVVEM4OXRRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS83NDVmY2ItZjQ3Mi00MDM5LThiMWQt
NDRlZmQxMzA2NTljLzEvQmE1Zkk5dVlQOUUycnAxeDZINGVVVEM4OXRRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS83NDVmY2ItZjQ3Mi00MDM5LThiMWQtNDRlZmQxMzA2NTlj
LzEvQmE1Zkk5dVlQOUUycnAxeDZINGVVVEM4OXRRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZCl7PKDp
wMJ4inYxX3m2tU7KSidrfAGPsFEQHr7gWZ7JqJEULgSB/6DRfPnLz0wT82EiQ4ep
+qPjcFmuZxd7Pf282tzAqJWEInnmna7tLaJVUUfabC1ZhwEhsqptPZbDLf92M52M
7+Pz3FXb24CdpkIfF86nS61TVjPorg0/CGbVJugONWG1HpqLHVBoTIOm5SpldbjP
DG2hOvgM4XvPTEH3xP5bKO15P+8DQ5ej96CZZfRyUqYKB2sxHVCYnRT574zC2nSs
hw1Ongxaaw960I9Z3bLAPYEdgSw4vISxzjm+W4WO4UUAahmTrneqidz/+fcJcY9M
X6A1KgB7Ye/ybA==
-----END CERTIFICATE-----
Generated at Fri Jun 13 13:14:17 2025 by rpki-client