Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6a/811db9-cbe0-4a89-a220-1174a428036b/1/I7KazNTA1fX4N36n9GNDt2Brq3w.mft
File:                     I7KazNTA1fX4N36n9GNDt2Brq3w.mft (raw, json)
Hash identifier:          VOIkXsH2QSsY36reiFPvia/xbd8YVMfAbo8kAqqXxJY=
Subject key identifier:   F5:B7:B2:4A:C3:89:00:C7:66:02:18:25:1D:6A:29:4D:7F:9C:E8:E7
Authority key identifier: 23:B2:9A:CC:D4:C0:D5:F5:F8:37:7E:A7:F4:63:43:B7:60:6B:AB:7C
Certificate issuer:       /CN=23b29accd4c0d5f5f8377ea7f46343b7606bab7c
Certificate serial:       01976BBDAF2E4E8096367A5414E8DFE44DAA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/I7KazNTA1fX4N36n9GNDt2Brq3w.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/6a/811db9-cbe0-4a89-a220-1174a428036b/1/I7KazNTA1fX4N36n9GNDt2Brq3w.mft
Manifest number:          0C09
Signing time:             Sat 14 Jun 2025 00:01:22 +0000
Manifest this update:     Sat 14 Jun 2025 00:01:22 +0000
Manifest next update:     Sun 15 Jun 2025 00:01:22 +0000
Files and hashes:         1: BY3gmYE2jAUAzVYgNkSF1kzgx38.roa (hash: o+T/NGOLnxz7Wv8sLagAUwobjqcsqFCif9O5RgNrbi4=)
                          2: I7KazNTA1fX4N36n9GNDt2Brq3w.crl (hash: 8ahGJByYEfpf5FbMWa/QAl7oC39EtxI+LTVjK50ISjs=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/6a/811db9-cbe0-4a89-a220-1174a428036b/1/I7KazNTA1fX4N36n9GNDt2Brq3w.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/6a/811db9-cbe0-4a89-a220-1174a428036b/1/I7KazNTA1fX4N36n9GNDt2Brq3w.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/I7KazNTA1fX4N36n9GNDt2Brq3w.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 15 Jun 2025 00:01:22 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:6b:bd:af:2e:4e:80:96:36:7a:54:14:e8:df:e4:4d:aa
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=23b29accd4c0d5f5f8377ea7f46343b7606bab7c
        Validity
            Not Before: Jun 14 00:01:22 2025 GMT
            Not After : Jun 15 00:01:22 2025 GMT
        Subject: CN=f5b7b24ac38900c7660218251d6a294d7f9ce8e7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:bf:1d:0a:4c:68:ac:3e:48:17:54:17:f7:8a:
                    35:be:bf:e6:5d:7e:6f:43:a9:e8:c6:aa:40:4a:c9:
                    a6:0d:0e:22:25:07:a1:ad:3f:83:96:2d:51:75:52:
                    e5:61:20:be:7f:5c:39:fb:55:7f:5d:4a:ac:c0:84:
                    1a:4d:de:37:36:cc:98:62:27:39:2e:e7:59:f9:eb:
                    a9:d2:3b:39:4e:e0:2d:86:40:f6:79:f4:c6:62:26:
                    23:f1:28:9c:23:0d:31:79:0e:af:2b:b5:a2:05:f5:
                    9e:6a:25:21:b7:9a:33:bf:1c:b4:98:14:67:71:bb:
                    e4:50:70:5e:95:27:6e:5a:fe:9f:a7:e4:a2:ad:ab:
                    d0:00:ef:08:d8:8e:15:19:db:5d:de:35:84:4a:af:
                    36:06:0d:18:d0:15:4a:f1:2b:83:ff:d1:b6:22:d9:
                    b5:24:47:71:1f:7f:18:ee:c7:02:d5:0e:2c:61:7f:
                    d4:61:42:d5:99:13:be:cb:b0:c3:44:7e:0f:ce:a7:
                    2c:46:35:e7:3f:c0:16:fb:49:67:3f:30:cd:76:bb:
                    91:28:22:9f:30:f8:da:cb:1f:ae:9a:fe:ca:80:14:
                    ee:f9:53:14:1f:63:ab:01:21:30:a4:08:e6:d0:bf:
                    b6:bc:f2:81:68:c6:0e:4e:42:59:d3:c2:b4:62:2c:
                    22:2b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F5:B7:B2:4A:C3:89:00:C7:66:02:18:25:1D:6A:29:4D:7F:9C:E8:E7
            X509v3 Authority Key Identifier:
                keyid:23:B2:9A:CC:D4:C0:D5:F5:F8:37:7E:A7:F4:63:43:B7:60:6B:AB:7C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/I7KazNTA1fX4N36n9GNDt2Brq3w.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/811db9-cbe0-4a89-a220-1174a428036b/1/I7KazNTA1fX4N36n9GNDt2Brq3w.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/811db9-cbe0-4a89-a220-1174a428036b/1/I7KazNTA1fX4N36n9GNDt2Brq3w.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2e:31:0e:91:21:0f:94:64:b0:f2:0d:d1:f3:3e:22:62:b9:61:
         ba:04:8d:cb:4d:0a:93:73:54:6e:6d:a5:e5:88:f9:2a:2e:a2:
         a0:8e:78:cc:fd:5e:8a:e6:a1:5b:2e:dd:92:03:c5:bd:ce:01:
         59:0d:a1:e3:66:96:7e:ef:9a:82:66:70:d2:79:35:09:2a:81:
         43:44:b5:f2:23:c0:1c:6a:8b:e9:f2:65:3b:e0:f1:48:66:e7:
         ad:bf:88:ec:4d:63:cb:0a:47:2d:4f:b9:ba:fc:b6:d6:d2:07:
         f0:e2:cc:57:7b:e0:f7:da:6e:c4:fb:a1:40:53:5b:04:d0:7b:
         63:a2:4f:fa:06:f4:43:6d:ee:bd:e5:ca:0d:8e:41:8d:79:db:
         06:39:21:d6:56:59:77:e0:21:12:c8:63:49:85:6a:0d:6a:66:
         b1:a0:ec:2d:21:e4:c7:84:46:da:d1:b2:25:89:aa:7c:02:60:
         f7:00:2d:17:40:02:e1:b4:b7:be:e2:27:91:f9:67:1f:99:a2:
         26:55:a1:d1:bd:59:f7:c4:69:62:50:59:88:6d:68:a5:fb:aa:
         7f:a3:f2:f5:da:ec:fd:d0:0d:f4:69:0b:8d:00:ef:6f:bc:9a:
         4e:7d:65:09:bf:b9:9b:db:1c:79:94:ea:a0:3e:20:fe:ed:bb:
         f2:ad:12:7d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdrva8uToCWNnpUFOjf5E2qMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIzYjI5YWNjZDRjMGQ1ZjVmODM3N2VhN2Y0NjM0M2I3NjA2
YmFiN2MwHhcNMjUwNjE0MDAwMTIyWhcNMjUwNjE1MDAwMTIyWjAzMTEwLwYDVQQD
EyhmNWI3YjI0YWMzODkwMGM3NjYwMjE4MjUxZDZhMjk0ZDdmOWNlOGU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr78dCkxorD5IF1QX94o1vr/mXX5v
Q6noxqpASsmmDQ4iJQehrT+Dli1RdVLlYSC+f1w5+1V/XUqswIQaTd43NsyYYic5
LudZ+eup0js5TuAthkD2efTGYiYj8SicIw0xeQ6vK7WiBfWeaiUht5ozvxy0mBRn
cbvkUHBelSduWv6fp+SiravQAO8I2I4VGdtd3jWESq82Bg0Y0BVK8SuD/9G2Itm1
JEdxH38Y7scC1Q4sYX/UYULVmRO+y7DDRH4PzqcsRjXnP8AW+0lnPzDNdruRKCKf
MPjayx+umv7KgBTu+VMUH2OrASEwpAjm0L+2vPKBaMYOTkJZ08K0YiwiKwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPW3skrDiQDHZgIYJR1qKU1/nOjnMB8GA1UdIwQY
MBaAFCOymszUwNX1+Dd+p/RjQ7dga6t8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSTdLYXpOVEExZlg0TjM2bjlHTkR0MkJycTN3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82YS84MTFkYjktY2JlMC00YTg5LWEyMjAt
MTE3NGE0MjgwMzZiLzEvSTdLYXpOVEExZlg0TjM2bjlHTkR0MkJycTN3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82YS84MTFkYjktY2JlMC00YTg5LWEyMjAtMTE3NGE0MjgwMzZi
LzEvSTdLYXpOVEExZlg0TjM2bjlHTkR0MkJycTN3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALjEOkSEP
lGSw8g3R8z4iYrlhugSNy00Kk3NUbm2l5Yj5Ki6ioI54zP1eiuahWy7dkgPFvc4B
WQ2h42aWfu+agmZw0nk1CSqBQ0S18iPAHGqL6fJlO+DxSGbnrb+I7E1jywpHLU+5
uvy21tIH8OLMV3vg99puxPuhQFNbBNB7Y6JP+gb0Q23uveXKDY5BjXnbBjkh1lZZ
d+AhEshjSYVqDWpmsaDsLSHkx4RG2tGyJYmqfAJg9wAtF0AC4bS3vuInkflnH5mi
JlWh0b1Z98RpYlBZiG1opfuqf6Py9drs/dAN9GkLjQDvb7yaTn1lCb+5m9sceZTq
oD4g/u278q0SfQ==
-----END CERTIFICATE-----
Generated at Sat Jun 14 06:52:09 2025 by rpki-client