Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6d/2b059a-325d-4385-811f-17e1a2569568/1/xP-TUFfDvbrb30nzQ1YsXjABYEQ.mft
File:                     xP-TUFfDvbrb30nzQ1YsXjABYEQ.mft (raw, json)
Hash identifier:          L/vwnf8y6dhilBVzZ0srUxA7xBp4czPZf1xq2Ozx8xQ=
Subject key identifier:   A8:94:03:19:59:7A:7D:A5:CB:7A:5C:2A:2F:DF:13:63:B0:2B:00:51
Authority key identifier: C4:FF:93:50:57:C3:BD:BA:DB:DF:49:F3:43:56:2C:5E:30:01:60:44
Certificate issuer:       /CN=c4ff935057c3bdbadbdf49f343562c5e30016044
Certificate serial:       01975911E836DAE5941896BEAC7AFD40E395
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/xP-TUFfDvbrb30nzQ1YsXjABYEQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/6d/2b059a-325d-4385-811f-17e1a2569568/1/xP-TUFfDvbrb30nzQ1YsXjABYEQ.mft
Manifest number:          1588
Signing time:             Tue 10 Jun 2025 09:00:35 +0000
Manifest this update:     Tue 10 Jun 2025 09:00:35 +0000
Manifest next update:     Wed 11 Jun 2025 09:00:35 +0000
Files and hashes:         1: nEhO-4IOflDc16smasjo46yXDrU.roa (hash: TGudjeK9/qruL2a7Ja97DNoAnaGXmeBxOzedTAd1+AI=)
                          2: xP-TUFfDvbrb30nzQ1YsXjABYEQ.crl (hash: cB2sMlUGp723Kmz4I6dxJP/BHQ0aH2Dq1/ZwHbRLYck=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/6d/2b059a-325d-4385-811f-17e1a2569568/1/xP-TUFfDvbrb30nzQ1YsXjABYEQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/6d/2b059a-325d-4385-811f-17e1a2569568/1/xP-TUFfDvbrb30nzQ1YsXjABYEQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/xP-TUFfDvbrb30nzQ1YsXjABYEQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 11 Jun 2025 09:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:59:11:e8:36:da:e5:94:18:96:be:ac:7a:fd:40:e3:95
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c4ff935057c3bdbadbdf49f343562c5e30016044
        Validity
            Not Before: Jun 10 09:00:35 2025 GMT
            Not After : Jun 11 09:00:35 2025 GMT
        Subject: CN=a8940319597a7da5cb7a5c2a2fdf1363b02b0051
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:41:6a:81:a8:cb:b4:13:41:54:6a:af:98:c3:
                    13:24:57:de:15:ef:52:4d:e5:a8:b8:65:dd:ca:c8:
                    69:90:6a:90:5d:83:bb:45:57:44:25:94:dc:54:ac:
                    a6:4e:b2:e5:d7:3d:b8:f4:28:0e:12:33:48:53:00:
                    7f:35:32:ad:84:da:7c:ab:12:44:b0:68:25:23:57:
                    32:fa:b6:82:60:78:87:f0:55:c3:9b:34:28:e1:90:
                    95:a0:34:dd:0e:33:fa:f0:7f:f0:2b:8d:a1:c2:4a:
                    36:04:f1:bc:eb:77:a6:ec:bc:34:44:28:1f:4f:91:
                    4d:54:44:0f:98:ba:6b:84:a5:0e:90:d9:34:1c:d5:
                    00:91:7c:7f:af:c9:f8:6c:8c:12:5e:95:09:e9:05:
                    3f:37:24:83:bc:5a:85:04:cc:7a:20:9f:a4:9d:e5:
                    dc:cc:9d:b5:aa:c6:e9:9e:05:c1:75:42:a8:aa:4f:
                    d9:2a:b9:7f:94:37:3f:85:07:e2:90:41:99:84:c0:
                    43:5e:21:17:b7:3f:1b:a6:a9:ec:06:f7:c7:e6:b8:
                    bc:4a:b0:6f:88:fd:a2:cf:5a:5f:7c:8c:d5:00:40:
                    31:67:44:02:e1:a2:e4:29:92:f1:7c:84:01:73:b6:
                    04:06:c8:af:0c:47:f2:e3:9b:57:3b:ac:51:ce:d5:
                    b1:93
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A8:94:03:19:59:7A:7D:A5:CB:7A:5C:2A:2F:DF:13:63:B0:2B:00:51
            X509v3 Authority Key Identifier:
                keyid:C4:FF:93:50:57:C3:BD:BA:DB:DF:49:F3:43:56:2C:5E:30:01:60:44

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xP-TUFfDvbrb30nzQ1YsXjABYEQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/2b059a-325d-4385-811f-17e1a2569568/1/xP-TUFfDvbrb30nzQ1YsXjABYEQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/2b059a-325d-4385-811f-17e1a2569568/1/xP-TUFfDvbrb30nzQ1YsXjABYEQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7e:46:41:87:a7:ff:26:0d:36:ae:c8:b3:1b:e6:08:08:18:e3:
         c4:44:05:f7:71:d8:12:24:49:e2:27:67:8f:4e:9f:04:d4:0e:
         a1:5e:28:63:fe:a4:9f:0e:70:b1:c9:7e:0b:1e:4f:d4:fc:0d:
         3f:a2:2f:9d:15:e9:9f:9f:ea:ad:00:8f:4e:83:74:42:23:66:
         bc:0a:e6:6c:3a:ae:5e:5c:32:2c:9c:79:0f:06:d3:cb:28:80:
         f9:dc:a3:6f:b3:73:b4:fa:ee:a7:0d:fa:1e:e6:76:57:4a:9d:
         59:ce:54:39:84:03:a3:f6:f9:c1:10:43:fe:e7:78:b2:3a:71:
         c7:d3:fe:f1:fe:88:af:9a:c6:2d:fc:f5:c1:00:3f:c5:35:fd:
         61:34:b7:e5:7e:f6:08:0a:53:99:e9:09:27:6a:dd:1b:53:07:
         3d:41:d6:b2:18:e0:15:30:61:10:4e:16:89:60:5f:82:31:e1:
         50:8e:d5:ab:36:f5:85:69:90:10:ab:cf:33:6e:72:e2:6c:8e:
         ea:4a:f6:d6:c6:6c:4a:26:e2:ea:07:0f:46:c1:ce:d9:e5:b6:
         8e:b9:d4:7f:98:6e:40:66:d3:8d:5a:9f:62:68:91:38:2c:db:
         38:31:34:06:57:9d:61:34:c7:d1:b6:f5:8f:f7:4f:e7:64:35:
         52:b5:7b:9f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdZEeg22uWUGJa+rHr9QOOVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0ZmY5MzUwNTdjM2JkYmFkYmRmNDlmMzQzNTYyYzVlMzAw
MTYwNDQwHhcNMjUwNjEwMDkwMDM1WhcNMjUwNjExMDkwMDM1WjAzMTEwLwYDVQQD
EyhhODk0MDMxOTU5N2E3ZGE1Y2I3YTVjMmEyZmRmMTM2M2IwMmIwMDUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq0FqgajLtBNBVGqvmMMTJFfeFe9S
TeWouGXdyshpkGqQXYO7RVdEJZTcVKymTrLl1z249CgOEjNIUwB/NTKthNp8qxJE
sGglI1cy+raCYHiH8FXDmzQo4ZCVoDTdDjP68H/wK42hwko2BPG863em7Lw0RCgf
T5FNVEQPmLprhKUOkNk0HNUAkXx/r8n4bIwSXpUJ6QU/NySDvFqFBMx6IJ+kneXc
zJ21qsbpngXBdUKoqk/ZKrl/lDc/hQfikEGZhMBDXiEXtz8bpqnsBvfH5ri8SrBv
iP2iz1pffIzVAEAxZ0QC4aLkKZLxfIQBc7YEBsivDEfy45tXO6xRztWxkwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKiUAxlZen2ly3pcKi/fE2OwKwBRMB8GA1UdIwQY
MBaAFMT/k1BXw726299J80NWLF4wAWBEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveFAtVFVGZkR2YnJiMzBuelExWXNYakFCWUVRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZC8yYjA1OWEtMzI1ZC00Mzg1LTgxMWYt
MTdlMWEyNTY5NTY4LzEveFAtVFVGZkR2YnJiMzBuelExWXNYakFCWUVRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZC8yYjA1OWEtMzI1ZC00Mzg1LTgxMWYtMTdlMWEyNTY5NTY4
LzEveFAtVFVGZkR2YnJiMzBuelExWXNYakFCWUVRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAfkZBh6f/
Jg02rsizG+YICBjjxEQF93HYEiRJ4idnj06fBNQOoV4oY/6knw5wscl+Cx5P1PwN
P6IvnRXpn5/qrQCPToN0QiNmvArmbDquXlwyLJx5DwbTyyiA+dyjb7NztPrupw36
HuZ2V0qdWc5UOYQDo/b5wRBD/ud4sjpxx9P+8f6Ir5rGLfz1wQA/xTX9YTS35X72
CApTmekJJ2rdG1MHPUHWshjgFTBhEE4WiWBfgjHhUI7Vqzb1hWmQEKvPM25y4myO
6kr21sZsSibi6gcPRsHO2eW2jrnUf5huQGbTjVqfYmiROCzbODE0BledYTTH0bb1
j/dP52Q1UrV7nw==
-----END CERTIFICATE-----
Generated at Tue Jun 10 13:07:08 2025 by rpki-client