Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6d/2b059a-325d-4385-811f-17e1a2569568/1/xP-TUFfDvbrb30nzQ1YsXjABYEQ.mft
File:                     xP-TUFfDvbrb30nzQ1YsXjABYEQ.mft (raw, json)
Hash identifier:          /ZplDIy8pxRDaIb9NfEugWlvcWpUT6MsUmMn6fK5gEA=
Subject key identifier:   C9:83:DB:61:14:E4:14:39:85:8D:9F:95:03:F5:E6:12:04:30:61:EE
Authority key identifier: C4:FF:93:50:57:C3:BD:BA:DB:DF:49:F3:43:56:2C:5E:30:01:60:44
Certificate issuer:       /CN=c4ff935057c3bdbadbdf49f343562c5e30016044
Certificate serial:       01976C621B0F4A87E9E967D72F2A9FF15000
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/xP-TUFfDvbrb30nzQ1YsXjABYEQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/6d/2b059a-325d-4385-811f-17e1a2569568/1/xP-TUFfDvbrb30nzQ1YsXjABYEQ.mft
Manifest number:          1592
Signing time:             Sat 14 Jun 2025 03:00:58 +0000
Manifest this update:     Sat 14 Jun 2025 03:00:58 +0000
Manifest next update:     Sun 15 Jun 2025 03:00:58 +0000
Files and hashes:         1: nEhO-4IOflDc16smasjo46yXDrU.roa (hash: TGudjeK9/qruL2a7Ja97DNoAnaGXmeBxOzedTAd1+AI=)
                          2: xP-TUFfDvbrb30nzQ1YsXjABYEQ.crl (hash: mFoHjTovBsUBhoS8vt6HOxVGhTBdblJupq0p6XV7tu8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/6d/2b059a-325d-4385-811f-17e1a2569568/1/xP-TUFfDvbrb30nzQ1YsXjABYEQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/6d/2b059a-325d-4385-811f-17e1a2569568/1/xP-TUFfDvbrb30nzQ1YsXjABYEQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/xP-TUFfDvbrb30nzQ1YsXjABYEQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 15 Jun 2025 01:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:6c:62:1b:0f:4a:87:e9:e9:67:d7:2f:2a:9f:f1:50:00
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c4ff935057c3bdbadbdf49f343562c5e30016044
        Validity
            Not Before: Jun 14 03:00:58 2025 GMT
            Not After : Jun 15 03:00:58 2025 GMT
        Subject: CN=c983db6114e41439858d9f9503f5e612043061ee
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:88:e9:7c:83:1d:60:96:3b:a5:a5:1d:f5:2c:
                    13:32:31:e5:33:27:66:ba:a6:67:a2:d0:9a:77:f2:
                    1f:13:ff:5e:3e:58:18:40:bf:77:7a:eb:31:f3:19:
                    2b:6b:97:b6:5b:31:0c:bc:51:b3:4d:16:5a:94:53:
                    18:8c:3f:7a:5a:95:1f:f7:39:9c:42:01:1c:fa:77:
                    21:b4:09:a9:ff:fd:73:d5:03:6d:ae:d3:29:bd:53:
                    69:df:b9:44:fa:d9:bd:f6:b6:e4:58:05:cc:79:8e:
                    a2:0d:e8:b1:27:6b:7b:eb:78:af:be:30:93:4b:6c:
                    dc:8e:58:e4:1a:ce:3d:90:a6:e9:de:2b:43:76:5a:
                    68:7f:bb:2f:c7:89:78:5f:57:8b:a3:d9:f2:28:f8:
                    52:a5:64:8c:a6:a8:f7:2b:0f:7d:d6:df:3f:72:66:
                    05:90:85:c4:e6:cc:fe:f3:3f:61:2d:bc:9f:f9:6f:
                    83:0f:b3:13:1f:43:89:56:f3:f4:9f:1e:b6:a9:dc:
                    95:dc:a3:07:17:4b:7a:51:cb:88:ac:92:e6:82:85:
                    b2:1d:c4:ed:0e:cd:7f:97:75:29:9b:d7:ac:84:b9:
                    5b:b0:46:2f:c7:a8:13:49:8d:8b:6f:1e:25:03:8f:
                    5a:ae:fc:51:07:b0:3a:c6:e4:a6:57:9d:a6:f9:80:
                    4c:0d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C9:83:DB:61:14:E4:14:39:85:8D:9F:95:03:F5:E6:12:04:30:61:EE
            X509v3 Authority Key Identifier:
                keyid:C4:FF:93:50:57:C3:BD:BA:DB:DF:49:F3:43:56:2C:5E:30:01:60:44

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xP-TUFfDvbrb30nzQ1YsXjABYEQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/2b059a-325d-4385-811f-17e1a2569568/1/xP-TUFfDvbrb30nzQ1YsXjABYEQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/2b059a-325d-4385-811f-17e1a2569568/1/xP-TUFfDvbrb30nzQ1YsXjABYEQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         41:c9:48:6b:ac:2b:2e:a6:4b:99:2d:62:96:b0:16:48:8f:26:
         d4:59:e1:4b:90:e5:80:a5:aa:30:79:8c:8a:19:42:c9:aa:a7:
         d7:1c:f1:18:a4:25:75:3d:6d:38:13:21:1c:52:11:45:6f:0e:
         3a:88:ff:f5:35:67:94:8a:15:21:ef:69:51:c2:99:c6:3a:7f:
         ab:9d:fa:ce:e4:fc:12:1a:36:79:13:b7:b2:33:90:26:f2:47:
         c5:08:8e:40:eb:0d:a8:2d:49:6f:72:1f:ae:10:cb:92:f0:60:
         ef:57:3d:36:d3:ed:06:77:9c:38:66:9b:26:5d:fa:ab:3a:e4:
         bf:8f:5a:39:6b:d1:60:99:a2:04:db:55:7b:d9:a8:b6:f8:b7:
         7a:9e:9e:08:a1:2d:fd:ef:8f:e3:e1:8e:23:95:0a:b4:3e:00:
         12:01:1c:6c:50:43:de:16:ae:b3:da:89:33:28:84:d6:03:7c:
         85:73:cd:54:9a:9c:e5:b2:bd:aa:ba:54:a2:f2:17:43:8f:ce:
         3a:b0:3f:b5:01:1d:cb:6a:53:3d:71:e9:a0:9c:d2:04:bc:64:
         ad:f5:de:fa:17:56:55:52:8f:d0:89:5d:8d:f2:5d:32:49:33:
         d1:44:85:b1:98:82:0b:99:19:30:72:98:75:ce:74:63:8d:3d:
         a9:be:38:78
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdsYhsPSofp6WfXLyqf8VAAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0ZmY5MzUwNTdjM2JkYmFkYmRmNDlmMzQzNTYyYzVlMzAw
MTYwNDQwHhcNMjUwNjE0MDMwMDU4WhcNMjUwNjE1MDMwMDU4WjAzMTEwLwYDVQQD
EyhjOTgzZGI2MTE0ZTQxNDM5ODU4ZDlmOTUwM2Y1ZTYxMjA0MzA2MWVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtIjpfIMdYJY7paUd9SwTMjHlMydm
uqZnotCad/IfE/9ePlgYQL93eusx8xkra5e2WzEMvFGzTRZalFMYjD96WpUf9zmc
QgEc+nchtAmp//1z1QNtrtMpvVNp37lE+tm99rbkWAXMeY6iDeixJ2t763ivvjCT
S2zcjljkGs49kKbp3itDdlpof7svx4l4X1eLo9nyKPhSpWSMpqj3Kw991t8/cmYF
kIXE5sz+8z9hLbyf+W+DD7MTH0OJVvP0nx62qdyV3KMHF0t6UcuIrJLmgoWyHcTt
Ds1/l3Upm9eshLlbsEYvx6gTSY2Lbx4lA49arvxRB7A6xuSmV52m+YBMDQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMmD22EU5BQ5hY2flQP15hIEMGHuMB8GA1UdIwQY
MBaAFMT/k1BXw726299J80NWLF4wAWBEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveFAtVFVGZkR2YnJiMzBuelExWXNYakFCWUVRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZC8yYjA1OWEtMzI1ZC00Mzg1LTgxMWYt
MTdlMWEyNTY5NTY4LzEveFAtVFVGZkR2YnJiMzBuelExWXNYakFCWUVRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZC8yYjA1OWEtMzI1ZC00Mzg1LTgxMWYtMTdlMWEyNTY5NTY4
LzEveFAtVFVGZkR2YnJiMzBuelExWXNYakFCWUVRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQclIa6wr
LqZLmS1ilrAWSI8m1FnhS5DlgKWqMHmMihlCyaqn1xzxGKQldT1tOBMhHFIRRW8O
Ooj/9TVnlIoVIe9pUcKZxjp/q536zuT8Eho2eRO3sjOQJvJHxQiOQOsNqC1Jb3If
rhDLkvBg71c9NtPtBnecOGabJl36qzrkv49aOWvRYJmiBNtVe9motvi3ep6eCKEt
/e+P4+GOI5UKtD4AEgEcbFBD3haus9qJMyiE1gN8hXPNVJqc5bK9qrpUovIXQ4/O
OrA/tQEdy2pTPXHpoJzSBLxkrfXe+hdWVVKP0IldjfJdMkkz0USFsZiCC5kZMHKY
dc50Y409qb44eA==
-----END CERTIFICATE-----
Generated at Sat Jun 14 06:47:17 2025 by rpki-client