Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6f/4a58bc-2403-4144-bb5e-bb6829360cee/1/CNXrapaGTfosUbLiVsUYCrkiKc0.mft
File:                     CNXrapaGTfosUbLiVsUYCrkiKc0.mft (raw, json)
Hash identifier:          Be86OCsZ2OvEiAbh2fj54Y8nNfVJcdZrvKEqRN3RrTY=
Subject key identifier:   3E:B9:8E:D8:0A:0B:CA:77:A9:80:89:BB:55:5D:9C:00:74:32:03:1A
Authority key identifier: 08:D5:EB:6A:96:86:4D:FA:2C:51:B2:E2:56:C5:18:0A:B9:22:29:CD
Certificate issuer:       /CN=08d5eb6a96864dfa2c51b2e256c5180ab92229cd
Certificate serial:       019752A216DAFDD33157383AE6C4E1725B7B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/CNXrapaGTfosUbLiVsUYCrkiKc0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/6f/4a58bc-2403-4144-bb5e-bb6829360cee/1/CNXrapaGTfosUbLiVsUYCrkiKc0.mft
Manifest number:          0276
Signing time:             Mon 09 Jun 2025 03:00:43 +0000
Manifest this update:     Mon 09 Jun 2025 03:00:43 +0000
Manifest next update:     Tue 10 Jun 2025 03:00:43 +0000
Files and hashes:         1: 0m-9m5OFcPf8OuDYL2FUGvph8_g.roa (hash: dOT7ZXgrSZ8DnL/LTBhNtapy6nZ67rmfPX5nGpKKR4k=)
                          2: CNXrapaGTfosUbLiVsUYCrkiKc0.crl (hash: ZZUCmFLa4ILWlBWdWaMPN2fXUNqbI/m/fq475IPEic8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/6f/4a58bc-2403-4144-bb5e-bb6829360cee/1/CNXrapaGTfosUbLiVsUYCrkiKc0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/6f/4a58bc-2403-4144-bb5e-bb6829360cee/1/CNXrapaGTfosUbLiVsUYCrkiKc0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/CNXrapaGTfosUbLiVsUYCrkiKc0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 10 Jun 2025 03:00:43 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:52:a2:16:da:fd:d3:31:57:38:3a:e6:c4:e1:72:5b:7b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=08d5eb6a96864dfa2c51b2e256c5180ab92229cd
        Validity
            Not Before: Jun  9 03:00:43 2025 GMT
            Not After : Jun 10 03:00:43 2025 GMT
        Subject: CN=3eb98ed80a0bca77a98089bb555d9c007432031a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:35:28:7f:1a:9a:65:9b:13:4e:2a:f8:e1:17:
                    81:02:77:e8:d8:9a:e9:17:86:88:0f:df:8a:96:50:
                    80:d7:d8:9f:85:4f:05:7c:e6:3f:7d:6c:a9:9c:3d:
                    84:05:19:be:b8:74:fb:85:fe:f6:d4:b9:cf:e5:6f:
                    05:17:55:8d:c8:06:70:10:34:85:cf:68:8b:19:44:
                    ff:3a:f3:63:4d:4d:1f:76:c7:58:5c:eb:30:b8:13:
                    84:b4:07:27:31:f9:41:54:51:3b:78:99:99:42:4a:
                    d5:1f:d5:6f:9c:cd:99:c8:12:e0:a9:e3:e5:73:37:
                    dd:73:52:cd:bf:c4:d9:2b:1f:5e:f8:f9:1d:d9:53:
                    df:00:d3:f2:bc:5b:e6:be:ce:48:11:69:12:95:8c:
                    b6:24:68:35:00:d8:26:c6:09:bc:74:38:26:89:0d:
                    87:a6:5a:0d:db:f2:70:2c:06:a7:52:6f:03:b7:2a:
                    34:25:84:19:d2:17:19:7f:5d:b7:cc:d3:99:a5:c6:
                    a5:0b:0d:e2:9d:97:03:4c:06:f8:9b:6c:fd:eb:02:
                    45:9f:7e:37:51:47:28:ca:9b:1b:88:26:94:16:2f:
                    52:0b:3d:df:b6:d6:ed:af:f7:b4:93:dc:db:98:ac:
                    34:f5:bc:1e:63:cb:36:09:4e:8d:ea:97:41:be:02:
                    67:71
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3E:B9:8E:D8:0A:0B:CA:77:A9:80:89:BB:55:5D:9C:00:74:32:03:1A
            X509v3 Authority Key Identifier:
                keyid:08:D5:EB:6A:96:86:4D:FA:2C:51:B2:E2:56:C5:18:0A:B9:22:29:CD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CNXrapaGTfosUbLiVsUYCrkiKc0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/4a58bc-2403-4144-bb5e-bb6829360cee/1/CNXrapaGTfosUbLiVsUYCrkiKc0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/4a58bc-2403-4144-bb5e-bb6829360cee/1/CNXrapaGTfosUbLiVsUYCrkiKc0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1e:2d:0d:82:14:92:3d:b1:27:94:71:b8:c8:a4:c0:dc:3d:30:
         5e:ea:ea:99:a5:d4:1f:f3:a2:61:04:94:06:fa:0a:6f:a0:38:
         de:86:82:d6:c5:9d:82:71:4a:66:a5:f9:cd:3d:74:96:82:09:
         8c:f7:68:8b:03:a8:31:19:ed:33:a4:92:a3:5a:a4:93:ad:e7:
         4f:ff:15:f1:df:57:68:33:4e:c4:5f:af:7b:c1:37:7c:c5:0a:
         f2:7c:b5:95:07:3a:fd:9a:93:4e:54:49:4d:a6:0e:53:1f:5f:
         b6:8e:69:eb:6c:60:4e:05:47:11:40:80:fd:ac:e2:3a:8e:6c:
         48:e3:fd:03:0f:6b:a7:71:30:c2:7a:1e:a7:32:10:3d:c4:fa:
         5f:05:ba:2d:1f:cc:45:b1:1e:47:14:52:8f:e3:21:2a:2e:1d:
         7c:f0:41:2e:3c:dc:08:ee:db:9c:25:7f:7d:d0:d1:17:2d:d8:
         29:e8:a1:4e:cf:4f:36:e8:4d:0a:73:ed:c6:b5:68:61:db:7f:
         19:6e:28:77:a7:04:4d:7a:5d:fd:2d:39:4a:88:6d:95:a3:58:
         4f:cc:00:82:87:6d:07:db:4d:c7:4d:7a:e3:b3:f1:49:39:1c:
         56:ad:e4:bc:83:d2:a9:68:6e:cf:15:aa:87:45:23:bd:fa:9f:
         94:3a:1c:92
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdSohba/dMxVzg65sThclt7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA4ZDVlYjZhOTY4NjRkZmEyYzUxYjJlMjU2YzUxODBhYjky
MjI5Y2QwHhcNMjUwNjA5MDMwMDQzWhcNMjUwNjEwMDMwMDQzWjAzMTEwLwYDVQQD
EygzZWI5OGVkODBhMGJjYTc3YTk4MDg5YmI1NTVkOWMwMDc0MzIwMzFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtzUofxqaZZsTTir44ReBAnfo2Jrp
F4aID9+KllCA19ifhU8FfOY/fWypnD2EBRm+uHT7hf721LnP5W8FF1WNyAZwEDSF
z2iLGUT/OvNjTU0fdsdYXOswuBOEtAcnMflBVFE7eJmZQkrVH9VvnM2ZyBLgqePl
czfdc1LNv8TZKx9e+Pkd2VPfANPyvFvmvs5IEWkSlYy2JGg1ANgmxgm8dDgmiQ2H
ploN2/JwLAanUm8Dtyo0JYQZ0hcZf123zNOZpcalCw3inZcDTAb4m2z96wJFn343
UUcoypsbiCaUFi9SCz3fttbtr/e0k9zbmKw09bweY8s2CU6N6pdBvgJncQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFD65jtgKC8p3qYCJu1VdnAB0MgMaMB8GA1UdIwQY
MBaAFAjV62qWhk36LFGy4lbFGAq5IinNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ05YcmFwYUdUZm9zVWJMaVZzVVlDcmtpS2MwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Zi80YTU4YmMtMjQwMy00MTQ0LWJiNWUt
YmI2ODI5MzYwY2VlLzEvQ05YcmFwYUdUZm9zVWJMaVZzVVlDcmtpS2MwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Zi80YTU4YmMtMjQwMy00MTQ0LWJiNWUtYmI2ODI5MzYwY2Vl
LzEvQ05YcmFwYUdUZm9zVWJMaVZzVVlDcmtpS2MwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHi0NghSS
PbEnlHG4yKTA3D0wXurqmaXUH/OiYQSUBvoKb6A43oaC1sWdgnFKZqX5zT10loIJ
jPdoiwOoMRntM6SSo1qkk63nT/8V8d9XaDNOxF+ve8E3fMUK8ny1lQc6/ZqTTlRJ
TaYOUx9fto5p62xgTgVHEUCA/aziOo5sSOP9Aw9rp3EwwnoepzIQPcT6XwW6LR/M
RbEeRxRSj+MhKi4dfPBBLjzcCO7bnCV/fdDRFy3YKeihTs9PNuhNCnPtxrVoYdt/
GW4od6cETXpd/S05SohtlaNYT8wAgodtB9tNx01647PxSTkcVq3kvIPSqWhuzxWq
h0UjvfqflDockg==
-----END CERTIFICATE-----
Generated at Mon Jun 9 13:16:48 2025 by rpki-client