Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/71/e78954-31fd-4fd0-9fc1-0f4b28b886f7/1/3haZUvl_SUz-D2tUJ8pW6BDAXOA.mft
File:                     3haZUvl_SUz-D2tUJ8pW6BDAXOA.mft (raw, json)
Hash identifier:          M5kTYDkL7AWLCSeSIXrlmhOU5OIaHVqD2KJNbyC3Dms=
Subject key identifier:   D2:16:1A:16:CC:BC:41:64:E9:8A:FB:1F:35:35:D6:45:0C:51:EE:C6
Authority key identifier: DE:16:99:52:F9:7F:49:4C:FE:0F:6B:54:27:CA:56:E8:10:C0:5C:E0
Certificate issuer:       /CN=de169952f97f494cfe0f6b5427ca56e810c05ce0
Certificate serial:       01975E387FE1600652F8F53A62B30746AC27
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3haZUvl_SUz-D2tUJ8pW6BDAXOA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/71/e78954-31fd-4fd0-9fc1-0f4b28b886f7/1/3haZUvl_SUz-D2tUJ8pW6BDAXOA.mft
Manifest number:          151B
Signing time:             Wed 11 Jun 2025 09:00:50 +0000
Manifest this update:     Wed 11 Jun 2025 09:00:50 +0000
Manifest next update:     Thu 12 Jun 2025 09:00:50 +0000
Files and hashes:         1: 3haZUvl_SUz-D2tUJ8pW6BDAXOA.crl (hash: iCe7dx4S4KwqG3VEjSVjhjI41YpMh4Ym9EPmfJFrQ68=)
                          2: RZ4xmYAJVpVRLfuQVLFQGXgbrQE.roa (hash: aFDGOW4Qu6MNo6mtPQc9Lw/jPxt+lcHM9Vl2lskSnz8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/71/e78954-31fd-4fd0-9fc1-0f4b28b886f7/1/3haZUvl_SUz-D2tUJ8pW6BDAXOA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/71/e78954-31fd-4fd0-9fc1-0f4b28b886f7/1/3haZUvl_SUz-D2tUJ8pW6BDAXOA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3haZUvl_SUz-D2tUJ8pW6BDAXOA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 12 Jun 2025 08:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:5e:38:7f:e1:60:06:52:f8:f5:3a:62:b3:07:46:ac:27
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=de169952f97f494cfe0f6b5427ca56e810c05ce0
        Validity
            Not Before: Jun 11 09:00:50 2025 GMT
            Not After : Jun 12 09:00:50 2025 GMT
        Subject: CN=d2161a16ccbc4164e98afb1f3535d6450c51eec6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:a4:3d:45:2d:75:bf:3a:a9:1c:07:1d:70:d3:
                    ba:73:b8:53:e4:2e:0e:0d:b3:95:fd:60:67:96:01:
                    f2:54:05:f1:36:e9:7e:67:40:b9:1a:b9:67:db:0c:
                    62:eb:b1:cf:2f:21:14:06:7c:e2:fb:21:86:a8:e9:
                    eb:4c:65:74:7e:bf:46:f1:41:ea:5c:a5:c7:8a:39:
                    f4:ac:fb:e2:48:71:23:f8:b3:bb:36:7f:58:43:11:
                    b7:63:60:a7:25:16:cc:31:34:a8:cf:fa:70:76:8e:
                    a5:23:ed:d1:6d:be:41:55:1f:7a:c2:04:9c:72:b2:
                    56:b5:6e:a5:bd:6e:5a:ee:aa:00:90:e6:c2:e2:19:
                    21:fc:dc:ae:58:cc:99:d5:3c:47:58:ba:ef:e4:8f:
                    c9:89:ea:df:11:ec:d5:45:83:50:d6:1d:6d:f9:44:
                    c5:2b:da:9d:c7:96:f1:4c:72:c0:5d:48:a0:9f:31:
                    8f:26:12:12:04:24:56:f1:17:2a:0b:06:8b:1b:3d:
                    28:b3:5e:6c:db:22:e5:4a:8c:e5:59:66:81:53:56:
                    78:b4:fa:b4:64:14:cf:3a:e4:d4:51:b9:27:12:fd:
                    3a:fc:c1:0a:12:4a:e4:d4:30:c7:ba:97:af:42:b5:
                    d6:98:29:b6:91:5b:ca:73:b1:cc:d5:ad:c4:e1:24:
                    22:55
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D2:16:1A:16:CC:BC:41:64:E9:8A:FB:1F:35:35:D6:45:0C:51:EE:C6
            X509v3 Authority Key Identifier:
                keyid:DE:16:99:52:F9:7F:49:4C:FE:0F:6B:54:27:CA:56:E8:10:C0:5C:E0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3haZUvl_SUz-D2tUJ8pW6BDAXOA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/71/e78954-31fd-4fd0-9fc1-0f4b28b886f7/1/3haZUvl_SUz-D2tUJ8pW6BDAXOA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/71/e78954-31fd-4fd0-9fc1-0f4b28b886f7/1/3haZUvl_SUz-D2tUJ8pW6BDAXOA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         31:4a:8c:17:5f:6c:91:5d:f2:d1:a7:90:c0:15:85:1e:33:6f:
         36:2e:11:3f:ab:32:50:17:99:71:9b:e5:28:fa:5a:94:5a:5d:
         e7:93:ce:04:4b:77:a6:bf:3f:25:0b:24:2b:b0:47:e6:2e:1e:
         55:49:b5:75:35:f5:93:aa:7e:a6:d5:f2:c0:d9:ae:e8:be:3e:
         5b:23:56:0d:3d:78:6b:6a:ec:36:a7:05:8d:dd:10:17:56:2a:
         36:1c:74:2f:f7:88:f4:8d:22:c9:f2:43:97:a2:63:3b:24:6d:
         49:28:02:43:1d:cc:90:39:03:8c:0e:dd:b0:97:03:89:cf:72:
         8b:c2:9a:49:4e:ca:ee:ab:da:30:5d:a7:aa:25:d1:4f:af:cb:
         af:ce:f9:2a:e4:8e:4c:54:f3:02:32:60:38:24:4a:92:6f:05:
         1f:fe:03:1f:d6:23:ed:e5:5c:4c:0e:9b:00:10:d7:8c:58:9f:
         de:a0:27:20:e2:d0:d8:c8:f9:91:7d:6f:b5:81:91:55:27:ad:
         19:9a:e6:7a:ab:a7:52:3c:5f:b8:c7:cd:c4:de:d6:e6:d1:50:
         34:f3:5b:ae:d8:cf:0c:88:d9:40:12:db:b8:f1:36:fe:33:13:
         76:29:3f:c3:ce:9c:94:ae:40:36:a6:77:3a:95:c9:43:5c:e9:
         ab:d4:dc:48
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdeOH/hYAZS+PU6YrMHRqwnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRlMTY5OTUyZjk3ZjQ5NGNmZTBmNmI1NDI3Y2E1NmU4MTBj
MDVjZTAwHhcNMjUwNjExMDkwMDUwWhcNMjUwNjEyMDkwMDUwWjAzMTEwLwYDVQQD
EyhkMjE2MWExNmNjYmM0MTY0ZTk4YWZiMWYzNTM1ZDY0NTBjNTFlZWM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApqQ9RS11vzqpHAcdcNO6c7hT5C4O
DbOV/WBnlgHyVAXxNul+Z0C5Grln2wxi67HPLyEUBnzi+yGGqOnrTGV0fr9G8UHq
XKXHijn0rPviSHEj+LO7Nn9YQxG3Y2CnJRbMMTSoz/pwdo6lI+3Rbb5BVR96wgSc
crJWtW6lvW5a7qoAkObC4hkh/NyuWMyZ1TxHWLrv5I/JierfEezVRYNQ1h1t+UTF
K9qdx5bxTHLAXUignzGPJhISBCRW8RcqCwaLGz0os15s2yLlSozlWWaBU1Z4tPq0
ZBTPOuTUUbknEv06/MEKEkrk1DDHupevQrXWmCm2kVvKc7HM1a3E4SQiVQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNIWGhbMvEFk6Yr7HzU11kUMUe7GMB8GA1UdIwQY
MBaAFN4WmVL5f0lM/g9rVCfKVugQwFzgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2hhWlV2bF9TVXotRDJ0VUo4cFc2QkRBWE9BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MS9lNzg5NTQtMzFmZC00ZmQwLTlmYzEt
MGY0YjI4Yjg4NmY3LzEvM2hhWlV2bF9TVXotRDJ0VUo4cFc2QkRBWE9BLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MS9lNzg5NTQtMzFmZC00ZmQwLTlmYzEtMGY0YjI4Yjg4NmY3
LzEvM2hhWlV2bF9TVXotRDJ0VUo4cFc2QkRBWE9BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMUqMF19s
kV3y0aeQwBWFHjNvNi4RP6syUBeZcZvlKPpalFpd55POBEt3pr8/JQskK7BH5i4e
VUm1dTX1k6p+ptXywNmu6L4+WyNWDT14a2rsNqcFjd0QF1YqNhx0L/eI9I0iyfJD
l6JjOyRtSSgCQx3MkDkDjA7dsJcDic9yi8KaSU7K7qvaMF2nqiXRT6/Lr875KuSO
TFTzAjJgOCRKkm8FH/4DH9Yj7eVcTA6bABDXjFif3qAnIOLQ2Mj5kX1vtYGRVSet
GZrmequnUjxfuMfNxN7W5tFQNPNbrtjPDIjZQBLbuPE2/jMTdik/w86clK5ANqZ3
OpXJQ1zpq9TcSA==
-----END CERTIFICATE-----
Generated at Wed Jun 11 11:47:46 2025 by rpki-client