Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/71/e78954-31fd-4fd0-9fc1-0f4b28b886f7/1/3haZUvl_SUz-D2tUJ8pW6BDAXOA.mft
File:                     3haZUvl_SUz-D2tUJ8pW6BDAXOA.mft (raw, json)
Hash identifier:          u6kY7bB18sLvzePYiOmKTrcc0vWCiIblMYRg5Trx02s=
Subject key identifier:   B4:F0:5A:0E:1C:17:D3:86:40:C1:E7:02:01:7A:13:8E:76:4F:96:12
Authority key identifier: DE:16:99:52:F9:7F:49:4C:FE:0F:6B:54:27:CA:56:E8:10:C0:5C:E0
Certificate issuer:       /CN=de169952f97f494cfe0f6b5427ca56e810c05ce0
Certificate serial:       01976026CB4452D5E78AA9CABB01FD03803F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3haZUvl_SUz-D2tUJ8pW6BDAXOA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/71/e78954-31fd-4fd0-9fc1-0f4b28b886f7/1/3haZUvl_SUz-D2tUJ8pW6BDAXOA.mft
Manifest number:          151C
Signing time:             Wed 11 Jun 2025 18:00:44 +0000
Manifest this update:     Wed 11 Jun 2025 18:00:44 +0000
Manifest next update:     Thu 12 Jun 2025 18:00:44 +0000
Files and hashes:         1: 3haZUvl_SUz-D2tUJ8pW6BDAXOA.crl (hash: 8ariS8PcYXmriN7RDtpb9jTc8j95Tswoms7SsNbB+qA=)
                          2: RZ4xmYAJVpVRLfuQVLFQGXgbrQE.roa (hash: aFDGOW4Qu6MNo6mtPQc9Lw/jPxt+lcHM9Vl2lskSnz8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/71/e78954-31fd-4fd0-9fc1-0f4b28b886f7/1/3haZUvl_SUz-D2tUJ8pW6BDAXOA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/71/e78954-31fd-4fd0-9fc1-0f4b28b886f7/1/3haZUvl_SUz-D2tUJ8pW6BDAXOA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3haZUvl_SUz-D2tUJ8pW6BDAXOA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 12 Jun 2025 15:40:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:60:26:cb:44:52:d5:e7:8a:a9:ca:bb:01:fd:03:80:3f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=de169952f97f494cfe0f6b5427ca56e810c05ce0
        Validity
            Not Before: Jun 11 18:00:44 2025 GMT
            Not After : Jun 12 18:00:44 2025 GMT
        Subject: CN=b4f05a0e1c17d38640c1e702017a138e764f9612
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dd:bf:87:c9:1f:bf:34:90:4e:1f:27:fb:03:f9:
                    0b:c4:5a:36:e4:29:7b:b3:77:bf:c5:19:5a:9a:24:
                    5a:87:63:2e:63:89:45:0d:41:a9:86:59:52:d4:39:
                    77:a7:93:5f:ce:12:86:09:52:78:21:40:de:65:9d:
                    fb:19:e5:fa:ec:a6:d1:5c:b5:c6:da:68:25:06:2f:
                    95:14:d8:d5:de:0d:14:9a:6b:44:5a:58:ae:af:92:
                    e1:fe:5e:eb:77:29:24:d5:af:d3:ca:22:e6:3d:50:
                    df:da:10:9c:c7:2d:56:43:9d:b6:e9:f7:6c:69:39:
                    33:63:43:0d:8d:86:88:9a:51:a3:2f:69:8f:00:4f:
                    64:71:8a:de:31:37:47:cb:76:fa:05:55:d0:13:c8:
                    22:a6:6a:89:d6:5d:15:58:ad:23:88:a3:84:b6:e7:
                    ef:9d:7d:55:69:35:42:3a:0b:33:ab:b9:a0:b2:56:
                    84:74:e5:b1:ff:8e:0c:d2:a6:c0:34:88:af:a4:f6:
                    6f:47:fd:cc:78:5e:f0:38:ab:a4:48:98:fe:db:f8:
                    f0:fd:c2:b9:ff:b6:d3:d4:23:ae:c8:af:80:ba:a5:
                    e2:38:fc:0a:be:62:2a:dc:9a:a7:41:32:a3:d6:65:
                    cd:0b:ae:02:09:3a:cd:60:ba:18:ab:62:ed:60:8b:
                    5b:5b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B4:F0:5A:0E:1C:17:D3:86:40:C1:E7:02:01:7A:13:8E:76:4F:96:12
            X509v3 Authority Key Identifier:
                keyid:DE:16:99:52:F9:7F:49:4C:FE:0F:6B:54:27:CA:56:E8:10:C0:5C:E0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3haZUvl_SUz-D2tUJ8pW6BDAXOA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/71/e78954-31fd-4fd0-9fc1-0f4b28b886f7/1/3haZUvl_SUz-D2tUJ8pW6BDAXOA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/71/e78954-31fd-4fd0-9fc1-0f4b28b886f7/1/3haZUvl_SUz-D2tUJ8pW6BDAXOA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         84:db:db:13:2c:a3:6f:50:dd:0c:ea:8d:a9:22:59:c1:57:70:
         ec:8b:e4:73:a4:98:51:8b:b2:7d:98:7d:25:fe:f3:4e:bd:e1:
         03:7b:c5:ad:c1:ce:a6:9a:92:f4:7e:7e:61:65:38:84:44:e2:
         b4:a9:28:88:31:47:ee:64:fc:fc:d2:46:81:a3:e5:c2:d5:4a:
         d6:f1:f2:bb:65:b5:3b:76:e0:f7:ff:46:3c:c6:04:95:92:b5:
         f7:38:5e:d7:5e:b5:a0:72:de:af:cb:a3:fd:9d:42:17:e7:74:
         25:eb:10:f5:f7:70:aa:bf:c7:71:7e:28:77:a7:96:98:53:a1:
         24:b9:80:53:ab:cf:d5:9d:aa:f8:0a:3b:6d:5f:ff:cf:8c:71:
         14:1d:9d:f0:ec:d7:87:d1:69:70:1d:53:57:1d:ec:67:19:c7:
         30:1d:8a:c2:fc:56:01:53:1a:2c:08:e1:a9:aa:c6:50:f6:85:
         60:a9:44:b3:c5:83:c8:58:ea:5b:7a:d9:4a:cd:de:f5:1d:12:
         ec:34:97:89:1a:fe:e8:ac:ff:ff:73:fa:b6:18:ca:da:70:73:
         a2:84:d8:61:94:da:da:af:ab:81:13:9c:01:e0:e7:9d:d6:66:
         b9:2d:82:4a:09:49:4b:92:25:fd:4e:64:d9:96:11:8a:a9:87:
         93:c6:2d:4a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdgJstEUtXniqnKuwH9A4A/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRlMTY5OTUyZjk3ZjQ5NGNmZTBmNmI1NDI3Y2E1NmU4MTBj
MDVjZTAwHhcNMjUwNjExMTgwMDQ0WhcNMjUwNjEyMTgwMDQ0WjAzMTEwLwYDVQQD
EyhiNGYwNWEwZTFjMTdkMzg2NDBjMWU3MDIwMTdhMTM4ZTc2NGY5NjEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3b+HyR+/NJBOHyf7A/kLxFo25Cl7
s3e/xRlamiRah2MuY4lFDUGphllS1Dl3p5NfzhKGCVJ4IUDeZZ37GeX67KbRXLXG
2mglBi+VFNjV3g0UmmtEWliur5Lh/l7rdykk1a/TyiLmPVDf2hCcxy1WQ5226fds
aTkzY0MNjYaImlGjL2mPAE9kcYreMTdHy3b6BVXQE8gipmqJ1l0VWK0jiKOEtufv
nX1VaTVCOgszq7mgslaEdOWx/44M0qbANIivpPZvR/3MeF7wOKukSJj+2/jw/cK5
/7bT1COuyK+AuqXiOPwKvmIq3JqnQTKj1mXNC64CCTrNYLoYq2LtYItbWwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLTwWg4cF9OGQMHnAgF6E452T5YSMB8GA1UdIwQY
MBaAFN4WmVL5f0lM/g9rVCfKVugQwFzgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2hhWlV2bF9TVXotRDJ0VUo4cFc2QkRBWE9BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MS9lNzg5NTQtMzFmZC00ZmQwLTlmYzEt
MGY0YjI4Yjg4NmY3LzEvM2hhWlV2bF9TVXotRDJ0VUo4cFc2QkRBWE9BLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MS9lNzg5NTQtMzFmZC00ZmQwLTlmYzEtMGY0YjI4Yjg4NmY3
LzEvM2hhWlV2bF9TVXotRDJ0VUo4cFc2QkRBWE9BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhNvbEyyj
b1DdDOqNqSJZwVdw7Ivkc6SYUYuyfZh9Jf7zTr3hA3vFrcHOppqS9H5+YWU4hETi
tKkoiDFH7mT8/NJGgaPlwtVK1vHyu2W1O3bg9/9GPMYElZK19zhe1161oHLer8uj
/Z1CF+d0JesQ9fdwqr/HcX4od6eWmFOhJLmAU6vP1Z2q+Ao7bV//z4xxFB2d8OzX
h9FpcB1TVx3sZxnHMB2KwvxWAVMaLAjhqarGUPaFYKlEs8WDyFjqW3rZSs3e9R0S
7DSXiRr+6Kz//3P6thjK2nBzooTYYZTa2q+rgROcAeDnndZmuS2CSglJS5Il/U5k
2ZYRiqmHk8YtSg==
-----END CERTIFICATE-----
Generated at Wed Jun 11 20:43:06 2025 by rpki-client