Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/74/9bc4cc-b646-4701-8975-623e199fdbe9/1/Cdzx6JflmOw_GrYL1EMyhybe2uQ.mft
File:                     Cdzx6JflmOw_GrYL1EMyhybe2uQ.mft (raw, json)
Hash identifier:          HPw4KdQ5xORtIqH3Jc4z2NfulyaryEQ43hnEoo1Tc00=
Subject key identifier:   17:B4:4D:6A:CE:18:3F:81:B0:EB:BF:6F:67:E1:F5:7F:28:80:AB:04
Authority key identifier: 09:DC:F1:E8:97:E5:98:EC:3F:1A:B6:0B:D4:43:32:87:26:DE:DA:E4
Certificate issuer:       /CN=09dcf1e897e598ec3f1ab60bd443328726dedae4
Certificate serial:       0197684E152CC8B11DFC91940E5D74F8CFAF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Cdzx6JflmOw_GrYL1EMyhybe2uQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/74/9bc4cc-b646-4701-8975-623e199fdbe9/1/Cdzx6JflmOw_GrYL1EMyhybe2uQ.mft
Manifest number:          13DB
Signing time:             Fri 13 Jun 2025 08:00:37 +0000
Manifest this update:     Fri 13 Jun 2025 08:00:37 +0000
Manifest next update:     Sat 14 Jun 2025 08:00:37 +0000
Files and hashes:         1: 1-KS-11GCop4jdIEBghE-M8_v_g8.roa (hash: EqC/3yl9y80XofTy0F138kTU+PwB4qz9tGO9qfDtpgk=)
                          2: 28Clr4Ex1l2uqo6qlmoWgDRx4JU.roa (hash: idGohMKsNgyo0RBS8sMY69MlW8nQfQuAaP7Q0HBe0uM=)
                          3: 3RrW5Yatg2PUvnJMq7_H-tuFmj8.roa (hash: 5AaD0wsj8bY2cs7Xy1+SAntuaiPPTR2j1GucGYtil+8=)
                          4: 6Mu0G5eGnDMdTKqwRVWTSuG8bsw.roa (hash: moIyQZi4wCVA13IscbWLzRltLBx1xw7w1x6HIQR/1Hg=)
                          5: Cdzx6JflmOw_GrYL1EMyhybe2uQ.crl (hash: OI8bTlL4/B9TeKAY2e9Yi3YwefDAjrH5W+sDVluJMVA=)
                          6: ZDWi8X9SmWmbAKCwE55Pm2H1s3Q.roa (hash: j4Bd1zsOhh9D77jUeZ1o5ZusSCW9cs9P4TtpELqNqCQ=)
                          7: nJT9Bh_tbP1He9594EppfoCQEts.roa (hash: EeLGem/zMOULX8JHQg+hYpRqNlikcSBKHqsuzrAaMZg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/74/9bc4cc-b646-4701-8975-623e199fdbe9/1/Cdzx6JflmOw_GrYL1EMyhybe2uQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/74/9bc4cc-b646-4701-8975-623e199fdbe9/1/Cdzx6JflmOw_GrYL1EMyhybe2uQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Cdzx6JflmOw_GrYL1EMyhybe2uQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 14 Jun 2025 07:00:18 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:68:4e:15:2c:c8:b1:1d:fc:91:94:0e:5d:74:f8:cf:af
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=09dcf1e897e598ec3f1ab60bd443328726dedae4
        Validity
            Not Before: Jun 13 08:00:37 2025 GMT
            Not After : Jun 14 08:00:37 2025 GMT
        Subject: CN=17b44d6ace183f81b0ebbf6f67e1f57f2880ab04
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ef:8c:20:75:10:8f:4e:91:bc:1f:ea:a9:c5:17:
                    aa:5a:a8:1c:6e:40:dc:66:1c:27:19:d5:3e:c6:8f:
                    a8:2e:de:ab:fa:29:a7:6a:62:11:20:6f:45:ee:29:
                    2e:49:5d:de:2f:e0:a6:db:31:f8:af:7d:82:8a:f1:
                    77:fe:71:15:b1:95:21:b2:76:9c:bf:8c:b7:55:f0:
                    b3:da:0e:40:4b:98:f1:be:e5:3e:6e:ea:df:18:17:
                    44:db:f0:44:ae:85:43:5a:8d:8a:c3:7a:4e:72:84:
                    23:de:64:58:e5:f5:21:64:65:e4:d3:e3:f6:56:ed:
                    7c:3f:8b:e3:29:da:b4:51:b0:7d:5c:3a:1b:98:5f:
                    f1:57:23:89:25:e6:1e:01:99:d0:3d:45:f1:92:22:
                    b5:b8:f5:c2:ba:2d:47:ea:05:61:77:31:f1:34:05:
                    8a:13:b1:5d:14:2e:04:5c:23:40:8e:06:3a:70:f6:
                    0e:2a:14:ca:b8:96:a1:fb:e0:06:5e:7a:d9:51:a1:
                    6e:1c:7d:a5:f7:32:f4:e4:0d:8e:a2:a6:63:91:7f:
                    fc:6e:c7:f2:5c:b6:4a:5c:14:3e:36:20:10:37:1e:
                    d2:73:6a:6b:63:95:6c:fc:c2:9f:8d:d0:8c:25:c6:
                    2b:64:51:83:19:80:75:50:0e:a1:67:48:d4:10:14:
                    c0:7b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                17:B4:4D:6A:CE:18:3F:81:B0:EB:BF:6F:67:E1:F5:7F:28:80:AB:04
            X509v3 Authority Key Identifier:
                keyid:09:DC:F1:E8:97:E5:98:EC:3F:1A:B6:0B:D4:43:32:87:26:DE:DA:E4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Cdzx6JflmOw_GrYL1EMyhybe2uQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/74/9bc4cc-b646-4701-8975-623e199fdbe9/1/Cdzx6JflmOw_GrYL1EMyhybe2uQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/74/9bc4cc-b646-4701-8975-623e199fdbe9/1/Cdzx6JflmOw_GrYL1EMyhybe2uQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         bf:a6:6d:c3:89:5d:d3:f4:50:75:65:87:db:f9:90:65:7d:cb:
         e6:cd:10:d9:a2:37:8b:02:95:bd:57:f5:39:44:19:e1:14:b2:
         47:f4:85:59:67:dd:fb:74:e5:94:e3:8d:83:b4:2b:78:bb:a6:
         8d:e3:fe:d0:dd:d4:e6:21:27:a4:6a:20:a1:be:eb:bd:89:c8:
         df:b8:f7:97:f9:51:eb:ea:f9:95:db:01:39:3e:d0:61:6e:4e:
         75:d2:67:82:5b:14:98:8e:c5:79:05:b9:b9:6a:46:cf:4e:82:
         94:93:0f:e7:2b:88:2d:83:8d:2a:d4:b4:aa:e6:ed:0b:f5:61:
         5e:91:b6:1b:8f:de:18:29:b5:d8:d4:be:77:35:a5:bd:2e:c4:
         1d:8b:7f:c3:97:5e:1c:f4:31:4d:76:85:f0:a0:40:9e:05:79:
         8b:b7:11:84:c8:6e:ce:7d:a4:bb:8d:18:20:9f:ce:bf:d6:88:
         f0:a2:fe:d5:1f:1c:1b:8b:e2:53:dd:f9:4c:c1:d1:6c:a5:e9:
         ab:93:3e:86:10:5e:64:1d:9e:0f:e8:18:cd:6f:b8:ae:04:14:
         bb:bd:12:d6:f3:be:cc:b6:bf:0e:55:67:b6:01:63:e1:aa:da:
         ca:d7:0e:55:9c:e8:22:63:5c:38:a9:df:d1:86:58:93:a9:c9:
         3d:4a:ec:c6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdoThUsyLEd/JGUDl10+M+vMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5ZGNmMWU4OTdlNTk4ZWMzZjFhYjYwYmQ0NDMzMjg3MjZk
ZWRhZTQwHhcNMjUwNjEzMDgwMDM3WhcNMjUwNjE0MDgwMDM3WjAzMTEwLwYDVQQD
EygxN2I0NGQ2YWNlMTgzZjgxYjBlYmJmNmY2N2UxZjU3ZjI4ODBhYjA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA74wgdRCPTpG8H+qpxReqWqgcbkDc
ZhwnGdU+xo+oLt6r+imnamIRIG9F7ikuSV3eL+Cm2zH4r32CivF3/nEVsZUhsnac
v4y3VfCz2g5AS5jxvuU+burfGBdE2/BEroVDWo2Kw3pOcoQj3mRY5fUhZGXk0+P2
Vu18P4vjKdq0UbB9XDobmF/xVyOJJeYeAZnQPUXxkiK1uPXCui1H6gVhdzHxNAWK
E7FdFC4EXCNAjgY6cPYOKhTKuJah++AGXnrZUaFuHH2l9zL05A2OoqZjkX/8bsfy
XLZKXBQ+NiAQNx7Sc2prY5Vs/MKfjdCMJcYrZFGDGYB1UA6hZ0jUEBTAewIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBe0TWrOGD+BsOu/b2fh9X8ogKsEMB8GA1UdIwQY
MBaAFAnc8eiX5ZjsPxq2C9RDMocm3trkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ2R6eDZKZmxtT3dfR3JZTDFFTXloeWJlMnVRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NC85YmM0Y2MtYjY0Ni00NzAxLTg5NzUt
NjIzZTE5OWZkYmU5LzEvQ2R6eDZKZmxtT3dfR3JZTDFFTXloeWJlMnVRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NC85YmM0Y2MtYjY0Ni00NzAxLTg5NzUtNjIzZTE5OWZkYmU5
LzEvQ2R6eDZKZmxtT3dfR3JZTDFFTXloeWJlMnVRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAv6Ztw4ld
0/RQdWWH2/mQZX3L5s0Q2aI3iwKVvVf1OUQZ4RSyR/SFWWfd+3TllOONg7QreLum
jeP+0N3U5iEnpGogob7rvYnI37j3l/lR6+r5ldsBOT7QYW5OddJnglsUmI7FeQW5
uWpGz06ClJMP5yuILYONKtS0qubtC/VhXpG2G4/eGCm12NS+dzWlvS7EHYt/w5de
HPQxTXaF8KBAngV5i7cRhMhuzn2ku40YIJ/Ov9aI8KL+1R8cG4viU935TMHRbKXp
q5M+hhBeZB2eD+gYzW+4rgQUu70S1vO+zLa/DlVntgFj4araytcOVZzoImNcOKnf
0YZYk6nJPUrsxg==
-----END CERTIFICATE-----
Generated at Fri Jun 13 14:46:49 2025 by rpki-client