Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/74/9bc4cc-b646-4701-8975-623e199fdbe9/1/Cdzx6JflmOw_GrYL1EMyhybe2uQ.mft
File:                     Cdzx6JflmOw_GrYL1EMyhybe2uQ.mft (raw, json)
Hash identifier:          e++uf1jVMN5ze6SDh+8T345ebdMRiQ/t8om1C1uqaYg=
Subject key identifier:   58:BB:CE:FC:37:41:84:63:A7:C2:CA:35:DF:E8:5E:1C:25:71:2C:9C
Authority key identifier: 09:DC:F1:E8:97:E5:98:EC:3F:1A:B6:0B:D4:43:32:87:26:DE:DA:E4
Certificate issuer:       /CN=09dcf1e897e598ec3f1ab60bd443328726dedae4
Certificate serial:       01976C2ACDD285F6051B793E7AEAAB4224FA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Cdzx6JflmOw_GrYL1EMyhybe2uQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/74/9bc4cc-b646-4701-8975-623e199fdbe9/1/Cdzx6JflmOw_GrYL1EMyhybe2uQ.mft
Manifest number:          13DD
Signing time:             Sat 14 Jun 2025 02:00:33 +0000
Manifest this update:     Sat 14 Jun 2025 02:00:33 +0000
Manifest next update:     Sun 15 Jun 2025 02:00:33 +0000
Files and hashes:         1: 1-KS-11GCop4jdIEBghE-M8_v_g8.roa (hash: EqC/3yl9y80XofTy0F138kTU+PwB4qz9tGO9qfDtpgk=)
                          2: 28Clr4Ex1l2uqo6qlmoWgDRx4JU.roa (hash: idGohMKsNgyo0RBS8sMY69MlW8nQfQuAaP7Q0HBe0uM=)
                          3: 3RrW5Yatg2PUvnJMq7_H-tuFmj8.roa (hash: 5AaD0wsj8bY2cs7Xy1+SAntuaiPPTR2j1GucGYtil+8=)
                          4: 6Mu0G5eGnDMdTKqwRVWTSuG8bsw.roa (hash: moIyQZi4wCVA13IscbWLzRltLBx1xw7w1x6HIQR/1Hg=)
                          5: Cdzx6JflmOw_GrYL1EMyhybe2uQ.crl (hash: yJ7UDWKVWI7MZjjA29Pl4Sj6r2sLpgflN6ZfC7hIEJo=)
                          6: ZDWi8X9SmWmbAKCwE55Pm2H1s3Q.roa (hash: j4Bd1zsOhh9D77jUeZ1o5ZusSCW9cs9P4TtpELqNqCQ=)
                          7: nJT9Bh_tbP1He9594EppfoCQEts.roa (hash: EeLGem/zMOULX8JHQg+hYpRqNlikcSBKHqsuzrAaMZg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/74/9bc4cc-b646-4701-8975-623e199fdbe9/1/Cdzx6JflmOw_GrYL1EMyhybe2uQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/74/9bc4cc-b646-4701-8975-623e199fdbe9/1/Cdzx6JflmOw_GrYL1EMyhybe2uQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Cdzx6JflmOw_GrYL1EMyhybe2uQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 15 Jun 2025 01:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:6c:2a:cd:d2:85:f6:05:1b:79:3e:7a:ea:ab:42:24:fa
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=09dcf1e897e598ec3f1ab60bd443328726dedae4
        Validity
            Not Before: Jun 14 02:00:33 2025 GMT
            Not After : Jun 15 02:00:33 2025 GMT
        Subject: CN=58bbcefc37418463a7c2ca35dfe85e1c25712c9c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d3:13:7c:98:2b:28:53:36:e9:13:9d:40:3f:87:
                    81:42:3e:ba:1c:9b:15:ec:ee:2a:d1:b1:8b:68:98:
                    a7:49:7b:dc:c2:eb:85:2a:72:a4:1d:b7:50:73:a7:
                    34:5c:a3:68:e6:79:c5:59:b5:f4:5e:2b:20:5a:c6:
                    c0:85:63:5c:31:59:26:8a:92:ce:93:cb:44:b0:06:
                    52:99:18:b9:54:60:5b:1e:61:87:6d:69:05:77:95:
                    28:18:ce:40:e6:e9:f0:3c:e1:9c:b6:2b:c1:94:fc:
                    47:8e:63:de:b2:f4:7d:fd:b2:94:8e:f8:d6:66:ce:
                    c4:27:b4:58:3a:6c:14:a3:4c:0c:f3:4b:ea:35:f2:
                    aa:34:ac:ce:f1:92:01:00:d2:01:81:ed:21:95:da:
                    b5:f2:02:ec:82:d6:ce:e1:81:8b:09:c9:03:dd:ad:
                    b4:18:d8:46:ab:ef:58:43:8c:8c:a9:e2:b5:bb:63:
                    2d:94:66:65:25:45:ec:3c:79:45:ad:f0:9b:77:7b:
                    4e:c5:d6:5c:e6:69:c6:78:23:4b:60:49:19:00:ac:
                    fd:67:47:ae:8e:b6:89:b4:a8:f3:d9:e7:5c:fa:06:
                    ae:56:e5:39:3b:1a:3c:49:e1:ea:9c:d9:1c:5b:9b:
                    2c:fb:73:eb:27:d7:6f:86:67:ac:b1:83:81:1f:33:
                    2f:c3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                58:BB:CE:FC:37:41:84:63:A7:C2:CA:35:DF:E8:5E:1C:25:71:2C:9C
            X509v3 Authority Key Identifier:
                keyid:09:DC:F1:E8:97:E5:98:EC:3F:1A:B6:0B:D4:43:32:87:26:DE:DA:E4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Cdzx6JflmOw_GrYL1EMyhybe2uQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/74/9bc4cc-b646-4701-8975-623e199fdbe9/1/Cdzx6JflmOw_GrYL1EMyhybe2uQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/74/9bc4cc-b646-4701-8975-623e199fdbe9/1/Cdzx6JflmOw_GrYL1EMyhybe2uQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         b0:af:65:20:6e:d8:90:4c:db:47:c3:f5:27:7f:54:0a:22:95:
         37:0d:88:46:a4:eb:1d:a2:24:99:6c:ac:13:8c:d1:24:24:d3:
         53:8e:5e:82:86:8e:29:cf:c6:23:ad:63:69:98:03:62:d2:8c:
         7d:1d:5f:f9:ee:8c:6c:74:86:3a:a4:a2:d9:58:70:53:4b:0d:
         af:94:32:c0:df:20:60:2f:8a:f7:aa:7e:f8:fe:39:f2:e9:a3:
         98:16:4f:d1:37:42:e2:2a:7f:ba:a2:d9:70:31:f7:9f:14:d4:
         97:32:02:13:8d:7a:e7:af:6f:ad:46:6a:8a:49:32:88:60:b0:
         1a:96:cc:33:0e:39:ae:54:1e:10:12:2b:15:50:cb:50:dc:9c:
         45:e6:0c:c2:19:88:bd:ce:df:5e:3f:66:16:70:a4:e1:d8:00:
         26:28:c9:78:96:47:a4:2d:e2:28:3a:e6:ce:63:70:c4:98:4f:
         b0:99:f2:5a:6a:a5:ca:15:5c:25:56:24:77:dd:81:3c:6c:1d:
         92:f4:d8:22:2a:43:db:5a:e2:41:b4:28:47:d0:7c:84:5b:da:
         19:f5:ec:6a:53:6f:84:d3:4e:22:98:f1:4f:35:10:06:3f:fb:
         b7:f8:a9:36:00:15:0c:27:db:ad:08:11:99:30:c6:1b:a3:74:
         8d:d2:45:9d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdsKs3ShfYFG3k+euqrQiT6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5ZGNmMWU4OTdlNTk4ZWMzZjFhYjYwYmQ0NDMzMjg3MjZk
ZWRhZTQwHhcNMjUwNjE0MDIwMDMzWhcNMjUwNjE1MDIwMDMzWjAzMTEwLwYDVQQD
Eyg1OGJiY2VmYzM3NDE4NDYzYTdjMmNhMzVkZmU4NWUxYzI1NzEyYzljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0xN8mCsoUzbpE51AP4eBQj66HJsV
7O4q0bGLaJinSXvcwuuFKnKkHbdQc6c0XKNo5nnFWbX0XisgWsbAhWNcMVkmipLO
k8tEsAZSmRi5VGBbHmGHbWkFd5UoGM5A5unwPOGctivBlPxHjmPesvR9/bKUjvjW
Zs7EJ7RYOmwUo0wM80vqNfKqNKzO8ZIBANIBge0hldq18gLsgtbO4YGLCckD3a20
GNhGq+9YQ4yMqeK1u2MtlGZlJUXsPHlFrfCbd3tOxdZc5mnGeCNLYEkZAKz9Z0eu
jraJtKjz2edc+gauVuU5Oxo8SeHqnNkcW5ss+3PrJ9dvhmessYOBHzMvwwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFi7zvw3QYRjp8LKNd/oXhwlcSycMB8GA1UdIwQY
MBaAFAnc8eiX5ZjsPxq2C9RDMocm3trkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ2R6eDZKZmxtT3dfR3JZTDFFTXloeWJlMnVRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NC85YmM0Y2MtYjY0Ni00NzAxLTg5NzUt
NjIzZTE5OWZkYmU5LzEvQ2R6eDZKZmxtT3dfR3JZTDFFTXloeWJlMnVRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NC85YmM0Y2MtYjY0Ni00NzAxLTg5NzUtNjIzZTE5OWZkYmU5
LzEvQ2R6eDZKZmxtT3dfR3JZTDFFTXloeWJlMnVRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAsK9lIG7Y
kEzbR8P1J39UCiKVNw2IRqTrHaIkmWysE4zRJCTTU45egoaOKc/GI61jaZgDYtKM
fR1f+e6MbHSGOqSi2VhwU0sNr5QywN8gYC+K96p++P458umjmBZP0TdC4ip/uqLZ
cDH3nxTUlzICE416569vrUZqikkyiGCwGpbMMw45rlQeEBIrFVDLUNycReYMwhmI
vc7fXj9mFnCk4dgAJijJeJZHpC3iKDrmzmNwxJhPsJnyWmqlyhVcJVYkd92BPGwd
kvTYIipD21riQbQoR9B8hFvaGfXsalNvhNNOIpjxTzUQBj/7t/ipNgAVDCfbrQgR
mTDGG6N0jdJFnQ==
-----END CERTIFICATE-----
Generated at Sat Jun 14 12:27:54 2025 by rpki-client