Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/77/27294e-b9e7-4660-932d-21048a734a46/1/0aiWnX4yy_knZkstxDa5bnFJpis.mft
File:                     0aiWnX4yy_knZkstxDa5bnFJpis.mft (raw, json)
Hash identifier:          4iOHfYCUPVljvm1u0v2A5KTuVjXNmLovJX43e8UMKOo=
Subject key identifier:   B4:B1:71:CB:DD:C6:F4:64:24:14:86:60:B6:6B:24:93:F5:C0:70:43
Authority key identifier: D1:A8:96:9D:7E:32:CB:F9:27:66:4B:2D:C4:36:B9:6E:71:49:A6:2B
Certificate issuer:       /CN=d1a8969d7e32cbf927664b2dc436b96e7149a62b
Certificate serial:       019764710CB7FF338201B82A6A2F266A2D13
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/0aiWnX4yy_knZkstxDa5bnFJpis.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/77/27294e-b9e7-4660-932d-21048a734a46/1/0aiWnX4yy_knZkstxDa5bnFJpis.mft
Manifest number:          0EC1
Signing time:             Thu 12 Jun 2025 14:00:19 +0000
Manifest this update:     Thu 12 Jun 2025 14:00:19 +0000
Manifest next update:     Fri 13 Jun 2025 14:00:19 +0000
Files and hashes:         1: 0aiWnX4yy_knZkstxDa5bnFJpis.crl (hash: FDAm9We+aHhl5ImAkuzm0gydLMxUcIOpNtBli1HUNTo=)
                          2: p1fyn5poKGi3v6udklaZLK6DaPs.roa (hash: ksuBLRSUua1zFmd4JmcnhcAsP8MWyD8OR/dcK6d/pkM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/77/27294e-b9e7-4660-932d-21048a734a46/1/0aiWnX4yy_knZkstxDa5bnFJpis.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/77/27294e-b9e7-4660-932d-21048a734a46/1/0aiWnX4yy_knZkstxDa5bnFJpis.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/0aiWnX4yy_knZkstxDa5bnFJpis.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 13 Jun 2025 13:55:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:64:71:0c:b7:ff:33:82:01:b8:2a:6a:2f:26:6a:2d:13
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d1a8969d7e32cbf927664b2dc436b96e7149a62b
        Validity
            Not Before: Jun 12 14:00:19 2025 GMT
            Not After : Jun 13 14:00:19 2025 GMT
        Subject: CN=b4b171cbddc6f46424148660b66b2493f5c07043
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d7:0d:02:2f:c5:fa:0c:1b:7b:bf:30:72:ea:a9:
                    cf:59:b0:76:8f:f2:df:1a:84:66:99:6c:8f:2f:95:
                    4d:81:27:e3:8b:88:63:a2:a6:b3:34:e7:b7:1a:88:
                    f2:fb:0d:c1:c2:b5:20:b8:67:da:19:c1:22:dc:52:
                    54:4d:be:90:e0:1e:b4:02:36:35:27:15:31:06:b6:
                    90:fc:20:4c:c0:21:2b:bd:33:9c:6e:aa:bd:45:ed:
                    d4:a2:1d:91:ae:0f:14:99:13:79:d7:7f:a7:36:85:
                    01:95:c7:2e:1d:62:45:50:9f:25:55:1a:16:e1:dc:
                    9a:8b:e0:9c:c0:6d:1f:b0:d1:2a:4d:28:66:57:b9:
                    5a:b3:be:60:50:8f:a2:42:c2:06:54:d1:ba:de:cc:
                    99:3e:a3:49:b5:6d:14:da:cd:7c:4d:f9:90:fe:d1:
                    68:6d:31:a9:16:97:21:f2:ee:7f:ff:fc:a9:b2:a1:
                    55:51:ec:05:fb:7d:1b:d4:41:1b:76:de:a5:ba:42:
                    c3:c2:bc:ee:6a:f5:8a:5f:7b:f2:e2:ad:6d:6c:1b:
                    12:69:1d:bc:9d:82:61:cf:df:1b:1c:28:78:b4:49:
                    ea:b1:a3:7c:86:8d:98:ea:a8:ae:4d:81:70:a2:21:
                    5c:4c:24:84:1c:07:82:a3:8c:fb:d2:b7:dd:de:07:
                    01:bb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B4:B1:71:CB:DD:C6:F4:64:24:14:86:60:B6:6B:24:93:F5:C0:70:43
            X509v3 Authority Key Identifier:
                keyid:D1:A8:96:9D:7E:32:CB:F9:27:66:4B:2D:C4:36:B9:6E:71:49:A6:2B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0aiWnX4yy_knZkstxDa5bnFJpis.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/77/27294e-b9e7-4660-932d-21048a734a46/1/0aiWnX4yy_knZkstxDa5bnFJpis.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/77/27294e-b9e7-4660-932d-21048a734a46/1/0aiWnX4yy_knZkstxDa5bnFJpis.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         16:a4:f4:44:f2:9f:6b:85:01:7a:c7:b2:d5:3a:b7:99:ea:09:
         02:d9:d9:41:6d:20:50:94:31:42:ce:45:4c:e3:94:13:01:a5:
         27:e0:f4:c9:38:86:a4:0a:60:11:f9:ff:6a:b4:a1:83:b7:2a:
         86:7b:17:2a:e8:50:fa:7b:37:a2:76:30:d2:f2:e1:e5:85:90:
         f4:68:1e:f2:79:d3:53:18:ff:5d:36:17:82:6f:b1:83:b0:98:
         d0:21:d8:b0:dc:ab:c8:07:e9:f4:24:b5:ec:cc:ae:b6:ff:28:
         6e:c7:71:d8:8e:06:c7:d9:d2:e3:2b:54:a3:45:55:2f:03:f9:
         7b:8d:c7:0f:7a:7e:05:1c:37:e3:34:6a:44:d3:0c:7a:f9:ec:
         71:d2:54:79:6c:92:82:2d:88:f3:97:88:61:49:b4:b7:91:e6:
         af:3c:b4:ca:5e:67:aa:e2:76:51:96:01:ea:a8:51:65:11:ee:
         93:54:34:a3:5e:d6:e6:91:d6:80:1f:86:21:3d:24:ff:3e:02:
         ed:c7:8d:43:b3:85:26:e9:92:ac:cc:56:be:77:a6:91:93:45:
         67:b1:d4:a7:ca:27:6e:c4:b4:be:f7:85:0a:9e:53:35:4a:6d:
         79:01:bb:31:2c:a1:79:33:79:b6:fc:ad:9f:c1:3e:60:49:9f:
         7c:de:37:10
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdkcQy3/zOCAbgqai8mai0TMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQxYTg5NjlkN2UzMmNiZjkyNzY2NGIyZGM0MzZiOTZlNzE0
OWE2MmIwHhcNMjUwNjEyMTQwMDE5WhcNMjUwNjEzMTQwMDE5WjAzMTEwLwYDVQQD
EyhiNGIxNzFjYmRkYzZmNDY0MjQxNDg2NjBiNjZiMjQ5M2Y1YzA3MDQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1w0CL8X6DBt7vzBy6qnPWbB2j/Lf
GoRmmWyPL5VNgSfji4hjoqazNOe3Gojy+w3BwrUguGfaGcEi3FJUTb6Q4B60AjY1
JxUxBraQ/CBMwCErvTOcbqq9Re3Uoh2Rrg8UmRN513+nNoUBlccuHWJFUJ8lVRoW
4dyai+CcwG0fsNEqTShmV7las75gUI+iQsIGVNG63syZPqNJtW0U2s18TfmQ/tFo
bTGpFpch8u5///ypsqFVUewF+30b1EEbdt6lukLDwrzuavWKX3vy4q1tbBsSaR28
nYJhz98bHCh4tEnqsaN8ho2Y6qiuTYFwoiFcTCSEHAeCo4z70rfd3gcBuwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLSxccvdxvRkJBSGYLZrJJP1wHBDMB8GA1UdIwQY
MBaAFNGolp1+Msv5J2ZLLcQ2uW5xSaYrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMGFpV25YNHl5X2tuWmtzdHhEYTVibkZKcGlzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ny8yNzI5NGUtYjllNy00NjYwLTkzMmQt
MjEwNDhhNzM0YTQ2LzEvMGFpV25YNHl5X2tuWmtzdHhEYTVibkZKcGlzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ny8yNzI5NGUtYjllNy00NjYwLTkzMmQtMjEwNDhhNzM0YTQ2
LzEvMGFpV25YNHl5X2tuWmtzdHhEYTVibkZKcGlzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAFqT0RPKf
a4UBesey1Tq3meoJAtnZQW0gUJQxQs5FTOOUEwGlJ+D0yTiGpApgEfn/arShg7cq
hnsXKuhQ+ns3onYw0vLh5YWQ9Gge8nnTUxj/XTYXgm+xg7CY0CHYsNyryAfp9CS1
7Myutv8obsdx2I4Gx9nS4ytUo0VVLwP5e43HD3p+BRw34zRqRNMMevnscdJUeWyS
gi2I85eIYUm0t5Hmrzy0yl5nquJ2UZYB6qhRZRHuk1Q0o17W5pHWgB+GIT0k/z4C
7ceNQ7OFJumSrMxWvnemkZNFZ7HUp8onbsS0vveFCp5TNUpteQG7MSyheTN5tvyt
n8E+YEmffN43EA==
-----END CERTIFICATE-----
Generated at Thu Jun 12 17:52:48 2025 by rpki-client