Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/77/27294e-b9e7-4660-932d-21048a734a46/1/0aiWnX4yy_knZkstxDa5bnFJpis.mft
File:                     0aiWnX4yy_knZkstxDa5bnFJpis.mft (raw, json)
Hash identifier:          PHKHv3DH3/uj0YMoCssjYrOKmLbYBkB1WObhpLDcArQ=
Subject key identifier:   FD:D4:AC:71:86:CB:65:0F:EE:FF:18:07:38:10:58:9C:11:45:84:05
Authority key identifier: D1:A8:96:9D:7E:32:CB:F9:27:66:4B:2D:C4:36:B9:6E:71:49:A6:2B
Certificate issuer:       /CN=d1a8969d7e32cbf927664b2dc436b96e7149a62b
Certificate serial:       01975CB7F931BE01DD10D7ACD3E5AAE4078E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/0aiWnX4yy_knZkstxDa5bnFJpis.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/77/27294e-b9e7-4660-932d-21048a734a46/1/0aiWnX4yy_knZkstxDa5bnFJpis.mft
Manifest number:          0EBD
Signing time:             Wed 11 Jun 2025 02:00:50 +0000
Manifest this update:     Wed 11 Jun 2025 02:00:50 +0000
Manifest next update:     Thu 12 Jun 2025 02:00:50 +0000
Files and hashes:         1: 0aiWnX4yy_knZkstxDa5bnFJpis.crl (hash: 3NYvuLNrEsLLmPLg8PzYCZpRRrMEZAyrOo7/IqR3z/M=)
                          2: p1fyn5poKGi3v6udklaZLK6DaPs.roa (hash: ksuBLRSUua1zFmd4JmcnhcAsP8MWyD8OR/dcK6d/pkM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/77/27294e-b9e7-4660-932d-21048a734a46/1/0aiWnX4yy_knZkstxDa5bnFJpis.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/77/27294e-b9e7-4660-932d-21048a734a46/1/0aiWnX4yy_knZkstxDa5bnFJpis.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/0aiWnX4yy_knZkstxDa5bnFJpis.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 11 Jun 2025 23:00:18 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:5c:b7:f9:31:be:01:dd:10:d7:ac:d3:e5:aa:e4:07:8e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d1a8969d7e32cbf927664b2dc436b96e7149a62b
        Validity
            Not Before: Jun 11 02:00:50 2025 GMT
            Not After : Jun 12 02:00:50 2025 GMT
        Subject: CN=fdd4ac7186cb650feeff18073810589c11458405
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8f:1d:d1:f1:cd:55:5c:66:c5:7b:71:e6:b4:5d:
                    d0:43:d7:f3:33:da:43:39:e7:2c:ad:f9:ce:9b:4a:
                    53:3f:71:3f:87:a1:0a:8a:ed:0f:34:bb:91:10:98:
                    7a:b4:63:26:bc:d8:61:79:19:1b:ef:69:3c:7f:40:
                    86:60:3d:83:21:de:3c:60:e0:6d:c2:9f:a8:05:a1:
                    80:cd:1e:e6:09:50:e8:c1:31:8a:28:17:18:f4:90:
                    6a:65:43:0b:04:49:c7:6b:3e:48:d3:10:52:61:d6:
                    b6:2a:b3:b7:f0:1d:ce:15:9d:c3:e8:86:c8:5a:38:
                    e7:0b:5e:68:6b:9e:4e:92:33:0a:3e:73:8f:81:4c:
                    6b:a3:51:9e:fe:a5:8e:32:45:ee:ea:22:d0:35:2d:
                    d7:8f:da:5d:1e:13:7d:87:27:15:66:53:7c:55:03:
                    f9:6d:70:1b:df:ed:6b:92:be:10:2d:c7:cb:6e:48:
                    e2:cb:b8:92:da:75:3d:3b:b4:aa:4e:c9:f1:92:96:
                    5f:c2:b5:30:fe:c3:d6:11:3b:0f:1c:e3:21:7a:e0:
                    1a:43:59:fa:3f:33:2d:cc:37:71:50:6e:ad:0a:0c:
                    e4:ed:68:cb:10:43:30:1e:d5:49:63:18:d4:c2:ce:
                    3b:a5:8e:f0:b7:26:03:9a:a2:91:41:47:03:ba:59:
                    ab:3f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FD:D4:AC:71:86:CB:65:0F:EE:FF:18:07:38:10:58:9C:11:45:84:05
            X509v3 Authority Key Identifier:
                keyid:D1:A8:96:9D:7E:32:CB:F9:27:66:4B:2D:C4:36:B9:6E:71:49:A6:2B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0aiWnX4yy_knZkstxDa5bnFJpis.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/77/27294e-b9e7-4660-932d-21048a734a46/1/0aiWnX4yy_knZkstxDa5bnFJpis.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/77/27294e-b9e7-4660-932d-21048a734a46/1/0aiWnX4yy_knZkstxDa5bnFJpis.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         06:86:e3:67:83:ef:8c:7c:b5:ac:0f:c2:00:6a:d1:88:2c:98:
         d2:15:5c:bf:ba:e8:47:e3:41:83:9c:45:f9:62:d4:1b:4a:c6:
         3d:5e:ad:91:ab:04:6a:e0:81:d5:03:c8:42:c4:88:f4:91:dd:
         aa:32:1c:08:72:bf:b9:1a:e2:72:1e:3b:eb:d2:e1:27:d5:70:
         ce:37:bd:c4:96:90:e5:11:da:66:08:c0:1e:6a:68:7c:d1:de:
         5e:b0:af:bc:99:44:66:e1:8a:18:9c:ed:25:89:9e:b2:0d:ef:
         91:1a:4d:11:6f:a0:b0:47:cb:42:33:4d:d7:a0:f2:25:51:1a:
         2c:36:3b:25:35:5f:4b:89:3c:40:74:8d:f8:a1:e3:3f:2d:1b:
         87:22:e8:ac:15:b1:3f:a5:2c:d7:e5:d0:af:4f:5b:5a:77:b7:
         fd:e8:db:4d:86:e3:ab:8e:05:a2:ac:d1:cc:a1:f7:c3:fe:9a:
         3a:de:a6:76:b1:ea:1e:59:1d:be:1b:9f:c2:7e:77:13:f7:5c:
         05:c2:48:7f:a7:32:7b:f1:14:77:c7:ad:87:3b:57:97:d5:1b:
         55:81:c3:16:e3:29:43:86:a4:a9:06:fb:d0:8a:25:b7:8b:fa:
         46:8c:93:f4:f9:35:31:04:07:e2:54:ff:40:b2:0f:93:4a:ca:
         84:a9:cd:64
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdct/kxvgHdENes0+Wq5AeOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQxYTg5NjlkN2UzMmNiZjkyNzY2NGIyZGM0MzZiOTZlNzE0
OWE2MmIwHhcNMjUwNjExMDIwMDUwWhcNMjUwNjEyMDIwMDUwWjAzMTEwLwYDVQQD
EyhmZGQ0YWM3MTg2Y2I2NTBmZWVmZjE4MDczODEwNTg5YzExNDU4NDA1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjx3R8c1VXGbFe3HmtF3QQ9fzM9pD
OecsrfnOm0pTP3E/h6EKiu0PNLuREJh6tGMmvNhheRkb72k8f0CGYD2DId48YOBt
wp+oBaGAzR7mCVDowTGKKBcY9JBqZUMLBEnHaz5I0xBSYda2KrO38B3OFZ3D6IbI
WjjnC15oa55OkjMKPnOPgUxro1Ge/qWOMkXu6iLQNS3Xj9pdHhN9hycVZlN8VQP5
bXAb3+1rkr4QLcfLbkjiy7iS2nU9O7SqTsnxkpZfwrUw/sPWETsPHOMheuAaQ1n6
PzMtzDdxUG6tCgzk7WjLEEMwHtVJYxjUws47pY7wtyYDmqKRQUcDulmrPwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFP3UrHGGy2UP7v8YBzgQWJwRRYQFMB8GA1UdIwQY
MBaAFNGolp1+Msv5J2ZLLcQ2uW5xSaYrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMGFpV25YNHl5X2tuWmtzdHhEYTVibkZKcGlzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ny8yNzI5NGUtYjllNy00NjYwLTkzMmQt
MjEwNDhhNzM0YTQ2LzEvMGFpV25YNHl5X2tuWmtzdHhEYTVibkZKcGlzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ny8yNzI5NGUtYjllNy00NjYwLTkzMmQtMjEwNDhhNzM0YTQ2
LzEvMGFpV25YNHl5X2tuWmtzdHhEYTVibkZKcGlzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEABobjZ4Pv
jHy1rA/CAGrRiCyY0hVcv7roR+NBg5xF+WLUG0rGPV6tkasEauCB1QPIQsSI9JHd
qjIcCHK/uRrich4769LhJ9Vwzje9xJaQ5RHaZgjAHmpofNHeXrCvvJlEZuGKGJzt
JYmesg3vkRpNEW+gsEfLQjNN16DyJVEaLDY7JTVfS4k8QHSN+KHjPy0bhyLorBWx
P6Us1+XQr09bWne3/ejbTYbjq44FoqzRzKH3w/6aOt6mdrHqHlkdvhufwn53E/dc
BcJIf6cye/EUd8ethztXl9UbVYHDFuMpQ4akqQb70Iolt4v6RoyT9Pk1MQQH4lT/
QLIPk0rKhKnNZA==
-----END CERTIFICATE-----
Generated at Wed Jun 11 09:32:36 2025 by rpki-client