Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/202633-c690-48e5-9613-711ffdf91698/1/si3QZQH5nUcCLTpAOe_PQ50Lx-Y.mft
File:                     si3QZQH5nUcCLTpAOe_PQ50Lx-Y.mft (raw, json)
Hash identifier:          sw92Fp5DeFostxQZ1fRDVWE3BvTVU5wf9CxKnCWxo+8=
Subject key identifier:   6B:28:36:84:B4:06:FB:0C:5A:B0:94:12:3C:39:84:F6:C7:3F:4E:89
Authority key identifier: B2:2D:D0:65:01:F9:9D:47:02:2D:3A:40:39:EF:CF:43:9D:0B:C7:E6
Certificate issuer:       /CN=b22dd06501f99d47022d3a4039efcf439d0bc7e6
Certificate serial:       01976D744BC550797F90EBD07C2AA847DC90
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/si3QZQH5nUcCLTpAOe_PQ50Lx-Y.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/7a/202633-c690-48e5-9613-711ffdf91698/1/si3QZQH5nUcCLTpAOe_PQ50Lx-Y.mft
Manifest number:          035F
Signing time:             Sat 14 Jun 2025 08:00:27 +0000
Manifest this update:     Sat 14 Jun 2025 08:00:27 +0000
Manifest next update:     Sun 15 Jun 2025 08:00:27 +0000
Files and hashes:         1: Ol4H0Ofe0seTJhjp23zwbv14mcA.roa (hash: h0M7hTbR8JXwLU22tU4Fw/p8crplmJ6JisUg1rjxv0k=)
                          2: si3QZQH5nUcCLTpAOe_PQ50Lx-Y.crl (hash: x9bPKcNfY4KDVrdfbzo3GhnWm1zL9bBW9A9sGVZhupE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/7a/202633-c690-48e5-9613-711ffdf91698/1/si3QZQH5nUcCLTpAOe_PQ50Lx-Y.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/7a/202633-c690-48e5-9613-711ffdf91698/1/si3QZQH5nUcCLTpAOe_PQ50Lx-Y.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/si3QZQH5nUcCLTpAOe_PQ50Lx-Y.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 15 Jun 2025 01:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:6d:74:4b:c5:50:79:7f:90:eb:d0:7c:2a:a8:47:dc:90
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b22dd06501f99d47022d3a4039efcf439d0bc7e6
        Validity
            Not Before: Jun 14 08:00:27 2025 GMT
            Not After : Jun 15 08:00:27 2025 GMT
        Subject: CN=6b283684b406fb0c5ab094123c3984f6c73f4e89
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dc:37:f0:b0:df:6b:7d:7d:b3:d8:1e:d0:95:cd:
                    a8:57:8d:79:c1:47:0b:4a:ff:4f:1b:d7:72:22:86:
                    38:0b:c6:3f:4f:07:c4:19:0b:a6:c7:46:d1:bf:2d:
                    e5:2f:3d:71:29:c7:4b:0e:93:bb:aa:ed:da:0d:be:
                    20:ce:c6:82:0f:fc:c0:ba:27:a4:71:0f:62:9d:f0:
                    89:86:04:b1:de:14:0e:35:0b:a7:4e:f8:d9:b4:ac:
                    12:f0:22:c7:95:65:0c:23:5e:0d:d2:5d:4b:01:09:
                    56:ce:60:8c:2a:2e:b0:fb:89:18:6a:cd:da:16:dc:
                    cf:1c:17:07:e0:f1:f3:d9:87:bd:32:ae:93:f2:f2:
                    4f:9c:d6:c5:e2:eb:ff:e0:aa:2d:11:9c:19:46:8a:
                    7a:74:8b:00:62:64:02:2a:e8:cd:11:7f:cc:45:45:
                    d2:a9:75:2c:5e:e3:e7:fb:53:83:37:d4:35:c9:f2:
                    e2:c4:2c:ca:05:53:f3:33:5e:f3:d6:31:fa:62:f4:
                    86:c9:f5:8e:64:94:bd:c7:7a:e0:d2:db:d0:c4:1c:
                    b0:36:53:f2:74:39:41:06:d8:1d:9f:a2:57:82:11:
                    13:c0:9b:5a:86:e8:50:7e:2e:8a:54:d0:fe:80:d0:
                    e2:1f:62:75:23:55:2f:fd:e5:43:b0:6b:54:a3:dc:
                    52:15
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6B:28:36:84:B4:06:FB:0C:5A:B0:94:12:3C:39:84:F6:C7:3F:4E:89
            X509v3 Authority Key Identifier:
                keyid:B2:2D:D0:65:01:F9:9D:47:02:2D:3A:40:39:EF:CF:43:9D:0B:C7:E6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/si3QZQH5nUcCLTpAOe_PQ50Lx-Y.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/202633-c690-48e5-9613-711ffdf91698/1/si3QZQH5nUcCLTpAOe_PQ50Lx-Y.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/202633-c690-48e5-9613-711ffdf91698/1/si3QZQH5nUcCLTpAOe_PQ50Lx-Y.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2e:a1:71:68:30:fb:4d:66:fd:b1:d4:1c:47:99:b4:d7:79:ca:
         4e:be:fb:07:36:3d:5a:87:2a:a7:b8:39:a3:67:e3:04:eb:e0:
         b8:7d:98:95:ad:1b:d5:b1:a0:43:3b:dc:42:07:36:df:6d:c4:
         37:4c:51:d9:09:b6:12:49:de:b7:b4:4e:d9:8a:04:d6:40:90:
         ae:c7:85:a0:aa:6f:e2:87:0f:4a:8d:2b:82:90:7d:56:63:e7:
         88:c8:86:d3:e8:7d:7a:b3:3b:9a:5d:e6:89:df:6f:77:1c:cd:
         11:83:4d:7c:f7:aa:fb:84:d9:a9:4d:90:26:6d:85:17:c2:24:
         ad:59:6a:cb:42:52:0d:21:69:3e:aa:1b:bf:97:9d:2c:c2:00:
         20:14:b2:e7:61:46:7d:67:44:88:fe:21:50:ce:12:fe:ec:05:
         de:fe:1d:5d:19:52:f3:bb:cf:1f:50:46:45:3e:98:42:27:35:
         ad:21:c7:9f:9c:6a:2e:d4:dd:26:92:61:d3:fd:30:2b:f8:4f:
         d7:d1:94:b4:72:6e:e7:17:13:d1:71:8a:b8:fe:c6:ac:75:92:
         d6:e5:05:eb:07:dd:b6:d2:5b:e7:cb:2e:ed:62:e6:70:00:5e:
         d5:a6:39:0e:0a:08:00:7b:28:40:5e:ef:fd:5c:8d:65:31:c4:
         48:bd:34:7d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdtdEvFUHl/kOvQfCqoR9yQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyMmRkMDY1MDFmOTlkNDcwMjJkM2E0MDM5ZWZjZjQzOWQw
YmM3ZTYwHhcNMjUwNjE0MDgwMDI3WhcNMjUwNjE1MDgwMDI3WjAzMTEwLwYDVQQD
Eyg2YjI4MzY4NGI0MDZmYjBjNWFiMDk0MTIzYzM5ODRmNmM3M2Y0ZTg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3DfwsN9rfX2z2B7Qlc2oV415wUcL
Sv9PG9dyIoY4C8Y/TwfEGQumx0bRvy3lLz1xKcdLDpO7qu3aDb4gzsaCD/zAuiek
cQ9infCJhgSx3hQONQunTvjZtKwS8CLHlWUMI14N0l1LAQlWzmCMKi6w+4kYas3a
FtzPHBcH4PHz2Ye9Mq6T8vJPnNbF4uv/4KotEZwZRop6dIsAYmQCKujNEX/MRUXS
qXUsXuPn+1ODN9Q1yfLixCzKBVPzM17z1jH6YvSGyfWOZJS9x3rg0tvQxBywNlPy
dDlBBtgdn6JXghETwJtahuhQfi6KVND+gNDiH2J1I1Uv/eVDsGtUo9xSFQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGsoNoS0BvsMWrCUEjw5hPbHP06JMB8GA1UdIwQY
MBaAFLIt0GUB+Z1HAi06QDnvz0OdC8fmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc2kzUVpRSDVuVWNDTFRwQU9lX1BRNTBMeC1ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83YS8yMDI2MzMtYzY5MC00OGU1LTk2MTMt
NzExZmZkZjkxNjk4LzEvc2kzUVpRSDVuVWNDTFRwQU9lX1BRNTBMeC1ZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83YS8yMDI2MzMtYzY5MC00OGU1LTk2MTMtNzExZmZkZjkxNjk4
LzEvc2kzUVpRSDVuVWNDTFRwQU9lX1BRNTBMeC1ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALqFxaDD7
TWb9sdQcR5m013nKTr77BzY9Wocqp7g5o2fjBOvguH2Yla0b1bGgQzvcQgc2323E
N0xR2Qm2Eknet7RO2YoE1kCQrseFoKpv4ocPSo0rgpB9VmPniMiG0+h9erM7ml3m
id9vdxzNEYNNfPeq+4TZqU2QJm2FF8IkrVlqy0JSDSFpPqobv5edLMIAIBSy52FG
fWdEiP4hUM4S/uwF3v4dXRlS87vPH1BGRT6YQic1rSHHn5xqLtTdJpJh0/0wK/hP
19GUtHJu5xcT0XGKuP7GrHWS1uUF6wfdttJb58su7WLmcABe1aY5DgoIAHsoQF7v
/VyNZTHESL00fQ==
-----END CERTIFICATE-----
Generated at Sat Jun 14 12:15:06 2025 by rpki-client