Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/74177c-5e3b-4836-8867-e8d47bba25bf/1/2KVuLWOsXam-012gHL-tIl8EvrA.mft
File:                     2KVuLWOsXam-012gHL-tIl8EvrA.mft (raw, json)
Hash identifier:          RFNqeOIhtkp+mUwOKJx6KQRW+MlZCqh4O6MMgRBxQdc=
Subject key identifier:   81:6D:37:47:08:6D:41:B1:3F:C3:C9:31:D2:86:8E:28:B1:CA:A0:32
Authority key identifier: D8:A5:6E:2D:63:AC:5D:A9:BE:D3:5D:A0:1C:BF:AD:22:5F:04:BE:B0
Certificate issuer:       /CN=d8a56e2d63ac5da9bed35da01cbfad225f04beb0
Certificate serial:       01976629034AAA69DF3F4C3A714712BA0AFB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2KVuLWOsXam-012gHL-tIl8EvrA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/80/74177c-5e3b-4836-8867-e8d47bba25bf/1/2KVuLWOsXam-012gHL-tIl8EvrA.mft
Manifest number:          158E
Signing time:             Thu 12 Jun 2025 22:00:53 +0000
Manifest this update:     Thu 12 Jun 2025 22:00:53 +0000
Manifest next update:     Fri 13 Jun 2025 22:00:53 +0000
Files and hashes:         1: 2KVuLWOsXam-012gHL-tIl8EvrA.crl (hash: TKNcqb0K39g+UGI0HrWX+rtw+lKyj3qbCo0uEMMXOGI=)
                          2: RCebozhiTcCblvotMpWCdCJ1ob8.roa (hash: ZFZoBEoVJHz2x12TIIxXed5WibUd/7/bBstI8X2ocJo=)
                          3: nQS504JwOxjiWHwncxw2UXqZAyw.roa (hash: 3N4RSXWIhF3ipth4gfwK0f71CjoGPMdi4/hqfhot2X4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/80/74177c-5e3b-4836-8867-e8d47bba25bf/1/2KVuLWOsXam-012gHL-tIl8EvrA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/80/74177c-5e3b-4836-8867-e8d47bba25bf/1/2KVuLWOsXam-012gHL-tIl8EvrA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2KVuLWOsXam-012gHL-tIl8EvrA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 13 Jun 2025 22:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:66:29:03:4a:aa:69:df:3f:4c:3a:71:47:12:ba:0a:fb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d8a56e2d63ac5da9bed35da01cbfad225f04beb0
        Validity
            Not Before: Jun 12 22:00:53 2025 GMT
            Not After : Jun 13 22:00:53 2025 GMT
        Subject: CN=816d3747086d41b13fc3c931d2868e28b1caa032
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e1:ef:bb:53:e9:a6:89:fe:9e:c3:61:c2:37:cd:
                    0e:7f:6d:0d:8b:6d:19:47:41:88:d4:c5:55:68:c2:
                    56:c6:d3:2c:3a:e9:db:1f:f1:57:c3:3e:7c:3f:39:
                    d7:3a:11:b6:1f:fa:8b:b5:56:ba:62:2a:a3:40:8b:
                    f2:ec:ed:57:93:7c:25:c8:68:dc:a1:82:a3:34:2e:
                    c6:77:73:76:c8:c4:a1:6a:51:82:f7:cf:c1:35:f4:
                    85:96:27:42:e8:6b:e5:05:a2:3a:09:82:9e:aa:fb:
                    67:3a:01:f8:d5:41:f2:a6:06:be:fc:1f:c0:4a:fe:
                    76:c0:fe:05:7a:fe:e1:8b:9f:f0:c9:17:01:05:5a:
                    e7:af:f3:a7:48:88:a1:96:c2:61:da:62:0c:0c:58:
                    83:c7:3b:87:e7:a6:c7:2e:31:1e:1d:53:40:ce:7b:
                    ba:aa:c4:ff:f4:5b:b7:ac:76:88:36:ec:e9:91:8e:
                    c0:a3:ad:2e:95:0c:e1:d3:f7:5b:41:90:2f:9d:80:
                    79:9c:60:da:3b:0d:6e:a9:a2:19:4a:8a:14:a8:e8:
                    3d:bd:9f:42:30:44:ff:e1:a2:cd:6a:44:d8:ab:aa:
                    1b:0e:28:12:c0:44:e3:4a:66:bd:7d:1f:94:e3:bf:
                    b4:ee:6d:b7:c4:f4:30:bb:5b:bb:21:74:54:c3:48:
                    c2:f5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                81:6D:37:47:08:6D:41:B1:3F:C3:C9:31:D2:86:8E:28:B1:CA:A0:32
            X509v3 Authority Key Identifier:
                keyid:D8:A5:6E:2D:63:AC:5D:A9:BE:D3:5D:A0:1C:BF:AD:22:5F:04:BE:B0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2KVuLWOsXam-012gHL-tIl8EvrA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/74177c-5e3b-4836-8867-e8d47bba25bf/1/2KVuLWOsXam-012gHL-tIl8EvrA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/80/74177c-5e3b-4836-8867-e8d47bba25bf/1/2KVuLWOsXam-012gHL-tIl8EvrA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         c8:ca:4d:05:0c:c5:e4:f6:e5:e5:9c:92:db:ea:8a:9e:6f:35:
         c4:12:fa:b8:da:60:d4:0c:3f:66:ab:0b:2a:a6:e7:74:12:fd:
         12:a8:8c:99:4a:6d:ab:b3:f5:33:49:a7:7d:13:ce:98:92:d9:
         68:ac:68:a8:70:19:95:4d:0f:05:eb:51:8d:c4:31:ba:9f:94:
         c1:8d:04:de:93:89:57:2b:03:b6:7b:23:e0:3e:0f:25:38:e4:
         93:0f:93:43:7b:b7:2e:5a:b2:86:6e:54:c5:e6:57:0c:7f:0e:
         8a:9e:f5:bb:30:a5:f1:72:66:12:79:78:92:d8:d5:65:90:bf:
         8a:82:22:de:7c:b6:8f:f0:50:72:a8:e7:6a:b7:b8:b9:8a:44:
         9b:16:31:4e:ce:a5:5c:56:89:e4:49:fe:2a:68:00:08:ba:e1:
         fc:1b:85:a4:96:68:a6:b3:ec:f6:47:08:f4:2a:00:b5:eb:4e:
         df:ba:d4:46:89:72:06:c3:98:66:f5:48:c9:0e:ef:2a:14:a2:
         78:f6:a8:bc:fe:bb:42:ee:ba:74:e5:6d:ac:34:9d:c3:12:a2:
         f9:23:83:a5:fd:c9:0a:26:a5:54:5c:7f:d5:76:b8:03:2c:75:
         c2:35:1d:19:61:28:cc:1b:e2:1b:f8:a4:f6:4f:ad:ce:69:38:
         5d:48:e4:8a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdmKQNKqmnfP0w6cUcSugr7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4YTU2ZTJkNjNhYzVkYTliZWQzNWRhMDFjYmZhZDIyNWYw
NGJlYjAwHhcNMjUwNjEyMjIwMDUzWhcNMjUwNjEzMjIwMDUzWjAzMTEwLwYDVQQD
Eyg4MTZkMzc0NzA4NmQ0MWIxM2ZjM2M5MzFkMjg2OGUyOGIxY2FhMDMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4e+7U+mmif6ew2HCN80Of20Ni20Z
R0GI1MVVaMJWxtMsOunbH/FXwz58PznXOhG2H/qLtVa6YiqjQIvy7O1Xk3wlyGjc
oYKjNC7Gd3N2yMShalGC98/BNfSFlidC6GvlBaI6CYKeqvtnOgH41UHypga+/B/A
Sv52wP4Fev7hi5/wyRcBBVrnr/OnSIihlsJh2mIMDFiDxzuH56bHLjEeHVNAznu6
qsT/9Fu3rHaINuzpkY7Ao60ulQzh0/dbQZAvnYB5nGDaOw1uqaIZSooUqOg9vZ9C
MET/4aLNakTYq6obDigSwETjSma9fR+U47+07m23xPQwu1u7IXRUw0jC9QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIFtN0cIbUGxP8PJMdKGjiixyqAyMB8GA1UdIwQY
MBaAFNilbi1jrF2pvtNdoBy/rSJfBL6wMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMktWdUxXT3NYYW0tMDEyZ0hMLXRJbDhFdnJBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC83NDE3N2MtNWUzYi00ODM2LTg4Njct
ZThkNDdiYmEyNWJmLzEvMktWdUxXT3NYYW0tMDEyZ0hMLXRJbDhFdnJBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC83NDE3N2MtNWUzYi00ODM2LTg4NjctZThkNDdiYmEyNWJm
LzEvMktWdUxXT3NYYW0tMDEyZ0hMLXRJbDhFdnJBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAyMpNBQzF
5Pbl5ZyS2+qKnm81xBL6uNpg1Aw/ZqsLKqbndBL9EqiMmUptq7P1M0mnfRPOmJLZ
aKxoqHAZlU0PBetRjcQxup+UwY0E3pOJVysDtnsj4D4PJTjkkw+TQ3u3Llqyhm5U
xeZXDH8Oip71uzCl8XJmEnl4ktjVZZC/ioIi3ny2j/BQcqjnare4uYpEmxYxTs6l
XFaJ5En+KmgACLrh/BuFpJZoprPs9kcI9CoAtetO37rURolyBsOYZvVIyQ7vKhSi
ePaovP67Qu66dOVtrDSdwxKi+SODpf3JCialVFx/1Xa4Ayx1wjUdGWEozBviG/ik
9k+tzmk4XUjkig==
-----END CERTIFICATE-----
Generated at Fri Jun 13 04:43:24 2025 by rpki-client