Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/512214-e78e-4931-bfbb-16f5a5636244/1/hDz1u4drdyt63kMpBctpbxNMqjk.mft
File:                     hDz1u4drdyt63kMpBctpbxNMqjk.mft (raw, json)
Hash identifier:          pC5aqKDDeXtGkr+ecwIPLVB4as0p1DJ+v+A15jCEKbE=
Subject key identifier:   DE:85:3B:8C:03:9C:8F:E7:DE:53:F1:33:2A:8A:5A:76:BA:EC:07:65
Authority key identifier: 84:3C:F5:BB:87:6B:77:2B:7A:DE:43:29:05:CB:69:6F:13:4C:AA:39
Certificate issuer:       /CN=843cf5bb876b772b7ade432905cb696f134caa39
Certificate serial:       019767E030999A14F695C48EEFDAC5BD6678
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hDz1u4drdyt63kMpBctpbxNMqjk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/87/512214-e78e-4931-bfbb-16f5a5636244/1/hDz1u4drdyt63kMpBctpbxNMqjk.mft
Manifest number:          1590
Signing time:             Fri 13 Jun 2025 06:00:34 +0000
Manifest this update:     Fri 13 Jun 2025 06:00:34 +0000
Manifest next update:     Sat 14 Jun 2025 06:00:34 +0000
Files and hashes:         1: 8SOVzbdZRi1TiXuPdQBPQag2b1I.roa (hash: 4UxgH1Bm5rLISlPUt1abtwizcDNcCBaAAK4mH1Wxzxk=)
                          2: hDz1u4drdyt63kMpBctpbxNMqjk.crl (hash: AI5Y7wq/4rSL0g6Qh4lJbZsmc5iBev19l3VYaStszvU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/87/512214-e78e-4931-bfbb-16f5a5636244/1/hDz1u4drdyt63kMpBctpbxNMqjk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/87/512214-e78e-4931-bfbb-16f5a5636244/1/hDz1u4drdyt63kMpBctpbxNMqjk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/hDz1u4drdyt63kMpBctpbxNMqjk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 14 Jun 2025 06:00:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:67:e0:30:99:9a:14:f6:95:c4:8e:ef:da:c5:bd:66:78
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=843cf5bb876b772b7ade432905cb696f134caa39
        Validity
            Not Before: Jun 13 06:00:34 2025 GMT
            Not After : Jun 14 06:00:34 2025 GMT
        Subject: CN=de853b8c039c8fe7de53f1332a8a5a76baec0765
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:18:fc:75:b7:e0:96:c1:3a:62:41:4b:59:75:
                    cf:1f:b0:65:94:1c:bd:5f:8f:b3:89:77:14:34:88:
                    bf:75:5a:5a:d8:84:bc:e6:84:78:02:c2:6e:ad:8a:
                    76:47:d8:c5:82:31:96:ed:d8:7f:d3:6b:bb:3e:72:
                    58:d6:b5:5e:a7:e8:a9:86:18:a6:b3:aa:e1:dc:28:
                    86:11:58:b5:8d:c8:05:d0:29:95:dc:70:ca:ac:28:
                    26:21:4d:49:a8:60:f5:d5:9b:7f:c1:a3:d4:e7:92:
                    d1:cb:29:12:5d:fa:6c:aa:16:7a:43:05:64:28:9b:
                    19:a2:31:2d:09:a1:6f:d4:71:c1:81:5d:0b:35:dc:
                    cd:43:1a:3d:08:45:5c:ae:fc:63:6a:8e:18:24:de:
                    a4:6d:bb:f8:57:e0:eb:b0:ef:17:40:7e:5e:47:ef:
                    a6:db:0b:5d:6b:01:ed:dc:d6:1e:fe:29:0b:73:32:
                    e1:ff:76:e6:60:cd:1d:15:be:2e:2e:71:ce:a2:4d:
                    ee:f0:bc:f7:a4:ba:3b:a7:60:f4:f7:a2:26:95:51:
                    77:b1:ec:ba:60:94:bf:87:cd:8b:3b:43:a0:f1:02:
                    9e:31:7b:12:33:d6:d0:28:b8:6b:f8:0d:b8:65:f9:
                    f4:6e:61:9a:23:7d:e4:42:b6:f8:60:ca:0d:c6:af:
                    35:0f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DE:85:3B:8C:03:9C:8F:E7:DE:53:F1:33:2A:8A:5A:76:BA:EC:07:65
            X509v3 Authority Key Identifier:
                keyid:84:3C:F5:BB:87:6B:77:2B:7A:DE:43:29:05:CB:69:6F:13:4C:AA:39

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hDz1u4drdyt63kMpBctpbxNMqjk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/512214-e78e-4931-bfbb-16f5a5636244/1/hDz1u4drdyt63kMpBctpbxNMqjk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/87/512214-e78e-4931-bfbb-16f5a5636244/1/hDz1u4drdyt63kMpBctpbxNMqjk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a7:f4:0c:eb:3d:bd:73:47:10:48:66:18:f9:c7:46:ff:50:7b:
         78:da:30:05:b1:90:ba:60:aa:a1:91:e6:e1:80:42:a1:95:a0:
         cb:5f:1e:60:5d:09:a4:b2:6b:57:4e:12:dc:33:6f:0b:57:33:
         e8:fd:57:e7:98:7d:f6:93:70:57:bc:6b:87:7b:0b:f0:55:5b:
         cc:56:8a:6b:f2:f9:3f:f9:88:6b:c6:9b:eb:dc:3a:90:2c:af:
         44:f7:70:f8:80:11:a7:99:f9:9d:cd:73:3f:15:81:41:43:6d:
         66:79:5d:f0:3f:77:18:fd:27:50:aa:ce:e5:2b:1f:1b:06:a8:
         2e:48:02:a4:6f:7b:e3:4f:17:bc:f1:71:85:dd:ce:b5:87:fc:
         22:1c:74:4b:54:07:b8:e3:71:5b:ee:fc:5c:df:11:cd:b4:ed:
         07:e5:77:8e:96:b3:aa:af:4f:41:4e:61:58:1d:77:a0:6e:bd:
         04:af:37:3e:d7:2d:90:59:c1:67:22:a0:bf:3f:12:58:a4:66:
         f5:37:7f:ca:2b:09:8a:f3:67:1c:3a:ac:26:15:6f:57:07:ea:
         c8:3f:ed:53:f3:21:96:c0:02:99:71:7b:50:0f:b4:61:6b:80:
         98:09:0a:90:a4:5c:85:0d:5f:5e:fb:ba:6f:99:fa:ac:af:2b:
         73:15:1b:12
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdn4DCZmhT2lcSO79rFvWZ4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0M2NmNWJiODc2Yjc3MmI3YWRlNDMyOTA1Y2I2OTZmMTM0
Y2FhMzkwHhcNMjUwNjEzMDYwMDM0WhcNMjUwNjE0MDYwMDM0WjAzMTEwLwYDVQQD
EyhkZTg1M2I4YzAzOWM4ZmU3ZGU1M2YxMzMyYThhNWE3NmJhZWMwNzY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwBj8dbfglsE6YkFLWXXPH7BllBy9
X4+ziXcUNIi/dVpa2IS85oR4AsJurYp2R9jFgjGW7dh/02u7PnJY1rVep+iphhim
s6rh3CiGEVi1jcgF0CmV3HDKrCgmIU1JqGD11Zt/waPU55LRyykSXfpsqhZ6QwVk
KJsZojEtCaFv1HHBgV0LNdzNQxo9CEVcrvxjao4YJN6kbbv4V+DrsO8XQH5eR++m
2wtdawHt3NYe/ikLczLh/3bmYM0dFb4uLnHOok3u8Lz3pLo7p2D096ImlVF3sey6
YJS/h82LO0Og8QKeMXsSM9bQKLhr+A24Zfn0bmGaI33kQrb4YMoNxq81DwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFN6FO4wDnI/n3lPxMyqKWna67AdlMB8GA1UdIwQY
MBaAFIQ89buHa3cret5DKQXLaW8TTKo5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaER6MXU0ZHJkeXQ2M2tNcEJjdHBieE5NcWprLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny81MTIyMTQtZTc4ZS00OTMxLWJmYmIt
MTZmNWE1NjM2MjQ0LzEvaER6MXU0ZHJkeXQ2M2tNcEJjdHBieE5NcWprLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny81MTIyMTQtZTc4ZS00OTMxLWJmYmItMTZmNWE1NjM2MjQ0
LzEvaER6MXU0ZHJkeXQ2M2tNcEJjdHBieE5NcWprLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAp/QM6z29
c0cQSGYY+cdG/1B7eNowBbGQumCqoZHm4YBCoZWgy18eYF0JpLJrV04S3DNvC1cz
6P1X55h99pNwV7xrh3sL8FVbzFaKa/L5P/mIa8ab69w6kCyvRPdw+IARp5n5nc1z
PxWBQUNtZnld8D93GP0nUKrO5SsfGwaoLkgCpG97408XvPFxhd3OtYf8Ihx0S1QH
uONxW+78XN8RzbTtB+V3jpazqq9PQU5hWB13oG69BK83PtctkFnBZyKgvz8SWKRm
9Td/yisJivNnHDqsJhVvVwfqyD/tU/MhlsACmXF7UA+0YWuAmAkKkKRchQ1fXvu6
b5n6rK8rcxUbEg==
-----END CERTIFICATE-----
Generated at Fri Jun 13 14:05:04 2025 by rpki-client