Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/512214-e78e-4931-bfbb-16f5a5636244/1/hDz1u4drdyt63kMpBctpbxNMqjk.mft
File:                     hDz1u4drdyt63kMpBctpbxNMqjk.mft (raw, json)
Hash identifier:          9pmHn9sMx4EpmqEFGsOK+wuNtSLNcn7WUJDxFypzsd8=
Subject key identifier:   D1:C3:52:34:A6:66:19:58:2A:B8:1F:AE:B5:18:CC:5D:E9:2A:B8:65
Authority key identifier: 84:3C:F5:BB:87:6B:77:2B:7A:DE:43:29:05:CB:69:6F:13:4C:AA:39
Certificate issuer:       /CN=843cf5bb876b772b7ade432905cb696f134caa39
Certificate serial:       01975C4A6477AFD61C7396149487C05708B1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hDz1u4drdyt63kMpBctpbxNMqjk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/87/512214-e78e-4931-bfbb-16f5a5636244/1/hDz1u4drdyt63kMpBctpbxNMqjk.mft
Manifest number:          158A
Signing time:             Wed 11 Jun 2025 00:01:08 +0000
Manifest this update:     Wed 11 Jun 2025 00:01:08 +0000
Manifest next update:     Thu 12 Jun 2025 00:01:08 +0000
Files and hashes:         1: 8SOVzbdZRi1TiXuPdQBPQag2b1I.roa (hash: 4UxgH1Bm5rLISlPUt1abtwizcDNcCBaAAK4mH1Wxzxk=)
                          2: hDz1u4drdyt63kMpBctpbxNMqjk.crl (hash: kvw+oaA4i82S8KvDdmIElfg9FqG/O5L2PfBdXBiq6PI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/87/512214-e78e-4931-bfbb-16f5a5636244/1/hDz1u4drdyt63kMpBctpbxNMqjk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/87/512214-e78e-4931-bfbb-16f5a5636244/1/hDz1u4drdyt63kMpBctpbxNMqjk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/hDz1u4drdyt63kMpBctpbxNMqjk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 11 Jun 2025 20:45:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:5c:4a:64:77:af:d6:1c:73:96:14:94:87:c0:57:08:b1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=843cf5bb876b772b7ade432905cb696f134caa39
        Validity
            Not Before: Jun 11 00:01:08 2025 GMT
            Not After : Jun 12 00:01:08 2025 GMT
        Subject: CN=d1c35234a66619582ab81faeb518cc5de92ab865
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:1c:7e:38:14:1c:7c:15:54:8b:53:90:b9:c7:
                    9d:f8:85:72:f5:65:71:95:24:90:db:c2:e3:97:67:
                    10:47:54:e2:09:80:d0:e3:4f:2d:c6:87:69:ed:c1:
                    92:80:e4:b5:d0:78:f4:e1:3e:30:87:7b:a8:a4:88:
                    5a:9d:76:1f:0a:29:ec:06:b5:70:2f:5a:9b:66:af:
                    40:fb:35:d3:e1:eb:11:de:6f:85:cc:10:18:f7:11:
                    e2:59:0a:4a:15:35:8b:a1:d1:1f:90:ae:74:b6:e7:
                    8b:93:53:79:27:fb:d1:26:02:d7:56:5a:e1:12:31:
                    51:2d:41:35:6e:fa:e9:e6:79:8f:d9:95:b5:96:7a:
                    c6:33:ad:19:11:73:c6:0e:18:41:a6:34:24:f3:8d:
                    18:40:83:9f:21:e6:e6:93:d1:44:7a:89:5b:24:dd:
                    bd:00:47:10:a9:b9:f9:8f:3d:af:8e:e7:4b:bc:6e:
                    f1:ba:3e:ec:1b:c2:ed:af:01:7f:ec:53:77:12:73:
                    53:04:fb:1b:41:90:da:37:63:21:9d:90:1f:e8:81:
                    bb:5c:79:d3:51:1b:6f:74:56:89:1b:74:29:49:f5:
                    fb:e0:f2:68:39:f6:15:f1:39:8c:4c:ec:aa:26:bf:
                    10:42:08:1d:5f:7b:75:9a:fe:e3:5c:09:f7:a8:d8:
                    ce:cd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D1:C3:52:34:A6:66:19:58:2A:B8:1F:AE:B5:18:CC:5D:E9:2A:B8:65
            X509v3 Authority Key Identifier:
                keyid:84:3C:F5:BB:87:6B:77:2B:7A:DE:43:29:05:CB:69:6F:13:4C:AA:39

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hDz1u4drdyt63kMpBctpbxNMqjk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/512214-e78e-4931-bfbb-16f5a5636244/1/hDz1u4drdyt63kMpBctpbxNMqjk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/87/512214-e78e-4931-bfbb-16f5a5636244/1/hDz1u4drdyt63kMpBctpbxNMqjk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a4:16:43:0b:5a:21:e2:f9:59:b5:75:a2:33:61:c9:7f:67:b5:
         e9:9f:67:f7:37:27:e0:e3:48:75:8a:7a:e3:14:b8:1b:6c:de:
         7c:4c:d3:bd:97:b6:81:ad:09:38:a2:ed:a7:40:a8:19:75:66:
         2b:da:47:4d:e6:15:d7:9b:6c:5f:f8:fd:f8:f8:56:88:0b:ba:
         c4:f1:8e:49:93:70:a3:c4:f5:0c:df:f7:5f:56:7d:88:78:1b:
         c4:96:3e:0c:f9:68:86:26:4b:6e:a9:7c:06:af:db:d5:d3:e9:
         57:e4:fa:fa:0c:c4:2d:10:b8:ac:59:81:67:d9:e7:b4:2f:1c:
         9f:42:61:ff:75:b4:c8:81:71:83:ac:7a:8e:48:a3:38:30:31:
         f3:41:9d:f0:66:9f:5c:50:52:9f:8a:74:73:c5:6e:ad:1d:fa:
         fa:19:b1:05:8b:44:5f:60:4f:16:f0:a2:c0:b3:2e:9c:11:0c:
         c7:f4:2c:24:8e:2b:b0:88:ff:e6:b6:d9:f9:8c:6f:f4:44:b4:
         b7:10:0c:70:43:0a:30:e2:34:d7:92:23:18:99:e6:f7:5b:6a:
         7b:54:ef:05:be:e7:83:0e:21:d5:30:82:02:22:c8:f3:a8:d4:
         67:9d:16:d2:64:54:48:f5:fb:65:55:c8:e6:2f:52:7a:93:e0:
         6c:75:73:33
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdcSmR3r9Ycc5YUlIfAVwixMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0M2NmNWJiODc2Yjc3MmI3YWRlNDMyOTA1Y2I2OTZmMTM0
Y2FhMzkwHhcNMjUwNjExMDAwMTA4WhcNMjUwNjEyMDAwMTA4WjAzMTEwLwYDVQQD
EyhkMWMzNTIzNGE2NjYxOTU4MmFiODFmYWViNTE4Y2M1ZGU5MmFiODY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqBx+OBQcfBVUi1OQuced+IVy9WVx
lSSQ28Ljl2cQR1TiCYDQ408txodp7cGSgOS10Hj04T4wh3uopIhanXYfCinsBrVw
L1qbZq9A+zXT4esR3m+FzBAY9xHiWQpKFTWLodEfkK50tueLk1N5J/vRJgLXVlrh
EjFRLUE1bvrp5nmP2ZW1lnrGM60ZEXPGDhhBpjQk840YQIOfIebmk9FEeolbJN29
AEcQqbn5jz2vjudLvG7xuj7sG8LtrwF/7FN3EnNTBPsbQZDaN2MhnZAf6IG7XHnT
URtvdFaJG3QpSfX74PJoOfYV8TmMTOyqJr8QQggdX3t1mv7jXAn3qNjOzQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNHDUjSmZhlYKrgfrrUYzF3pKrhlMB8GA1UdIwQY
MBaAFIQ89buHa3cret5DKQXLaW8TTKo5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaER6MXU0ZHJkeXQ2M2tNcEJjdHBieE5NcWprLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny81MTIyMTQtZTc4ZS00OTMxLWJmYmIt
MTZmNWE1NjM2MjQ0LzEvaER6MXU0ZHJkeXQ2M2tNcEJjdHBieE5NcWprLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny81MTIyMTQtZTc4ZS00OTMxLWJmYmItMTZmNWE1NjM2MjQ0
LzEvaER6MXU0ZHJkeXQ2M2tNcEJjdHBieE5NcWprLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEApBZDC1oh
4vlZtXWiM2HJf2e16Z9n9zcn4ONIdYp64xS4G2zefEzTvZe2ga0JOKLtp0CoGXVm
K9pHTeYV15tsX/j9+PhWiAu6xPGOSZNwo8T1DN/3X1Z9iHgbxJY+DPlohiZLbql8
Bq/b1dPpV+T6+gzELRC4rFmBZ9nntC8cn0Jh/3W0yIFxg6x6jkijODAx80Gd8Gaf
XFBSn4p0c8VurR36+hmxBYtEX2BPFvCiwLMunBEMx/QsJI4rsIj/5rbZ+Yxv9ES0
txAMcEMKMOI015IjGJnm91tqe1TvBb7ngw4h1TCCAiLI86jUZ50W0mRUSPX7ZVXI
5i9SepPgbHVzMw==
-----END CERTIFICATE-----
Generated at Wed Jun 11 02:08:01 2025 by rpki-client