Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/512214-e78e-4931-bfbb-16f5a5636244/1/hDz1u4drdyt63kMpBctpbxNMqjk.mft
File:                     hDz1u4drdyt63kMpBctpbxNMqjk.mft (raw, json)
Hash identifier:          LLIgckJW/ZBaTFUjxr0qf3MvNdzFzgM/Xqac22DtRUQ=
Subject key identifier:   5E:E9:F2:15:70:78:E5:C0:60:2C:AB:60:17:CD:4A:EB:F2:27:55:57
Authority key identifier: 84:3C:F5:BB:87:6B:77:2B:7A:DE:43:29:05:CB:69:6F:13:4C:AA:39
Certificate issuer:       /CN=843cf5bb876b772b7ade432905cb696f134caa39
Certificate serial:       019769CF0F7225F554EB0E091AE71FBBBB86
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hDz1u4drdyt63kMpBctpbxNMqjk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/87/512214-e78e-4931-bfbb-16f5a5636244/1/hDz1u4drdyt63kMpBctpbxNMqjk.mft
Manifest number:          1591
Signing time:             Fri 13 Jun 2025 15:01:06 +0000
Manifest this update:     Fri 13 Jun 2025 15:01:06 +0000
Manifest next update:     Sat 14 Jun 2025 15:01:06 +0000
Files and hashes:         1: 8SOVzbdZRi1TiXuPdQBPQag2b1I.roa (hash: 4UxgH1Bm5rLISlPUt1abtwizcDNcCBaAAK4mH1Wxzxk=)
                          2: hDz1u4drdyt63kMpBctpbxNMqjk.crl (hash: HW554dFv0xwhme3bMlXaQcyrc0hWm9NP1UBGt7e7jDg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/87/512214-e78e-4931-bfbb-16f5a5636244/1/hDz1u4drdyt63kMpBctpbxNMqjk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/87/512214-e78e-4931-bfbb-16f5a5636244/1/hDz1u4drdyt63kMpBctpbxNMqjk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/hDz1u4drdyt63kMpBctpbxNMqjk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 14 Jun 2025 15:01:06 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:69:cf:0f:72:25:f5:54:eb:0e:09:1a:e7:1f:bb:bb:86
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=843cf5bb876b772b7ade432905cb696f134caa39
        Validity
            Not Before: Jun 13 15:01:06 2025 GMT
            Not After : Jun 14 15:01:06 2025 GMT
        Subject: CN=5ee9f2157078e5c0602cab6017cd4aebf2275557
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e9:1c:45:3f:b9:0f:3a:1f:0e:fb:91:c6:dd:5b:
                    ff:f9:52:5c:c0:dc:04:3e:d8:c4:8d:b9:4c:0d:b9:
                    b5:f8:6a:91:45:36:e6:08:f9:0c:7d:2c:5d:9d:c6:
                    a0:3a:62:ca:86:f5:f9:ec:6c:da:d2:84:5c:5a:41:
                    b9:05:89:1d:60:27:3b:90:06:99:aa:13:5c:5c:cb:
                    cd:79:ee:e4:d5:6e:40:2b:c3:3f:40:6f:b5:9d:89:
                    91:79:17:55:48:f4:84:d0:0e:86:3a:7a:46:2e:a4:
                    18:8c:09:d7:a3:6d:e5:8b:41:e9:cf:53:1f:c9:3d:
                    fc:3d:67:3e:d6:7c:2c:73:b4:a6:1d:a7:e5:53:6c:
                    9e:01:01:9c:23:20:58:16:d4:e1:2b:d6:89:41:e9:
                    c7:e8:ce:c7:1d:8e:c2:6a:60:37:5f:38:f0:89:d2:
                    57:5d:bf:cd:6e:30:ca:c6:d0:d8:31:0e:1f:35:82:
                    71:d4:c9:c0:9a:fc:bf:e0:f1:e2:92:a0:76:f7:39:
                    f0:80:4c:e0:ba:f6:00:34:6b:82:e3:d9:f4:7c:0c:
                    9f:0e:5d:91:6e:42:4c:bb:43:f5:8e:a1:8b:24:1a:
                    9f:0e:96:21:16:fa:fb:ea:46:e4:1d:b6:cf:05:20:
                    98:2a:d0:f4:25:68:4b:ef:d1:a7:32:45:28:04:69:
                    cf:ff
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5E:E9:F2:15:70:78:E5:C0:60:2C:AB:60:17:CD:4A:EB:F2:27:55:57
            X509v3 Authority Key Identifier:
                keyid:84:3C:F5:BB:87:6B:77:2B:7A:DE:43:29:05:CB:69:6F:13:4C:AA:39

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hDz1u4drdyt63kMpBctpbxNMqjk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/512214-e78e-4931-bfbb-16f5a5636244/1/hDz1u4drdyt63kMpBctpbxNMqjk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/87/512214-e78e-4931-bfbb-16f5a5636244/1/hDz1u4drdyt63kMpBctpbxNMqjk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         45:66:9e:fe:51:a6:fb:57:7b:0b:73:58:27:df:a9:be:99:58:
         39:69:b6:ea:d6:86:83:f4:2f:5f:72:cb:57:d3:dc:80:fd:b2:
         96:f4:65:65:4f:8d:c4:22:c3:6b:d9:1d:65:d4:61:5a:a6:be:
         22:62:01:fb:b4:9d:9d:f8:a9:98:40:d0:b9:0a:ee:8a:45:44:
         b1:0f:e6:59:45:e6:a3:2a:01:48:ea:b7:f2:88:d5:de:51:2e:
         be:8d:47:9a:c4:20:1c:fc:46:b0:9e:d0:fe:4a:a9:e2:a0:05:
         64:77:26:36:e9:0d:a4:45:ed:9e:46:00:78:47:90:5f:0f:3f:
         e4:c8:b0:bf:fb:83:9c:46:0f:8c:3b:3b:66:8c:a1:56:70:c5:
         e3:dc:f9:0e:5d:cf:c8:36:01:35:af:d8:5c:82:0e:97:ae:08:
         21:06:b4:ff:4f:a2:df:29:77:bd:3a:62:93:1c:9c:eb:db:61:
         00:57:7a:37:f5:7b:5e:a6:3c:0d:eb:5e:b2:71:9b:a5:40:2a:
         07:43:cc:6f:fa:4d:4f:4b:f0:7e:71:9b:b9:69:11:00:16:0b:
         bc:33:24:ad:eb:23:aa:f6:25:e9:1d:58:22:c9:90:05:ec:06:
         69:f3:ef:c8:71:49:d2:d4:de:3a:40:30:b5:d1:8b:64:02:a8:
         66:b0:73:1f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdpzw9yJfVU6w4JGucfu7uGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0M2NmNWJiODc2Yjc3MmI3YWRlNDMyOTA1Y2I2OTZmMTM0
Y2FhMzkwHhcNMjUwNjEzMTUwMTA2WhcNMjUwNjE0MTUwMTA2WjAzMTEwLwYDVQQD
Eyg1ZWU5ZjIxNTcwNzhlNWMwNjAyY2FiNjAxN2NkNGFlYmYyMjc1NTU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6RxFP7kPOh8O+5HG3Vv/+VJcwNwE
PtjEjblMDbm1+GqRRTbmCPkMfSxdncagOmLKhvX57Gza0oRcWkG5BYkdYCc7kAaZ
qhNcXMvNee7k1W5AK8M/QG+1nYmReRdVSPSE0A6GOnpGLqQYjAnXo23li0Hpz1Mf
yT38PWc+1nwsc7SmHaflU2yeAQGcIyBYFtThK9aJQenH6M7HHY7CamA3XzjwidJX
Xb/NbjDKxtDYMQ4fNYJx1MnAmvy/4PHikqB29znwgEzguvYANGuC49n0fAyfDl2R
bkJMu0P1jqGLJBqfDpYhFvr76kbkHbbPBSCYKtD0JWhL79GnMkUoBGnP/wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFF7p8hVweOXAYCyrYBfNSuvyJ1VXMB8GA1UdIwQY
MBaAFIQ89buHa3cret5DKQXLaW8TTKo5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaER6MXU0ZHJkeXQ2M2tNcEJjdHBieE5NcWprLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny81MTIyMTQtZTc4ZS00OTMxLWJmYmIt
MTZmNWE1NjM2MjQ0LzEvaER6MXU0ZHJkeXQ2M2tNcEJjdHBieE5NcWprLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny81MTIyMTQtZTc4ZS00OTMxLWJmYmItMTZmNWE1NjM2MjQ0
LzEvaER6MXU0ZHJkeXQ2M2tNcEJjdHBieE5NcWprLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEARWae/lGm
+1d7C3NYJ9+pvplYOWm26taGg/QvX3LLV9PcgP2ylvRlZU+NxCLDa9kdZdRhWqa+
ImIB+7SdnfipmEDQuQruikVEsQ/mWUXmoyoBSOq38ojV3lEuvo1HmsQgHPxGsJ7Q
/kqp4qAFZHcmNukNpEXtnkYAeEeQXw8/5Miwv/uDnEYPjDs7ZoyhVnDF49z5Dl3P
yDYBNa/YXIIOl64IIQa0/0+i3yl3vTpikxyc69thAFd6N/V7XqY8DetesnGbpUAq
B0PMb/pNT0vwfnGbuWkRABYLvDMkresjqvYl6R1YIsmQBewGafPvyHFJ0tTeOkAw
tdGLZAKoZrBzHw==
-----END CERTIFICATE-----
Generated at Sat Jun 14 00:39:33 2025 by rpki-client