Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/89/30b0bb-898c-4289-9124-37e32eaa7667/1/j32Qq83eC8bwvKryHOw6TyrPrk8.mft
File:                     j32Qq83eC8bwvKryHOw6TyrPrk8.mft (raw, json)
Hash identifier:          mTeh7o3xhWgQu5KVgdMEdmzu9ORXy0m1clAAQnaPaGY=
Subject key identifier:   F2:BC:FC:2E:B1:65:7E:96:4E:35:2B:E9:25:5D:C3:F4:4A:D7:1D:DF
Authority key identifier: 8F:7D:90:AB:CD:DE:0B:C6:F0:BC:AA:F2:1C:EC:3A:4F:2A:CF:AE:4F
Certificate issuer:       /CN=8f7d90abcdde0bc6f0bcaaf21cec3a4f2acfae4f
Certificate serial:       019758A46E0864AD553E0C0059982B518460
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/j32Qq83eC8bwvKryHOw6TyrPrk8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/89/30b0bb-898c-4289-9124-37e32eaa7667/1/j32Qq83eC8bwvKryHOw6TyrPrk8.mft
Manifest number:          158C
Signing time:             Tue 10 Jun 2025 07:01:00 +0000
Manifest this update:     Tue 10 Jun 2025 07:01:00 +0000
Manifest next update:     Wed 11 Jun 2025 07:01:00 +0000
Files and hashes:         1: Ha4iqiemRVs4K0apcX26aGgxEQM.roa (hash: Y9w0WT6CR9hlG1wNToGxOj1Wt0I5gYiZH++6mqrNiy0=)
                          2: j32Qq83eC8bwvKryHOw6TyrPrk8.crl (hash: gGbfjukXLBH6D8Uv0reJcUguPenpyoF1SzwxPYZuY1g=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/89/30b0bb-898c-4289-9124-37e32eaa7667/1/j32Qq83eC8bwvKryHOw6TyrPrk8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/89/30b0bb-898c-4289-9124-37e32eaa7667/1/j32Qq83eC8bwvKryHOw6TyrPrk8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/j32Qq83eC8bwvKryHOw6TyrPrk8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 11 Jun 2025 07:01:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:58:a4:6e:08:64:ad:55:3e:0c:00:59:98:2b:51:84:60
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8f7d90abcdde0bc6f0bcaaf21cec3a4f2acfae4f
        Validity
            Not Before: Jun 10 07:01:00 2025 GMT
            Not After : Jun 11 07:01:00 2025 GMT
        Subject: CN=f2bcfc2eb1657e964e352be9255dc3f44ad71ddf
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d5:20:68:3b:89:46:9a:ed:ed:b0:b3:58:8b:f8:
                    ee:8d:89:f0:6d:5b:3c:bf:d3:75:f0:b7:0e:92:e5:
                    c7:38:83:aa:06:29:47:81:0b:1e:64:9a:d8:b4:c0:
                    c9:bf:6e:71:03:b3:73:7d:e2:35:79:5d:24:c8:fb:
                    c8:52:bf:b2:05:70:ba:c4:9c:6a:24:4a:df:74:af:
                    ee:49:cd:67:a2:24:ab:eb:c1:92:eb:99:b7:d9:3f:
                    93:24:fe:54:23:d8:fa:cd:f2:dd:0f:36:1e:10:4b:
                    9b:64:e2:93:73:5f:a2:53:68:c1:55:9e:63:6d:e3:
                    fb:41:91:d3:c8:31:97:f1:88:8b:e4:51:b7:45:8e:
                    a1:81:5c:e1:4b:a2:95:fa:70:e8:e0:6a:84:7e:fa:
                    3e:69:9a:66:f5:90:44:d4:fb:78:69:f2:12:be:46:
                    d5:c7:1f:19:70:5a:04:c9:95:01:e0:d6:47:7f:1c:
                    78:5a:48:67:c5:41:63:63:22:63:36:a2:62:62:57:
                    b3:d3:7b:1c:57:91:5e:e4:24:75:23:22:16:4d:d9:
                    ef:22:ea:fd:fd:d2:17:17:a1:d0:eb:ae:63:14:e6:
                    9f:30:f2:37:22:ef:3a:a9:d6:41:4b:73:0e:c4:c0:
                    e0:91:d6:12:14:88:ad:37:59:fc:f1:98:0a:38:a8:
                    06:d5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F2:BC:FC:2E:B1:65:7E:96:4E:35:2B:E9:25:5D:C3:F4:4A:D7:1D:DF
            X509v3 Authority Key Identifier:
                keyid:8F:7D:90:AB:CD:DE:0B:C6:F0:BC:AA:F2:1C:EC:3A:4F:2A:CF:AE:4F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/j32Qq83eC8bwvKryHOw6TyrPrk8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/89/30b0bb-898c-4289-9124-37e32eaa7667/1/j32Qq83eC8bwvKryHOw6TyrPrk8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/89/30b0bb-898c-4289-9124-37e32eaa7667/1/j32Qq83eC8bwvKryHOw6TyrPrk8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         25:da:49:44:fd:ca:36:b0:ae:5b:3b:81:00:5e:0f:b3:c1:0a:
         73:06:ff:77:7f:a4:b3:fa:2c:1c:d8:65:0c:6a:33:26:aa:c8:
         79:38:3c:32:d2:28:be:3a:45:1b:f4:03:e3:58:f9:cc:ff:71:
         a9:ad:e1:b0:0c:d4:10:e3:58:29:75:b8:76:d5:df:dc:36:19:
         f4:68:3d:59:da:47:1e:1a:39:68:7a:99:71:d3:de:77:75:c3:
         45:2b:66:00:ce:8f:53:12:85:b9:1b:09:47:dd:5b:76:ac:dd:
         6f:ef:a3:d8:07:d9:56:84:1c:2d:a6:26:f7:99:38:7e:62:ef:
         98:87:7b:7d:5d:c3:94:b4:c1:49:2a:06:d3:2a:fc:7d:03:ff:
         2e:d8:d1:ec:2f:71:1f:d2:d2:30:df:7f:8e:b4:7f:a7:11:0f:
         12:fd:be:c3:89:ad:22:6b:6b:65:4b:cc:74:2c:63:c2:b7:2f:
         5f:4a:85:0d:92:69:cc:cb:3c:7a:d7:cf:82:26:fb:8c:b5:40:
         d3:25:00:c2:f7:50:88:0d:84:1d:a9:96:46:ae:86:bd:e2:f6:
         07:3c:84:d6:5e:1d:56:6f:31:9d:7d:5e:d9:26:ea:64:43:e6:
         c0:1d:3a:28:8a:0c:e7:2a:66:13:af:76:3e:a9:cb:04:27:2d:
         a4:a1:ee:2a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdYpG4IZK1VPgwAWZgrUYRgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhmN2Q5MGFiY2RkZTBiYzZmMGJjYWFmMjFjZWMzYTRmMmFj
ZmFlNGYwHhcNMjUwNjEwMDcwMTAwWhcNMjUwNjExMDcwMTAwWjAzMTEwLwYDVQQD
EyhmMmJjZmMyZWIxNjU3ZTk2NGUzNTJiZTkyNTVkYzNmNDRhZDcxZGRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1SBoO4lGmu3tsLNYi/jujYnwbVs8
v9N18LcOkuXHOIOqBilHgQseZJrYtMDJv25xA7NzfeI1eV0kyPvIUr+yBXC6xJxq
JErfdK/uSc1noiSr68GS65m32T+TJP5UI9j6zfLdDzYeEEubZOKTc1+iU2jBVZ5j
beP7QZHTyDGX8YiL5FG3RY6hgVzhS6KV+nDo4GqEfvo+aZpm9ZBE1Pt4afISvkbV
xx8ZcFoEyZUB4NZHfxx4WkhnxUFjYyJjNqJiYlez03scV5Fe5CR1IyIWTdnvIur9
/dIXF6HQ665jFOafMPI3Iu86qdZBS3MOxMDgkdYSFIitN1n88ZgKOKgG1QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPK8/C6xZX6WTjUr6SVdw/RK1x3fMB8GA1UdIwQY
MBaAFI99kKvN3gvG8Lyq8hzsOk8qz65PMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvajMyUXE4M2VDOGJ3dktyeUhPdzZUeXJQcms4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OS8zMGIwYmItODk4Yy00Mjg5LTkxMjQt
MzdlMzJlYWE3NjY3LzEvajMyUXE4M2VDOGJ3dktyeUhPdzZUeXJQcms4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OS8zMGIwYmItODk4Yy00Mjg5LTkxMjQtMzdlMzJlYWE3NjY3
LzEvajMyUXE4M2VDOGJ3dktyeUhPdzZUeXJQcms4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJdpJRP3K
NrCuWzuBAF4Ps8EKcwb/d3+ks/osHNhlDGozJqrIeTg8MtIovjpFG/QD41j5zP9x
qa3hsAzUEONYKXW4dtXf3DYZ9Gg9WdpHHho5aHqZcdPed3XDRStmAM6PUxKFuRsJ
R91bdqzdb++j2AfZVoQcLaYm95k4fmLvmId7fV3DlLTBSSoG0yr8fQP/LtjR7C9x
H9LSMN9/jrR/pxEPEv2+w4mtImtrZUvMdCxjwrcvX0qFDZJpzMs8etfPgib7jLVA
0yUAwvdQiA2EHamWRq6GveL2BzyE1l4dVm8xnX1e2SbqZEPmwB06KIoM5ypmE692
PqnLBCctpKHuKg==
-----END CERTIFICATE-----
Generated at Tue Jun 10 11:44:21 2025 by rpki-client