Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/89/30b0bb-898c-4289-9124-37e32eaa7667/1/j32Qq83eC8bwvKryHOw6TyrPrk8.mft
File:                     j32Qq83eC8bwvKryHOw6TyrPrk8.mft (raw, json)
Hash identifier:          +KeQkdOS9oRHSjssWkAK/HY1H7lLorZWI6pS9oFjYOk=
Subject key identifier:   2C:49:FD:7A:C6:BE:D8:80:13:59:E9:C9:76:D1:B5:E7:88:40:56:B7
Authority key identifier: 8F:7D:90:AB:CD:DE:0B:C6:F0:BC:AA:F2:1C:EC:3A:4F:2A:CF:AE:4F
Certificate issuer:       /CN=8f7d90abcdde0bc6f0bcaaf21cec3a4f2acfae4f
Certificate serial:       019752D934575D6F5F50B9883BD68B477729
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/j32Qq83eC8bwvKryHOw6TyrPrk8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/89/30b0bb-898c-4289-9124-37e32eaa7667/1/j32Qq83eC8bwvKryHOw6TyrPrk8.mft
Manifest number:          1589
Signing time:             Mon 09 Jun 2025 04:00:55 +0000
Manifest this update:     Mon 09 Jun 2025 04:00:55 +0000
Manifest next update:     Tue 10 Jun 2025 04:00:55 +0000
Files and hashes:         1: Ha4iqiemRVs4K0apcX26aGgxEQM.roa (hash: Y9w0WT6CR9hlG1wNToGxOj1Wt0I5gYiZH++6mqrNiy0=)
                          2: j32Qq83eC8bwvKryHOw6TyrPrk8.crl (hash: LovxgxH+YcEO20t0ExwVXJsXn3h5Ube5CDkk6ZHPxrw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/89/30b0bb-898c-4289-9124-37e32eaa7667/1/j32Qq83eC8bwvKryHOw6TyrPrk8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/89/30b0bb-898c-4289-9124-37e32eaa7667/1/j32Qq83eC8bwvKryHOw6TyrPrk8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/j32Qq83eC8bwvKryHOw6TyrPrk8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 10 Jun 2025 02:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:52:d9:34:57:5d:6f:5f:50:b9:88:3b:d6:8b:47:77:29
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8f7d90abcdde0bc6f0bcaaf21cec3a4f2acfae4f
        Validity
            Not Before: Jun  9 04:00:55 2025 GMT
            Not After : Jun 10 04:00:55 2025 GMT
        Subject: CN=2c49fd7ac6bed8801359e9c976d1b5e7884056b7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:89:eb:5a:33:91:df:e5:39:0b:b9:12:1a:5f:e1:
                    18:1d:26:74:93:7c:21:0a:ae:d2:38:d7:f2:e1:f5:
                    ab:68:71:4a:a2:21:21:9c:ab:87:89:f7:1f:75:46:
                    c3:ba:53:26:72:6f:13:9a:21:6e:88:b0:a5:cc:f9:
                    bb:7c:53:d2:52:b1:37:f7:84:1e:ea:c5:45:6b:b0:
                    d5:f3:6e:b9:10:18:1e:94:d3:a0:3e:8d:fe:91:27:
                    0e:bf:70:f3:66:fe:c9:a2:cd:39:0e:d8:96:ea:29:
                    40:ed:b7:bc:9f:54:b2:89:ec:6b:8c:a3:dc:48:55:
                    c3:ca:e1:46:f8:2e:fc:18:45:c3:39:c9:80:87:d4:
                    ab:fa:86:27:07:db:63:0d:ab:ad:ca:4b:f9:3e:00:
                    52:c1:f1:12:18:e8:8d:51:f6:d4:28:ec:1b:32:64:
                    ba:88:8f:49:56:47:92:8e:c9:4a:d8:27:d2:e8:b3:
                    c6:7c:62:02:23:34:65:83:63:d4:03:60:8f:03:3d:
                    84:39:3a:63:15:ad:c1:7e:db:21:a8:dd:40:9b:1c:
                    e2:c7:52:7e:73:58:6d:03:fe:42:1a:f9:51:85:47:
                    45:70:01:89:73:b6:9e:2a:1e:ac:b3:4d:fc:71:51:
                    40:13:26:f1:1f:6d:1d:3a:06:56:7b:b6:ca:1b:e5:
                    c2:0d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2C:49:FD:7A:C6:BE:D8:80:13:59:E9:C9:76:D1:B5:E7:88:40:56:B7
            X509v3 Authority Key Identifier:
                keyid:8F:7D:90:AB:CD:DE:0B:C6:F0:BC:AA:F2:1C:EC:3A:4F:2A:CF:AE:4F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/j32Qq83eC8bwvKryHOw6TyrPrk8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/89/30b0bb-898c-4289-9124-37e32eaa7667/1/j32Qq83eC8bwvKryHOw6TyrPrk8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/89/30b0bb-898c-4289-9124-37e32eaa7667/1/j32Qq83eC8bwvKryHOw6TyrPrk8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a8:cc:ae:da:b2:5d:5c:02:73:ca:c9:10:94:04:d5:69:30:fa:
         7c:6a:cb:9c:90:7e:11:03:e9:c1:94:eb:64:c7:ae:b0:e4:4d:
         b4:e5:29:f4:72:90:14:47:1f:77:dc:e6:ce:98:49:8a:75:e7:
         29:ae:27:54:d5:c4:19:3b:34:87:25:75:83:e3:ff:7b:3b:05:
         80:e6:dd:5f:31:6d:60:11:01:d4:bd:d1:73:79:9a:ff:a0:15:
         de:90:7b:10:45:bb:19:f3:0e:e9:1e:4d:2d:cc:71:6d:c2:92:
         13:cf:6a:3e:95:f1:35:1d:53:69:15:a5:b7:97:ac:5e:ea:ed:
         63:7e:2c:c8:39:64:9d:77:fc:7c:af:7a:63:e4:28:fd:a2:1b:
         36:1d:f6:4d:b0:32:46:ac:5c:ee:66:45:63:d5:25:17:55:16:
         a5:5e:5b:0c:dd:1a:41:1e:32:b9:fa:db:b1:a3:4d:be:c3:10:
         09:70:ed:e3:75:c7:1d:17:ae:10:d2:32:bb:2b:d7:f5:1d:c5:
         bb:ca:05:a8:79:37:2f:c0:57:00:74:4f:c4:79:e7:84:60:2d:
         e8:0b:b3:1a:a7:ab:19:7f:c3:d0:7c:d3:49:f3:99:69:33:d7:
         03:40:3b:06:ca:ad:1a:8a:7c:08:52:a2:83:f1:bb:57:60:20:
         1d:3a:9a:3b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdS2TRXXW9fULmIO9aLR3cpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhmN2Q5MGFiY2RkZTBiYzZmMGJjYWFmMjFjZWMzYTRmMmFj
ZmFlNGYwHhcNMjUwNjA5MDQwMDU1WhcNMjUwNjEwMDQwMDU1WjAzMTEwLwYDVQQD
EygyYzQ5ZmQ3YWM2YmVkODgwMTM1OWU5Yzk3NmQxYjVlNzg4NDA1NmI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAietaM5Hf5TkLuRIaX+EYHSZ0k3wh
Cq7SONfy4fWraHFKoiEhnKuHifcfdUbDulMmcm8TmiFuiLClzPm7fFPSUrE394Qe
6sVFa7DV8265EBgelNOgPo3+kScOv3DzZv7Jos05DtiW6ilA7be8n1SyiexrjKPc
SFXDyuFG+C78GEXDOcmAh9Sr+oYnB9tjDautykv5PgBSwfESGOiNUfbUKOwbMmS6
iI9JVkeSjslK2CfS6LPGfGICIzRlg2PUA2CPAz2EOTpjFa3BftshqN1Amxzix1J+
c1htA/5CGvlRhUdFcAGJc7aeKh6ss038cVFAEybxH20dOgZWe7bKG+XCDQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCxJ/XrGvtiAE1npyXbRteeIQFa3MB8GA1UdIwQY
MBaAFI99kKvN3gvG8Lyq8hzsOk8qz65PMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvajMyUXE4M2VDOGJ3dktyeUhPdzZUeXJQcms4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OS8zMGIwYmItODk4Yy00Mjg5LTkxMjQt
MzdlMzJlYWE3NjY3LzEvajMyUXE4M2VDOGJ3dktyeUhPdzZUeXJQcms4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OS8zMGIwYmItODk4Yy00Mjg5LTkxMjQtMzdlMzJlYWE3NjY3
LzEvajMyUXE4M2VDOGJ3dktyeUhPdzZUeXJQcms4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAqMyu2rJd
XAJzyskQlATVaTD6fGrLnJB+EQPpwZTrZMeusORNtOUp9HKQFEcfd9zmzphJinXn
Ka4nVNXEGTs0hyV1g+P/ezsFgObdXzFtYBEB1L3Rc3ma/6AV3pB7EEW7GfMO6R5N
LcxxbcKSE89qPpXxNR1TaRWlt5esXurtY34syDlknXf8fK96Y+Qo/aIbNh32TbAy
Rqxc7mZFY9UlF1UWpV5bDN0aQR4yufrbsaNNvsMQCXDt43XHHReuENIyuyvX9R3F
u8oFqHk3L8BXAHRPxHnnhGAt6AuzGqerGX/D0HzTSfOZaTPXA0A7BsqtGop8CFKi
g/G7V2AgHTqaOw==
-----END CERTIFICATE-----
Generated at Mon Jun 9 12:36:02 2025 by rpki-client