Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/dabacb-e6f5-4065-86b6-8e0d83c5edfe/1/qiEQS093IiTRGFaiTt-UZqhE0mw.mft
File:                     qiEQS093IiTRGFaiTt-UZqhE0mw.mft (raw, json)
Hash identifier:          paYS0mWJ+iLvpdf6topsvxCxWeg+ipmFZwqIhaXDrR8=
Subject key identifier:   27:5C:95:1E:2C:C5:D9:C9:56:1E:92:DE:12:87:60:34:B5:53:E8:0A
Authority key identifier: AA:21:10:4B:4F:77:22:24:D1:18:56:A2:4E:DF:94:66:A8:44:D2:6C
Certificate issuer:       /CN=aa21104b4f772224d11856a24edf9466a844d26c
Certificate serial:       0197586D911B9735D54F44B3C8111A4A8B2B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/qiEQS093IiTRGFaiTt-UZqhE0mw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/dabacb-e6f5-4065-86b6-8e0d83c5edfe/1/qiEQS093IiTRGFaiTt-UZqhE0mw.mft
Manifest number:          097E
Signing time:             Tue 10 Jun 2025 06:01:04 +0000
Manifest this update:     Tue 10 Jun 2025 06:01:04 +0000
Manifest next update:     Wed 11 Jun 2025 06:01:04 +0000
Files and hashes:         1: C9Uc2-MMZLc56ntn-MTlSYOC9E8.roa (hash: 7Vks3Vs+iWpgcZieiS4e05rACvsjBFcyY3uhYDWshE0=)
                          2: qiEQS093IiTRGFaiTt-UZqhE0mw.crl (hash: /4syveNiUv/vC5lGoAPguYfpydiUcXareA2Z6v8gg28=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/8a/dabacb-e6f5-4065-86b6-8e0d83c5edfe/1/qiEQS093IiTRGFaiTt-UZqhE0mw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/8a/dabacb-e6f5-4065-86b6-8e0d83c5edfe/1/qiEQS093IiTRGFaiTt-UZqhE0mw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/qiEQS093IiTRGFaiTt-UZqhE0mw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 11 Jun 2025 06:01:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:58:6d:91:1b:97:35:d5:4f:44:b3:c8:11:1a:4a:8b:2b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=aa21104b4f772224d11856a24edf9466a844d26c
        Validity
            Not Before: Jun 10 06:01:04 2025 GMT
            Not After : Jun 11 06:01:04 2025 GMT
        Subject: CN=275c951e2cc5d9c9561e92de12876034b553e80a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:1e:04:7f:71:24:78:d4:45:e9:78:a7:70:ab:
                    09:dd:74:71:f8:fb:0e:8c:98:56:7f:68:88:a0:74:
                    8a:ab:63:e2:5a:bd:b0:1a:db:73:ce:42:c2:40:0c:
                    72:ec:e0:0b:27:d1:f0:89:32:c5:8c:a7:39:67:65:
                    08:46:a2:77:c0:2e:dd:f8:b4:f7:bb:5e:dc:22:b9:
                    72:79:ca:ed:6a:ac:c5:9f:75:c9:c3:cd:79:31:9d:
                    a2:6d:b6:98:eb:f7:99:51:96:ec:43:a1:40:f8:52:
                    f7:ce:0c:95:92:f7:14:fd:a7:09:97:a9:46:3b:a5:
                    7a:be:be:63:5a:bc:77:4a:32:79:27:5e:28:f7:9c:
                    4f:db:b3:e4:26:f6:b6:30:5f:22:ec:67:a3:2f:27:
                    e3:98:7d:a2:ef:8f:da:00:4d:ff:f9:2d:de:ca:ea:
                    45:d6:18:7b:3c:05:1d:35:3b:57:5e:73:a0:11:e8:
                    c8:3d:dc:3b:bb:30:5f:78:50:8e:e9:d4:f9:45:08:
                    a0:7f:e9:3d:a4:0c:b0:3c:61:5a:2d:28:54:62:b9:
                    35:49:e9:c0:81:cb:fc:d5:d5:37:f1:59:6a:99:ed:
                    f5:21:29:87:a4:c0:6c:9b:e1:f4:8e:24:a0:53:5c:
                    b9:8b:80:98:5e:75:c8:de:ee:fa:8e:6e:a9:f8:f5:
                    f6:f7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                27:5C:95:1E:2C:C5:D9:C9:56:1E:92:DE:12:87:60:34:B5:53:E8:0A
            X509v3 Authority Key Identifier:
                keyid:AA:21:10:4B:4F:77:22:24:D1:18:56:A2:4E:DF:94:66:A8:44:D2:6C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qiEQS093IiTRGFaiTt-UZqhE0mw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/dabacb-e6f5-4065-86b6-8e0d83c5edfe/1/qiEQS093IiTRGFaiTt-UZqhE0mw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/dabacb-e6f5-4065-86b6-8e0d83c5edfe/1/qiEQS093IiTRGFaiTt-UZqhE0mw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a5:d6:31:75:35:07:ca:1a:d6:a1:4f:95:77:59:a9:06:92:00:
         71:90:04:5d:3e:91:a5:bf:e2:6f:26:02:e3:ca:a5:86:74:57:
         7e:23:a4:0e:6b:5e:72:18:04:0f:a1:cb:a5:c3:e1:38:0b:43:
         36:8d:81:13:31:54:6b:fe:b1:41:7e:fb:57:03:d9:80:f4:5d:
         a2:fa:10:07:44:b4:0a:4a:73:6f:a2:10:0b:41:1a:bb:32:d6:
         61:63:bc:d4:c5:56:5c:99:e9:4e:b3:cc:68:db:da:c9:a3:ea:
         f0:3a:2e:e9:4f:7c:47:87:09:12:61:9a:81:11:70:4a:48:07:
         fb:1e:3d:10:5a:c2:52:f5:27:60:28:4a:4c:6b:7a:1c:be:8d:
         a5:8c:cc:ee:38:df:52:de:83:47:fe:ac:e6:21:61:67:94:57:
         d7:7f:2e:74:a4:2c:b4:a8:ca:a0:1d:fc:2a:26:01:b3:35:39:
         c1:5a:58:ff:4a:71:52:05:c9:c0:e1:a3:3f:c9:97:ab:47:8b:
         bd:ba:b0:5a:f7:67:a0:2a:bd:d9:54:65:b6:08:de:1a:3f:40:
         7c:fe:f7:f2:ef:74:62:05:3a:6d:1b:a8:b6:62:04:03:e4:01:
         3b:e2:28:3e:4a:83:6c:dd:bf:d0:34:d0:fc:7f:d8:fa:64:26:
         48:74:17:18
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdYbZEblzXVT0SzyBEaSosrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhMjExMDRiNGY3NzIyMjRkMTE4NTZhMjRlZGY5NDY2YTg0
NGQyNmMwHhcNMjUwNjEwMDYwMTA0WhcNMjUwNjExMDYwMTA0WjAzMTEwLwYDVQQD
EygyNzVjOTUxZTJjYzVkOWM5NTYxZTkyZGUxMjg3NjAzNGI1NTNlODBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApR4Ef3EkeNRF6XincKsJ3XRx+PsO
jJhWf2iIoHSKq2PiWr2wGttzzkLCQAxy7OALJ9HwiTLFjKc5Z2UIRqJ3wC7d+LT3
u17cIrlyecrtaqzFn3XJw815MZ2ibbaY6/eZUZbsQ6FA+FL3zgyVkvcU/acJl6lG
O6V6vr5jWrx3SjJ5J14o95xP27PkJva2MF8i7GejLyfjmH2i74/aAE3/+S3eyupF
1hh7PAUdNTtXXnOgEejIPdw7uzBfeFCO6dT5RQigf+k9pAywPGFaLShUYrk1SenA
gcv81dU38Vlqme31ISmHpMBsm+H0jiSgU1y5i4CYXnXI3u76jm6p+PX29wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCdclR4sxdnJVh6S3hKHYDS1U+gKMB8GA1UdIwQY
MBaAFKohEEtPdyIk0RhWok7flGaoRNJsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWlFUVMwOTNJaVRSR0ZhaVR0LVVacWhFMG13LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS9kYWJhY2ItZTZmNS00MDY1LTg2YjYt
OGUwZDgzYzVlZGZlLzEvcWlFUVMwOTNJaVRSR0ZhaVR0LVVacWhFMG13Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS9kYWJhY2ItZTZmNS00MDY1LTg2YjYtOGUwZDgzYzVlZGZl
LzEvcWlFUVMwOTNJaVRSR0ZhaVR0LVVacWhFMG13LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEApdYxdTUH
yhrWoU+Vd1mpBpIAcZAEXT6Rpb/ibyYC48qlhnRXfiOkDmtechgED6HLpcPhOAtD
No2BEzFUa/6xQX77VwPZgPRdovoQB0S0Ckpzb6IQC0EauzLWYWO81MVWXJnpTrPM
aNvayaPq8Dou6U98R4cJEmGagRFwSkgH+x49EFrCUvUnYChKTGt6HL6NpYzM7jjf
Ut6DR/6s5iFhZ5RX138udKQstKjKoB38KiYBszU5wVpY/0pxUgXJwOGjP8mXq0eL
vbqwWvdnoCq92VRltgjeGj9AfP738u90YgU6bRuotmIEA+QBO+IoPkqDbN2/0DTQ
/H/Y+mQmSHQXGA==
-----END CERTIFICATE-----
Generated at Tue Jun 10 11:48:49 2025 by rpki-client