Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8d/a42e94-15b7-4272-9eb0-99db21244edf/1/fD2KpDg1BKMa_0sAaBCga88DBa4.mft
File:                     fD2KpDg1BKMa_0sAaBCga88DBa4.mft (raw, json)
Hash identifier:          eMrmkejx0oAHCiZfs1HxuchpkJvZJtZGwi8RWzpTHdc=
Subject key identifier:   83:49:CC:C9:48:9C:E7:21:30:49:A7:44:1D:4B:0D:2F:A3:26:2C:4C
Authority key identifier: 7C:3D:8A:A4:38:35:04:A3:1A:FF:4B:00:68:10:A0:6B:CF:03:05:AE
Certificate issuer:       /CN=7c3d8aa4383504a31aff4b006810a06bcf0305ae
Certificate serial:       01975E389164616C9D2E29C56623701660A9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/fD2KpDg1BKMa_0sAaBCga88DBa4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8d/a42e94-15b7-4272-9eb0-99db21244edf/1/fD2KpDg1BKMa_0sAaBCga88DBa4.mft
Manifest number:          1162
Signing time:             Wed 11 Jun 2025 09:00:54 +0000
Manifest this update:     Wed 11 Jun 2025 09:00:54 +0000
Manifest next update:     Thu 12 Jun 2025 09:00:54 +0000
Files and hashes:         1: 8L2O5GlhNp_lrqBMRrzhkCl_FU4.roa (hash: MpUCXGi4iU4O/s2W0Ri/evmaR2tEREi873mtgHCWuJE=)
                          2: fD2KpDg1BKMa_0sAaBCga88DBa4.crl (hash: Ga34U5FOSE2gRN23W4RgKbkux+lxK++CzhmnX94V0+E=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/8d/a42e94-15b7-4272-9eb0-99db21244edf/1/fD2KpDg1BKMa_0sAaBCga88DBa4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/8d/a42e94-15b7-4272-9eb0-99db21244edf/1/fD2KpDg1BKMa_0sAaBCga88DBa4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/fD2KpDg1BKMa_0sAaBCga88DBa4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 12 Jun 2025 08:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:5e:38:91:64:61:6c:9d:2e:29:c5:66:23:70:16:60:a9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7c3d8aa4383504a31aff4b006810a06bcf0305ae
        Validity
            Not Before: Jun 11 09:00:54 2025 GMT
            Not After : Jun 12 09:00:54 2025 GMT
        Subject: CN=8349ccc9489ce7213049a7441d4b0d2fa3262c4c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8b:a2:22:c8:e8:59:2c:fb:89:3c:7a:fd:d7:cb:
                    d7:3d:44:a9:e8:c8:0b:d4:76:f0:4b:4b:b4:ce:69:
                    5b:02:76:3d:45:5c:74:d0:cf:fe:70:f3:7b:e1:8d:
                    e4:1e:da:18:20:b3:32:17:26:b6:1d:96:ae:d6:3d:
                    85:f9:60:df:df:92:78:b0:7a:c4:f1:de:35:fc:b0:
                    c3:8c:83:c7:b4:39:16:43:a0:15:44:50:e1:72:dd:
                    f3:79:d4:9c:d6:db:de:88:92:b8:8c:c1:36:b5:54:
                    db:8e:cc:f4:5e:46:2c:70:3b:a4:14:b8:99:88:90:
                    c6:00:d9:ac:f0:ce:ea:ba:64:de:04:7b:a9:c6:54:
                    45:3d:24:27:70:bd:7d:f0:9e:e2:15:a0:07:cd:e7:
                    1a:f9:b9:83:cd:13:e7:85:b6:99:35:18:4a:e9:ef:
                    3e:9e:80:82:fb:df:6a:8c:01:2b:f1:9c:cd:53:35:
                    40:f1:50:1e:84:2b:f7:b5:e4:e7:dd:47:31:7d:71:
                    0d:81:d7:0b:87:e0:04:e5:04:32:46:48:e4:51:54:
                    09:e9:3a:74:23:a2:85:f7:e6:77:03:72:8f:fe:3a:
                    d4:37:bf:6c:15:26:f4:3f:e3:84:3f:b2:87:65:7f:
                    ae:09:5a:b1:97:71:23:87:b8:ca:5c:d2:d7:e2:47:
                    fa:25
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                83:49:CC:C9:48:9C:E7:21:30:49:A7:44:1D:4B:0D:2F:A3:26:2C:4C
            X509v3 Authority Key Identifier:
                keyid:7C:3D:8A:A4:38:35:04:A3:1A:FF:4B:00:68:10:A0:6B:CF:03:05:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fD2KpDg1BKMa_0sAaBCga88DBa4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/a42e94-15b7-4272-9eb0-99db21244edf/1/fD2KpDg1BKMa_0sAaBCga88DBa4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/a42e94-15b7-4272-9eb0-99db21244edf/1/fD2KpDg1BKMa_0sAaBCga88DBa4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         65:20:04:8d:2f:74:94:7d:e7:08:e3:ba:a7:67:06:c3:cd:bd:
         40:cf:fe:8a:23:5c:3b:c3:33:18:31:78:f5:44:f1:a7:2c:c5:
         a2:1f:ea:d2:62:a3:40:34:d1:5f:99:8d:50:60:08:0f:a8:e9:
         76:4e:60:15:69:84:44:90:fe:30:35:3e:f1:9c:02:b2:dd:f0:
         40:9a:74:d5:a6:ce:e0:80:1d:9e:9d:68:d1:44:8b:11:49:f7:
         22:bc:d8:7d:d6:da:1b:c4:8a:00:26:88:4b:8c:66:4d:6a:2e:
         73:5b:03:9e:af:03:75:06:39:c3:9a:81:27:1c:f4:d2:cf:9d:
         1c:06:72:94:aa:80:4c:d6:2e:fa:50:84:f5:58:67:75:7c:32:
         67:99:c6:4c:21:a7:36:93:b9:a1:ab:62:69:2b:3e:11:97:20:
         d1:b6:46:c8:13:fc:ae:37:7a:d9:8f:d3:30:3b:44:b5:0d:97:
         a9:8c:d0:4c:0d:81:a4:7c:e4:27:53:e9:78:f7:52:1c:0b:4e:
         2e:2f:6a:ce:57:d3:b0:05:03:a0:f8:31:43:9c:2a:c7:20:86:
         25:cf:ab:bd:01:bf:3b:60:85:e7:cc:1c:00:8d:b8:2b:6b:b8:
         55:e6:34:fb:86:ea:c8:f4:b8:49:f6:b9:8b:34:43:32:fe:78:
         d7:e5:c5:e9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdeOJFkYWydLinFZiNwFmCpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdjM2Q4YWE0MzgzNTA0YTMxYWZmNGIwMDY4MTBhMDZiY2Yw
MzA1YWUwHhcNMjUwNjExMDkwMDU0WhcNMjUwNjEyMDkwMDU0WjAzMTEwLwYDVQQD
Eyg4MzQ5Y2NjOTQ4OWNlNzIxMzA0OWE3NDQxZDRiMGQyZmEzMjYyYzRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi6IiyOhZLPuJPHr918vXPUSp6MgL
1HbwS0u0zmlbAnY9RVx00M/+cPN74Y3kHtoYILMyFya2HZau1j2F+WDf35J4sHrE
8d41/LDDjIPHtDkWQ6AVRFDhct3zedSc1tveiJK4jME2tVTbjsz0XkYscDukFLiZ
iJDGANms8M7qumTeBHupxlRFPSQncL198J7iFaAHzeca+bmDzRPnhbaZNRhK6e8+
noCC+99qjAEr8ZzNUzVA8VAehCv3teTn3UcxfXENgdcLh+AE5QQyRkjkUVQJ6Tp0
I6KF9+Z3A3KP/jrUN79sFSb0P+OEP7KHZX+uCVqxl3Ejh7jKXNLX4kf6JQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFINJzMlInOchMEmnRB1LDS+jJixMMB8GA1UdIwQY
MBaAFHw9iqQ4NQSjGv9LAGgQoGvPAwWuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZkQyS3BEZzFCS01hXzBzQWFCQ2dhODhEQmE0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZC9hNDJlOTQtMTViNy00MjcyLTllYjAt
OTlkYjIxMjQ0ZWRmLzEvZkQyS3BEZzFCS01hXzBzQWFCQ2dhODhEQmE0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZC9hNDJlOTQtMTViNy00MjcyLTllYjAtOTlkYjIxMjQ0ZWRm
LzEvZkQyS3BEZzFCS01hXzBzQWFCQ2dhODhEQmE0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZSAEjS90
lH3nCOO6p2cGw829QM/+iiNcO8MzGDF49UTxpyzFoh/q0mKjQDTRX5mNUGAID6jp
dk5gFWmERJD+MDU+8ZwCst3wQJp01abO4IAdnp1o0USLEUn3IrzYfdbaG8SKACaI
S4xmTWouc1sDnq8DdQY5w5qBJxz00s+dHAZylKqATNYu+lCE9VhndXwyZ5nGTCGn
NpO5oatiaSs+EZcg0bZGyBP8rjd62Y/TMDtEtQ2XqYzQTA2BpHzkJ1PpePdSHAtO
Li9qzlfTsAUDoPgxQ5wqxyCGJc+rvQG/O2CF58wcAI24K2u4VeY0+4bqyPS4Sfa5
izRDMv541+XF6Q==
-----END CERTIFICATE-----
Generated at Wed Jun 11 11:09:24 2025 by rpki-client