Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/95/6cfc2b-9be8-4fe0-a424-196cc167113e/1/HIivL0NlSz9FLVx07QdHElcNH94.mft
File:                     HIivL0NlSz9FLVx07QdHElcNH94.mft (raw, json)
Hash identifier:          YvMHbTBqkAPdKNIc/Fom5jA9QCvLY/h2GzsqYUyII0E=
Subject key identifier:   F1:4C:C5:A2:69:6B:F0:D1:FE:3E:90:2E:D1:32:8A:B2:25:4D:2A:7D
Authority key identifier: 1C:88:AF:2F:43:65:4B:3F:45:2D:5C:74:ED:07:47:12:57:0D:1F:DE
Certificate issuer:       /CN=1c88af2f43654b3f452d5c74ed074712570d1fde
Certificate serial:       019764A880CC6E53D8FE37DA558393359579
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HIivL0NlSz9FLVx07QdHElcNH94.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/95/6cfc2b-9be8-4fe0-a424-196cc167113e/1/HIivL0NlSz9FLVx07QdHElcNH94.mft
Manifest number:          158E
Signing time:             Thu 12 Jun 2025 15:00:53 +0000
Manifest this update:     Thu 12 Jun 2025 15:00:53 +0000
Manifest next update:     Fri 13 Jun 2025 15:00:53 +0000
Files and hashes:         1: CCupZ2Z50lEeozRfCFyqGlk11BE.roa (hash: u0mXYzOevuF7/VUH3KREJcVDAaOJuSJnSH+Q3fKIqwg=)
                          2: HIivL0NlSz9FLVx07QdHElcNH94.crl (hash: VwwHtsbIQaJs07HeaoJ0pR2r02SYbVT2qV1RZ+qaCEA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/95/6cfc2b-9be8-4fe0-a424-196cc167113e/1/HIivL0NlSz9FLVx07QdHElcNH94.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/95/6cfc2b-9be8-4fe0-a424-196cc167113e/1/HIivL0NlSz9FLVx07QdHElcNH94.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/HIivL0NlSz9FLVx07QdHElcNH94.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 13 Jun 2025 15:00:53 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:64:a8:80:cc:6e:53:d8:fe:37:da:55:83:93:35:95:79
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1c88af2f43654b3f452d5c74ed074712570d1fde
        Validity
            Not Before: Jun 12 15:00:53 2025 GMT
            Not After : Jun 13 15:00:53 2025 GMT
        Subject: CN=f14cc5a2696bf0d1fe3e902ed1328ab2254d2a7d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c6:d3:41:5f:5f:3b:c0:7e:aa:6d:42:e0:7a:a6:
                    b0:89:fe:f2:0f:cb:ee:43:8e:bc:fe:ac:b7:49:c6:
                    39:45:19:60:f3:0c:23:62:c8:14:14:ef:3b:21:4b:
                    21:21:15:ea:50:03:31:cc:b4:b0:af:18:9e:11:10:
                    48:57:18:f8:e8:96:8c:b9:3d:96:8c:7e:a5:d2:b1:
                    78:99:57:57:9b:97:e6:ed:dc:76:ff:f5:25:ad:d0:
                    e2:0d:51:fc:09:84:2d:6a:cd:58:81:fd:2b:ae:32:
                    09:91:65:e5:7e:13:0d:b8:65:d6:53:eb:c7:ed:7a:
                    4a:c5:dd:4e:1c:be:33:e2:05:26:19:31:c0:f9:01:
                    71:90:01:13:fd:08:c4:4b:5f:b4:6c:10:26:df:98:
                    35:2a:c6:b6:3f:32:0d:8f:46:ae:2d:d2:f6:4a:56:
                    be:1d:5d:16:34:c6:5b:85:f4:d4:67:ff:3e:0f:f7:
                    b6:1d:81:40:df:86:bc:05:a7:dc:44:d1:53:87:ef:
                    25:87:9d:61:fb:4c:e6:85:50:64:4f:6e:d8:dd:76:
                    03:ae:5c:d0:11:12:2a:59:71:3b:09:93:d4:49:cb:
                    93:b9:ed:97:0d:8a:ad:2e:3d:cc:52:19:80:3d:ea:
                    2c:91:02:91:76:01:18:c6:ba:81:bc:43:a8:f9:4d:
                    db:fd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F1:4C:C5:A2:69:6B:F0:D1:FE:3E:90:2E:D1:32:8A:B2:25:4D:2A:7D
            X509v3 Authority Key Identifier:
                keyid:1C:88:AF:2F:43:65:4B:3F:45:2D:5C:74:ED:07:47:12:57:0D:1F:DE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HIivL0NlSz9FLVx07QdHElcNH94.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/95/6cfc2b-9be8-4fe0-a424-196cc167113e/1/HIivL0NlSz9FLVx07QdHElcNH94.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/95/6cfc2b-9be8-4fe0-a424-196cc167113e/1/HIivL0NlSz9FLVx07QdHElcNH94.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6e:61:0b:cf:81:be:7d:7b:17:dc:a1:4c:b2:ab:8f:b8:18:fc:
         51:3f:85:a1:07:aa:4e:98:94:68:09:ea:42:29:b7:04:5f:1e:
         7d:f2:9a:18:72:51:5a:6e:23:b2:ff:4e:ed:05:be:b9:c5:06:
         8e:a7:8f:96:d7:52:84:e1:af:7d:09:74:5a:c3:00:98:73:23:
         c2:78:8c:1c:42:4e:2d:27:0a:a6:3a:25:54:fb:78:49:5e:89:
         e3:b9:fd:fb:d8:34:65:f6:4f:bf:ac:d2:bd:ae:63:a1:1e:9c:
         4e:2b:8c:62:07:be:8c:7d:ce:30:b1:aa:88:15:21:a2:fd:cf:
         7f:58:bb:ea:19:dc:bc:1d:1d:bb:02:a3:a4:3f:80:99:17:26:
         cd:1f:96:6a:33:e9:8c:3b:33:fe:bd:45:48:34:25:23:ba:0d:
         ba:a3:90:d6:69:a1:14:59:c6:fe:19:c2:ce:97:a0:2f:53:a9:
         4a:c0:b7:b5:ad:df:ef:80:3c:9f:90:1e:fd:d7:91:de:9d:ed:
         aa:db:b8:8b:47:35:cd:e6:bb:f9:b6:cf:48:5c:84:75:d2:7e:
         9c:52:a5:9f:cb:4c:64:d8:f7:6e:5b:ad:34:a9:a8:ee:bd:f6:
         1b:b3:b3:e1:ee:87:97:16:63:f3:18:74:87:3d:bf:63:49:43:
         29:d8:39:a1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdkqIDMblPY/jfaVYOTNZV5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjODhhZjJmNDM2NTRiM2Y0NTJkNWM3NGVkMDc0NzEyNTcw
ZDFmZGUwHhcNMjUwNjEyMTUwMDUzWhcNMjUwNjEzMTUwMDUzWjAzMTEwLwYDVQQD
EyhmMTRjYzVhMjY5NmJmMGQxZmUzZTkwMmVkMTMyOGFiMjI1NGQyYTdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxtNBX187wH6qbULgeqawif7yD8vu
Q468/qy3ScY5RRlg8wwjYsgUFO87IUshIRXqUAMxzLSwrxieERBIVxj46JaMuT2W
jH6l0rF4mVdXm5fm7dx2//UlrdDiDVH8CYQtas1Ygf0rrjIJkWXlfhMNuGXWU+vH
7XpKxd1OHL4z4gUmGTHA+QFxkAET/QjES1+0bBAm35g1Ksa2PzINj0auLdL2Sla+
HV0WNMZbhfTUZ/8+D/e2HYFA34a8BafcRNFTh+8lh51h+0zmhVBkT27Y3XYDrlzQ
ERIqWXE7CZPUScuTue2XDYqtLj3MUhmAPeoskQKRdgEYxrqBvEOo+U3b/QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPFMxaJpa/DR/j6QLtEyirIlTSp9MB8GA1UdIwQY
MBaAFByIry9DZUs/RS1cdO0HRxJXDR/eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSElpdkwwTmxTejlGTFZ4MDdRZEhFbGNOSDk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NS82Y2ZjMmItOWJlOC00ZmUwLWE0MjQt
MTk2Y2MxNjcxMTNlLzEvSElpdkwwTmxTejlGTFZ4MDdRZEhFbGNOSDk0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85NS82Y2ZjMmItOWJlOC00ZmUwLWE0MjQtMTk2Y2MxNjcxMTNl
LzEvSElpdkwwTmxTejlGTFZ4MDdRZEhFbGNOSDk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAbmELz4G+
fXsX3KFMsquPuBj8UT+FoQeqTpiUaAnqQim3BF8effKaGHJRWm4jsv9O7QW+ucUG
jqePltdShOGvfQl0WsMAmHMjwniMHEJOLScKpjolVPt4SV6J47n9+9g0ZfZPv6zS
va5joR6cTiuMYge+jH3OMLGqiBUhov3Pf1i76hncvB0duwKjpD+AmRcmzR+WajPp
jDsz/r1FSDQlI7oNuqOQ1mmhFFnG/hnCzpegL1OpSsC3ta3f74A8n5Ae/deR3p3t
qtu4i0c1zea7+bbPSFyEddJ+nFKln8tMZNj3blutNKmo7r32G7Oz4e6HlxZj8xh0
hz2/Y0lDKdg5oQ==
-----END CERTIFICATE-----
Generated at Fri Jun 13 00:29:46 2025 by rpki-client