Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/95/6cfc2b-9be8-4fe0-a424-196cc167113e/1/HIivL0NlSz9FLVx07QdHElcNH94.mft
File:                     HIivL0NlSz9FLVx07QdHElcNH94.mft (raw, json)
Hash identifier:          1RQZszESXBZDf8/motPiIRWAiOtVs/YACgnOzVvAKkc=
Subject key identifier:   FB:9C:90:00:35:1D:F0:96:32:C6:9E:E3:21:2C:34:DE:A9:68:0F:35
Authority key identifier: 1C:88:AF:2F:43:65:4B:3F:45:2D:5C:74:ED:07:47:12:57:0D:1F:DE
Certificate issuer:       /CN=1c88af2f43654b3f452d5c74ed074712570d1fde
Certificate serial:       019759127A319F8956E13A4F937BA5C03457
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HIivL0NlSz9FLVx07QdHElcNH94.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/95/6cfc2b-9be8-4fe0-a424-196cc167113e/1/HIivL0NlSz9FLVx07QdHElcNH94.mft
Manifest number:          1588
Signing time:             Tue 10 Jun 2025 09:01:12 +0000
Manifest this update:     Tue 10 Jun 2025 09:01:12 +0000
Manifest next update:     Wed 11 Jun 2025 09:01:12 +0000
Files and hashes:         1: CCupZ2Z50lEeozRfCFyqGlk11BE.roa (hash: u0mXYzOevuF7/VUH3KREJcVDAaOJuSJnSH+Q3fKIqwg=)
                          2: HIivL0NlSz9FLVx07QdHElcNH94.crl (hash: KhDaIvqGsOl4OjOelTq4crLWTDpaRKBM6Q3pXDZQN3I=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/95/6cfc2b-9be8-4fe0-a424-196cc167113e/1/HIivL0NlSz9FLVx07QdHElcNH94.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/95/6cfc2b-9be8-4fe0-a424-196cc167113e/1/HIivL0NlSz9FLVx07QdHElcNH94.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/HIivL0NlSz9FLVx07QdHElcNH94.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 11 Jun 2025 09:01:12 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:59:12:7a:31:9f:89:56:e1:3a:4f:93:7b:a5:c0:34:57
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1c88af2f43654b3f452d5c74ed074712570d1fde
        Validity
            Not Before: Jun 10 09:01:12 2025 GMT
            Not After : Jun 11 09:01:12 2025 GMT
        Subject: CN=fb9c9000351df09632c69ee3212c34dea9680f35
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:83:9a:8e:02:5c:6f:14:05:d2:03:a7:db:b3:
                    6d:84:fd:2d:ba:9c:97:aa:98:9e:5c:f1:b1:d0:2d:
                    be:7e:62:b1:12:7e:ca:18:5c:a3:fb:53:27:f7:80:
                    16:e7:d8:a5:f7:f1:80:c7:9a:33:06:69:3f:38:05:
                    f1:2b:c3:fd:fc:5a:00:91:db:7c:d8:61:bf:ff:bb:
                    99:3d:a6:e4:bc:6f:79:06:e8:3c:9e:7b:d9:57:f8:
                    68:47:4a:9d:6f:1a:ad:4d:61:45:9e:e1:0c:d2:a4:
                    f6:39:8e:fc:8c:8d:0c:09:f6:b5:64:a5:9b:b6:ef:
                    a6:f7:06:c5:10:20:53:f1:f7:6c:e8:7e:a2:3f:48:
                    54:91:6c:2e:4e:25:e1:e4:ad:18:81:9b:60:d9:cf:
                    c3:e4:2e:ec:ff:1d:ce:b0:70:b9:93:98:2e:5e:a5:
                    09:99:de:4d:39:78:4c:0a:d4:31:6b:33:87:67:d8:
                    cc:4f:ea:e5:6a:29:20:36:eb:a1:f4:66:63:8d:6e:
                    07:3c:ff:10:04:80:1b:7e:d7:28:f9:50:c8:8f:47:
                    63:bd:c5:82:04:f9:27:95:da:40:6b:f4:f1:61:a7:
                    3c:7e:00:25:66:0e:69:c7:7c:52:a1:42:91:6c:d2:
                    f4:2a:21:f0:d9:8d:a6:0b:2f:ee:c0:82:fc:2a:38:
                    c2:01
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FB:9C:90:00:35:1D:F0:96:32:C6:9E:E3:21:2C:34:DE:A9:68:0F:35
            X509v3 Authority Key Identifier:
                keyid:1C:88:AF:2F:43:65:4B:3F:45:2D:5C:74:ED:07:47:12:57:0D:1F:DE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HIivL0NlSz9FLVx07QdHElcNH94.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/95/6cfc2b-9be8-4fe0-a424-196cc167113e/1/HIivL0NlSz9FLVx07QdHElcNH94.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/95/6cfc2b-9be8-4fe0-a424-196cc167113e/1/HIivL0NlSz9FLVx07QdHElcNH94.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         41:fa:b3:c4:d6:ca:c6:20:33:ad:72:7f:7d:ac:4c:de:58:49:
         fb:85:54:ba:84:48:30:f2:bd:52:47:b0:a7:bb:63:83:69:9d:
         77:4f:c6:81:34:e9:5d:02:e2:f5:91:ca:f9:f8:7f:da:86:60:
         28:a3:18:be:f2:52:53:a4:bd:0d:d4:e0:bf:6e:5d:ad:45:ff:
         4e:56:70:db:34:3c:1d:de:59:cf:94:23:c9:dc:52:b6:ad:ec:
         14:f2:77:b3:b6:1c:f2:ae:da:76:48:66:a8:5c:c7:51:d7:c0:
         1d:6c:c4:11:3d:15:96:b7:cf:95:df:b7:e5:6d:d9:de:a1:17:
         9e:9e:b8:69:8f:5d:3c:c8:13:f6:b7:e2:08:15:7a:77:d1:54:
         73:f0:2b:a9:9e:8b:3e:54:a3:c4:09:22:c3:ac:12:ac:7e:64:
         e8:6b:c0:36:8d:3e:c9:8c:f9:95:12:a9:0a:e0:49:9b:c3:d6:
         75:c0:be:78:51:88:60:50:c9:0c:9d:2e:58:24:5f:23:66:77:
         88:a0:07:a9:86:25:76:dd:54:ae:ad:a8:a2:cf:f5:27:ed:c7:
         27:c6:4d:3e:63:52:72:db:64:f6:de:51:cc:97:cf:55:35:7b:
         76:64:4d:77:7d:ad:74:12:5a:32:0a:50:bb:b1:4c:ee:6b:08:
         16:fe:28:4a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdZEnoxn4lW4TpPk3ulwDRXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjODhhZjJmNDM2NTRiM2Y0NTJkNWM3NGVkMDc0NzEyNTcw
ZDFmZGUwHhcNMjUwNjEwMDkwMTEyWhcNMjUwNjExMDkwMTEyWjAzMTEwLwYDVQQD
EyhmYjljOTAwMDM1MWRmMDk2MzJjNjllZTMyMTJjMzRkZWE5NjgwZjM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsoOajgJcbxQF0gOn27NthP0tupyX
qpieXPGx0C2+fmKxEn7KGFyj+1Mn94AW59il9/GAx5ozBmk/OAXxK8P9/FoAkdt8
2GG//7uZPabkvG95Bug8nnvZV/hoR0qdbxqtTWFFnuEM0qT2OY78jI0MCfa1ZKWb
tu+m9wbFECBT8fds6H6iP0hUkWwuTiXh5K0YgZtg2c/D5C7s/x3OsHC5k5guXqUJ
md5NOXhMCtQxazOHZ9jMT+rlaikgNuuh9GZjjW4HPP8QBIAbftco+VDIj0djvcWC
BPknldpAa/TxYac8fgAlZg5px3xSoUKRbNL0KiHw2Y2mCy/uwIL8KjjCAQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPuckAA1HfCWMsae4yEsNN6paA81MB8GA1UdIwQY
MBaAFByIry9DZUs/RS1cdO0HRxJXDR/eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSElpdkwwTmxTejlGTFZ4MDdRZEhFbGNOSDk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NS82Y2ZjMmItOWJlOC00ZmUwLWE0MjQt
MTk2Y2MxNjcxMTNlLzEvSElpdkwwTmxTejlGTFZ4MDdRZEhFbGNOSDk0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85NS82Y2ZjMmItOWJlOC00ZmUwLWE0MjQtMTk2Y2MxNjcxMTNl
LzEvSElpdkwwTmxTejlGTFZ4MDdRZEhFbGNOSDk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQfqzxNbK
xiAzrXJ/faxM3lhJ+4VUuoRIMPK9Ukewp7tjg2mdd0/GgTTpXQLi9ZHK+fh/2oZg
KKMYvvJSU6S9DdTgv25drUX/TlZw2zQ8Hd5Zz5QjydxStq3sFPJ3s7Yc8q7adkhm
qFzHUdfAHWzEET0VlrfPld+35W3Z3qEXnp64aY9dPMgT9rfiCBV6d9FUc/ArqZ6L
PlSjxAkiw6wSrH5k6GvANo0+yYz5lRKpCuBJm8PWdcC+eFGIYFDJDJ0uWCRfI2Z3
iKAHqYYldt1Urq2oos/1J+3HJ8ZNPmNScttk9t5RzJfPVTV7dmRNd32tdBJaMgpQ
u7FM7msIFv4oSg==
-----END CERTIFICATE-----
Generated at Tue Jun 10 19:03:03 2025 by rpki-client