Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/95/6cfc2b-9be8-4fe0-a424-196cc167113e/1/HIivL0NlSz9FLVx07QdHElcNH94.mft
File:                     HIivL0NlSz9FLVx07QdHElcNH94.mft (raw, json)
Hash identifier:          gBwOWegJCo4u0lLERT2LomLgPHBqyFx7QT2b7OOb5AQ=
Subject key identifier:   D6:67:6A:25:FA:CD:AD:35:B4:28:C0:5A:F3:0C:FA:B8:FD:1E:80:81
Authority key identifier: 1C:88:AF:2F:43:65:4B:3F:45:2D:5C:74:ED:07:47:12:57:0D:1F:DE
Certificate issuer:       /CN=1c88af2f43654b3f452d5c74ed074712570d1fde
Certificate serial:       01975EDD292CDD8F8345F6CABB19ACE47AE5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HIivL0NlSz9FLVx07QdHElcNH94.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/95/6cfc2b-9be8-4fe0-a424-196cc167113e/1/HIivL0NlSz9FLVx07QdHElcNH94.mft
Manifest number:          158B
Signing time:             Wed 11 Jun 2025 12:00:41 +0000
Manifest this update:     Wed 11 Jun 2025 12:00:41 +0000
Manifest next update:     Thu 12 Jun 2025 12:00:41 +0000
Files and hashes:         1: CCupZ2Z50lEeozRfCFyqGlk11BE.roa (hash: u0mXYzOevuF7/VUH3KREJcVDAaOJuSJnSH+Q3fKIqwg=)
                          2: HIivL0NlSz9FLVx07QdHElcNH94.crl (hash: RuVwtUX0/tYO5WacX1U5Hqw7feJEpaeo0IGV6cU5d1A=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/95/6cfc2b-9be8-4fe0-a424-196cc167113e/1/HIivL0NlSz9FLVx07QdHElcNH94.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/95/6cfc2b-9be8-4fe0-a424-196cc167113e/1/HIivL0NlSz9FLVx07QdHElcNH94.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/HIivL0NlSz9FLVx07QdHElcNH94.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 12 Jun 2025 08:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:5e:dd:29:2c:dd:8f:83:45:f6:ca:bb:19:ac:e4:7a:e5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1c88af2f43654b3f452d5c74ed074712570d1fde
        Validity
            Not Before: Jun 11 12:00:41 2025 GMT
            Not After : Jun 12 12:00:41 2025 GMT
        Subject: CN=d6676a25facdad35b428c05af30cfab8fd1e8081
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:29:72:33:4b:ec:83:e9:8f:2a:db:ce:4e:7c:
                    fc:72:d4:7f:44:3b:78:cb:f2:33:7a:02:c5:4a:ac:
                    41:3a:5a:8e:25:ef:6f:76:e7:71:a2:5c:bf:f3:8b:
                    06:fe:e1:6f:d1:74:95:0f:14:f6:a8:0d:3c:5e:c4:
                    67:7d:f9:50:1b:87:ec:eb:07:3b:c1:6c:33:a2:c6:
                    18:0d:a6:7d:4a:fb:59:dd:a6:fd:e0:1a:e2:8d:6b:
                    65:6f:d6:d1:b8:5e:ce:d1:dc:86:6a:50:75:ad:5c:
                    10:4c:d9:2d:8b:03:4e:af:82:44:be:1e:1d:ae:48:
                    44:2e:f8:01:02:4c:3d:b9:fe:95:b6:92:7f:d1:b4:
                    e9:71:ef:dd:94:2c:f0:8d:f8:fb:01:51:d3:b9:9e:
                    31:34:8b:b9:82:51:7f:20:98:fc:b8:a3:0f:af:d5:
                    44:36:d6:6f:e1:e3:38:51:85:fe:69:8b:31:2d:db:
                    b1:61:a1:49:fe:04:31:80:b4:71:e7:59:d6:13:40:
                    4d:1e:31:d2:ab:5d:df:77:ba:8e:13:c1:4c:8b:2a:
                    44:68:c0:1e:ca:b4:7c:96:15:e6:e7:14:12:f1:4c:
                    04:ad:63:cb:72:34:f8:9c:19:1d:cb:bc:b8:4a:34:
                    63:1a:f9:f8:7a:67:49:14:1e:49:f8:65:b9:2f:5f:
                    9c:23
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D6:67:6A:25:FA:CD:AD:35:B4:28:C0:5A:F3:0C:FA:B8:FD:1E:80:81
            X509v3 Authority Key Identifier:
                keyid:1C:88:AF:2F:43:65:4B:3F:45:2D:5C:74:ED:07:47:12:57:0D:1F:DE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HIivL0NlSz9FLVx07QdHElcNH94.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/95/6cfc2b-9be8-4fe0-a424-196cc167113e/1/HIivL0NlSz9FLVx07QdHElcNH94.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/95/6cfc2b-9be8-4fe0-a424-196cc167113e/1/HIivL0NlSz9FLVx07QdHElcNH94.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         65:4b:b4:e2:8a:15:eb:1b:58:c1:02:85:51:e4:33:84:05:01:
         16:a5:0c:a1:32:e2:eb:d6:39:4f:f0:4d:18:87:ba:2a:44:3f:
         da:a7:5e:8b:41:7a:90:17:9f:29:7d:eb:6b:a0:d2:ae:3f:1e:
         b2:ec:6d:45:2e:17:c6:98:61:c5:23:ab:6b:84:fc:f0:f3:0c:
         10:20:15:e3:e1:77:ab:77:bf:c0:fa:90:63:d8:a2:fe:be:c1:
         99:e6:78:61:e1:78:c1:2c:b9:7f:41:69:c6:ae:6f:1f:12:ae:
         dc:df:8a:0b:f8:eb:34:78:c1:3b:6b:68:2a:16:56:d4:6b:a9:
         e2:ae:d0:5d:5d:d2:57:e1:b3:95:ca:1d:02:eb:4e:4f:ea:ef:
         99:e5:91:63:d3:c6:01:51:e6:95:39:1a:5c:48:dd:d9:3c:59:
         0f:3a:b5:a5:34:d8:63:fd:da:fb:6c:69:c5:9c:c3:80:c1:7d:
         88:a8:17:f9:15:86:3f:d4:ec:33:6c:8f:b0:f7:75:d8:b4:2f:
         d4:bd:64:21:01:8f:15:72:eb:dd:63:0f:44:43:e6:8a:c1:f7:
         57:b9:2d:1a:10:08:38:fe:dd:46:17:16:46:6d:12:49:06:20:
         8a:ca:b0:fa:a3:d8:3d:ed:d1:26:9a:a6:d4:e0:a1:74:c1:e4:
         43:90:9d:f2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZde3Sks3Y+DRfbKuxms5HrlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjODhhZjJmNDM2NTRiM2Y0NTJkNWM3NGVkMDc0NzEyNTcw
ZDFmZGUwHhcNMjUwNjExMTIwMDQxWhcNMjUwNjEyMTIwMDQxWjAzMTEwLwYDVQQD
EyhkNjY3NmEyNWZhY2RhZDM1YjQyOGMwNWFmMzBjZmFiOGZkMWU4MDgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuSlyM0vsg+mPKtvOTnz8ctR/RDt4
y/IzegLFSqxBOlqOJe9vdudxoly/84sG/uFv0XSVDxT2qA08XsRnfflQG4fs6wc7
wWwzosYYDaZ9SvtZ3ab94BrijWtlb9bRuF7O0dyGalB1rVwQTNktiwNOr4JEvh4d
rkhELvgBAkw9uf6VtpJ/0bTpce/dlCzwjfj7AVHTuZ4xNIu5glF/IJj8uKMPr9VE
NtZv4eM4UYX+aYsxLduxYaFJ/gQxgLRx51nWE0BNHjHSq13fd7qOE8FMiypEaMAe
yrR8lhXm5xQS8UwErWPLcjT4nBkdy7y4SjRjGvn4emdJFB5J+GW5L1+cIwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNZnaiX6za01tCjAWvMM+rj9HoCBMB8GA1UdIwQY
MBaAFByIry9DZUs/RS1cdO0HRxJXDR/eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSElpdkwwTmxTejlGTFZ4MDdRZEhFbGNOSDk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NS82Y2ZjMmItOWJlOC00ZmUwLWE0MjQt
MTk2Y2MxNjcxMTNlLzEvSElpdkwwTmxTejlGTFZ4MDdRZEhFbGNOSDk0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85NS82Y2ZjMmItOWJlOC00ZmUwLWE0MjQtMTk2Y2MxNjcxMTNl
LzEvSElpdkwwTmxTejlGTFZ4MDdRZEhFbGNOSDk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZUu04ooV
6xtYwQKFUeQzhAUBFqUMoTLi69Y5T/BNGIe6KkQ/2qdei0F6kBefKX3ra6DSrj8e
suxtRS4XxphhxSOra4T88PMMECAV4+F3q3e/wPqQY9ii/r7BmeZ4YeF4wSy5f0Fp
xq5vHxKu3N+KC/jrNHjBO2toKhZW1Gup4q7QXV3SV+GzlcodAutOT+rvmeWRY9PG
AVHmlTkaXEjd2TxZDzq1pTTYY/3a+2xpxZzDgMF9iKgX+RWGP9TsM2yPsPd12LQv
1L1kIQGPFXLr3WMPREPmisH3V7ktGhAIOP7dRhcWRm0SSQYgisqw+qPYPe3RJpqm
1OChdMHkQ5Cd8g==
-----END CERTIFICATE-----
Generated at Wed Jun 11 13:54:01 2025 by rpki-client