Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/f11dea-305e-4898-9192-365347f416c0/1/knseVqx9B4AsRWfEZ5Q1FZtCIJY.mft
File:                     knseVqx9B4AsRWfEZ5Q1FZtCIJY.mft (raw, json)
Hash identifier:          PsGMHTVDmtOrr9X6Sqzsy/GNmf4/RF8TZWoPnKqpOn8=
Subject key identifier:   70:7C:F9:5B:72:94:FC:2B:B7:6F:41:1E:62:18:5C:55:95:2E:54:98
Authority key identifier: 92:7B:1E:56:AC:7D:07:80:2C:45:67:C4:67:94:35:15:9B:42:20:96
Certificate issuer:       /CN=927b1e56ac7d07802c4567c4679435159b422096
Certificate serial:       019760CB68ACF26D5EB3F74B78705A87F220
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/knseVqx9B4AsRWfEZ5Q1FZtCIJY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/97/f11dea-305e-4898-9192-365347f416c0/1/knseVqx9B4AsRWfEZ5Q1FZtCIJY.mft
Manifest number:          158A
Signing time:             Wed 11 Jun 2025 21:00:32 +0000
Manifest this update:     Wed 11 Jun 2025 21:00:32 +0000
Manifest next update:     Thu 12 Jun 2025 21:00:32 +0000
Files and hashes:         1: ZZutCOlh3Ali7o57VArVQ-r6xEQ.roa (hash: Z8oFv1O8k+i1SuyJDIP9mmTPP/Uv75FEkkBOgolEt4M=)
                          2: knseVqx9B4AsRWfEZ5Q1FZtCIJY.crl (hash: jZ+bAiZauSeH31KpXDlcesWF2BwDpY0VicYz8WgZ9To=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/97/f11dea-305e-4898-9192-365347f416c0/1/knseVqx9B4AsRWfEZ5Q1FZtCIJY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/97/f11dea-305e-4898-9192-365347f416c0/1/knseVqx9B4AsRWfEZ5Q1FZtCIJY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/knseVqx9B4AsRWfEZ5Q1FZtCIJY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 12 Jun 2025 21:00:32 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:60:cb:68:ac:f2:6d:5e:b3:f7:4b:78:70:5a:87:f2:20
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=927b1e56ac7d07802c4567c4679435159b422096
        Validity
            Not Before: Jun 11 21:00:32 2025 GMT
            Not After : Jun 12 21:00:32 2025 GMT
        Subject: CN=707cf95b7294fc2bb76f411e62185c55952e5498
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:90:bb:6d:b4:1f:13:7e:2e:15:0b:33:50:c4:
                    f3:73:13:ac:b6:e9:8f:dc:31:e7:cb:6e:69:ca:12:
                    8e:c2:db:60:89:2d:16:73:44:81:09:14:18:28:b3:
                    ef:c2:87:d4:92:35:07:82:19:ff:00:9e:6a:c0:3f:
                    2d:19:b5:0c:cd:bb:10:7f:df:b7:08:49:34:59:fd:
                    3a:70:19:96:4b:3b:e9:21:58:c3:61:1d:50:1e:60:
                    6a:51:61:a7:6a:93:25:e5:20:cf:04:a3:d0:59:56:
                    33:36:0c:c3:d6:fa:4a:3c:3e:30:f0:4f:5b:8c:89:
                    26:9c:aa:14:b6:a4:d0:fb:44:cd:f7:88:77:ed:e1:
                    44:6b:d9:50:46:91:58:37:87:8a:81:9d:6f:0b:0e:
                    36:fc:7f:6a:1b:04:08:0f:fb:cc:2b:93:ef:1b:91:
                    eb:ee:a1:a1:ac:a8:4a:36:76:03:43:97:65:bd:ba:
                    91:5c:52:b0:60:e4:a7:ca:8f:d7:07:cd:f3:5d:66:
                    d8:a6:9a:58:1b:f9:39:37:56:24:32:c6:c8:71:97:
                    88:2b:a2:f2:be:74:f3:fc:01:31:a4:0c:3a:8d:73:
                    2c:3c:56:e6:ec:6d:99:b5:10:a6:da:99:5c:43:fd:
                    7d:0e:df:73:f3:7a:d4:80:e7:96:f0:68:1f:3f:be:
                    dc:11
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                70:7C:F9:5B:72:94:FC:2B:B7:6F:41:1E:62:18:5C:55:95:2E:54:98
            X509v3 Authority Key Identifier:
                keyid:92:7B:1E:56:AC:7D:07:80:2C:45:67:C4:67:94:35:15:9B:42:20:96

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/knseVqx9B4AsRWfEZ5Q1FZtCIJY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/f11dea-305e-4898-9192-365347f416c0/1/knseVqx9B4AsRWfEZ5Q1FZtCIJY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/97/f11dea-305e-4898-9192-365347f416c0/1/knseVqx9B4AsRWfEZ5Q1FZtCIJY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         8f:2f:47:0a:01:96:ad:d9:46:23:86:e8:77:45:04:58:cc:80:
         23:ac:9f:f7:f2:f9:41:02:b2:f5:26:c3:43:00:61:69:1f:a3:
         13:78:8e:4e:b5:13:cb:b0:05:88:7f:b9:65:68:38:16:03:7b:
         0d:8a:d8:24:05:5a:57:1e:7c:c3:2d:32:52:cb:39:a2:80:11:
         ac:04:7d:8b:4a:b6:82:7f:41:8c:f5:15:a0:9f:14:be:e2:f5:
         c0:f5:26:14:21:8c:35:37:d3:0a:55:3d:9e:4e:94:83:cd:b3:
         8b:84:fc:d3:d9:3d:0d:3d:fe:38:d9:23:88:f0:ae:9b:b0:74:
         1d:20:d9:13:b7:00:6c:2d:53:82:ac:b9:ee:68:1a:4f:be:b9:
         65:3b:5c:f6:9b:47:ba:cd:16:63:72:40:6d:be:a2:06:a8:f1:
         72:85:cb:20:95:50:85:4c:8e:2b:6b:f2:54:d8:70:2f:83:93:
         f2:bf:fa:1e:c1:2a:6f:b8:6b:f4:b2:1d:03:4d:c3:85:50:46:
         f7:5e:ed:3b:3e:f9:a3:1a:a2:e1:01:81:81:4f:6b:69:18:3c:
         16:46:e8:47:1a:de:2a:8b:15:11:54:e7:39:a6:eb:d5:e5:31:
         6c:b9:17:36:a4:30:d3:a2:c0:64:b3:f6:17:86:00:45:ee:3f:
         a7:eb:6e:1c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdgy2is8m1es/dLeHBah/IgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyN2IxZTU2YWM3ZDA3ODAyYzQ1NjdjNDY3OTQzNTE1OWI0
MjIwOTYwHhcNMjUwNjExMjEwMDMyWhcNMjUwNjEyMjEwMDMyWjAzMTEwLwYDVQQD
Eyg3MDdjZjk1YjcyOTRmYzJiYjc2ZjQxMWU2MjE4NWM1NTk1MmU1NDk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoJC7bbQfE34uFQszUMTzcxOstumP
3DHny25pyhKOwttgiS0Wc0SBCRQYKLPvwofUkjUHghn/AJ5qwD8tGbUMzbsQf9+3
CEk0Wf06cBmWSzvpIVjDYR1QHmBqUWGnapMl5SDPBKPQWVYzNgzD1vpKPD4w8E9b
jIkmnKoUtqTQ+0TN94h37eFEa9lQRpFYN4eKgZ1vCw42/H9qGwQID/vMK5PvG5Hr
7qGhrKhKNnYDQ5dlvbqRXFKwYOSnyo/XB83zXWbYpppYG/k5N1YkMsbIcZeIK6Ly
vnTz/AExpAw6jXMsPFbm7G2ZtRCm2plcQ/19Dt9z83rUgOeW8GgfP77cEQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHB8+VtylPwrt29BHmIYXFWVLlSYMB8GA1UdIwQY
MBaAFJJ7HlasfQeALEVnxGeUNRWbQiCWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva25zZVZxeDlCNEFzUldmRVo1UTFGWnRDSUpZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny9mMTFkZWEtMzA1ZS00ODk4LTkxOTIt
MzY1MzQ3ZjQxNmMwLzEva25zZVZxeDlCNEFzUldmRVo1UTFGWnRDSUpZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny9mMTFkZWEtMzA1ZS00ODk4LTkxOTItMzY1MzQ3ZjQxNmMw
LzEva25zZVZxeDlCNEFzUldmRVo1UTFGWnRDSUpZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAjy9HCgGW
rdlGI4bod0UEWMyAI6yf9/L5QQKy9SbDQwBhaR+jE3iOTrUTy7AFiH+5ZWg4FgN7
DYrYJAVaVx58wy0yUss5ooARrAR9i0q2gn9BjPUVoJ8UvuL1wPUmFCGMNTfTClU9
nk6Ug82zi4T809k9DT3+ONkjiPCum7B0HSDZE7cAbC1Tgqy57mgaT765ZTtc9ptH
us0WY3JAbb6iBqjxcoXLIJVQhUyOK2vyVNhwL4OT8r/6HsEqb7hr9LIdA03DhVBG
917tOz75oxqi4QGBgU9raRg8FkboRxreKosVEVTnOabr1eUxbLkXNqQw06LAZLP2
F4YARe4/p+tuHA==
-----END CERTIFICATE-----
Generated at Thu Jun 12 04:03:39 2025 by rpki-client