Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9d/918245-7b50-4952-a3a7-a45916955e6f/1/sXtEkEx2lKVAig0pcsOf8LGwPqU.mft
File:                     sXtEkEx2lKVAig0pcsOf8LGwPqU.mft (raw, json)
Hash identifier:          NA3UOpdLejSC0AWtbynkqkHFwyIPzHuFP/3iyuB8GSM=
Subject key identifier:   5B:A7:C1:23:3A:B4:18:5B:C3:77:01:A0:42:8D:AA:9A:B8:05:07:B4
Authority key identifier: B1:7B:44:90:4C:76:94:A5:40:8A:0D:29:72:C3:9F:F0:B1:B0:3E:A5
Certificate issuer:       /CN=b17b44904c7694a5408a0d2972c39ff0b1b03ea5
Certificate serial:       01975E38D7A77E9EAE730CE6E5A598F607AD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/sXtEkEx2lKVAig0pcsOf8LGwPqU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/9d/918245-7b50-4952-a3a7-a45916955e6f/1/sXtEkEx2lKVAig0pcsOf8LGwPqU.mft
Manifest number:          0DD1
Signing time:             Wed 11 Jun 2025 09:01:12 +0000
Manifest this update:     Wed 11 Jun 2025 09:01:12 +0000
Manifest next update:     Thu 12 Jun 2025 09:01:12 +0000
Files and hashes:         1: UDhX8BuvHOYMS5e9vYOFjWjGBYk.roa (hash: C1cyztzqKdd1lIZCQFArU9xrG3gU6hCt1VPEU5YkilM=)
                          2: sXtEkEx2lKVAig0pcsOf8LGwPqU.crl (hash: R6AW7/Jbe0SA9q1oBLyu6QHlKbChp1nSjgTtpUQVYWc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/9d/918245-7b50-4952-a3a7-a45916955e6f/1/sXtEkEx2lKVAig0pcsOf8LGwPqU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/9d/918245-7b50-4952-a3a7-a45916955e6f/1/sXtEkEx2lKVAig0pcsOf8LGwPqU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/sXtEkEx2lKVAig0pcsOf8LGwPqU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 12 Jun 2025 08:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:5e:38:d7:a7:7e:9e:ae:73:0c:e6:e5:a5:98:f6:07:ad
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b17b44904c7694a5408a0d2972c39ff0b1b03ea5
        Validity
            Not Before: Jun 11 09:01:12 2025 GMT
            Not After : Jun 12 09:01:12 2025 GMT
        Subject: CN=5ba7c1233ab4185bc37701a0428daa9ab80507b4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a4:b0:7f:c5:b7:40:89:c7:7e:b3:c2:3d:e0:5a:
                    b2:0f:00:55:57:e3:ad:73:fc:5b:b0:4a:99:0b:c5:
                    85:7c:da:2b:f1:8f:a3:fa:f4:70:cd:3b:22:c1:10:
                    d1:bd:b2:46:ce:78:64:75:75:36:8e:43:65:4a:63:
                    52:26:33:5a:38:2f:58:25:49:17:ec:7e:33:3e:7a:
                    d7:28:b9:d4:6e:a9:4d:4a:b1:f8:35:f4:77:9e:0d:
                    d3:e8:b8:0e:ce:13:2b:94:2c:5a:46:11:b2:e0:6c:
                    be:51:ac:04:ca:dc:65:40:48:ec:de:dc:a7:fa:f9:
                    0a:d6:80:b7:ed:1f:9c:76:7f:85:e1:25:c0:19:c2:
                    ae:15:70:6e:83:9f:48:af:f9:a6:ba:5e:2b:f8:2c:
                    6c:56:e9:86:72:ab:f9:bc:06:c3:82:37:8f:07:71:
                    7c:bb:1d:69:6c:fd:6b:c6:e6:c8:7a:c7:45:a9:c0:
                    cb:63:70:a4:e2:de:ee:30:9d:03:af:9a:d9:0a:a7:
                    4c:4e:d4:ca:1b:70:1c:e8:b5:9d:02:ff:41:0c:a7:
                    25:8f:2d:fd:9a:04:b8:3b:da:25:af:37:2b:06:72:
                    3c:2e:f6:61:31:ab:04:dd:d6:25:22:e3:3e:0d:1f:
                    96:d2:22:e4:30:ed:cc:5c:af:0a:e0:0c:a9:58:eb:
                    1a:15
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5B:A7:C1:23:3A:B4:18:5B:C3:77:01:A0:42:8D:AA:9A:B8:05:07:B4
            X509v3 Authority Key Identifier:
                keyid:B1:7B:44:90:4C:76:94:A5:40:8A:0D:29:72:C3:9F:F0:B1:B0:3E:A5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sXtEkEx2lKVAig0pcsOf8LGwPqU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/918245-7b50-4952-a3a7-a45916955e6f/1/sXtEkEx2lKVAig0pcsOf8LGwPqU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/918245-7b50-4952-a3a7-a45916955e6f/1/sXtEkEx2lKVAig0pcsOf8LGwPqU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3a:ef:b8:c0:ad:56:4b:fc:7b:be:8f:bd:aa:49:50:e1:59:18:
         c3:1e:0c:38:1d:c1:5d:0a:ff:44:47:72:11:3f:02:a3:30:68:
         a8:d8:f6:e2:d5:88:87:8d:b3:f5:dc:5a:e7:61:2c:88:09:34:
         a5:fa:30:e5:53:90:65:a4:11:2f:7b:e8:27:b5:09:06:db:59:
         36:8b:30:4d:a1:7c:56:cb:c6:88:94:1b:9d:58:8d:64:e3:79:
         e8:13:47:43:cb:ab:b1:4a:e9:38:35:76:db:19:51:f6:cf:59:
         28:c1:a1:91:38:44:94:54:ec:f2:8a:7c:59:77:d7:2b:45:19:
         2d:fb:75:df:76:ba:d1:16:2d:28:00:13:a4:72:41:91:8b:02:
         75:a1:70:d3:82:81:27:5a:7f:63:2a:1d:44:1e:98:a2:df:5d:
         83:0e:28:69:93:42:ab:e8:91:da:30:59:75:f9:24:07:76:a3:
         41:fd:b8:75:a9:21:fb:39:43:26:e7:9e:63:f6:dd:9a:69:2d:
         6e:4e:5a:ca:aa:30:49:98:12:27:da:95:b3:04:c6:23:02:67:
         79:38:72:11:06:fd:94:a2:3e:f9:eb:55:cf:46:97:02:7a:2f:
         6b:95:d0:f5:c1:7e:c1:e9:c4:b9:74:0f:ef:df:db:32:62:e6:
         76:5c:66:6d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdeONenfp6ucwzm5aWY9getMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxN2I0NDkwNGM3Njk0YTU0MDhhMGQyOTcyYzM5ZmYwYjFi
MDNlYTUwHhcNMjUwNjExMDkwMTEyWhcNMjUwNjEyMDkwMTEyWjAzMTEwLwYDVQQD
Eyg1YmE3YzEyMzNhYjQxODViYzM3NzAxYTA0MjhkYWE5YWI4MDUwN2I0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApLB/xbdAicd+s8I94FqyDwBVV+Ot
c/xbsEqZC8WFfNor8Y+j+vRwzTsiwRDRvbJGznhkdXU2jkNlSmNSJjNaOC9YJUkX
7H4zPnrXKLnUbqlNSrH4NfR3ng3T6LgOzhMrlCxaRhGy4Gy+UawEytxlQEjs3tyn
+vkK1oC37R+cdn+F4SXAGcKuFXBug59Ir/mmul4r+CxsVumGcqv5vAbDgjePB3F8
ux1pbP1rxubIesdFqcDLY3Ck4t7uMJ0Dr5rZCqdMTtTKG3Ac6LWdAv9BDKcljy39
mgS4O9olrzcrBnI8LvZhMasE3dYlIuM+DR+W0iLkMO3MXK8K4AypWOsaFQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFunwSM6tBhbw3cBoEKNqpq4BQe0MB8GA1UdIwQY
MBaAFLF7RJBMdpSlQIoNKXLDn/CxsD6lMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1h0RWtFeDJsS1ZBaWcwcGNzT2Y4TEd3UHFVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZC85MTgyNDUtN2I1MC00OTUyLWEzYTct
YTQ1OTE2OTU1ZTZmLzEvc1h0RWtFeDJsS1ZBaWcwcGNzT2Y4TEd3UHFVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZC85MTgyNDUtN2I1MC00OTUyLWEzYTctYTQ1OTE2OTU1ZTZm
LzEvc1h0RWtFeDJsS1ZBaWcwcGNzT2Y4TEd3UHFVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAOu+4wK1W
S/x7vo+9qklQ4VkYwx4MOB3BXQr/REdyET8CozBoqNj24tWIh42z9dxa52EsiAk0
pfow5VOQZaQRL3voJ7UJBttZNoswTaF8VsvGiJQbnViNZON56BNHQ8ursUrpODV2
2xlR9s9ZKMGhkThElFTs8op8WXfXK0UZLft133a60RYtKAATpHJBkYsCdaFw04KB
J1p/YyodRB6Yot9dgw4oaZNCq+iR2jBZdfkkB3ajQf24dakh+zlDJueeY/bdmmkt
bk5ayqowSZgSJ9qVswTGIwJneThyEQb9lKI++etVz0aXAnova5XQ9cF+wenEuXQP
79/bMmLmdlxmbQ==
-----END CERTIFICATE-----
Generated at Wed Jun 11 12:20:20 2025 by rpki-client