Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/89c3e4-b613-49ec-ae25-2e75228f9261/1/KwFArTlBTE6rAqxVQitEFj7TSw8.mft
File:                     KwFArTlBTE6rAqxVQitEFj7TSw8.mft (raw, json)
Hash identifier:          BP+iLr+qPrMBPGAHhZfD0PZvkae4Kzm4P7G0CRveDWY=
Subject key identifier:   58:E5:67:32:00:0B:EF:A1:C8:FC:8F:61:3C:B9:F3:C5:3B:9E:6F:B3
Authority key identifier: 2B:01:40:AD:39:41:4C:4E:AB:02:AC:55:42:2B:44:16:3E:D3:4B:0F
Certificate issuer:       /CN=2b0140ad39414c4eab02ac55422b44163ed34b0f
Certificate serial:       01975B6E4AACB81C301FD4B15268C485FC20
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/KwFArTlBTE6rAqxVQitEFj7TSw8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a3/89c3e4-b613-49ec-ae25-2e75228f9261/1/KwFArTlBTE6rAqxVQitEFj7TSw8.mft
Manifest number:          02DC
Signing time:             Tue 10 Jun 2025 20:00:44 +0000
Manifest this update:     Tue 10 Jun 2025 20:00:44 +0000
Manifest next update:     Wed 11 Jun 2025 20:00:44 +0000
Files and hashes:         1: KwFArTlBTE6rAqxVQitEFj7TSw8.crl (hash: Kg0Q9ovkwMRbzD0t8/dLap4HtvI06XTSSJ7bHteZ3NA=)
                          2: OsS2avf_SCsvTL1pRqTL_5n-su8.roa (hash: q2VY8Sbvggao2o4h3H+VtLne6bMzXujw9hwcUuBVuOM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a3/89c3e4-b613-49ec-ae25-2e75228f9261/1/KwFArTlBTE6rAqxVQitEFj7TSw8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a3/89c3e4-b613-49ec-ae25-2e75228f9261/1/KwFArTlBTE6rAqxVQitEFj7TSw8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/KwFArTlBTE6rAqxVQitEFj7TSw8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 11 Jun 2025 20:00:44 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:5b:6e:4a:ac:b8:1c:30:1f:d4:b1:52:68:c4:85:fc:20
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2b0140ad39414c4eab02ac55422b44163ed34b0f
        Validity
            Not Before: Jun 10 20:00:44 2025 GMT
            Not After : Jun 11 20:00:44 2025 GMT
        Subject: CN=58e56732000befa1c8fc8f613cb9f3c53b9e6fb3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:4a:35:5b:5e:df:eb:58:dd:88:f6:76:d1:d3:
                    19:d9:d7:79:97:dc:27:95:bb:9c:33:56:96:85:9a:
                    8d:69:bc:b2:53:a0:ef:2f:5a:12:67:c5:d2:19:6c:
                    94:0c:8c:6d:93:16:27:a2:8d:44:52:3e:b5:15:cc:
                    e5:74:52:ba:1b:e9:b3:6d:5a:75:85:85:43:eb:ab:
                    eb:4f:1d:6c:f9:00:d6:7e:a4:26:ee:7d:37:f1:64:
                    af:6a:5f:72:67:24:0e:37:e0:5e:ab:e1:8e:23:9b:
                    58:3c:e5:f6:bd:96:1e:c1:7b:1b:43:ff:5a:7c:e1:
                    e9:2e:87:fc:3a:29:62:2c:75:12:6b:41:9f:d7:f4:
                    b2:94:6b:37:41:85:d2:b5:0b:fc:2e:4e:f7:19:f5:
                    a5:dd:cf:05:39:37:fc:d3:62:18:f0:33:ee:c6:d6:
                    80:24:76:4c:14:10:9b:2c:f2:5b:65:4e:99:95:d1:
                    e2:97:00:a3:29:c9:62:ee:85:c9:92:39:be:26:3b:
                    88:6b:ed:38:b4:8f:d5:dc:42:03:57:0b:77:97:cf:
                    0b:d2:92:f2:4d:93:c4:c3:2e:5c:95:e2:62:64:1b:
                    e4:c1:29:65:29:3f:21:84:86:48:68:28:5a:4e:83:
                    a7:45:11:e6:80:c8:51:b0:61:38:76:e5:9c:ca:28:
                    49:49
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                58:E5:67:32:00:0B:EF:A1:C8:FC:8F:61:3C:B9:F3:C5:3B:9E:6F:B3
            X509v3 Authority Key Identifier:
                keyid:2B:01:40:AD:39:41:4C:4E:AB:02:AC:55:42:2B:44:16:3E:D3:4B:0F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KwFArTlBTE6rAqxVQitEFj7TSw8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/89c3e4-b613-49ec-ae25-2e75228f9261/1/KwFArTlBTE6rAqxVQitEFj7TSw8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/89c3e4-b613-49ec-ae25-2e75228f9261/1/KwFArTlBTE6rAqxVQitEFj7TSw8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4d:49:78:ec:2d:b3:66:14:a2:5a:da:b6:62:65:ba:c2:95:2a:
         3a:5c:c7:81:2f:4b:bd:a9:b5:67:22:14:7e:da:0e:cb:63:6d:
         b4:f9:4e:3c:3c:f5:c8:e0:5f:fa:3c:fe:82:32:09:36:75:f6:
         77:29:90:b0:c1:9f:33:72:23:26:d6:f5:4f:b8:01:f4:a5:f0:
         d5:1e:df:f4:d2:3a:de:11:37:1f:49:8c:5f:3e:25:77:12:c8:
         80:c9:06:b2:90:59:e1:2c:0e:b6:1b:f0:f4:c7:23:51:72:4f:
         0d:68:d9:67:bb:be:bb:71:b6:72:69:c5:2e:41:b5:0f:30:e9:
         7e:5a:61:ba:76:d4:78:0e:12:49:57:12:84:0c:44:41:84:32:
         84:86:72:14:cd:3e:12:21:e9:19:10:b0:3b:08:6b:5f:d2:a7:
         d4:e5:14:73:c7:c5:92:6d:e5:da:e5:9e:87:54:9d:85:48:d0:
         ad:8d:6d:19:45:af:84:2c:5f:5d:94:a2:61:8d:3c:42:3f:1d:
         09:ef:c3:db:0d:b2:38:39:a7:54:2e:52:b2:dd:70:8c:c4:e8:
         dd:ed:2a:f4:5f:56:4e:78:3f:d9:de:5f:d5:3d:0b:8b:64:ff:
         1c:41:df:ed:25:75:10:87:99:d4:dc:c3:fc:26:fc:a9:97:1e:
         6d:a8:0f:31
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdbbkqsuBwwH9SxUmjEhfwgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJiMDE0MGFkMzk0MTRjNGVhYjAyYWM1NTQyMmI0NDE2M2Vk
MzRiMGYwHhcNMjUwNjEwMjAwMDQ0WhcNMjUwNjExMjAwMDQ0WjAzMTEwLwYDVQQD
Eyg1OGU1NjczMjAwMGJlZmExYzhmYzhmNjEzY2I5ZjNjNTNiOWU2ZmIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr0o1W17f61jdiPZ20dMZ2dd5l9wn
lbucM1aWhZqNabyyU6DvL1oSZ8XSGWyUDIxtkxYnoo1EUj61FczldFK6G+mzbVp1
hYVD66vrTx1s+QDWfqQm7n038WSval9yZyQON+Beq+GOI5tYPOX2vZYewXsbQ/9a
fOHpLof8OiliLHUSa0Gf1/SylGs3QYXStQv8Lk73GfWl3c8FOTf802IY8DPuxtaA
JHZMFBCbLPJbZU6ZldHilwCjKcli7oXJkjm+JjuIa+04tI/V3EIDVwt3l88L0pLy
TZPEwy5cleJiZBvkwSllKT8hhIZIaChaToOnRRHmgMhRsGE4duWcyihJSQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFjlZzIAC++hyPyPYTy588U7nm+zMB8GA1UdIwQY
MBaAFCsBQK05QUxOqwKsVUIrRBY+00sPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3dGQXJUbEJURTZyQXF4VlFpdEVGajdUU3c4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy84OWMzZTQtYjYxMy00OWVjLWFlMjUt
MmU3NTIyOGY5MjYxLzEvS3dGQXJUbEJURTZyQXF4VlFpdEVGajdUU3c4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMy84OWMzZTQtYjYxMy00OWVjLWFlMjUtMmU3NTIyOGY5MjYx
LzEvS3dGQXJUbEJURTZyQXF4VlFpdEVGajdUU3c4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATUl47C2z
ZhSiWtq2YmW6wpUqOlzHgS9Lvam1ZyIUftoOy2NttPlOPDz1yOBf+jz+gjIJNnX2
dymQsMGfM3IjJtb1T7gB9KXw1R7f9NI63hE3H0mMXz4ldxLIgMkGspBZ4SwOthvw
9McjUXJPDWjZZ7u+u3G2cmnFLkG1DzDpflphunbUeA4SSVcShAxEQYQyhIZyFM0+
EiHpGRCwOwhrX9Kn1OUUc8fFkm3l2uWeh1SdhUjQrY1tGUWvhCxfXZSiYY08Qj8d
Ce/D2w2yODmnVC5Sst1wjMTo3e0q9F9WTng/2d5f1T0Li2T/HEHf7SV1EIeZ1NzD
/Cb8qZcebagPMQ==
-----END CERTIFICATE-----
Generated at Wed Jun 11 07:28:22 2025 by rpki-client