Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a6/e41c34-0252-4718-9f3d-fdf0118cc016/1/_XjxP_qS8HTr5VfSotKa0Noz5dg.mft
File:                     _XjxP_qS8HTr5VfSotKa0Noz5dg.mft (raw, json)
Hash identifier:          Jkvo+pLioEXGxm/Sg3reBOF0U5RMXMoPyFDKuj0c5Fs=
Subject key identifier:   06:02:C9:40:AF:85:3E:29:6A:86:5A:4D:74:DF:29:F5:10:54:D4:D2
Authority key identifier: FD:78:F1:3F:FA:92:F0:74:EB:E5:57:D2:A2:D2:9A:D0:DA:33:E5:D8
Certificate issuer:       /CN=fd78f13ffa92f074ebe557d2a2d29ad0da33e5d8
Certificate serial:       0197654CE976745E61CD3F75734529114C77
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/_XjxP_qS8HTr5VfSotKa0Noz5dg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a6/e41c34-0252-4718-9f3d-fdf0118cc016/1/_XjxP_qS8HTr5VfSotKa0Noz5dg.mft
Manifest number:          0AE3
Signing time:             Thu 12 Jun 2025 18:00:28 +0000
Manifest this update:     Thu 12 Jun 2025 18:00:28 +0000
Manifest next update:     Fri 13 Jun 2025 18:00:28 +0000
Files and hashes:         1: IPVqTow4BPog0VgWrmL6j3UlRyc.roa (hash: yHocQSt6Dh1L30jflXp+Oc+mQ08tmbAfLa5FFYWt/64=)
                          2: _XjxP_qS8HTr5VfSotKa0Noz5dg.crl (hash: Noccvuq1wwZRs8k8ocacaMu1llato1oOgwNB934Nvj8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a6/e41c34-0252-4718-9f3d-fdf0118cc016/1/_XjxP_qS8HTr5VfSotKa0Noz5dg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a6/e41c34-0252-4718-9f3d-fdf0118cc016/1/_XjxP_qS8HTr5VfSotKa0Noz5dg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/_XjxP_qS8HTr5VfSotKa0Noz5dg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 13 Jun 2025 18:00:28 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:65:4c:e9:76:74:5e:61:cd:3f:75:73:45:29:11:4c:77
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=fd78f13ffa92f074ebe557d2a2d29ad0da33e5d8
        Validity
            Not Before: Jun 12 18:00:28 2025 GMT
            Not After : Jun 13 18:00:28 2025 GMT
        Subject: CN=0602c940af853e296a865a4d74df29f51054d4d2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e6:d4:94:21:0c:38:91:27:c1:da:81:73:d0:74:
                    e6:ba:31:f3:1b:4a:c7:22:d6:e5:ac:49:74:07:21:
                    82:4c:ba:e2:93:3b:c0:70:5d:32:99:b9:72:c7:f4:
                    0f:fb:be:7f:87:ff:46:cb:41:4c:21:b2:26:a5:9b:
                    fb:bb:84:fd:71:f2:d2:b9:c9:4a:72:5c:5c:35:05:
                    b1:dc:25:7d:a0:92:61:e9:ac:71:d0:2d:c6:64:fb:
                    34:44:e9:5e:ce:e8:ef:d8:bf:cc:83:ba:ba:1c:87:
                    f4:9d:2d:82:eb:46:cb:d1:69:77:33:01:14:e6:ea:
                    48:3b:53:e3:1d:30:a8:e1:17:52:11:3a:f0:85:43:
                    61:b9:99:cf:9d:aa:8f:10:a5:08:64:64:71:1c:f4:
                    09:d8:89:18:c5:dd:1b:f9:bc:da:b0:71:cb:65:a4:
                    37:3a:10:15:5d:c0:6a:fb:aa:d0:83:0b:66:2c:7e:
                    7e:ee:be:61:82:5a:ad:ac:ad:b1:2b:81:a5:6e:92:
                    71:9e:6b:ef:a4:98:ab:08:7b:65:f6:0d:93:85:49:
                    1b:16:04:65:d8:85:2e:f9:34:cd:71:4b:e0:ea:f2:
                    c2:d5:88:9a:3b:8f:bd:82:fd:ee:b9:96:6b:14:df:
                    31:cb:cc:88:3b:c3:fd:57:9e:3f:42:04:bf:5b:ba:
                    71:ad
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                06:02:C9:40:AF:85:3E:29:6A:86:5A:4D:74:DF:29:F5:10:54:D4:D2
            X509v3 Authority Key Identifier:
                keyid:FD:78:F1:3F:FA:92:F0:74:EB:E5:57:D2:A2:D2:9A:D0:DA:33:E5:D8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_XjxP_qS8HTr5VfSotKa0Noz5dg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/e41c34-0252-4718-9f3d-fdf0118cc016/1/_XjxP_qS8HTr5VfSotKa0Noz5dg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/e41c34-0252-4718-9f3d-fdf0118cc016/1/_XjxP_qS8HTr5VfSotKa0Noz5dg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         33:58:fa:17:60:39:96:51:02:23:fc:00:28:e3:ae:93:11:87:
         2a:dc:ed:ad:05:66:95:22:84:c4:99:4e:c1:5f:d8:61:e0:1b:
         54:4b:e0:1d:52:b8:b9:98:05:73:67:e9:a3:39:15:c7:ac:dd:
         35:0b:cd:7e:ef:bd:93:3b:4e:92:07:a4:47:af:1e:39:81:88:
         ae:ce:6d:79:59:7f:76:ed:f5:d6:68:ae:44:3b:05:48:f6:ac:
         dc:18:71:78:13:4e:1c:f6:95:67:2e:36:09:ca:40:79:39:65:
         81:70:28:8b:9c:ec:aa:64:c9:53:a5:ec:76:31:eb:92:e3:fd:
         cf:dc:6d:de:a5:10:73:24:cb:61:d3:26:6e:41:95:02:98:68:
         96:b9:62:9b:de:dc:9e:c8:7a:8e:7d:3e:96:ab:e1:17:5f:de:
         94:5c:57:57:90:1c:0e:a1:8e:62:fc:0a:16:b9:0e:27:ed:bc:
         0c:28:ea:d3:9b:2a:65:f9:a7:1c:c6:1a:f4:28:ec:a0:e4:74:
         63:c8:34:d1:7b:71:b5:d7:aa:27:71:f0:ff:fb:82:4f:71:d6:
         45:1f:6e:8e:1a:77:f5:7b:fd:89:82:c6:ab:33:9e:02:a7:50:
         fa:90:5c:5a:74:bd:6b:23:91:1a:63:06:4d:fe:a4:e2:3a:7f:
         1f:48:10:c5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdlTOl2dF5hzT91c0UpEUx3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZkNzhmMTNmZmE5MmYwNzRlYmU1NTdkMmEyZDI5YWQwZGEz
M2U1ZDgwHhcNMjUwNjEyMTgwMDI4WhcNMjUwNjEzMTgwMDI4WjAzMTEwLwYDVQQD
EygwNjAyYzk0MGFmODUzZTI5NmE4NjVhNGQ3NGRmMjlmNTEwNTRkNGQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5tSUIQw4kSfB2oFz0HTmujHzG0rH
ItblrEl0ByGCTLrikzvAcF0ymblyx/QP+75/h/9Gy0FMIbImpZv7u4T9cfLSuclK
clxcNQWx3CV9oJJh6axx0C3GZPs0ROlezujv2L/Mg7q6HIf0nS2C60bL0Wl3MwEU
5upIO1PjHTCo4RdSETrwhUNhuZnPnaqPEKUIZGRxHPQJ2IkYxd0b+bzasHHLZaQ3
OhAVXcBq+6rQgwtmLH5+7r5hglqtrK2xK4GlbpJxnmvvpJirCHtl9g2ThUkbFgRl
2IUu+TTNcUvg6vLC1YiaO4+9gv3uuZZrFN8xy8yIO8P9V54/QgS/W7pxrQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAYCyUCvhT4paoZaTXTfKfUQVNTSMB8GA1UdIwQY
MBaAFP148T/6kvB06+VX0qLSmtDaM+XYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX1hqeFBfcVM4SFRyNVZmU290S2EwTm96NWRnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNi9lNDFjMzQtMDI1Mi00NzE4LTlmM2Qt
ZmRmMDExOGNjMDE2LzEvX1hqeFBfcVM4SFRyNVZmU290S2EwTm96NWRnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNi9lNDFjMzQtMDI1Mi00NzE4LTlmM2QtZmRmMDExOGNjMDE2
LzEvX1hqeFBfcVM4SFRyNVZmU290S2EwTm96NWRnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAM1j6F2A5
llECI/wAKOOukxGHKtztrQVmlSKExJlOwV/YYeAbVEvgHVK4uZgFc2fpozkVx6zd
NQvNfu+9kztOkgekR68eOYGIrs5teVl/du311miuRDsFSPas3BhxeBNOHPaVZy42
CcpAeTllgXAoi5zsqmTJU6XsdjHrkuP9z9xt3qUQcyTLYdMmbkGVApholrlim97c
nsh6jn0+lqvhF1/elFxXV5AcDqGOYvwKFrkOJ+28DCjq05sqZfmnHMYa9CjsoOR0
Y8g00XtxtdeqJ3Hw//uCT3HWRR9ujhp39Xv9iYLGqzOeAqdQ+pBcWnS9ayORGmMG
Tf6k4jp/H0gQxQ==
-----END CERTIFICATE-----
Generated at Fri Jun 13 01:39:06 2025 by rpki-client