Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a6/e41c34-0252-4718-9f3d-fdf0118cc016/1/_XjxP_qS8HTr5VfSotKa0Noz5dg.mft
File:                     _XjxP_qS8HTr5VfSotKa0Noz5dg.mft (raw, json)
Hash identifier:          owTxll92J6AW6TuOpIctCUKCU89VuIr2+Du2Bu7cxiE=
Subject key identifier:   BF:CA:4B:66:54:E5:8D:2D:67:F6:07:A1:40:B6:17:01:4F:CD:D6:D0
Authority key identifier: FD:78:F1:3F:FA:92:F0:74:EB:E5:57:D2:A2:D2:9A:D0:DA:33:E5:D8
Certificate issuer:       /CN=fd78f13ffa92f074ebe557d2a2d29ad0da33e5d8
Certificate serial:       019757C84957055B8B7BDFE5319746855EA4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/_XjxP_qS8HTr5VfSotKa0Noz5dg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a6/e41c34-0252-4718-9f3d-fdf0118cc016/1/_XjxP_qS8HTr5VfSotKa0Noz5dg.mft
Manifest number:          0ADC
Signing time:             Tue 10 Jun 2025 03:00:32 +0000
Manifest this update:     Tue 10 Jun 2025 03:00:32 +0000
Manifest next update:     Wed 11 Jun 2025 03:00:32 +0000
Files and hashes:         1: IPVqTow4BPog0VgWrmL6j3UlRyc.roa (hash: yHocQSt6Dh1L30jflXp+Oc+mQ08tmbAfLa5FFYWt/64=)
                          2: _XjxP_qS8HTr5VfSotKa0Noz5dg.crl (hash: FiBSpFyOzGliS9QH1vtIjBQuSyPT92G63LxM7MHDRsk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a6/e41c34-0252-4718-9f3d-fdf0118cc016/1/_XjxP_qS8HTr5VfSotKa0Noz5dg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a6/e41c34-0252-4718-9f3d-fdf0118cc016/1/_XjxP_qS8HTr5VfSotKa0Noz5dg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/_XjxP_qS8HTr5VfSotKa0Noz5dg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 10 Jun 2025 19:25:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:57:c8:49:57:05:5b:8b:7b:df:e5:31:97:46:85:5e:a4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=fd78f13ffa92f074ebe557d2a2d29ad0da33e5d8
        Validity
            Not Before: Jun 10 03:00:32 2025 GMT
            Not After : Jun 11 03:00:32 2025 GMT
        Subject: CN=bfca4b6654e58d2d67f607a140b617014fcdd6d0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:d0:ec:22:0a:af:dd:9e:1f:7e:60:9e:b3:52:
                    1a:ad:bd:7d:f4:b5:be:53:28:9f:b3:64:f2:55:88:
                    f0:6a:65:b5:ff:0c:09:09:f7:21:82:c3:99:ad:80:
                    ca:22:ce:90:5d:15:7f:54:77:4c:5e:68:20:e5:33:
                    55:69:c6:e5:d3:3c:60:1c:87:50:d3:97:05:8a:5f:
                    e2:e3:90:df:93:f1:35:02:7e:13:68:71:95:b4:6f:
                    85:b5:c0:21:c6:da:d3:6f:85:88:5f:67:e8:5f:ae:
                    85:d6:82:d5:3c:49:44:b8:0b:dc:8f:a4:7b:39:4d:
                    27:66:96:bc:44:dc:77:a1:19:3c:e9:c2:fd:e1:15:
                    f8:8a:d4:a2:39:04:40:9a:b9:49:5a:2b:b8:90:46:
                    fa:70:64:0f:fd:5d:5c:81:e7:75:40:23:9d:af:d6:
                    1d:c7:b8:54:c8:2d:4d:fd:0d:e9:da:8e:01:20:2e:
                    a1:0a:99:07:6b:7c:58:77:09:de:28:39:b4:80:10:
                    1f:b5:04:0f:d2:12:7f:06:0d:4a:20:97:d3:a5:ed:
                    89:db:30:f5:94:5b:4f:43:79:2c:be:67:7c:c1:90:
                    8c:f2:81:8b:d7:0a:45:48:78:17:37:90:c9:d6:1a:
                    42:c3:35:be:b7:ee:9d:d5:98:3a:57:8c:e0:42:b7:
                    7f:45
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BF:CA:4B:66:54:E5:8D:2D:67:F6:07:A1:40:B6:17:01:4F:CD:D6:D0
            X509v3 Authority Key Identifier:
                keyid:FD:78:F1:3F:FA:92:F0:74:EB:E5:57:D2:A2:D2:9A:D0:DA:33:E5:D8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_XjxP_qS8HTr5VfSotKa0Noz5dg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/e41c34-0252-4718-9f3d-fdf0118cc016/1/_XjxP_qS8HTr5VfSotKa0Noz5dg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/e41c34-0252-4718-9f3d-fdf0118cc016/1/_XjxP_qS8HTr5VfSotKa0Noz5dg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a1:c9:41:49:a4:e0:52:61:88:ed:da:ff:18:d3:ba:d2:8a:9e:
         b4:21:72:3c:fd:56:96:0a:8d:2e:70:3d:3f:4d:d0:7f:08:b4:
         6a:35:fb:92:b9:d6:72:18:4c:8f:1a:bc:fd:60:0d:6f:fd:23:
         ea:47:5e:15:a9:02:0a:d4:13:75:8c:1c:6f:a9:9d:e3:e3:3b:
         f7:dc:73:f9:a2:1d:2c:01:85:c9:65:f4:a5:ba:c0:d8:2b:32:
         5e:92:8d:d2:0e:f1:b4:e4:f2:dd:43:e0:79:e3:6f:f9:ed:f0:
         11:c4:eb:2a:ce:c1:a1:c5:86:e0:e1:03:13:00:fa:d8:6a:a1:
         d0:00:64:3e:d9:2c:71:6b:fe:13:80:20:37:0b:d0:13:db:3c:
         07:12:0e:32:1b:b0:93:10:1b:71:5c:0e:22:2e:5b:be:3e:91:
         42:9e:d8:54:93:ff:e0:a0:b7:0d:d4:c3:03:04:ac:23:fc:a8:
         37:c3:67:44:bb:0b:84:d3:91:42:57:7d:4f:69:c3:7b:c7:21:
         6d:d3:3b:09:34:bb:3a:9a:66:6b:fe:bf:74:f4:88:f1:88:7e:
         f3:0d:44:0f:d8:9d:de:50:a7:49:ca:04:4a:c5:cf:13:16:92:
         4f:eb:28:21:31:16:a8:5a:ce:bf:28:12:23:20:85:7a:fa:2e:
         3b:5b:77:dd
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdXyElXBVuLe9/lMZdGhV6kMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZkNzhmMTNmZmE5MmYwNzRlYmU1NTdkMmEyZDI5YWQwZGEz
M2U1ZDgwHhcNMjUwNjEwMDMwMDMyWhcNMjUwNjExMDMwMDMyWjAzMTEwLwYDVQQD
EyhiZmNhNGI2NjU0ZTU4ZDJkNjdmNjA3YTE0MGI2MTcwMTRmY2RkNmQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyNDsIgqv3Z4ffmCes1Iarb199LW+
Uyifs2TyVYjwamW1/wwJCfchgsOZrYDKIs6QXRV/VHdMXmgg5TNVacbl0zxgHIdQ
05cFil/i45Dfk/E1An4TaHGVtG+FtcAhxtrTb4WIX2foX66F1oLVPElEuAvcj6R7
OU0nZpa8RNx3oRk86cL94RX4itSiOQRAmrlJWiu4kEb6cGQP/V1cged1QCOdr9Yd
x7hUyC1N/Q3p2o4BIC6hCpkHa3xYdwneKDm0gBAftQQP0hJ/Bg1KIJfTpe2J2zD1
lFtPQ3ksvmd8wZCM8oGL1wpFSHgXN5DJ1hpCwzW+t+6d1Zg6V4zgQrd/RQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFL/KS2ZU5Y0tZ/YHoUC2FwFPzdbQMB8GA1UdIwQY
MBaAFP148T/6kvB06+VX0qLSmtDaM+XYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX1hqeFBfcVM4SFRyNVZmU290S2EwTm96NWRnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNi9lNDFjMzQtMDI1Mi00NzE4LTlmM2Qt
ZmRmMDExOGNjMDE2LzEvX1hqeFBfcVM4SFRyNVZmU290S2EwTm96NWRnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNi9lNDFjMzQtMDI1Mi00NzE4LTlmM2QtZmRmMDExOGNjMDE2
LzEvX1hqeFBfcVM4SFRyNVZmU290S2EwTm96NWRnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAoclBSaTg
UmGI7dr/GNO60oqetCFyPP1WlgqNLnA9P03Qfwi0ajX7krnWchhMjxq8/WANb/0j
6kdeFakCCtQTdYwcb6md4+M799xz+aIdLAGFyWX0pbrA2CsyXpKN0g7xtOTy3UPg
eeNv+e3wEcTrKs7BocWG4OEDEwD62Gqh0ABkPtkscWv+E4AgNwvQE9s8BxIOMhuw
kxAbcVwOIi5bvj6RQp7YVJP/4KC3DdTDAwSsI/yoN8NnRLsLhNORQld9T2nDe8ch
bdM7CTS7Oppma/6/dPSI8Yh+8w1ED9id3lCnScoESsXPExaST+soITEWqFrOvygS
IyCFevouO1t33Q==
-----END CERTIFICATE-----
Generated at Tue Jun 10 05:10:30 2025 by rpki-client