Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/896ab3-c479-470a-8bb9-24222d87f88d/1/vjcHM7jbYU2qdgoALCQEgCgwDi0.mft
File:                     vjcHM7jbYU2qdgoALCQEgCgwDi0.mft (raw, json)
Hash identifier:          Ud3NXNL8M7H4bhwHxqEqCXq9f2mMKQStGPwOOpYXfCA=
Subject key identifier:   63:D3:26:D3:F8:51:ED:01:13:3E:2E:51:0E:65:C2:11:2F:BE:41:71
Authority key identifier: BE:37:07:33:B8:DB:61:4D:AA:76:0A:00:2C:24:04:80:28:30:0E:2D
Certificate issuer:       /CN=be370733b8db614daa760a002c24048028300e2d
Certificate serial:       01976884FB7B281BB8B791EB683D26C1FDBA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/vjcHM7jbYU2qdgoALCQEgCgwDi0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a7/896ab3-c479-470a-8bb9-24222d87f88d/1/vjcHM7jbYU2qdgoALCQEgCgwDi0.mft
Manifest number:          158C
Signing time:             Fri 13 Jun 2025 09:00:34 +0000
Manifest this update:     Fri 13 Jun 2025 09:00:34 +0000
Manifest next update:     Sat 14 Jun 2025 09:00:34 +0000
Files and hashes:         1: paMGJN73rjp1fa_w9RA1xrwwx18.roa (hash: Z6fxiaAqnra9zk/dGdgt7claLY2U/7DrFceSHabOI5E=)
                          2: vjcHM7jbYU2qdgoALCQEgCgwDi0.crl (hash: NccZXg9hxQXk7QWVKlu8iw2/IO5/JPrG+UnCYh0za6M=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a7/896ab3-c479-470a-8bb9-24222d87f88d/1/vjcHM7jbYU2qdgoALCQEgCgwDi0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a7/896ab3-c479-470a-8bb9-24222d87f88d/1/vjcHM7jbYU2qdgoALCQEgCgwDi0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/vjcHM7jbYU2qdgoALCQEgCgwDi0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 14 Jun 2025 07:00:18 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:68:84:fb:7b:28:1b:b8:b7:91:eb:68:3d:26:c1:fd:ba
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=be370733b8db614daa760a002c24048028300e2d
        Validity
            Not Before: Jun 13 09:00:34 2025 GMT
            Not After : Jun 14 09:00:34 2025 GMT
        Subject: CN=63d326d3f851ed01133e2e510e65c2112fbe4171
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:ea:d2:c4:ee:b5:63:39:f2:c6:19:bb:b4:20:
                    77:82:f6:2a:1d:19:91:2c:67:83:9f:c5:92:33:19:
                    0e:c1:b0:29:e7:1b:be:b0:72:62:50:d5:21:5e:48:
                    c0:3a:61:f5:bf:7d:5c:e6:42:96:45:b0:37:c5:32:
                    4c:52:65:f1:90:ee:2f:4d:8d:af:9e:71:50:29:79:
                    fa:54:d9:04:1e:00:a3:95:c8:47:f5:93:c5:e0:ec:
                    97:0e:13:a0:40:3f:43:61:dd:4e:7d:51:21:78:61:
                    36:4f:89:80:d9:07:9a:88:f5:84:47:69:ec:22:a0:
                    74:4b:37:fb:24:a3:ef:6b:81:fa:fd:b5:94:9b:02:
                    e9:76:04:7e:e5:ed:bf:6e:a2:61:25:af:f4:f2:fd:
                    91:c1:f5:1d:3b:df:f7:be:40:b0:58:a8:0f:86:23:
                    54:46:ea:8f:10:f5:9e:77:91:80:9f:bb:51:ac:5a:
                    e6:65:53:e6:d6:4f:f2:fb:32:7d:d0:5a:2a:48:3e:
                    ad:4b:8b:fc:00:2f:92:d8:d9:3e:b4:2a:cb:ab:22:
                    e7:b0:70:de:02:b0:0c:9d:71:fd:6c:79:d6:04:52:
                    01:b8:70:83:ac:a2:57:ea:72:5c:ef:a8:25:18:d2:
                    ef:96:19:fc:ad:97:59:3e:cb:df:1f:b7:ae:b9:83:
                    42:2d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                63:D3:26:D3:F8:51:ED:01:13:3E:2E:51:0E:65:C2:11:2F:BE:41:71
            X509v3 Authority Key Identifier:
                keyid:BE:37:07:33:B8:DB:61:4D:AA:76:0A:00:2C:24:04:80:28:30:0E:2D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vjcHM7jbYU2qdgoALCQEgCgwDi0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/896ab3-c479-470a-8bb9-24222d87f88d/1/vjcHM7jbYU2qdgoALCQEgCgwDi0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/896ab3-c479-470a-8bb9-24222d87f88d/1/vjcHM7jbYU2qdgoALCQEgCgwDi0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3b:82:1e:12:95:7b:e4:dd:dc:71:2e:17:d2:08:c4:cd:28:c6:
         d8:88:b7:70:40:fa:b9:88:f8:65:c4:00:c1:8c:e6:8e:7b:24:
         e6:f4:ec:67:b1:a1:d4:a6:38:0b:a1:36:41:90:8d:9b:4e:54:
         c8:89:e1:25:a9:a6:77:5e:65:6b:59:e7:6d:2c:ac:e2:e3:82:
         e7:7a:e5:be:3a:20:87:05:e1:3c:fc:86:5d:36:33:c6:de:20:
         16:99:70:d5:f2:5b:3b:28:13:67:60:35:64:1a:2a:7c:22:4a:
         a0:ef:e4:b2:6d:94:86:ba:29:81:e8:0f:a5:b3:c2:f4:50:0e:
         fb:0d:1b:8b:48:53:08:de:cd:bf:ee:ef:1d:0a:24:28:fc:3b:
         bd:cc:92:10:8a:21:1a:34:8f:27:02:57:15:b2:d3:30:0e:60:
         71:bc:a5:bc:c9:68:ad:d6:83:20:55:a2:4b:dc:3e:40:08:f7:
         20:1b:02:a6:87:93:55:9b:13:fa:68:83:00:3c:31:36:1a:9e:
         9f:3b:9c:e0:71:fc:9c:fa:dc:7d:15:2c:e0:a4:7d:4f:c0:a9:
         61:60:43:69:52:53:a0:53:a0:28:8d:35:cd:02:90:0f:4b:ce:
         41:89:b7:43:85:6b:4f:cb:61:e2:b4:54:65:18:1c:e4:c6:1e:
         19:93:0a:38
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdohPt7KBu4t5HraD0mwf26MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJlMzcwNzMzYjhkYjYxNGRhYTc2MGEwMDJjMjQwNDgwMjgz
MDBlMmQwHhcNMjUwNjEzMDkwMDM0WhcNMjUwNjE0MDkwMDM0WjAzMTEwLwYDVQQD
Eyg2M2QzMjZkM2Y4NTFlZDAxMTMzZTJlNTEwZTY1YzIxMTJmYmU0MTcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuurSxO61Yznyxhm7tCB3gvYqHRmR
LGeDn8WSMxkOwbAp5xu+sHJiUNUhXkjAOmH1v31c5kKWRbA3xTJMUmXxkO4vTY2v
nnFQKXn6VNkEHgCjlchH9ZPF4OyXDhOgQD9DYd1OfVEheGE2T4mA2QeaiPWER2ns
IqB0Szf7JKPva4H6/bWUmwLpdgR+5e2/bqJhJa/08v2RwfUdO9/3vkCwWKgPhiNU
RuqPEPWed5GAn7tRrFrmZVPm1k/y+zJ90FoqSD6tS4v8AC+S2Nk+tCrLqyLnsHDe
ArAMnXH9bHnWBFIBuHCDrKJX6nJc76glGNLvlhn8rZdZPsvfH7euuYNCLQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGPTJtP4Ue0BEz4uUQ5lwhEvvkFxMB8GA1UdIwQY
MBaAFL43BzO422FNqnYKACwkBIAoMA4tMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdmpjSE03amJZVTJxZGdvQUxDUUVnQ2d3RGkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy84OTZhYjMtYzQ3OS00NzBhLThiYjkt
MjQyMjJkODdmODhkLzEvdmpjSE03amJZVTJxZGdvQUxDUUVnQ2d3RGkwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy84OTZhYjMtYzQ3OS00NzBhLThiYjktMjQyMjJkODdmODhk
LzEvdmpjSE03amJZVTJxZGdvQUxDUUVnQ2d3RGkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAO4IeEpV7
5N3ccS4X0gjEzSjG2Ii3cED6uYj4ZcQAwYzmjnsk5vTsZ7Gh1KY4C6E2QZCNm05U
yInhJammd15la1nnbSys4uOC53rlvjoghwXhPPyGXTYzxt4gFplw1fJbOygTZ2A1
ZBoqfCJKoO/ksm2UhropgegPpbPC9FAO+w0bi0hTCN7Nv+7vHQokKPw7vcySEIoh
GjSPJwJXFbLTMA5gcbylvMlordaDIFWiS9w+QAj3IBsCpoeTVZsT+miDADwxNhqe
nzuc4HH8nPrcfRUs4KR9T8CpYWBDaVJToFOgKI01zQKQD0vOQYm3Q4VrT8th4rRU
ZRgc5MYeGZMKOA==
-----END CERTIFICATE-----
Generated at Fri Jun 13 10:47:51 2025 by rpki-client