Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/923448-3027-4941-98a4-ba7b1f3769e3/1/bd1AUuD8dlNjYcu9x3UId93zYK0.mft
File:                     bd1AUuD8dlNjYcu9x3UId93zYK0.mft (raw, json)
Hash identifier:          f0WbQN/V7xfOkBcBCd0s+799+PoJUouw5PARxTSt8JA=
Subject key identifier:   49:7E:57:82:A2:ED:7E:A1:95:CC:77:62:10:57:FF:4C:4F:CA:6C:B7
Authority key identifier: 6D:DD:40:52:E0:FC:76:53:63:61:CB:BD:C7:75:08:77:DD:F3:60:AD
Certificate issuer:       /CN=6ddd4052e0fc76536361cbbdc7750877ddf360ad
Certificate serial:       019770AC4AF70FA6589AF3B7E667F7F6CB40
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/bd1AUuD8dlNjYcu9x3UId93zYK0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/af/923448-3027-4941-98a4-ba7b1f3769e3/1/bd1AUuD8dlNjYcu9x3UId93zYK0.mft
Manifest number:          0EA0
Signing time:             Sat 14 Jun 2025 23:00:28 +0000
Manifest this update:     Sat 14 Jun 2025 23:00:28 +0000
Manifest next update:     Sun 15 Jun 2025 23:00:28 +0000
Files and hashes:         1: PBeiTxVVl13KulRPara1RXYVicA.roa (hash: RXsTBTBPcZfgBdF/8hAfnipircCVtF7KKV+ZAN7eFr0=)
                          2: bd1AUuD8dlNjYcu9x3UId93zYK0.crl (hash: hOlMl4aAAVzkmVfhwytbnqqFjmJCdtF8zWeU17xiuxw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/af/923448-3027-4941-98a4-ba7b1f3769e3/1/bd1AUuD8dlNjYcu9x3UId93zYK0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/af/923448-3027-4941-98a4-ba7b1f3769e3/1/bd1AUuD8dlNjYcu9x3UId93zYK0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/bd1AUuD8dlNjYcu9x3UId93zYK0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 15 Jun 2025 19:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:70:ac:4a:f7:0f:a6:58:9a:f3:b7:e6:67:f7:f6:cb:40
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ddd4052e0fc76536361cbbdc7750877ddf360ad
        Validity
            Not Before: Jun 14 23:00:28 2025 GMT
            Not After : Jun 15 23:00:28 2025 GMT
        Subject: CN=497e5782a2ed7ea195cc77621057ff4c4fca6cb7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ed:a2:d1:13:34:17:e1:e4:71:e8:ed:8a:40:c0:
                    95:94:6f:96:63:5a:73:7a:bc:90:32:6e:87:74:7e:
                    44:59:26:6c:4a:8f:87:42:63:ea:6b:b9:fe:de:89:
                    4c:15:71:3a:c6:69:45:70:fe:ba:2f:da:e9:77:74:
                    5a:ff:50:b5:ce:d8:51:1b:ee:95:02:b8:40:97:59:
                    ca:86:46:b6:f5:57:31:ff:93:61:c5:6e:d4:93:d3:
                    f3:56:3c:b4:57:fc:a4:f9:11:d9:07:fd:d6:c5:5a:
                    e3:5b:75:97:98:99:69:de:50:78:fc:08:a5:a7:f8:
                    77:0d:3f:5c:62:f1:ce:98:70:97:3b:7e:05:51:a3:
                    bb:9e:35:28:c1:41:c9:38:c8:2f:ec:f1:1c:3f:ce:
                    a6:f6:4e:e6:e5:56:ca:b3:e0:0e:ee:07:9b:a2:dd:
                    b2:9b:30:3c:df:36:70:d7:20:c7:ea:73:7b:a9:00:
                    07:0a:5b:fe:5c:f6:f8:cd:7d:f5:be:fe:68:63:ca:
                    3e:c9:7e:c7:ba:dd:5a:0d:52:ef:bb:6a:48:0c:4a:
                    dc:3a:9f:10:3f:d0:41:e5:98:8b:48:27:4b:38:fa:
                    f4:d9:7b:b7:2a:45:83:05:3f:b8:17:ee:dd:c5:b0:
                    2b:5c:35:e9:5a:c6:b4:41:f0:3d:e3:1e:3e:e8:e3:
                    28:49
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                49:7E:57:82:A2:ED:7E:A1:95:CC:77:62:10:57:FF:4C:4F:CA:6C:B7
            X509v3 Authority Key Identifier:
                keyid:6D:DD:40:52:E0:FC:76:53:63:61:CB:BD:C7:75:08:77:DD:F3:60:AD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd1AUuD8dlNjYcu9x3UId93zYK0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/923448-3027-4941-98a4-ba7b1f3769e3/1/bd1AUuD8dlNjYcu9x3UId93zYK0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/af/923448-3027-4941-98a4-ba7b1f3769e3/1/bd1AUuD8dlNjYcu9x3UId93zYK0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         b5:63:15:b0:28:f5:55:1d:c9:ea:08:f4:25:8d:ab:56:cd:e1:
         37:33:cb:88:51:a3:fd:a6:fa:a6:e3:7b:0d:fc:4d:61:82:dc:
         ff:0b:2c:a0:ae:62:d6:63:ef:a9:bb:d4:50:bf:34:7a:7b:1a:
         a7:6d:d4:09:83:77:3f:da:35:b5:5f:1a:18:e8:e1:2c:fc:a1:
         55:6b:52:85:58:a0:f5:de:6c:90:ab:41:05:ed:93:d9:a3:c5:
         9d:20:50:da:c3:52:fa:81:12:b2:9c:22:a6:8a:46:3b:eb:fa:
         ea:d0:8c:17:20:a2:76:9c:5f:63:fa:b7:bc:ec:bd:94:78:1b:
         82:60:95:c0:15:4f:da:76:85:53:69:57:d1:a7:be:9d:46:ce:
         99:aa:4e:fe:df:8c:5f:79:56:b3:b7:ad:41:7c:6a:f0:dc:de:
         07:1d:0f:58:25:df:29:3c:a9:f7:8a:97:f6:a2:e0:ec:09:e3:
         9c:6d:f3:8b:ea:2e:23:45:bc:87:0a:69:42:28:46:12:ab:be:
         1a:38:51:e5:30:03:44:75:27:cd:db:4b:1b:b3:6d:92:eb:3c:
         b1:9f:a9:5a:c8:b1:39:4d:12:38:68:b9:d6:01:f0:6b:00:fa:
         9f:96:ce:af:53:1d:0b:2a:1a:35:39:ca:c3:45:cd:76:08:e8:
         ad:a9:c8:06
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdwrEr3D6ZYmvO35mf39stAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkZGQ0MDUyZTBmYzc2NTM2MzYxY2JiZGM3NzUwODc3ZGRm
MzYwYWQwHhcNMjUwNjE0MjMwMDI4WhcNMjUwNjE1MjMwMDI4WjAzMTEwLwYDVQQD
Eyg0OTdlNTc4MmEyZWQ3ZWExOTVjYzc3NjIxMDU3ZmY0YzRmY2E2Y2I3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7aLREzQX4eRx6O2KQMCVlG+WY1pz
eryQMm6HdH5EWSZsSo+HQmPqa7n+3olMFXE6xmlFcP66L9rpd3Ra/1C1zthRG+6V
ArhAl1nKhka29Vcx/5NhxW7Uk9PzVjy0V/yk+RHZB/3WxVrjW3WXmJlp3lB4/Ail
p/h3DT9cYvHOmHCXO34FUaO7njUowUHJOMgv7PEcP86m9k7m5VbKs+AO7gebot2y
mzA83zZw1yDH6nN7qQAHClv+XPb4zX31vv5oY8o+yX7Hut1aDVLvu2pIDErcOp8Q
P9BB5ZiLSCdLOPr02Xu3KkWDBT+4F+7dxbArXDXpWsa0QfA94x4+6OMoSQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEl+V4Ki7X6hlcx3YhBX/0xPymy3MB8GA1UdIwQY
MBaAFG3dQFLg/HZTY2HLvcd1CHfd82CtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYmQxQVV1RDhkbE5qWWN1OXgzVUlkOTN6WUswLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi85MjM0NDgtMzAyNy00OTQxLTk4YTQt
YmE3YjFmMzc2OWUzLzEvYmQxQVV1RDhkbE5qWWN1OXgzVUlkOTN6WUswLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZi85MjM0NDgtMzAyNy00OTQxLTk4YTQtYmE3YjFmMzc2OWUz
LzEvYmQxQVV1RDhkbE5qWWN1OXgzVUlkOTN6WUswLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAtWMVsCj1
VR3J6gj0JY2rVs3hNzPLiFGj/ab6puN7DfxNYYLc/wssoK5i1mPvqbvUUL80ensa
p23UCYN3P9o1tV8aGOjhLPyhVWtShVig9d5skKtBBe2T2aPFnSBQ2sNS+oESspwi
popGO+v66tCMFyCidpxfY/q3vOy9lHgbgmCVwBVP2naFU2lX0ae+nUbOmapO/t+M
X3lWs7etQXxq8NzeBx0PWCXfKTyp94qX9qLg7AnjnG3zi+ouI0W8hwppQihGEqu+
GjhR5TADRHUnzdtLG7Ntkus8sZ+pWsixOU0SOGi51gHwawD6n5bOr1MdCyoaNTnK
w0XNdgjoranIBg==
-----END CERTIFICATE-----
Generated at Sun Jun 15 02:38:59 2025 by rpki-client