Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/b3bc70-5db0-47b9-b696-67da5409116f/1/JOHFEQ4OkDAuRwEv9cgjA6RmGt4.mft
File:                     JOHFEQ4OkDAuRwEv9cgjA6RmGt4.mft (raw, json)
Hash identifier:          wnnaUdROeS1/THSAszObLM+XMgrciWwsMGgXLr39GTY=
Subject key identifier:   B2:27:BD:81:D5:93:45:C2:4E:A6:28:04:43:9D:99:2D:D1:54:14:19
Authority key identifier: 24:E1:C5:11:0E:0E:90:30:2E:47:01:2F:F5:C8:23:03:A4:66:1A:DE
Certificate issuer:       /CN=24e1c5110e0e90302e47012ff5c82303a4661ade
Certificate serial:       01976E5099BF18DD49054134455849164A05
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/JOHFEQ4OkDAuRwEv9cgjA6RmGt4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b0/b3bc70-5db0-47b9-b696-67da5409116f/1/JOHFEQ4OkDAuRwEv9cgjA6RmGt4.mft
Manifest number:          038E
Signing time:             Sat 14 Jun 2025 12:01:05 +0000
Manifest this update:     Sat 14 Jun 2025 12:01:05 +0000
Manifest next update:     Sun 15 Jun 2025 12:01:05 +0000
Files and hashes:         1: JOHFEQ4OkDAuRwEv9cgjA6RmGt4.crl (hash: mAqb9yhNHEYZ48D5GhW9pzqJD080QJKgEITBemcIfUI=)
                          2: Q9WbsU5WLEBh2f38P2PGkPWP_HU.roa (hash: WTO6N136wAT9bdE+8AHFBftVkmxQHl/oBzZ0du4NvZs=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b0/b3bc70-5db0-47b9-b696-67da5409116f/1/JOHFEQ4OkDAuRwEv9cgjA6RmGt4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b0/b3bc70-5db0-47b9-b696-67da5409116f/1/JOHFEQ4OkDAuRwEv9cgjA6RmGt4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/JOHFEQ4OkDAuRwEv9cgjA6RmGt4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 15 Jun 2025 10:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:6e:50:99:bf:18:dd:49:05:41:34:45:58:49:16:4a:05
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=24e1c5110e0e90302e47012ff5c82303a4661ade
        Validity
            Not Before: Jun 14 12:01:05 2025 GMT
            Not After : Jun 15 12:01:05 2025 GMT
        Subject: CN=b227bd81d59345c24ea62804439d992dd1541419
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:99:9f:ec:60:a7:bb:24:3d:bb:aa:5c:9a:53:6e:
                    f2:6e:49:d2:ed:e9:95:6c:00:7d:db:d6:61:97:0f:
                    4b:85:89:7a:48:58:ad:e4:ec:96:5a:26:82:0f:64:
                    47:c2:44:a8:22:8e:38:48:7e:8a:2e:68:2c:9a:97:
                    29:bd:b6:5e:39:4e:c5:e7:b7:b4:be:1a:52:e2:81:
                    c7:4c:29:f1:fe:36:73:c3:b2:b1:bb:d9:31:16:d6:
                    6b:ae:b9:a9:a8:2e:ac:a9:19:5c:c4:01:db:77:c8:
                    c6:30:d0:d4:01:2d:b1:31:f1:32:68:b4:c4:59:05:
                    cd:5d:8e:18:8e:25:20:8d:c6:c4:cd:f4:d0:b5:78:
                    b0:5d:77:4a:fa:f4:cd:c1:61:43:77:16:98:2d:b0:
                    e9:a8:56:7b:b2:c9:1d:cd:91:7a:e8:8f:4a:eb:67:
                    dd:92:d1:6c:84:d0:17:ab:29:80:a2:57:57:ac:fa:
                    ba:8e:ca:58:8c:c3:6e:0b:29:2a:9a:be:ca:f5:7d:
                    58:2a:dc:1b:f3:a7:07:95:14:a8:e8:6c:16:a1:89:
                    ed:27:76:2d:30:c9:68:f2:a3:4d:aa:c1:b2:7d:e4:
                    eb:6f:37:15:e8:15:4b:3c:c2:a6:e2:c4:72:93:37:
                    db:f3:76:ca:71:fa:8f:51:2d:b4:8e:2b:23:de:dc:
                    86:0d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B2:27:BD:81:D5:93:45:C2:4E:A6:28:04:43:9D:99:2D:D1:54:14:19
            X509v3 Authority Key Identifier:
                keyid:24:E1:C5:11:0E:0E:90:30:2E:47:01:2F:F5:C8:23:03:A4:66:1A:DE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JOHFEQ4OkDAuRwEv9cgjA6RmGt4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/b3bc70-5db0-47b9-b696-67da5409116f/1/JOHFEQ4OkDAuRwEv9cgjA6RmGt4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/b3bc70-5db0-47b9-b696-67da5409116f/1/JOHFEQ4OkDAuRwEv9cgjA6RmGt4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         01:8e:62:d5:d4:d2:1f:f5:a9:e4:7e:22:4d:60:42:43:fb:c0:
         f6:8c:c4:6f:1d:9d:cf:45:3a:54:d3:f7:22:ab:5b:0c:e0:7a:
         e9:0b:3f:6b:56:38:c8:09:59:f1:36:89:74:2b:ed:39:43:db:
         c6:d5:c9:0e:c9:fa:e0:29:a2:b7:ee:af:29:73:65:2e:21:50:
         c8:b0:2c:6c:aa:69:bc:2a:a8:5a:75:1a:7d:8e:2f:d2:c7:ec:
         b8:44:af:57:e5:2f:d9:a5:13:62:4f:8c:2a:30:9c:3f:3b:6d:
         01:56:1e:f3:76:5c:46:f7:b8:22:ff:3e:b1:60:37:82:d7:fc:
         77:96:94:d2:36:3c:8e:56:79:44:56:65:0e:83:60:b4:4d:33:
         47:1f:ef:20:47:6a:97:d8:df:c9:8e:91:de:29:92:33:60:85:
         f4:18:36:61:13:4e:5c:3c:51:1c:3e:2a:3b:cb:4c:1b:25:37:
         a8:3e:9e:64:65:ca:0c:81:df:ff:0d:6a:6c:44:61:9b:31:ff:
         33:29:e1:0a:90:04:f7:43:2d:e6:fa:21:b8:5f:77:84:25:2b:
         ea:25:93:bb:4d:52:05:06:88:ae:eb:84:36:ba:ce:25:87:d5:
         f9:25:70:3f:eb:9c:b6:84:09:fc:a3:de:d2:26:a5:d9:6c:4b:
         77:65:e5:e2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZduUJm/GN1JBUE0RVhJFkoFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI0ZTFjNTExMGUwZTkwMzAyZTQ3MDEyZmY1YzgyMzAzYTQ2
NjFhZGUwHhcNMjUwNjE0MTIwMTA1WhcNMjUwNjE1MTIwMTA1WjAzMTEwLwYDVQQD
EyhiMjI3YmQ4MWQ1OTM0NWMyNGVhNjI4MDQ0MzlkOTkyZGQxNTQxNDE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmZ/sYKe7JD27qlyaU27ybknS7emV
bAB929Zhlw9LhYl6SFit5OyWWiaCD2RHwkSoIo44SH6KLmgsmpcpvbZeOU7F57e0
vhpS4oHHTCnx/jZzw7Kxu9kxFtZrrrmpqC6sqRlcxAHbd8jGMNDUAS2xMfEyaLTE
WQXNXY4YjiUgjcbEzfTQtXiwXXdK+vTNwWFDdxaYLbDpqFZ7sskdzZF66I9K62fd
ktFshNAXqymAoldXrPq6jspYjMNuCykqmr7K9X1YKtwb86cHlRSo6GwWoYntJ3Yt
MMlo8qNNqsGyfeTrbzcV6BVLPMKm4sRykzfb83bKcfqPUS20jisj3tyGDQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLInvYHVk0XCTqYoBEOdmS3RVBQZMB8GA1UdIwQY
MBaAFCThxREODpAwLkcBL/XIIwOkZhreMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSk9IRkVRNE9rREF1UndFdjljZ2pBNlJtR3Q0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC9iM2JjNzAtNWRiMC00N2I5LWI2OTYt
NjdkYTU0MDkxMTZmLzEvSk9IRkVRNE9rREF1UndFdjljZ2pBNlJtR3Q0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC9iM2JjNzAtNWRiMC00N2I5LWI2OTYtNjdkYTU0MDkxMTZm
LzEvSk9IRkVRNE9rREF1UndFdjljZ2pBNlJtR3Q0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAAY5i1dTS
H/Wp5H4iTWBCQ/vA9ozEbx2dz0U6VNP3IqtbDOB66Qs/a1Y4yAlZ8TaJdCvtOUPb
xtXJDsn64Cmit+6vKXNlLiFQyLAsbKppvCqoWnUafY4v0sfsuESvV+Uv2aUTYk+M
KjCcPzttAVYe83ZcRve4Iv8+sWA3gtf8d5aU0jY8jlZ5RFZlDoNgtE0zRx/vIEdq
l9jfyY6R3imSM2CF9Bg2YRNOXDxRHD4qO8tMGyU3qD6eZGXKDIHf/w1qbERhmzH/
MynhCpAE90Mt5vohuF93hCUr6iWTu01SBQaIruuENrrOJYfV+SVwP+uctoQJ/KPe
0ial2WxLd2Xl4g==
-----END CERTIFICATE-----
Generated at Sat Jun 14 19:50:20 2025 by rpki-client