Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/12fc41-89dd-4a21-aa34-76525841dc28/1/ztQQ6mhn72P5WbrWshtpHK3_h9Q.mft
File:                     ztQQ6mhn72P5WbrWshtpHK3_h9Q.mft (raw, json)
Hash identifier:          VxIgN/sN7JeMypahF1TGtp+WYNyTE0GBUY/Y4WJ5BDg=
Subject key identifier:   1E:2C:10:C8:9B:5C:E3:FE:6C:7B:01:73:48:DC:97:90:E9:CF:5E:FC
Authority key identifier: CE:D4:10:EA:68:67:EF:63:F9:59:BA:D6:B2:1B:69:1C:AD:FF:87:D4
Certificate issuer:       /CN=ced410ea6867ef63f959bad6b21b691cadff87d4
Certificate serial:       0197665FA845950593A6B7CB535766B8BC50
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ztQQ6mhn72P5WbrWshtpHK3_h9Q.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b3/12fc41-89dd-4a21-aa34-76525841dc28/1/ztQQ6mhn72P5WbrWshtpHK3_h9Q.mft
Manifest number:          158B
Signing time:             Thu 12 Jun 2025 23:00:34 +0000
Manifest this update:     Thu 12 Jun 2025 23:00:34 +0000
Manifest next update:     Fri 13 Jun 2025 23:00:34 +0000
Files and hashes:         1: NJmmW764rdnW_zIUswA3g-8-n2M.roa (hash: uNbv9sZggt1kjUfoR4Ji7KAa4WT9RRySZVjN33ZdWTA=)
                          2: ztQQ6mhn72P5WbrWshtpHK3_h9Q.crl (hash: xve7UHdRRi+tadNlGDSeJO8pl5dVJi5kgTQITSdYHfc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b3/12fc41-89dd-4a21-aa34-76525841dc28/1/ztQQ6mhn72P5WbrWshtpHK3_h9Q.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b3/12fc41-89dd-4a21-aa34-76525841dc28/1/ztQQ6mhn72P5WbrWshtpHK3_h9Q.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ztQQ6mhn72P5WbrWshtpHK3_h9Q.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 13 Jun 2025 22:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:66:5f:a8:45:95:05:93:a6:b7:cb:53:57:66:b8:bc:50
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ced410ea6867ef63f959bad6b21b691cadff87d4
        Validity
            Not Before: Jun 12 23:00:34 2025 GMT
            Not After : Jun 13 23:00:34 2025 GMT
        Subject: CN=1e2c10c89b5ce3fe6c7b017348dc9790e9cf5efc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:b2:76:64:25:e2:a9:65:11:1f:bb:7b:93:f8:
                    02:00:3f:31:db:e4:8e:8a:5c:2d:fe:71:ff:cc:c9:
                    ce:87:97:b2:3b:94:c8:bc:be:98:02:90:b5:f9:67:
                    fc:13:c4:d4:f1:fd:1b:21:7b:e8:28:c3:12:a2:7b:
                    e4:65:b0:7c:48:86:7c:41:21:79:2e:5c:f6:6f:a1:
                    b1:28:6c:2d:2b:18:1b:a8:a5:63:c5:3f:6d:c5:20:
                    6c:f3:98:ff:76:4f:f1:ac:d5:36:0a:33:dc:0f:5e:
                    4c:2c:7c:88:05:3a:6c:98:2a:bf:50:86:a7:13:c9:
                    6c:1a:4e:ec:15:bb:f6:49:3a:80:c3:b6:92:82:0f:
                    b3:71:6c:28:89:4d:74:78:91:23:74:bc:d3:e2:02:
                    fd:24:30:ad:17:5a:59:df:ec:07:e8:ff:26:2b:74:
                    54:a2:71:dc:70:dd:38:ee:a9:1e:15:43:a3:34:c0:
                    52:9f:4f:00:c0:28:f3:05:8a:cc:c0:a4:b8:e5:66:
                    6c:38:e0:22:81:6c:d4:80:e9:84:b3:12:b5:4a:c6:
                    38:cb:e0:0b:79:82:da:1a:05:6f:a9:dc:1c:b7:81:
                    4c:47:d3:fd:c9:2a:8a:bb:58:14:65:9a:ba:bb:04:
                    c0:3a:e7:ee:9a:97:8e:4e:dc:13:b1:b9:71:df:66:
                    c6:c7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1E:2C:10:C8:9B:5C:E3:FE:6C:7B:01:73:48:DC:97:90:E9:CF:5E:FC
            X509v3 Authority Key Identifier:
                keyid:CE:D4:10:EA:68:67:EF:63:F9:59:BA:D6:B2:1B:69:1C:AD:FF:87:D4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ztQQ6mhn72P5WbrWshtpHK3_h9Q.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/12fc41-89dd-4a21-aa34-76525841dc28/1/ztQQ6mhn72P5WbrWshtpHK3_h9Q.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/12fc41-89dd-4a21-aa34-76525841dc28/1/ztQQ6mhn72P5WbrWshtpHK3_h9Q.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         8b:0a:30:24:94:e1:2f:da:35:36:6a:f4:54:b6:39:91:6a:8c:
         f9:63:fc:4d:db:bb:d2:b1:33:da:59:a8:70:2d:aa:1c:bd:d9:
         c5:92:66:43:8a:a1:43:2f:ef:64:e1:62:cd:d8:5e:60:92:8f:
         3b:b6:1d:f6:88:42:9c:4c:e3:20:5a:fa:54:cb:a9:94:14:e0:
         8e:ad:bf:80:2d:49:70:af:c6:74:8c:51:37:d7:1e:0b:10:dc:
         9d:55:0f:cf:c1:7e:ef:b2:27:a5:76:a9:eb:ab:a7:dd:37:a9:
         37:21:64:4a:cd:cb:43:70:21:7e:7e:aa:da:db:73:a7:d2:e2:
         ac:83:a6:24:1e:c8:59:2b:3b:80:e9:ff:5c:96:a5:af:88:df:
         b4:a6:7a:d4:da:99:07:32:4a:c1:34:fa:77:0d:ad:95:26:61:
         f7:b8:22:4e:9f:04:a7:37:cc:09:70:d3:73:3d:74:33:d4:17:
         93:45:97:ed:ef:02:d7:16:36:ad:2f:9a:00:ed:be:fd:74:66:
         b8:09:f9:62:2e:55:1f:99:ca:ae:89:15:e9:97:b3:2f:1c:8a:
         96:05:e7:5c:ed:02:4d:2e:ff:c4:84:9d:93:95:1a:62:d3:55:
         d9:36:eb:95:11:23:d4:11:2e:67:a6:fd:56:ea:26:ff:7e:0e:
         d3:fe:de:05
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdmX6hFlQWTprfLU1dmuLxQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNlZDQxMGVhNjg2N2VmNjNmOTU5YmFkNmIyMWI2OTFjYWRm
Zjg3ZDQwHhcNMjUwNjEyMjMwMDM0WhcNMjUwNjEzMjMwMDM0WjAzMTEwLwYDVQQD
EygxZTJjMTBjODliNWNlM2ZlNmM3YjAxNzM0OGRjOTc5MGU5Y2Y1ZWZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAubJ2ZCXiqWURH7t7k/gCAD8x2+SO
ilwt/nH/zMnOh5eyO5TIvL6YApC1+Wf8E8TU8f0bIXvoKMMSonvkZbB8SIZ8QSF5
Llz2b6GxKGwtKxgbqKVjxT9txSBs85j/dk/xrNU2CjPcD15MLHyIBTpsmCq/UIan
E8lsGk7sFbv2STqAw7aSgg+zcWwoiU10eJEjdLzT4gL9JDCtF1pZ3+wH6P8mK3RU
onHccN047qkeFUOjNMBSn08AwCjzBYrMwKS45WZsOOAigWzUgOmEsxK1SsY4y+AL
eYLaGgVvqdwct4FMR9P9ySqKu1gUZZq6uwTAOufumpeOTtwTsblx32bGxwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFB4sEMibXOP+bHsBc0jcl5Dpz178MB8GA1UdIwQY
MBaAFM7UEOpoZ+9j+Vm61rIbaRyt/4fUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvenRRUTZtaG43MlA1V2JyV3NodHBISzNfaDlRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMy8xMmZjNDEtODlkZC00YTIxLWFhMzQt
NzY1MjU4NDFkYzI4LzEvenRRUTZtaG43MlA1V2JyV3NodHBISzNfaDlRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMy8xMmZjNDEtODlkZC00YTIxLWFhMzQtNzY1MjU4NDFkYzI4
LzEvenRRUTZtaG43MlA1V2JyV3NodHBISzNfaDlRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAiwowJJTh
L9o1Nmr0VLY5kWqM+WP8Tdu70rEz2lmocC2qHL3ZxZJmQ4qhQy/vZOFizdheYJKP
O7Yd9ohCnEzjIFr6VMuplBTgjq2/gC1JcK/GdIxRN9ceCxDcnVUPz8F+77InpXap
66un3TepNyFkSs3LQ3Ahfn6q2ttzp9LirIOmJB7IWSs7gOn/XJalr4jftKZ61NqZ
BzJKwTT6dw2tlSZh97giTp8EpzfMCXDTcz10M9QXk0WX7e8C1xY2rS+aAO2+/XRm
uAn5Yi5VH5nKrokV6ZezLxyKlgXnXO0CTS7/xISdk5UaYtNV2TbrlREj1BEuZ6b9
Vuom/34O0/7eBQ==
-----END CERTIFICATE-----
Generated at Fri Jun 13 08:02:17 2025 by rpki-client