Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/12fc41-89dd-4a21-aa34-76525841dc28/1/ztQQ6mhn72P5WbrWshtpHK3_h9Q.mft
File:                     ztQQ6mhn72P5WbrWshtpHK3_h9Q.mft (raw, json)
Hash identifier:          3SYhf2gFZLbh9PE8GQx1DcEdEp4jRo5KH7RdALPhqz0=
Subject key identifier:   70:5B:1A:2B:7B:CF:4E:57:6F:EA:6C:20:58:6F:2C:C2:8B:A9:AC:02
Authority key identifier: CE:D4:10:EA:68:67:EF:63:F9:59:BA:D6:B2:1B:69:1C:AD:FF:87:D4
Certificate issuer:       /CN=ced410ea6867ef63f959bad6b21b691cadff87d4
Certificate serial:       0197684E68ABC71D8C35295974FA31305865
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ztQQ6mhn72P5WbrWshtpHK3_h9Q.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b3/12fc41-89dd-4a21-aa34-76525841dc28/1/ztQQ6mhn72P5WbrWshtpHK3_h9Q.mft
Manifest number:          158C
Signing time:             Fri 13 Jun 2025 08:00:58 +0000
Manifest this update:     Fri 13 Jun 2025 08:00:58 +0000
Manifest next update:     Sat 14 Jun 2025 08:00:58 +0000
Files and hashes:         1: NJmmW764rdnW_zIUswA3g-8-n2M.roa (hash: uNbv9sZggt1kjUfoR4Ji7KAa4WT9RRySZVjN33ZdWTA=)
                          2: ztQQ6mhn72P5WbrWshtpHK3_h9Q.crl (hash: yU+eXBDxJrdH5kipPegPZc+3zo/4HHUjG/YYgeZPToI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b3/12fc41-89dd-4a21-aa34-76525841dc28/1/ztQQ6mhn72P5WbrWshtpHK3_h9Q.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b3/12fc41-89dd-4a21-aa34-76525841dc28/1/ztQQ6mhn72P5WbrWshtpHK3_h9Q.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ztQQ6mhn72P5WbrWshtpHK3_h9Q.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 14 Jun 2025 07:00:18 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:68:4e:68:ab:c7:1d:8c:35:29:59:74:fa:31:30:58:65
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ced410ea6867ef63f959bad6b21b691cadff87d4
        Validity
            Not Before: Jun 13 08:00:58 2025 GMT
            Not After : Jun 14 08:00:58 2025 GMT
        Subject: CN=705b1a2b7bcf4e576fea6c20586f2cc28ba9ac02
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:67:1f:5f:e8:ea:dd:a1:d3:5c:80:58:cb:27:
                    d3:a8:72:65:64:43:d5:73:44:bc:90:73:ab:3d:f0:
                    52:f3:4c:f5:a3:c9:80:45:22:7e:0f:fd:61:ca:cb:
                    e6:82:49:c1:82:ef:ff:cc:fa:37:7e:52:38:90:73:
                    7b:c6:25:c5:35:5d:18:8b:fb:67:fc:10:93:6c:8d:
                    3b:8f:bb:ca:19:4e:5c:9d:28:3a:ef:fc:46:6e:22:
                    14:93:e7:0b:dd:b1:85:4d:7a:d5:b8:f6:3b:5b:e5:
                    17:fc:35:1e:a8:d8:a1:f2:eb:82:55:c6:bb:20:2f:
                    59:fe:1f:9a:5b:17:ba:2c:93:01:fc:dc:c5:24:db:
                    5d:67:24:6e:7b:0c:ec:aa:c3:92:be:35:1f:93:59:
                    47:e9:71:dd:d7:4b:2d:8e:ff:19:62:a4:42:51:02:
                    fe:36:0c:d1:b1:b7:1f:f7:0e:c1:b2:bd:35:b1:2f:
                    9a:15:e5:09:8f:f4:17:07:74:cf:64:f0:6c:6d:53:
                    5d:17:6f:12:71:15:83:29:00:3f:1a:52:4d:f6:47:
                    70:08:2f:1d:c3:f1:13:41:38:9a:20:59:09:2a:aa:
                    d9:ce:30:e8:68:e5:31:6d:de:56:b8:60:1d:6d:f6:
                    a1:89:cd:0e:3e:5a:62:cb:9a:6c:0f:4c:1c:94:4e:
                    bc:ff
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                70:5B:1A:2B:7B:CF:4E:57:6F:EA:6C:20:58:6F:2C:C2:8B:A9:AC:02
            X509v3 Authority Key Identifier:
                keyid:CE:D4:10:EA:68:67:EF:63:F9:59:BA:D6:B2:1B:69:1C:AD:FF:87:D4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ztQQ6mhn72P5WbrWshtpHK3_h9Q.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/12fc41-89dd-4a21-aa34-76525841dc28/1/ztQQ6mhn72P5WbrWshtpHK3_h9Q.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/12fc41-89dd-4a21-aa34-76525841dc28/1/ztQQ6mhn72P5WbrWshtpHK3_h9Q.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         45:21:8b:45:15:b8:73:99:2c:04:62:36:30:b7:e3:86:ad:98:
         de:7d:f5:7f:d0:90:f4:ab:4b:5e:e2:04:30:d7:42:d1:b3:86:
         37:86:36:1c:68:9b:8d:c1:01:fc:cf:03:98:7f:97:41:8e:6d:
         9b:7b:d1:fe:03:cc:1a:25:45:3a:20:a9:5f:b1:04:37:22:76:
         cf:b8:f0:37:04:55:6c:d2:c3:5b:bf:58:19:7e:7b:33:a0:9f:
         5f:24:3a:9e:eb:b2:82:44:4b:46:6b:e9:13:a6:08:12:ed:d0:
         8a:01:a0:52:e1:ac:12:56:bd:a1:c9:4c:e9:9b:32:ee:98:48:
         18:a4:0e:cd:b5:88:bd:b8:e4:76:e4:89:d7:01:3c:05:84:ee:
         29:73:3d:02:7b:de:cd:04:ec:81:60:c6:30:8d:b0:63:1a:c5:
         f6:56:ab:20:52:ed:f7:45:ad:01:2c:8a:69:b0:6b:a0:39:79:
         6a:22:db:34:81:5f:f2:c7:f1:82:d0:2c:90:71:e8:0d:ee:7e:
         63:ff:95:6c:54:e4:25:67:0a:ad:73:b4:1f:a6:16:4f:b9:0a:
         27:c5:8c:be:50:de:da:be:9c:09:c7:19:b3:dd:de:90:58:da:
         2c:b2:20:7f:34:bb:cb:9f:0a:3e:37:77:37:1e:10:72:b0:0e:
         af:d9:83:dc
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdoTmirxx2MNSlZdPoxMFhlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNlZDQxMGVhNjg2N2VmNjNmOTU5YmFkNmIyMWI2OTFjYWRm
Zjg3ZDQwHhcNMjUwNjEzMDgwMDU4WhcNMjUwNjE0MDgwMDU4WjAzMTEwLwYDVQQD
Eyg3MDViMWEyYjdiY2Y0ZTU3NmZlYTZjMjA1ODZmMmNjMjhiYTlhYzAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsmcfX+jq3aHTXIBYyyfTqHJlZEPV
c0S8kHOrPfBS80z1o8mARSJ+D/1hysvmgknBgu//zPo3flI4kHN7xiXFNV0Yi/tn
/BCTbI07j7vKGU5cnSg67/xGbiIUk+cL3bGFTXrVuPY7W+UX/DUeqNih8uuCVca7
IC9Z/h+aWxe6LJMB/NzFJNtdZyRuewzsqsOSvjUfk1lH6XHd10stjv8ZYqRCUQL+
NgzRsbcf9w7Bsr01sS+aFeUJj/QXB3TPZPBsbVNdF28ScRWDKQA/GlJN9kdwCC8d
w/ETQTiaIFkJKqrZzjDoaOUxbd5WuGAdbfahic0OPlpiy5psD0wclE68/wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHBbGit7z05Xb+psIFhvLMKLqawCMB8GA1UdIwQY
MBaAFM7UEOpoZ+9j+Vm61rIbaRyt/4fUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvenRRUTZtaG43MlA1V2JyV3NodHBISzNfaDlRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMy8xMmZjNDEtODlkZC00YTIxLWFhMzQt
NzY1MjU4NDFkYzI4LzEvenRRUTZtaG43MlA1V2JyV3NodHBISzNfaDlRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMy8xMmZjNDEtODlkZC00YTIxLWFhMzQtNzY1MjU4NDFkYzI4
LzEvenRRUTZtaG43MlA1V2JyV3NodHBISzNfaDlRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEARSGLRRW4
c5ksBGI2MLfjhq2Y3n31f9CQ9KtLXuIEMNdC0bOGN4Y2HGibjcEB/M8DmH+XQY5t
m3vR/gPMGiVFOiCpX7EENyJ2z7jwNwRVbNLDW79YGX57M6CfXyQ6nuuygkRLRmvp
E6YIEu3QigGgUuGsEla9oclM6Zsy7phIGKQOzbWIvbjkduSJ1wE8BYTuKXM9Anve
zQTsgWDGMI2wYxrF9larIFLt90WtASyKabBroDl5aiLbNIFf8sfxgtAskHHoDe5+
Y/+VbFTkJWcKrXO0H6YWT7kKJ8WMvlDe2r6cCccZs93ekFjaLLIgfzS7y58KPjd3
Nx4QcrAOr9mD3A==
-----END CERTIFICATE-----
Generated at Fri Jun 13 17:47:28 2025 by rpki-client