Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/12fc41-89dd-4a21-aa34-76525841dc28/1/ztQQ6mhn72P5WbrWshtpHK3_h9Q.mft
File:                     ztQQ6mhn72P5WbrWshtpHK3_h9Q.mft (raw, json)
Hash identifier:          hO9Pwk6m+1a0C+5BOizZxQfrUAQNxS0eoY79uuK9tCM=
Subject key identifier:   7B:A3:16:12:25:1B:57:62:E1:9F:24:9C:EB:13:3B:0B:46:25:21:3F
Authority key identifier: CE:D4:10:EA:68:67:EF:63:F9:59:BA:D6:B2:1B:69:1C:AD:FF:87:D4
Certificate issuer:       /CN=ced410ea6867ef63f959bad6b21b691cadff87d4
Certificate serial:       019758DB0EA69F3D277B7E769E3A3581DAB1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ztQQ6mhn72P5WbrWshtpHK3_h9Q.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b3/12fc41-89dd-4a21-aa34-76525841dc28/1/ztQQ6mhn72P5WbrWshtpHK3_h9Q.mft
Manifest number:          1584
Signing time:             Tue 10 Jun 2025 08:00:40 +0000
Manifest this update:     Tue 10 Jun 2025 08:00:40 +0000
Manifest next update:     Wed 11 Jun 2025 08:00:40 +0000
Files and hashes:         1: NJmmW764rdnW_zIUswA3g-8-n2M.roa (hash: uNbv9sZggt1kjUfoR4Ji7KAa4WT9RRySZVjN33ZdWTA=)
                          2: ztQQ6mhn72P5WbrWshtpHK3_h9Q.crl (hash: VEVBi+xZ8poDJUyREccvBymIbzQ1Rfdscgm6PkXTewk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b3/12fc41-89dd-4a21-aa34-76525841dc28/1/ztQQ6mhn72P5WbrWshtpHK3_h9Q.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b3/12fc41-89dd-4a21-aa34-76525841dc28/1/ztQQ6mhn72P5WbrWshtpHK3_h9Q.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ztQQ6mhn72P5WbrWshtpHK3_h9Q.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 11 Jun 2025 08:00:40 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:58:db:0e:a6:9f:3d:27:7b:7e:76:9e:3a:35:81:da:b1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ced410ea6867ef63f959bad6b21b691cadff87d4
        Validity
            Not Before: Jun 10 08:00:40 2025 GMT
            Not After : Jun 11 08:00:40 2025 GMT
        Subject: CN=7ba31612251b5762e19f249ceb133b0b4625213f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:54:d9:cf:0a:95:87:b3:ff:af:54:0a:53:0f:
                    48:b4:89:ac:8a:40:9c:02:aa:b3:ce:ef:6f:24:0d:
                    21:fd:61:1c:e8:22:34:b0:a5:ac:48:aa:99:f1:13:
                    db:86:6d:b2:c5:9a:fd:b1:96:4e:52:57:03:6d:4d:
                    48:a4:69:14:c1:54:1f:d5:43:0d:c5:21:2a:9d:f3:
                    1c:90:11:fb:dc:36:2d:c6:af:a4:ae:01:31:c4:d0:
                    87:13:cd:e4:4e:3f:9b:c8:9d:59:2a:b5:10:13:5b:
                    b5:9f:c8:1c:4e:6d:dc:04:30:fc:f7:2d:fb:a7:86:
                    84:a4:0f:10:16:23:f5:d2:66:f1:38:68:66:be:cb:
                    a1:b0:39:30:a3:1a:e4:b4:69:d1:27:79:a2:29:b5:
                    1a:dd:81:5d:f1:b5:8a:5e:12:e3:b8:c4:d0:a3:d8:
                    45:ab:dc:87:68:ac:40:87:90:42:ef:c4:89:96:78:
                    6b:60:e3:2d:14:13:36:e1:11:68:46:05:5f:b3:57:
                    87:b4:78:c6:a7:c0:5c:22:2e:4d:65:f9:f8:34:49:
                    e1:f4:67:96:ab:39:7a:43:9a:4d:36:47:8d:28:ba:
                    be:82:29:e4:26:43:8a:1c:bd:fb:50:20:98:1f:bc:
                    85:7d:9f:4b:52:61:f7:c1:7c:29:9d:93:5f:fa:01:
                    cb:5d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7B:A3:16:12:25:1B:57:62:E1:9F:24:9C:EB:13:3B:0B:46:25:21:3F
            X509v3 Authority Key Identifier:
                keyid:CE:D4:10:EA:68:67:EF:63:F9:59:BA:D6:B2:1B:69:1C:AD:FF:87:D4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ztQQ6mhn72P5WbrWshtpHK3_h9Q.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/12fc41-89dd-4a21-aa34-76525841dc28/1/ztQQ6mhn72P5WbrWshtpHK3_h9Q.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/12fc41-89dd-4a21-aa34-76525841dc28/1/ztQQ6mhn72P5WbrWshtpHK3_h9Q.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         19:02:ec:df:f2:42:87:ce:74:0c:ec:4d:ae:c8:cb:2c:10:88:
         be:9f:b0:91:3e:e7:38:23:16:bc:39:05:b4:a5:27:ff:7a:2b:
         54:cb:1e:73:da:3f:66:36:7b:d7:81:15:94:4f:8b:3c:ac:68:
         d1:cc:dc:71:48:32:79:f8:6b:49:03:97:7b:0b:8c:7d:22:f0:
         d6:25:d4:4b:4b:13:df:e7:85:32:d4:df:d0:db:1c:01:a3:9d:
         c0:65:d9:2f:5b:2c:d9:1d:1d:e4:62:1b:9e:eb:60:7b:fa:3e:
         a7:25:b5:40:a5:08:51:9c:de:ab:3b:c8:c0:1d:20:80:e3:8f:
         8c:d4:68:58:ed:7f:c2:62:8f:46:89:11:89:2a:4f:e3:46:5c:
         14:21:f9:93:3a:b3:3b:a8:ac:97:78:62:5d:36:75:fe:da:5c:
         7d:ca:e4:5c:c8:c1:b2:69:00:06:98:e9:6f:1f:9e:eb:ba:61:
         5d:5b:7d:b7:f0:84:b9:8c:ed:27:ad:21:2e:58:22:b4:bc:b1:
         0c:43:16:bf:d9:98:8c:b7:ca:3a:9f:4c:f1:40:2e:e4:ea:5b:
         3b:07:c4:98:52:ad:e5:3f:11:15:ca:3b:90:cc:60:69:f1:d6:
         96:30:9e:6d:eb:79:d7:e5:2d:2a:dd:e1:78:6c:ae:b0:65:a4:
         fe:ad:9c:99
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdY2w6mnz0ne352njo1gdqxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNlZDQxMGVhNjg2N2VmNjNmOTU5YmFkNmIyMWI2OTFjYWRm
Zjg3ZDQwHhcNMjUwNjEwMDgwMDQwWhcNMjUwNjExMDgwMDQwWjAzMTEwLwYDVQQD
Eyg3YmEzMTYxMjI1MWI1NzYyZTE5ZjI0OWNlYjEzM2IwYjQ2MjUyMTNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApVTZzwqVh7P/r1QKUw9ItImsikCc
Aqqzzu9vJA0h/WEc6CI0sKWsSKqZ8RPbhm2yxZr9sZZOUlcDbU1IpGkUwVQf1UMN
xSEqnfMckBH73DYtxq+krgExxNCHE83kTj+byJ1ZKrUQE1u1n8gcTm3cBDD89y37
p4aEpA8QFiP10mbxOGhmvsuhsDkwoxrktGnRJ3miKbUa3YFd8bWKXhLjuMTQo9hF
q9yHaKxAh5BC78SJlnhrYOMtFBM24RFoRgVfs1eHtHjGp8BcIi5NZfn4NEnh9GeW
qzl6Q5pNNkeNKLq+ginkJkOKHL37UCCYH7yFfZ9LUmH3wXwpnZNf+gHLXQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHujFhIlG1di4Z8knOsTOwtGJSE/MB8GA1UdIwQY
MBaAFM7UEOpoZ+9j+Vm61rIbaRyt/4fUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvenRRUTZtaG43MlA1V2JyV3NodHBISzNfaDlRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMy8xMmZjNDEtODlkZC00YTIxLWFhMzQt
NzY1MjU4NDFkYzI4LzEvenRRUTZtaG43MlA1V2JyV3NodHBISzNfaDlRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMy8xMmZjNDEtODlkZC00YTIxLWFhMzQtNzY1MjU4NDFkYzI4
LzEvenRRUTZtaG43MlA1V2JyV3NodHBISzNfaDlRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGQLs3/JC
h850DOxNrsjLLBCIvp+wkT7nOCMWvDkFtKUn/3orVMsec9o/ZjZ714EVlE+LPKxo
0czccUgyefhrSQOXewuMfSLw1iXUS0sT3+eFMtTf0NscAaOdwGXZL1ss2R0d5GIb
nutge/o+pyW1QKUIUZzeqzvIwB0ggOOPjNRoWO1/wmKPRokRiSpP40ZcFCH5kzqz
O6isl3hiXTZ1/tpcfcrkXMjBsmkABpjpbx+e67phXVt9t/CEuYztJ60hLlgitLyx
DEMWv9mYjLfKOp9M8UAu5OpbOwfEmFKt5T8RFco7kMxgafHWljCebet51+UtKt3h
eGyusGWk/q2cmQ==
-----END CERTIFICATE-----
Generated at Tue Jun 10 17:30:11 2025 by rpki-client