Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b5/e120ef-1430-45ea-b77f-e376b9242ea7/1/do0jVpP2hnxbOBPaHzb-EHvR14I.mft
File:                     do0jVpP2hnxbOBPaHzb-EHvR14I.mft (raw, json)
Hash identifier:          oRhi/sxeSKmI+DcPJNDYt/0YE7oY57fBD/XX7pJ8CDY=
Subject key identifier:   60:61:00:C4:D1:94:0E:AF:E9:A6:78:2D:48:EC:25:FE:FD:AE:79:BF
Authority key identifier: 76:8D:23:56:93:F6:86:7C:5B:38:13:DA:1F:36:FE:10:7B:D1:D7:82
Certificate issuer:       /CN=768d235693f6867c5b3813da1f36fe107bd1d782
Certificate serial:       0197526B3AEE09B0F1BDA3B592653191D588
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/do0jVpP2hnxbOBPaHzb-EHvR14I.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b5/e120ef-1430-45ea-b77f-e376b9242ea7/1/do0jVpP2hnxbOBPaHzb-EHvR14I.mft
Manifest number:          0C58
Signing time:             Mon 09 Jun 2025 02:00:48 +0000
Manifest this update:     Mon 09 Jun 2025 02:00:48 +0000
Manifest next update:     Tue 10 Jun 2025 02:00:48 +0000
Files and hashes:         1: KH_j-0tZP7kZGa_RGAqb8KjeOKE.roa (hash: nJQFit94GD/cIbI8GNPP+c6lmHYIPdofJMVeQt5hkQ4=)
                          2: do0jVpP2hnxbOBPaHzb-EHvR14I.crl (hash: Zl+3FEVNbcTCBZ2jYeGGxx3UjrgpOD01jahx9YTRA14=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b5/e120ef-1430-45ea-b77f-e376b9242ea7/1/do0jVpP2hnxbOBPaHzb-EHvR14I.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b5/e120ef-1430-45ea-b77f-e376b9242ea7/1/do0jVpP2hnxbOBPaHzb-EHvR14I.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/do0jVpP2hnxbOBPaHzb-EHvR14I.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 10 Jun 2025 02:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:52:6b:3a:ee:09:b0:f1:bd:a3:b5:92:65:31:91:d5:88
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=768d235693f6867c5b3813da1f36fe107bd1d782
        Validity
            Not Before: Jun  9 02:00:48 2025 GMT
            Not After : Jun 10 02:00:48 2025 GMT
        Subject: CN=606100c4d1940eafe9a6782d48ec25fefdae79bf
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9d:14:93:5e:b3:25:b3:8d:43:12:dd:e8:89:fc:
                    89:ca:40:54:6b:df:9b:1e:77:27:53:fc:d4:5d:46:
                    ed:3a:56:38:a0:77:62:ac:49:96:9e:f9:5e:15:86:
                    98:a1:3b:2c:aa:5b:bb:87:be:a1:94:7d:4b:b0:15:
                    48:ed:4b:04:71:23:55:03:37:25:4d:05:a6:55:de:
                    60:fd:b2:ca:8c:2b:dc:ec:d9:c5:a1:e1:ab:2b:f4:
                    f7:bd:92:e6:52:c7:36:29:3b:f6:75:27:98:f9:f2:
                    d7:f4:f0:61:bd:92:e9:db:50:af:c3:f2:00:4d:0e:
                    24:ab:08:fe:48:fd:0b:78:4d:92:14:7e:4a:a6:1f:
                    d0:3d:3b:ad:aa:5a:76:5f:7f:3c:84:c0:45:f0:d8:
                    f9:76:f2:61:94:95:1a:38:4f:c1:6c:a3:8a:d4:77:
                    7d:d3:ab:f8:20:ca:cb:a3:99:08:83:17:73:61:c0:
                    1f:c5:00:da:8b:16:6b:11:63:09:a5:60:61:c8:be:
                    cf:cd:da:52:18:f1:ad:e8:23:8d:4f:f8:30:60:ef:
                    35:ee:ef:aa:90:b3:b2:6d:75:ab:72:b9:a8:09:9e:
                    1b:a6:0c:d1:70:c2:e1:45:80:42:db:24:07:fe:46:
                    75:11:33:f1:8a:a7:4b:55:35:2e:19:7f:b5:0d:24:
                    6f:b7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                60:61:00:C4:D1:94:0E:AF:E9:A6:78:2D:48:EC:25:FE:FD:AE:79:BF
            X509v3 Authority Key Identifier:
                keyid:76:8D:23:56:93:F6:86:7C:5B:38:13:DA:1F:36:FE:10:7B:D1:D7:82

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/do0jVpP2hnxbOBPaHzb-EHvR14I.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/e120ef-1430-45ea-b77f-e376b9242ea7/1/do0jVpP2hnxbOBPaHzb-EHvR14I.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/e120ef-1430-45ea-b77f-e376b9242ea7/1/do0jVpP2hnxbOBPaHzb-EHvR14I.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         34:a2:43:f8:6b:f0:75:93:22:e7:31:92:48:5a:10:9f:53:ca:
         9d:22:bd:2e:54:1a:79:94:29:98:2a:7e:24:53:19:de:58:6e:
         b7:0f:2c:15:00:77:60:6a:89:0d:81:f7:67:7d:d0:38:83:25:
         9f:da:86:e4:92:df:59:aa:fb:f6:80:df:1c:d0:dc:45:85:0d:
         93:64:1b:88:ec:4f:98:09:76:15:a2:4d:58:8a:9e:2f:dc:c0:
         60:4f:c8:8b:08:03:d8:67:22:24:e6:74:44:b8:67:99:99:19:
         57:3e:7f:84:04:86:49:94:e2:7c:f9:5c:6f:39:ba:8a:ec:58:
         65:f7:63:92:cb:be:e5:8e:fd:0d:ee:72:96:a5:db:2f:0a:72:
         a8:9e:3e:48:fe:52:f0:03:4d:37:3d:7f:1b:e9:82:92:01:e1:
         c0:a4:be:2b:8b:54:29:f8:9b:d9:15:25:07:e0:fa:2a:d4:d2:
         66:50:e8:fd:f9:b2:dd:f8:22:80:c5:2b:8b:fa:fa:02:e1:61:
         a6:79:1b:c8:3e:ff:24:62:c4:01:d9:28:d8:99:a6:44:8b:f9:
         7b:4c:16:c7:b0:3e:cd:47:bf:c5:c9:14:30:cd:ec:d6:64:c8:
         e5:06:af:e6:bf:5d:77:3a:df:0f:cd:38:22:ff:a8:2d:3c:35:
         5b:4f:bc:cd
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdSazruCbDxvaO1kmUxkdWIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc2OGQyMzU2OTNmNjg2N2M1YjM4MTNkYTFmMzZmZTEwN2Jk
MWQ3ODIwHhcNMjUwNjA5MDIwMDQ4WhcNMjUwNjEwMDIwMDQ4WjAzMTEwLwYDVQQD
Eyg2MDYxMDBjNGQxOTQwZWFmZTlhNjc4MmQ0OGVjMjVmZWZkYWU3OWJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnRSTXrMls41DEt3oifyJykBUa9+b
HncnU/zUXUbtOlY4oHdirEmWnvleFYaYoTssqlu7h76hlH1LsBVI7UsEcSNVAzcl
TQWmVd5g/bLKjCvc7NnFoeGrK/T3vZLmUsc2KTv2dSeY+fLX9PBhvZLp21Cvw/IA
TQ4kqwj+SP0LeE2SFH5Kph/QPTutqlp2X388hMBF8Nj5dvJhlJUaOE/BbKOK1Hd9
06v4IMrLo5kIgxdzYcAfxQDaixZrEWMJpWBhyL7PzdpSGPGt6CONT/gwYO817u+q
kLOybXWrcrmoCZ4bpgzRcMLhRYBC2yQH/kZ1ETPxiqdLVTUuGX+1DSRvtwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGBhAMTRlA6v6aZ4LUjsJf79rnm/MB8GA1UdIwQY
MBaAFHaNI1aT9oZ8WzgT2h82/hB70deCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZG8walZwUDJobnhiT0JQYUh6Yi1FSHZSMTRJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNS9lMTIwZWYtMTQzMC00NWVhLWI3N2Yt
ZTM3NmI5MjQyZWE3LzEvZG8walZwUDJobnhiT0JQYUh6Yi1FSHZSMTRJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNS9lMTIwZWYtMTQzMC00NWVhLWI3N2YtZTM3NmI5MjQyZWE3
LzEvZG8walZwUDJobnhiT0JQYUh6Yi1FSHZSMTRJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANKJD+Gvw
dZMi5zGSSFoQn1PKnSK9LlQaeZQpmCp+JFMZ3lhutw8sFQB3YGqJDYH3Z33QOIMl
n9qG5JLfWar79oDfHNDcRYUNk2QbiOxPmAl2FaJNWIqeL9zAYE/IiwgD2GciJOZ0
RLhnmZkZVz5/hASGSZTifPlcbzm6iuxYZfdjksu+5Y79De5ylqXbLwpyqJ4+SP5S
8ANNNz1/G+mCkgHhwKS+K4tUKfib2RUlB+D6KtTSZlDo/fmy3fgigMUri/r6AuFh
pnkbyD7/JGLEAdko2JmmRIv5e0wWx7A+zUe/xckUMM3s1mTI5Qav5r9ddzrfD804
Iv+oLTw1W0+8zQ==
-----END CERTIFICATE-----
Generated at Mon Jun 9 12:39:19 2025 by rpki-client