Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b5/e120ef-1430-45ea-b77f-e376b9242ea7/1/do0jVpP2hnxbOBPaHzb-EHvR14I.mft
File:                     do0jVpP2hnxbOBPaHzb-EHvR14I.mft (raw, json)
Hash identifier:          LfQsC5nh7VwMMA9xwbreTC01V7yTb5C2MxjMUKWjWOM=
Subject key identifier:   A2:FA:04:D9:0A:06:7D:31:EF:54:7E:2B:01:AA:2C:7F:E1:00:E7:70
Authority key identifier: 76:8D:23:56:93:F6:86:7C:5B:38:13:DA:1F:36:FE:10:7B:D1:D7:82
Certificate issuer:       /CN=768d235693f6867c5b3813da1f36fe107bd1d782
Certificate serial:       01975836532C06D180BC7FC13A8096ED485A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/do0jVpP2hnxbOBPaHzb-EHvR14I.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b5/e120ef-1430-45ea-b77f-e376b9242ea7/1/do0jVpP2hnxbOBPaHzb-EHvR14I.mft
Manifest number:          0C5B
Signing time:             Tue 10 Jun 2025 05:00:44 +0000
Manifest this update:     Tue 10 Jun 2025 05:00:44 +0000
Manifest next update:     Wed 11 Jun 2025 05:00:44 +0000
Files and hashes:         1: KH_j-0tZP7kZGa_RGAqb8KjeOKE.roa (hash: nJQFit94GD/cIbI8GNPP+c6lmHYIPdofJMVeQt5hkQ4=)
                          2: do0jVpP2hnxbOBPaHzb-EHvR14I.crl (hash: maiEup2/xQOUVP+P1y0QOwGGK9kTh2WC6K5nzCwv3Ac=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b5/e120ef-1430-45ea-b77f-e376b9242ea7/1/do0jVpP2hnxbOBPaHzb-EHvR14I.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b5/e120ef-1430-45ea-b77f-e376b9242ea7/1/do0jVpP2hnxbOBPaHzb-EHvR14I.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/do0jVpP2hnxbOBPaHzb-EHvR14I.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 11 Jun 2025 05:00:44 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:58:36:53:2c:06:d1:80:bc:7f:c1:3a:80:96:ed:48:5a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=768d235693f6867c5b3813da1f36fe107bd1d782
        Validity
            Not Before: Jun 10 05:00:44 2025 GMT
            Not After : Jun 11 05:00:44 2025 GMT
        Subject: CN=a2fa04d90a067d31ef547e2b01aa2c7fe100e770
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:5c:cb:fd:8c:fc:10:bd:4f:13:4a:3b:b9:e5:
                    8e:e0:5a:b1:7a:77:c7:7e:20:bb:89:24:90:2c:4b:
                    aa:8f:89:6d:07:f3:25:39:1d:6c:43:1b:a0:b1:a0:
                    b0:79:5b:b6:ae:eb:cd:d8:bf:4a:dc:32:91:4c:62:
                    1c:b3:37:84:72:37:62:9e:79:cf:8b:d3:69:df:ca:
                    d4:20:23:d8:a5:eb:84:e7:18:ac:ba:ec:4d:95:b2:
                    ec:7c:f8:5b:f2:08:d2:51:f2:49:d8:1b:ea:83:a1:
                    ca:bb:7f:40:ab:f6:05:7e:db:90:92:95:7e:b9:b1:
                    f9:33:0f:c8:69:52:ed:e9:d9:1b:89:9b:f2:2f:c7:
                    6f:5a:a5:75:65:b6:3d:65:d6:82:46:89:0f:43:20:
                    bd:cc:07:0d:da:04:ba:e8:3d:0f:e6:43:08:51:60:
                    47:53:e8:77:72:07:0c:b4:ef:b9:f2:b2:20:90:be:
                    4c:40:e0:e1:23:cf:e8:c0:1c:aa:10:63:73:4c:3b:
                    ed:95:1a:03:16:49:40:2b:c7:24:ab:a7:95:b8:5d:
                    4f:e0:0f:28:dd:67:bc:f9:f6:fd:94:37:f1:ed:6b:
                    4e:51:e8:b5:91:bf:d6:9a:88:79:ab:92:92:52:c2:
                    93:7f:a1:d5:a9:35:ca:dd:5b:d1:4d:b6:cc:bf:fc:
                    c1:21
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A2:FA:04:D9:0A:06:7D:31:EF:54:7E:2B:01:AA:2C:7F:E1:00:E7:70
            X509v3 Authority Key Identifier:
                keyid:76:8D:23:56:93:F6:86:7C:5B:38:13:DA:1F:36:FE:10:7B:D1:D7:82

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/do0jVpP2hnxbOBPaHzb-EHvR14I.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/e120ef-1430-45ea-b77f-e376b9242ea7/1/do0jVpP2hnxbOBPaHzb-EHvR14I.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/e120ef-1430-45ea-b77f-e376b9242ea7/1/do0jVpP2hnxbOBPaHzb-EHvR14I.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         09:aa:02:08:2d:c3:a4:8f:13:a5:a1:5b:1b:a1:e9:2c:ab:51:
         70:79:e5:59:96:1f:8a:5d:66:7c:96:c2:96:43:42:17:90:e3:
         26:e5:b5:79:74:3d:a9:07:36:0f:81:6b:e1:1d:09:8e:4a:74:
         36:ae:29:d3:2e:e9:86:51:b8:4e:f2:5a:6e:4f:1b:61:02:aa:
         cf:e1:88:12:a0:e1:49:ba:a9:0b:be:50:5f:74:dc:d3:63:a7:
         ef:d4:87:f7:28:76:ad:72:a5:36:a9:d6:6e:9b:ea:8f:72:11:
         39:a2:b9:76:9c:23:07:10:74:6a:a3:30:67:55:35:7f:87:e0:
         db:90:0a:8d:8f:49:31:c7:b0:87:bc:ee:96:e7:68:22:1a:b6:
         31:1c:d8:1b:2c:9b:89:28:74:cb:c5:f1:4d:69:44:b0:6a:18:
         86:3e:81:20:94:24:2e:74:c3:c3:d1:76:16:3e:88:50:59:49:
         23:d2:ee:2c:92:4c:db:af:20:40:e4:af:66:e3:95:88:1d:3e:
         6a:3f:0d:6f:a7:b2:a2:75:4b:30:b1:76:a8:98:ff:e8:ac:c7:
         24:bf:8e:52:9e:1a:db:7b:30:ec:29:2c:1f:34:0d:c3:0a:86:
         49:90:29:13:ff:a8:71:5e:3f:52:01:a2:9c:88:c3:8a:7c:e4:
         da:ad:bf:33
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdYNlMsBtGAvH/BOoCW7UhaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc2OGQyMzU2OTNmNjg2N2M1YjM4MTNkYTFmMzZmZTEwN2Jk
MWQ3ODIwHhcNMjUwNjEwMDUwMDQ0WhcNMjUwNjExMDUwMDQ0WjAzMTEwLwYDVQQD
EyhhMmZhMDRkOTBhMDY3ZDMxZWY1NDdlMmIwMWFhMmM3ZmUxMDBlNzcwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvVzL/Yz8EL1PE0o7ueWO4FqxenfH
fiC7iSSQLEuqj4ltB/MlOR1sQxugsaCweVu2ruvN2L9K3DKRTGIcszeEcjdinnnP
i9Np38rUICPYpeuE5xisuuxNlbLsfPhb8gjSUfJJ2Bvqg6HKu39Aq/YFftuQkpV+
ubH5Mw/IaVLt6dkbiZvyL8dvWqV1ZbY9ZdaCRokPQyC9zAcN2gS66D0P5kMIUWBH
U+h3cgcMtO+58rIgkL5MQODhI8/owByqEGNzTDvtlRoDFklAK8ckq6eVuF1P4A8o
3We8+fb9lDfx7WtOUei1kb/Wmoh5q5KSUsKTf6HVqTXK3VvRTbbMv/zBIQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKL6BNkKBn0x71R+KwGqLH/hAOdwMB8GA1UdIwQY
MBaAFHaNI1aT9oZ8WzgT2h82/hB70deCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZG8walZwUDJobnhiT0JQYUh6Yi1FSHZSMTRJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNS9lMTIwZWYtMTQzMC00NWVhLWI3N2Yt
ZTM3NmI5MjQyZWE3LzEvZG8walZwUDJobnhiT0JQYUh6Yi1FSHZSMTRJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNS9lMTIwZWYtMTQzMC00NWVhLWI3N2YtZTM3NmI5MjQyZWE3
LzEvZG8walZwUDJobnhiT0JQYUh6Yi1FSHZSMTRJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACaoCCC3D
pI8TpaFbG6HpLKtRcHnlWZYfil1mfJbClkNCF5DjJuW1eXQ9qQc2D4Fr4R0Jjkp0
Nq4p0y7phlG4TvJabk8bYQKqz+GIEqDhSbqpC75QX3Tc02On79SH9yh2rXKlNqnW
bpvqj3IROaK5dpwjBxB0aqMwZ1U1f4fg25AKjY9JMcewh7zuludoIhq2MRzYGyyb
iSh0y8XxTWlEsGoYhj6BIJQkLnTDw9F2Fj6IUFlJI9LuLJJM268gQOSvZuOViB0+
aj8Nb6eyonVLMLF2qJj/6KzHJL+OUp4a23sw7CksHzQNwwqGSZApE/+ocV4/UgGi
nIjDinzk2q2/Mw==
-----END CERTIFICATE-----
Generated at Tue Jun 10 11:50:41 2025 by rpki-client