Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b7/efa18d-0907-4593-abb8-94802636bad9/1/aMXwmzqQOVDz_NGyVQhu3kh26xE.mft
File:                     aMXwmzqQOVDz_NGyVQhu3kh26xE.mft (raw, json)
Hash identifier:          1MDp734XULZpx9GxsfsF1jeM8pK7LSPlb0MZ+ZegfT8=
Subject key identifier:   1C:83:98:D2:BE:6E:91:48:09:72:5E:02:03:5A:64:D6:AD:44:DB:B0
Authority key identifier: 68:C5:F0:9B:3A:90:39:50:F3:FC:D1:B2:55:08:6E:DE:48:76:EB:11
Certificate issuer:       /CN=68c5f09b3a903950f3fcd1b255086ede4876eb11
Certificate serial:       01975F4ACE0611E4D6698BEF070FD5C2D836
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/aMXwmzqQOVDz_NGyVQhu3kh26xE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b7/efa18d-0907-4593-abb8-94802636bad9/1/aMXwmzqQOVDz_NGyVQhu3kh26xE.mft
Manifest number:          14DB
Signing time:             Wed 11 Jun 2025 14:00:27 +0000
Manifest this update:     Wed 11 Jun 2025 14:00:27 +0000
Manifest next update:     Thu 12 Jun 2025 14:00:27 +0000
Files and hashes:         1: 5gxDURtK1rmOAdh1eWuh-NkY76k.roa (hash: QaQOgPlbLBzFETMJyWwYJQCd8vML1MyClKfr5uYQDoc=)
                          2: aMXwmzqQOVDz_NGyVQhu3kh26xE.crl (hash: ip2gVf+E6FBk62ju/kyAiN7porgDZdcJN9YiASSoEA4=)
                          3: svZ0I0CIbPuXgkYBH_VdeOt4OII.roa (hash: qDnNSem+sBmAuaKOVojckKZEahJzHvEbGjkFY5x9Sqc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b7/efa18d-0907-4593-abb8-94802636bad9/1/aMXwmzqQOVDz_NGyVQhu3kh26xE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b7/efa18d-0907-4593-abb8-94802636bad9/1/aMXwmzqQOVDz_NGyVQhu3kh26xE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/aMXwmzqQOVDz_NGyVQhu3kh26xE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 12 Jun 2025 14:00:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:5f:4a:ce:06:11:e4:d6:69:8b:ef:07:0f:d5:c2:d8:36
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=68c5f09b3a903950f3fcd1b255086ede4876eb11
        Validity
            Not Before: Jun 11 14:00:27 2025 GMT
            Not After : Jun 12 14:00:27 2025 GMT
        Subject: CN=1c8398d2be6e914809725e02035a64d6ad44dbb0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ce:ec:4d:6a:09:62:b3:46:2e:2b:7d:5e:94:84:
                    a7:66:80:33:2d:74:24:6c:70:fc:82:43:3a:e7:38:
                    16:de:cc:68:f7:a1:79:5e:0c:6a:78:2e:59:50:2c:
                    6e:a5:50:7c:9f:d5:dd:e2:0b:64:a9:9d:89:8a:26:
                    0f:9f:5c:43:e8:51:b1:ee:14:d2:bc:17:ad:89:e1:
                    a6:03:bd:32:af:f4:31:45:8d:4a:5c:4c:d0:c2:ad:
                    1e:4e:f9:a6:fd:0a:c8:74:20:7b:3e:7d:20:bf:e4:
                    ef:c0:7d:c5:71:4e:e8:25:7f:5e:81:37:0b:e6:08:
                    1d:d9:b8:93:a5:08:30:27:13:09:54:6f:66:ce:75:
                    cc:e4:61:12:4b:be:37:e3:49:7f:e7:0e:1b:c2:34:
                    73:88:b7:9c:4b:40:99:ad:05:9a:9a:70:69:67:90:
                    8f:0c:38:ff:84:af:e1:23:b6:27:a1:6c:b6:6c:8f:
                    90:bb:77:45:47:11:f1:b9:a0:75:7e:4a:7c:52:cb:
                    01:58:4e:1e:7a:0f:d3:ae:15:9b:3b:b0:e5:2e:d8:
                    6f:6d:24:d6:ba:81:fb:78:67:a9:de:9b:3a:3f:15:
                    89:d6:d6:aa:2a:10:90:cb:e0:30:15:eb:e0:ae:c7:
                    8a:13:e0:1d:0a:37:e9:17:d8:47:7d:1f:ac:6d:29:
                    64:eb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1C:83:98:D2:BE:6E:91:48:09:72:5E:02:03:5A:64:D6:AD:44:DB:B0
            X509v3 Authority Key Identifier:
                keyid:68:C5:F0:9B:3A:90:39:50:F3:FC:D1:B2:55:08:6E:DE:48:76:EB:11

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aMXwmzqQOVDz_NGyVQhu3kh26xE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/efa18d-0907-4593-abb8-94802636bad9/1/aMXwmzqQOVDz_NGyVQhu3kh26xE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/efa18d-0907-4593-abb8-94802636bad9/1/aMXwmzqQOVDz_NGyVQhu3kh26xE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7b:35:95:fe:7e:41:0f:cb:f1:a5:65:f9:31:8e:e2:d5:0d:84:
         09:9e:b4:a1:73:44:57:b9:71:a9:a2:ba:00:df:db:4f:74:03:
         1a:4c:d3:9e:83:2e:f1:19:40:93:ec:e9:13:93:64:e4:63:33:
         24:4f:84:48:27:b7:79:a4:8c:77:1a:c5:c0:cf:53:74:e5:1d:
         5d:05:7d:8b:0d:df:39:33:6f:49:23:a0:61:85:15:00:3e:2b:
         41:6f:15:b7:34:2f:15:22:58:c6:d2:b3:8b:6f:b7:b3:d5:b9:
         4d:eb:07:75:e7:eb:ac:11:08:38:0b:53:b6:1a:58:c3:96:c4:
         de:e8:d5:01:f7:ac:3e:c8:f8:53:43:03:3d:4b:c8:ad:0b:a3:
         1b:99:6e:07:27:aa:21:94:89:81:1f:00:d6:44:c3:e7:7d:ad:
         d8:07:1c:36:ae:ed:41:11:a2:6c:06:3c:8b:3c:13:5b:32:17:
         9f:85:a3:c1:a4:3d:03:e6:43:a3:95:1e:3f:e8:3b:0c:34:d5:
         10:da:1f:f3:8e:6c:ac:a0:98:4d:c2:ba:dd:bb:78:bc:3e:80:
         51:81:fc:b2:56:32:cb:11:ef:ea:52:5d:0a:a7:e0:50:fb:d8:
         e0:b9:d7:2f:04:bf:cf:86:60:18:a8:2a:d8:72:c5:96:21:0c:
         b2:7f:12:16
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdfSs4GEeTWaYvvBw/Vwtg2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4YzVmMDliM2E5MDM5NTBmM2ZjZDFiMjU1MDg2ZWRlNDg3
NmViMTEwHhcNMjUwNjExMTQwMDI3WhcNMjUwNjEyMTQwMDI3WjAzMTEwLwYDVQQD
EygxYzgzOThkMmJlNmU5MTQ4MDk3MjVlMDIwMzVhNjRkNmFkNDRkYmIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzuxNaglis0YuK31elISnZoAzLXQk
bHD8gkM65zgW3sxo96F5XgxqeC5ZUCxupVB8n9Xd4gtkqZ2JiiYPn1xD6FGx7hTS
vBetieGmA70yr/QxRY1KXEzQwq0eTvmm/QrIdCB7Pn0gv+TvwH3FcU7oJX9egTcL
5ggd2biTpQgwJxMJVG9mznXM5GESS74340l/5w4bwjRziLecS0CZrQWamnBpZ5CP
DDj/hK/hI7YnoWy2bI+Qu3dFRxHxuaB1fkp8UssBWE4eeg/TrhWbO7DlLthvbSTW
uoH7eGep3ps6PxWJ1taqKhCQy+AwFevgrseKE+AdCjfpF9hHfR+sbSlk6wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFByDmNK+bpFICXJeAgNaZNatRNuwMB8GA1UdIwQY
MBaAFGjF8Js6kDlQ8/zRslUIbt5IdusRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYU1Yd216cVFPVkR6X05HeVZRaHUza2gyNnhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNy9lZmExOGQtMDkwNy00NTkzLWFiYjgt
OTQ4MDI2MzZiYWQ5LzEvYU1Yd216cVFPVkR6X05HeVZRaHUza2gyNnhFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNy9lZmExOGQtMDkwNy00NTkzLWFiYjgtOTQ4MDI2MzZiYWQ5
LzEvYU1Yd216cVFPVkR6X05HeVZRaHUza2gyNnhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAezWV/n5B
D8vxpWX5MY7i1Q2ECZ60oXNEV7lxqaK6AN/bT3QDGkzTnoMu8RlAk+zpE5Nk5GMz
JE+ESCe3eaSMdxrFwM9TdOUdXQV9iw3fOTNvSSOgYYUVAD4rQW8VtzQvFSJYxtKz
i2+3s9W5TesHdefrrBEIOAtTthpYw5bE3ujVAfesPsj4U0MDPUvIrQujG5luByeq
IZSJgR8A1kTD532t2AccNq7tQRGibAY8izwTWzIXn4WjwaQ9A+ZDo5UeP+g7DDTV
ENof845srKCYTcK63bt4vD6AUYH8slYyyxHv6lJdCqfgUPvY4LnXLwS/z4ZgGKgq
2HLFliEMsn8SFg==
-----END CERTIFICATE-----
Generated at Wed Jun 11 20:22:55 2025 by rpki-client