Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/5b2d6e-8247-448f-a358-5473ee1daa9b/1/2CsoRvCTvJQWBBvmiix4MWHrBN8.mft
File:                     2CsoRvCTvJQWBBvmiix4MWHrBN8.mft (raw, json)
Hash identifier:          B7UX3DcjC6KnnmauxrIXwXlO2TpIw31D147KhDap1+U=
Subject key identifier:   AE:C3:63:29:4D:C8:4D:1C:CF:E2:37:F5:CC:44:30:20:4B:65:8F:C4
Authority key identifier: D8:2B:28:46:F0:93:BC:94:16:04:1B:E6:8A:2C:78:31:61:EB:04:DF
Certificate issuer:       /CN=d82b2846f093bc9416041be68a2c783161eb04df
Certificate serial:       01975B6E2E9623DE55B3F62A674E36CDA9CE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2CsoRvCTvJQWBBvmiix4MWHrBN8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bc/5b2d6e-8247-448f-a358-5473ee1daa9b/1/2CsoRvCTvJQWBBvmiix4MWHrBN8.mft
Manifest number:          072D
Signing time:             Tue 10 Jun 2025 20:00:36 +0000
Manifest this update:     Tue 10 Jun 2025 20:00:36 +0000
Manifest next update:     Wed 11 Jun 2025 20:00:36 +0000
Files and hashes:         1: 1tdaIrt9xypJtReKdxeXXdM964s.roa (hash: 2jF3CjF80ww6ITNBk+zVZgXhV0QGg1umOnc7I4ePaOY=)
                          2: 2CsoRvCTvJQWBBvmiix4MWHrBN8.crl (hash: pSYuxQmNpcvW0qKEgdW2Csp97+m/0SCuiwoBO7z4JpY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/bc/5b2d6e-8247-448f-a358-5473ee1daa9b/1/2CsoRvCTvJQWBBvmiix4MWHrBN8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/bc/5b2d6e-8247-448f-a358-5473ee1daa9b/1/2CsoRvCTvJQWBBvmiix4MWHrBN8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2CsoRvCTvJQWBBvmiix4MWHrBN8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 11 Jun 2025 20:00:36 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:5b:6e:2e:96:23:de:55:b3:f6:2a:67:4e:36:cd:a9:ce
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d82b2846f093bc9416041be68a2c783161eb04df
        Validity
            Not Before: Jun 10 20:00:36 2025 GMT
            Not After : Jun 11 20:00:36 2025 GMT
        Subject: CN=aec363294dc84d1ccfe237f5cc4430204b658fc4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cc:09:63:df:d4:08:12:90:50:21:b6:67:7a:85:
                    7d:50:d3:7b:ac:71:1e:76:ca:3d:69:a3:ca:7b:fb:
                    c3:79:14:81:1c:b9:94:95:d5:34:5e:a6:1c:db:f9:
                    85:ed:79:48:01:bd:d1:68:7d:29:a0:51:39:14:f4:
                    ea:fa:13:78:93:fc:c5:35:ae:85:3b:6b:c5:ce:b3:
                    1a:50:f9:37:a8:f5:60:eb:b1:63:51:13:cd:55:ed:
                    5d:8e:80:84:93:2c:45:a8:69:74:c5:e2:56:5a:4b:
                    e4:d2:c8:1d:90:e2:ce:e0:4d:fb:b2:bb:fd:ed:0b:
                    1c:35:ec:11:7b:2e:45:06:87:2e:7e:69:e8:17:e3:
                    3b:a5:0a:69:c5:71:30:14:1e:1c:03:dd:fd:64:72:
                    7b:6f:63:fe:10:00:37:6e:fd:64:3a:16:e7:5c:2c:
                    fd:79:79:ee:54:1d:8a:bd:4c:9a:be:c8:14:30:5f:
                    c8:35:c7:5d:04:bd:1a:63:49:14:5f:8f:44:4e:e4:
                    ac:bb:3b:a8:ec:d1:51:6f:b1:c8:a4:f3:7f:fc:0b:
                    b5:0c:82:2b:e5:05:c2:82:08:7a:fa:3b:37:48:19:
                    27:34:fc:65:12:a5:15:dc:c5:16:42:3f:28:b2:c0:
                    d6:25:35:7a:e8:ab:6f:b1:07:4d:1a:b5:6a:01:24:
                    91:19
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AE:C3:63:29:4D:C8:4D:1C:CF:E2:37:F5:CC:44:30:20:4B:65:8F:C4
            X509v3 Authority Key Identifier:
                keyid:D8:2B:28:46:F0:93:BC:94:16:04:1B:E6:8A:2C:78:31:61:EB:04:DF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2CsoRvCTvJQWBBvmiix4MWHrBN8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/5b2d6e-8247-448f-a358-5473ee1daa9b/1/2CsoRvCTvJQWBBvmiix4MWHrBN8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/5b2d6e-8247-448f-a358-5473ee1daa9b/1/2CsoRvCTvJQWBBvmiix4MWHrBN8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         33:af:25:0b:cc:df:04:cd:71:c7:89:9a:4e:cb:cb:21:c6:54:
         af:d8:e3:5b:56:df:91:1d:59:fc:ef:94:89:4b:83:5c:e9:cc:
         45:11:d0:42:4c:24:a0:4e:4a:8a:d0:1d:1d:f2:99:ba:3e:63:
         fb:f7:b8:07:88:ac:10:08:64:84:1c:18:23:9f:d0:e3:69:a2:
         bc:69:e2:c9:17:3c:e5:d4:f4:be:04:83:d4:2e:c9:78:b0:08:
         2e:1b:70:8d:a2:ad:99:8c:bf:d5:92:22:4d:6b:24:76:79:40:
         55:3e:05:92:e7:b4:c0:1a:93:a6:ec:95:cb:71:02:df:e2:39:
         a6:57:db:8c:2b:f2:b4:9a:e7:56:29:cc:e4:49:09:85:2b:b7:
         60:54:5b:57:70:fe:3e:0e:c4:0a:27:98:f5:7c:4a:ff:2b:b6:
         55:09:04:19:27:82:1f:88:25:80:45:6b:70:41:3b:60:89:71:
         9d:1b:16:5e:ba:d0:da:f0:97:a8:ee:ae:c2:3b:35:11:2e:73:
         c5:9a:65:00:63:f6:aa:ed:bc:1f:63:c6:bc:86:1f:0f:6e:6f:
         ff:2c:9a:b1:40:f7:0b:6b:91:2e:53:97:bc:d0:ad:59:a1:67:
         84:13:90:de:2e:ab:77:ce:95:b3:4e:c4:88:69:3f:e6:15:54:
         e3:18:c6:22
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdbbi6WI95Vs/YqZ042zanOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4MmIyODQ2ZjA5M2JjOTQxNjA0MWJlNjhhMmM3ODMxNjFl
YjA0ZGYwHhcNMjUwNjEwMjAwMDM2WhcNMjUwNjExMjAwMDM2WjAzMTEwLwYDVQQD
EyhhZWMzNjMyOTRkYzg0ZDFjY2ZlMjM3ZjVjYzQ0MzAyMDRiNjU4ZmM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzAlj39QIEpBQIbZneoV9UNN7rHEe
dso9aaPKe/vDeRSBHLmUldU0XqYc2/mF7XlIAb3RaH0poFE5FPTq+hN4k/zFNa6F
O2vFzrMaUPk3qPVg67FjURPNVe1djoCEkyxFqGl0xeJWWkvk0sgdkOLO4E37srv9
7QscNewRey5FBocufmnoF+M7pQppxXEwFB4cA939ZHJ7b2P+EAA3bv1kOhbnXCz9
eXnuVB2KvUyavsgUMF/INcddBL0aY0kUX49ETuSsuzuo7NFRb7HIpPN//Au1DIIr
5QXCggh6+js3SBknNPxlEqUV3MUWQj8ossDWJTV66KtvsQdNGrVqASSRGQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFK7DYylNyE0cz+I39cxEMCBLZY/EMB8GA1UdIwQY
MBaAFNgrKEbwk7yUFgQb5ooseDFh6wTfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMkNzb1J2Q1R2SlFXQkJ2bWlpeDRNV0hyQk44LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy81YjJkNmUtODI0Ny00NDhmLWEzNTgt
NTQ3M2VlMWRhYTliLzEvMkNzb1J2Q1R2SlFXQkJ2bWlpeDRNV0hyQk44Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy81YjJkNmUtODI0Ny00NDhmLWEzNTgtNTQ3M2VlMWRhYTli
LzEvMkNzb1J2Q1R2SlFXQkJ2bWlpeDRNV0hyQk44LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAM68lC8zf
BM1xx4maTsvLIcZUr9jjW1bfkR1Z/O+UiUuDXOnMRRHQQkwkoE5KitAdHfKZuj5j
+/e4B4isEAhkhBwYI5/Q42mivGniyRc85dT0vgSD1C7JeLAILhtwjaKtmYy/1ZIi
TWskdnlAVT4Fkue0wBqTpuyVy3EC3+I5plfbjCvytJrnVinM5EkJhSu3YFRbV3D+
Pg7ECieY9XxK/yu2VQkEGSeCH4glgEVrcEE7YIlxnRsWXrrQ2vCXqO6uwjs1ES5z
xZplAGP2qu28H2PGvIYfD25v/yyasUD3C2uRLlOXvNCtWaFnhBOQ3i6rd86Vs07E
iGk/5hVU4xjGIg==
-----END CERTIFICATE-----
Generated at Wed Jun 11 03:16:03 2025 by rpki-client