Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/9daff4-f158-480f-b41f-d48b42ef159b/1/3Hgh4by_bgdOpIFKqlxj47qBPF8.mft
File:                     3Hgh4by_bgdOpIFKqlxj47qBPF8.mft (raw, json)
Hash identifier:          7SuWtYqJ/9ueYXMocsAnEZ6sMi8dE+Htnwhc+vnayKo=
Subject key identifier:   BD:40:22:5F:DE:CD:6F:24:EE:AB:53:C1:63:DA:7C:11:62:46:24:40
Authority key identifier: DC:78:21:E1:BC:BF:6E:07:4E:A4:81:4A:AA:5C:63:E3:BA:81:3C:5F
Certificate issuer:       /CN=dc7821e1bcbf6e074ea4814aaa5c63e3ba813c5f
Certificate serial:       019756B5B0FAB1B3B83618F3566559A8BAB9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3Hgh4by_bgdOpIFKqlxj47qBPF8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bd/9daff4-f158-480f-b41f-d48b42ef159b/1/3Hgh4by_bgdOpIFKqlxj47qBPF8.mft
Manifest number:          1591
Signing time:             Mon 09 Jun 2025 22:00:37 +0000
Manifest this update:     Mon 09 Jun 2025 22:00:37 +0000
Manifest next update:     Tue 10 Jun 2025 22:00:37 +0000
Files and hashes:         1: 3Hgh4by_bgdOpIFKqlxj47qBPF8.crl (hash: DmB/CUPJWJd27l/0K7zZeU+4dEud4m4DxYn50TFmff8=)
                          2: 4MXMdJWAndzkkiHFnmOxrlOkHIs.roa (hash: OiJ7+6r4bWAFN5vOHYBjk8U2TGkBpOBvwNxXY+Qb+To=)
                          3: FnxhJQ5jd2jBoCiaTZ0_b7pYcn4.roa (hash: YbjDITXwnNkMY1d8iM5sg8TPIw1q/oeZDc75wOKQiOE=)
                          4: KYs_VMmQL9k2rQHns_O4m4f35bc.roa (hash: 1ns98Zta2gRWyrvr5wyrj8EwmfBa9CnA+/wYUmR2SA0=)
                          5: ThB5ArM42WkjWUEQcQYsflTBSWo.roa (hash: bddz7FyKEk1/5lgcU0RqcQHG7LiGlbilafV868t6FT4=)
                          6: e8yyBy_WYk0MmiOF_-c6ZOE78e0.roa (hash: XCwVuTCuJ/Y/WAoLWIkeepq2X2E/4/mFMfojm79U0cM=)
                          7: uRWNqrl7lEtL4BdXY6zm3up7W9g.roa (hash: 5dZDwl/VQCf/bzBpVyR3+W+VZSdwG299LMVlDR4jvrU=)
                          8: w6y6tA7YYKjCRBu0w7S_pejO5kU.roa (hash: m4339RdE053FyeU5wm1JX9FNzAT+cE85Onp7E9j3YoE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/bd/9daff4-f158-480f-b41f-d48b42ef159b/1/3Hgh4by_bgdOpIFKqlxj47qBPF8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/bd/9daff4-f158-480f-b41f-d48b42ef159b/1/3Hgh4by_bgdOpIFKqlxj47qBPF8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3Hgh4by_bgdOpIFKqlxj47qBPF8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 10 Jun 2025 22:00:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:56:b5:b0:fa:b1:b3:b8:36:18:f3:56:65:59:a8:ba:b9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dc7821e1bcbf6e074ea4814aaa5c63e3ba813c5f
        Validity
            Not Before: Jun  9 22:00:37 2025 GMT
            Not After : Jun 10 22:00:37 2025 GMT
        Subject: CN=bd40225fdecd6f24eeab53c163da7c1162462440
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a9:3b:90:95:bd:3f:e4:f4:8d:ab:24:af:91:d9:
                    e8:2c:81:f1:32:d9:43:0c:de:81:bf:96:3f:36:28:
                    9f:96:5a:a5:21:8e:98:fb:b5:d4:bb:51:07:10:58:
                    d3:17:8a:4a:50:de:1f:9e:b1:d8:54:97:8c:e7:a2:
                    42:04:2c:7a:b3:23:15:4d:47:5e:c8:0d:0b:0f:85:
                    c3:af:17:17:50:9a:55:e8:d2:c7:45:5e:36:40:4c:
                    d0:4d:0d:e3:e2:84:97:a8:6d:51:6a:a9:36:41:9a:
                    b4:d4:63:ee:b2:31:e1:a6:6f:e2:c4:83:4f:2d:0e:
                    ab:ca:6c:31:81:8d:2c:98:23:2a:cd:ad:a1:c2:10:
                    f2:2e:bc:ee:6a:2f:86:68:28:3b:99:4d:9a:c8:a0:
                    d1:aa:12:81:98:37:94:13:f1:06:bd:4a:ad:fc:3f:
                    f7:64:a8:16:68:a7:86:41:37:cb:0d:77:ef:4f:f7:
                    0f:da:f1:02:0a:14:98:e4:ab:53:5e:35:55:5a:93:
                    04:14:43:a9:c6:10:1f:56:ce:39:71:f9:fd:71:0c:
                    a1:0b:56:cb:4c:8d:09:a3:7e:35:cb:05:cb:07:e4:
                    e8:23:a5:75:50:74:28:ae:4e:65:29:a4:6e:22:68:
                    61:65:78:1e:cd:7b:04:9e:20:a9:94:4c:4a:3d:b5:
                    aa:cb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BD:40:22:5F:DE:CD:6F:24:EE:AB:53:C1:63:DA:7C:11:62:46:24:40
            X509v3 Authority Key Identifier:
                keyid:DC:78:21:E1:BC:BF:6E:07:4E:A4:81:4A:AA:5C:63:E3:BA:81:3C:5F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3Hgh4by_bgdOpIFKqlxj47qBPF8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/9daff4-f158-480f-b41f-d48b42ef159b/1/3Hgh4by_bgdOpIFKqlxj47qBPF8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/9daff4-f158-480f-b41f-d48b42ef159b/1/3Hgh4by_bgdOpIFKqlxj47qBPF8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7a:a5:ec:ef:57:c4:4d:d8:ce:5d:1d:99:ac:e0:ca:bc:c9:10:
         27:b6:d1:13:ff:13:da:81:3d:14:49:d0:aa:c2:e4:c9:80:ba:
         df:e9:c2:be:0c:41:3b:25:49:13:bf:01:4e:06:b1:cd:f0:76:
         5d:1c:ff:1f:a3:4e:cb:51:7c:58:81:9e:18:38:dd:a7:9c:b8:
         cd:a1:1a:61:fd:a0:fc:87:aa:62:6a:cc:39:4c:5c:54:6c:37:
         19:56:2c:46:fb:b4:ae:6d:1c:d6:cb:41:7f:3b:e7:58:a8:c8:
         18:e8:e2:19:5e:dd:20:cc:24:74:59:67:4b:cd:4d:86:dd:22:
         1f:ae:23:08:d2:40:a2:92:26:12:59:03:de:ec:94:08:89:e5:
         e1:ad:81:d5:28:80:75:2a:0d:50:d2:ef:ee:01:d5:88:34:41:
         84:95:bb:54:96:68:da:9f:8e:2a:3e:4b:8e:74:cf:0a:a3:34:
         a5:2e:19:d3:dc:a6:cc:97:5d:e9:41:b1:7b:5b:c8:88:ef:b1:
         9e:60:d4:a0:ee:c9:92:5d:e6:f1:4a:95:55:8f:95:44:82:95:
         dd:ec:c4:0c:58:b9:eb:cf:8a:24:4b:57:75:08:29:0e:f2:ec:
         1c:bc:f1:52:7f:dc:13:6c:92:a8:79:90:e4:b0:f8:72:36:86:
         97:84:e7:3d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdWtbD6sbO4NhjzVmVZqLq5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjNzgyMWUxYmNiZjZlMDc0ZWE0ODE0YWFhNWM2M2UzYmE4
MTNjNWYwHhcNMjUwNjA5MjIwMDM3WhcNMjUwNjEwMjIwMDM3WjAzMTEwLwYDVQQD
EyhiZDQwMjI1ZmRlY2Q2ZjI0ZWVhYjUzYzE2M2RhN2MxMTYyNDYyNDQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqTuQlb0/5PSNqySvkdnoLIHxMtlD
DN6Bv5Y/NiifllqlIY6Y+7XUu1EHEFjTF4pKUN4fnrHYVJeM56JCBCx6syMVTUde
yA0LD4XDrxcXUJpV6NLHRV42QEzQTQ3j4oSXqG1Raqk2QZq01GPusjHhpm/ixINP
LQ6rymwxgY0smCMqza2hwhDyLrzuai+GaCg7mU2ayKDRqhKBmDeUE/EGvUqt/D/3
ZKgWaKeGQTfLDXfvT/cP2vECChSY5KtTXjVVWpMEFEOpxhAfVs45cfn9cQyhC1bL
TI0Jo341ywXLB+ToI6V1UHQork5lKaRuImhhZXgezXsEniCplExKPbWqywIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFL1AIl/ezW8k7qtTwWPafBFiRiRAMB8GA1UdIwQY
MBaAFNx4IeG8v24HTqSBSqpcY+O6gTxfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM0hnaDRieV9iZ2RPcElGS3FseGo0N3FCUEY4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZC85ZGFmZjQtZjE1OC00ODBmLWI0MWYt
ZDQ4YjQyZWYxNTliLzEvM0hnaDRieV9iZ2RPcElGS3FseGo0N3FCUEY4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZC85ZGFmZjQtZjE1OC00ODBmLWI0MWYtZDQ4YjQyZWYxNTli
LzEvM0hnaDRieV9iZ2RPcElGS3FseGo0N3FCUEY4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAeqXs71fE
TdjOXR2ZrODKvMkQJ7bRE/8T2oE9FEnQqsLkyYC63+nCvgxBOyVJE78BTgaxzfB2
XRz/H6NOy1F8WIGeGDjdp5y4zaEaYf2g/IeqYmrMOUxcVGw3GVYsRvu0rm0c1stB
fzvnWKjIGOjiGV7dIMwkdFlnS81Nht0iH64jCNJAopImElkD3uyUCInl4a2B1SiA
dSoNUNLv7gHViDRBhJW7VJZo2p+OKj5LjnTPCqM0pS4Z09ymzJdd6UGxe1vIiO+x
nmDUoO7Jkl3m8UqVVY+VRIKV3ezEDFi568+KJEtXdQgpDvLsHLzxUn/cE2ySqHmQ
5LD4cjaGl4TnPQ==
-----END CERTIFICATE-----
Generated at Tue Jun 10 07:42:06 2025 by rpki-client