Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/30b3ff-7036-4a2e-8eb5-074ffb423c13/1/sK0iZDwtl71x-LY0-40dT58B9Kc.mft
File:                     sK0iZDwtl71x-LY0-40dT58B9Kc.mft (raw, json)
Hash identifier:          jGSurA14eBm4/61JcTXlOY001x1DPGPSq1Sv2PeM6Eg=
Subject key identifier:   22:39:70:90:B1:EB:1C:D8:F6:F0:FB:00:33:90:E4:91:DE:30:64:9E
Authority key identifier: B0:AD:22:64:3C:2D:97:BD:71:F8:B6:34:FB:8D:1D:4F:9F:01:F4:A7
Certificate issuer:       /CN=b0ad22643c2d97bd71f8b634fb8d1d4f9f01f4a7
Certificate serial:       01976CCF9F004411C4AB6FBB8EC2AA2AD027
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/sK0iZDwtl71x-LY0-40dT58B9Kc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bf/30b3ff-7036-4a2e-8eb5-074ffb423c13/1/sK0iZDwtl71x-LY0-40dT58B9Kc.mft
Manifest number:          0FED
Signing time:             Sat 14 Jun 2025 05:00:35 +0000
Manifest this update:     Sat 14 Jun 2025 05:00:35 +0000
Manifest next update:     Sun 15 Jun 2025 05:00:35 +0000
Files and hashes:         1: 89qbXuP3JJGKzWaNZO3dqnt1pdw.roa (hash: obr33L2CB/OVnTXprqPZCOQ9LeK6vQA821ilRu8qFT0=)
                          2: sK0iZDwtl71x-LY0-40dT58B9Kc.crl (hash: JLd7IwiHYDJv4vFX/Z1GqTvVjYBPZn2FARJ+Ljau2EU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/bf/30b3ff-7036-4a2e-8eb5-074ffb423c13/1/sK0iZDwtl71x-LY0-40dT58B9Kc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/bf/30b3ff-7036-4a2e-8eb5-074ffb423c13/1/sK0iZDwtl71x-LY0-40dT58B9Kc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/sK0iZDwtl71x-LY0-40dT58B9Kc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 15 Jun 2025 01:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:6c:cf:9f:00:44:11:c4:ab:6f:bb:8e:c2:aa:2a:d0:27
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b0ad22643c2d97bd71f8b634fb8d1d4f9f01f4a7
        Validity
            Not Before: Jun 14 05:00:35 2025 GMT
            Not After : Jun 15 05:00:35 2025 GMT
        Subject: CN=22397090b1eb1cd8f6f0fb003390e491de30649e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:ed:df:74:36:3e:11:e8:c1:75:b6:7b:3f:68:
                    67:58:e5:2d:87:b0:cd:2e:32:43:12:dd:87:e4:29:
                    b5:c6:ae:80:81:ec:fd:8c:0f:c9:c9:bd:c8:bc:cf:
                    30:dc:7d:5f:5c:fc:07:a8:5e:64:d7:54:41:f7:0d:
                    42:0c:d5:0a:2f:cd:0f:3b:85:d6:01:d3:bc:84:a3:
                    e8:ce:11:f9:cc:c7:49:f6:8c:98:84:b7:5e:30:12:
                    3e:6f:9d:6e:88:c4:a4:de:4c:ea:5b:89:76:fc:59:
                    5a:f4:9b:b7:5a:7c:e3:38:8e:ff:ef:f2:0d:0d:f1:
                    0c:6e:60:04:9f:15:4b:50:f1:f6:1e:60:08:7a:fb:
                    e9:af:62:fe:30:6e:53:81:5d:3e:a5:75:e4:67:f1:
                    d0:24:3d:92:72:01:9e:48:5a:cb:2e:7c:e4:b5:27:
                    1a:cd:6b:94:c1:0f:a9:5f:72:8c:be:b8:bc:db:e1:
                    5c:88:6a:81:6d:73:10:26:0e:53:59:7c:f4:5a:b5:
                    43:02:69:e6:bc:fa:0b:0c:9b:38:c7:33:1e:8f:bc:
                    61:d4:9e:8d:10:39:bb:83:bd:ca:eb:fc:99:ff:f3:
                    24:4f:69:63:5a:5f:00:ee:5f:de:fa:4b:b6:fc:1c:
                    c3:30:f6:dd:74:86:66:50:a1:39:cc:a8:39:44:ad:
                    ae:fd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                22:39:70:90:B1:EB:1C:D8:F6:F0:FB:00:33:90:E4:91:DE:30:64:9E
            X509v3 Authority Key Identifier:
                keyid:B0:AD:22:64:3C:2D:97:BD:71:F8:B6:34:FB:8D:1D:4F:9F:01:F4:A7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sK0iZDwtl71x-LY0-40dT58B9Kc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/30b3ff-7036-4a2e-8eb5-074ffb423c13/1/sK0iZDwtl71x-LY0-40dT58B9Kc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/30b3ff-7036-4a2e-8eb5-074ffb423c13/1/sK0iZDwtl71x-LY0-40dT58B9Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         77:9c:2d:13:3e:48:04:22:86:59:36:ac:aa:9d:5f:f8:d6:58:
         d4:ef:cb:62:6e:12:69:71:e0:2d:41:62:1b:b7:b8:56:fe:47:
         0b:31:74:63:b8:ae:2e:9d:46:eb:cd:17:b5:3e:e1:1e:f2:50:
         be:3a:8e:f8:00:6a:be:17:9d:e5:ae:98:e2:4e:a0:5a:b2:c4:
         7f:b4:7d:e4:4f:9e:26:a6:64:fd:83:58:33:28:c8:c2:ff:82:
         8e:ac:01:af:04:2c:16:3f:c7:19:25:ca:79:2f:87:26:51:19:
         29:31:e7:a4:85:e1:e5:74:a3:2b:ab:01:71:d3:5d:3c:f6:6a:
         fb:e2:94:cd:bb:0b:ea:ed:48:9b:55:35:df:48:32:88:5d:f0:
         07:22:9d:55:13:da:cd:a1:34:43:90:95:9b:ef:fe:f7:f5:b9:
         39:b2:1a:ed:16:0a:ad:fc:36:8d:71:79:c5:11:5c:f4:76:73:
         1d:f3:41:3e:97:17:5b:a3:b0:4c:f0:60:0e:94:7d:ae:eb:93:
         bb:51:ec:b2:3a:22:dd:05:38:60:41:df:69:b4:ff:a1:f2:2e:
         f9:ab:7d:dd:ef:1d:01:b2:62:91:93:75:82:d2:8f:4e:45:f2:
         01:17:c6:87:f8:9e:72:96:dc:9e:b0:79:53:82:b6:d5:63:da:
         d2:35:6b:fa
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdsz58ARBHEq2+7jsKqKtAnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIwYWQyMjY0M2MyZDk3YmQ3MWY4YjYzNGZiOGQxZDRmOWYw
MWY0YTcwHhcNMjUwNjE0MDUwMDM1WhcNMjUwNjE1MDUwMDM1WjAzMTEwLwYDVQQD
EygyMjM5NzA5MGIxZWIxY2Q4ZjZmMGZiMDAzMzkwZTQ5MWRlMzA2NDllMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvO3fdDY+EejBdbZ7P2hnWOUth7DN
LjJDEt2H5Cm1xq6Agez9jA/Jyb3IvM8w3H1fXPwHqF5k11RB9w1CDNUKL80PO4XW
AdO8hKPozhH5zMdJ9oyYhLdeMBI+b51uiMSk3kzqW4l2/Fla9Ju3WnzjOI7/7/IN
DfEMbmAEnxVLUPH2HmAIevvpr2L+MG5TgV0+pXXkZ/HQJD2ScgGeSFrLLnzktSca
zWuUwQ+pX3KMvri82+FciGqBbXMQJg5TWXz0WrVDAmnmvPoLDJs4xzMej7xh1J6N
EDm7g73K6/yZ//MkT2ljWl8A7l/e+ku2/BzDMPbddIZmUKE5zKg5RK2u/QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCI5cJCx6xzY9vD7ADOQ5JHeMGSeMB8GA1UdIwQY
MBaAFLCtImQ8LZe9cfi2NPuNHU+fAfSnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc0swaVpEd3RsNzF4LUxZMC00MGRUNThCOUtjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi8zMGIzZmYtNzAzNi00YTJlLThlYjUt
MDc0ZmZiNDIzYzEzLzEvc0swaVpEd3RsNzF4LUxZMC00MGRUNThCOUtjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZi8zMGIzZmYtNzAzNi00YTJlLThlYjUtMDc0ZmZiNDIzYzEz
LzEvc0swaVpEd3RsNzF4LUxZMC00MGRUNThCOUtjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAd5wtEz5I
BCKGWTasqp1f+NZY1O/LYm4SaXHgLUFiG7e4Vv5HCzF0Y7iuLp1G680XtT7hHvJQ
vjqO+ABqvhed5a6Y4k6gWrLEf7R95E+eJqZk/YNYMyjIwv+CjqwBrwQsFj/HGSXK
eS+HJlEZKTHnpIXh5XSjK6sBcdNdPPZq++KUzbsL6u1Im1U130gyiF3wByKdVRPa
zaE0Q5CVm+/+9/W5ObIa7RYKrfw2jXF5xRFc9HZzHfNBPpcXW6OwTPBgDpR9ruuT
u1Hssjoi3QU4YEHfabT/ofIu+at93e8dAbJikZN1gtKPTkXyARfGh/iecpbcnrB5
U4K21WPa0jVr+g==
-----END CERTIFICATE-----
Generated at Sat Jun 14 06:37:41 2025 by rpki-client