Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/30b3ff-7036-4a2e-8eb5-074ffb423c13/1/sK0iZDwtl71x-LY0-40dT58B9Kc.mft
File:                     sK0iZDwtl71x-LY0-40dT58B9Kc.mft (raw, json)
Hash identifier:          TW45MSGI8DhTIc5PYkJUlzrU+mxUm3z1881FpF7tLzw=
Subject key identifier:   C0:A1:5D:99:CC:11:B2:0F:DA:AB:2A:AC:C1:9C:17:79:A1:33:A5:27
Authority key identifier: B0:AD:22:64:3C:2D:97:BD:71:F8:B6:34:FB:8D:1D:4F:9F:01:F4:A7
Certificate issuer:       /CN=b0ad22643c2d97bd71f8b634fb8d1d4f9f01f4a7
Certificate serial:       019753B48D6B9DF17F732A7EF58129C85D60
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/sK0iZDwtl71x-LY0-40dT58B9Kc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bf/30b3ff-7036-4a2e-8eb5-074ffb423c13/1/sK0iZDwtl71x-LY0-40dT58B9Kc.mft
Manifest number:          0FE0
Signing time:             Mon 09 Jun 2025 08:00:30 +0000
Manifest this update:     Mon 09 Jun 2025 08:00:30 +0000
Manifest next update:     Tue 10 Jun 2025 08:00:30 +0000
Files and hashes:         1: 89qbXuP3JJGKzWaNZO3dqnt1pdw.roa (hash: obr33L2CB/OVnTXprqPZCOQ9LeK6vQA821ilRu8qFT0=)
                          2: sK0iZDwtl71x-LY0-40dT58B9Kc.crl (hash: AIBPg/i6yGO31TbN9YgfsMUFUmb+m/FnkbL5AKp7xIo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/bf/30b3ff-7036-4a2e-8eb5-074ffb423c13/1/sK0iZDwtl71x-LY0-40dT58B9Kc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/bf/30b3ff-7036-4a2e-8eb5-074ffb423c13/1/sK0iZDwtl71x-LY0-40dT58B9Kc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/sK0iZDwtl71x-LY0-40dT58B9Kc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 10 Jun 2025 02:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:53:b4:8d:6b:9d:f1:7f:73:2a:7e:f5:81:29:c8:5d:60
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b0ad22643c2d97bd71f8b634fb8d1d4f9f01f4a7
        Validity
            Not Before: Jun  9 08:00:30 2025 GMT
            Not After : Jun 10 08:00:30 2025 GMT
        Subject: CN=c0a15d99cc11b20fdaab2aacc19c1779a133a527
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:ce:27:4b:6d:ef:84:ac:88:37:bf:d4:d5:59:
                    46:b4:8d:b5:14:d9:b9:81:c9:e1:ba:c6:94:7b:f0:
                    f7:55:aa:1f:36:70:7d:f9:9d:fc:8c:63:dd:42:3f:
                    7e:1b:00:bf:e5:b0:cc:96:1f:84:fb:09:57:17:45:
                    ab:6f:f5:d1:52:ac:85:49:d2:40:a2:e2:23:b9:07:
                    e5:07:4a:9f:46:52:2e:60:0e:ec:74:13:1b:aa:86:
                    f6:0a:d3:6f:2b:e7:1d:8b:90:b0:7a:e7:d1:a3:83:
                    2a:87:a9:5d:1e:c9:2d:e9:69:24:9b:0a:05:1d:6b:
                    74:3f:c3:4b:ed:71:56:f5:d6:e4:81:cf:b6:f8:db:
                    2a:0d:e4:71:4a:d9:22:a1:f7:e9:16:97:34:40:c5:
                    29:cb:39:c2:51:53:4d:50:d3:7b:b4:0f:f6:67:b9:
                    b5:f9:95:78:e1:03:8b:93:9b:b9:54:89:15:af:ee:
                    f4:67:fe:ba:c3:ad:bc:49:2e:43:9e:64:7e:b0:6b:
                    4c:e3:a6:f0:e8:33:d0:d7:00:04:d2:89:be:b6:af:
                    38:0b:ed:d2:b3:5f:0e:43:b6:8f:bf:70:2d:d3:03:
                    08:5c:4b:51:c7:3d:fb:24:3e:61:75:1a:8b:ed:34:
                    6f:5b:41:7a:34:88:0a:d2:ac:79:9c:cf:bf:24:eb:
                    b9:5b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C0:A1:5D:99:CC:11:B2:0F:DA:AB:2A:AC:C1:9C:17:79:A1:33:A5:27
            X509v3 Authority Key Identifier:
                keyid:B0:AD:22:64:3C:2D:97:BD:71:F8:B6:34:FB:8D:1D:4F:9F:01:F4:A7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sK0iZDwtl71x-LY0-40dT58B9Kc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/30b3ff-7036-4a2e-8eb5-074ffb423c13/1/sK0iZDwtl71x-LY0-40dT58B9Kc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/30b3ff-7036-4a2e-8eb5-074ffb423c13/1/sK0iZDwtl71x-LY0-40dT58B9Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         69:82:d2:3d:36:a0:40:72:15:6e:50:9e:f3:51:1f:63:b5:be:
         6c:be:99:26:93:e4:fe:68:77:62:16:de:be:e2:5b:e0:8a:d8:
         e9:67:c9:e5:9d:7b:3d:f5:6c:7c:29:55:26:45:65:a7:1e:01:
         53:e1:1d:05:77:5e:c2:ad:69:9f:96:fd:fe:33:f7:59:ce:34:
         a4:cf:75:1b:8f:40:29:35:4a:0b:7c:ce:29:b6:f7:1c:93:ff:
         95:96:bb:2d:01:dc:b3:cd:39:cc:08:5f:cf:b5:19:65:e4:e2:
         61:92:af:2d:fb:85:e0:22:12:ba:a8:4f:70:78:ee:13:bb:e3:
         60:25:76:f0:29:42:f7:a3:3a:51:ee:a8:18:ab:83:0c:eb:4e:
         db:54:56:7e:e7:3b:c3:6e:4c:50:2d:80:9a:e2:7a:e2:5a:93:
         24:4e:b2:0a:46:79:42:6d:25:6e:f4:79:7a:4b:e8:25:44:8a:
         fa:9d:87:24:40:7f:28:2e:ec:1f:92:e8:7d:76:99:45:2e:7f:
         6b:d6:00:c3:00:05:b9:b3:94:0a:2a:8c:f3:48:ae:4a:39:38:
         2a:90:16:64:8a:3f:a5:8d:df:d5:0e:67:bb:73:69:d0:eb:1e:
         db:ca:a4:0a:a3:ca:dc:27:85:c6:4f:81:78:30:9f:4f:8f:24:
         91:0b:8b:f5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdTtI1rnfF/cyp+9YEpyF1gMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIwYWQyMjY0M2MyZDk3YmQ3MWY4YjYzNGZiOGQxZDRmOWYw
MWY0YTcwHhcNMjUwNjA5MDgwMDMwWhcNMjUwNjEwMDgwMDMwWjAzMTEwLwYDVQQD
EyhjMGExNWQ5OWNjMTFiMjBmZGFhYjJhYWNjMTljMTc3OWExMzNhNTI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoM4nS23vhKyIN7/U1VlGtI21FNm5
gcnhusaUe/D3VaofNnB9+Z38jGPdQj9+GwC/5bDMlh+E+wlXF0Wrb/XRUqyFSdJA
ouIjuQflB0qfRlIuYA7sdBMbqob2CtNvK+cdi5CweufRo4Mqh6ldHskt6WkkmwoF
HWt0P8NL7XFW9dbkgc+2+NsqDeRxStkioffpFpc0QMUpyznCUVNNUNN7tA/2Z7m1
+ZV44QOLk5u5VIkVr+70Z/66w628SS5DnmR+sGtM46bw6DPQ1wAE0om+tq84C+3S
s18OQ7aPv3At0wMIXEtRxz37JD5hdRqL7TRvW0F6NIgK0qx5nM+/JOu5WwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMChXZnMEbIP2qsqrMGcF3mhM6UnMB8GA1UdIwQY
MBaAFLCtImQ8LZe9cfi2NPuNHU+fAfSnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc0swaVpEd3RsNzF4LUxZMC00MGRUNThCOUtjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi8zMGIzZmYtNzAzNi00YTJlLThlYjUt
MDc0ZmZiNDIzYzEzLzEvc0swaVpEd3RsNzF4LUxZMC00MGRUNThCOUtjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZi8zMGIzZmYtNzAzNi00YTJlLThlYjUtMDc0ZmZiNDIzYzEz
LzEvc0swaVpEd3RsNzF4LUxZMC00MGRUNThCOUtjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAaYLSPTag
QHIVblCe81EfY7W+bL6ZJpPk/mh3YhbevuJb4IrY6WfJ5Z17PfVsfClVJkVlpx4B
U+EdBXdewq1pn5b9/jP3Wc40pM91G49AKTVKC3zOKbb3HJP/lZa7LQHcs805zAhf
z7UZZeTiYZKvLfuF4CISuqhPcHjuE7vjYCV28ClC96M6Ue6oGKuDDOtO21RWfuc7
w25MUC2AmuJ64lqTJE6yCkZ5Qm0lbvR5ekvoJUSK+p2HJEB/KC7sH5LofXaZRS5/
a9YAwwAFubOUCiqM80iuSjk4KpAWZIo/pY3f1Q5nu3Np0Ose28qkCqPK3CeFxk+B
eDCfT48kkQuL9Q==
-----END CERTIFICATE-----
Generated at Mon Jun 9 12:43:00 2025 by rpki-client