Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/9eb346-7b07-4108-9fb0-d7270905e923/1/A-pQioW8c6mqogOop7r5wWLm82w.mft
File:                     A-pQioW8c6mqogOop7r5wWLm82w.mft (raw, json)
Hash identifier:          rXlx+JUms5XdPKOv+nvsJ1pUuj6MQ551bNEYZ2qwAUA=
Subject key identifier:   0D:CD:ED:7D:90:D1:21:8A:A7:B4:D0:32:43:F0:55:19:DB:EE:D4:97
Authority key identifier: 03:EA:50:8A:85:BC:73:A9:AA:A2:03:A8:A7:BA:F9:C1:62:E6:F3:6C
Certificate issuer:       /CN=03ea508a85bc73a9aaa203a8a7baf9c162e6f36c
Certificate serial:       01975B007950AE747628675E66B96C23CDB9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/A-pQioW8c6mqogOop7r5wWLm82w.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bf/9eb346-7b07-4108-9fb0-d7270905e923/1/A-pQioW8c6mqogOop7r5wWLm82w.mft
Manifest number:          06F7
Signing time:             Tue 10 Jun 2025 18:00:46 +0000
Manifest this update:     Tue 10 Jun 2025 18:00:46 +0000
Manifest next update:     Wed 11 Jun 2025 18:00:46 +0000
Files and hashes:         1: 2j9Y51xwRYelF6JrKcKDFxJ1u_0.roa (hash: 0/wxjfgZFvKq0jXNMFirhtTQajhUkEHAhxXEqfHBgNk=)
                          2: A-pQioW8c6mqogOop7r5wWLm82w.crl (hash: 9Sxw0b/Gl6dM5HKv2XG8fPjAHZThidz1NgjuFqWNuYM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/bf/9eb346-7b07-4108-9fb0-d7270905e923/1/A-pQioW8c6mqogOop7r5wWLm82w.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/bf/9eb346-7b07-4108-9fb0-d7270905e923/1/A-pQioW8c6mqogOop7r5wWLm82w.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/A-pQioW8c6mqogOop7r5wWLm82w.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 11 Jun 2025 14:55:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:5b:00:79:50:ae:74:76:28:67:5e:66:b9:6c:23:cd:b9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=03ea508a85bc73a9aaa203a8a7baf9c162e6f36c
        Validity
            Not Before: Jun 10 18:00:46 2025 GMT
            Not After : Jun 11 18:00:46 2025 GMT
        Subject: CN=0dcded7d90d1218aa7b4d03243f05519dbeed497
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:88:56:40:7d:5a:aa:9a:61:34:bb:f6:c0:81:
                    7d:c4:56:3d:e7:19:74:27:d2:1f:85:c0:61:ce:89:
                    46:60:ae:0f:47:3a:03:e3:4b:a8:08:c0:af:ae:2c:
                    10:8c:dd:54:29:1b:0e:70:aa:06:81:32:bc:79:45:
                    6c:35:e3:12:8f:5c:a1:4e:54:b0:1b:61:9a:e8:51:
                    8b:4a:0a:78:4f:2c:c4:99:f0:b8:c3:77:c2:2b:fa:
                    9e:e6:56:99:9b:7e:96:0d:9f:62:f5:21:ac:65:a5:
                    36:58:cb:4d:9b:ca:c6:44:67:3d:75:02:dc:5d:35:
                    63:cf:c0:6f:e6:62:92:bd:dd:7e:71:31:4b:a3:1d:
                    13:df:a5:bd:c6:3e:14:15:3d:c3:cd:f2:f7:36:09:
                    ea:21:bc:e0:75:ed:12:e3:a7:84:49:51:3d:bf:c8:
                    90:f8:f7:32:f7:ee:f0:f1:2f:ff:45:67:03:2b:35:
                    0b:5e:1f:29:70:2c:5f:01:9b:db:b1:c9:42:cd:d5:
                    aa:60:83:0c:7b:f9:62:75:2d:8c:a7:53:d9:2a:0d:
                    15:a8:29:f3:97:d7:a6:5b:13:b5:d8:02:ab:0b:81:
                    b9:6a:3d:a3:6c:14:54:75:75:a4:6b:1d:2a:f9:a0:
                    28:8b:03:69:76:13:0c:af:c3:8c:6c:ea:3e:78:55:
                    3d:25
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0D:CD:ED:7D:90:D1:21:8A:A7:B4:D0:32:43:F0:55:19:DB:EE:D4:97
            X509v3 Authority Key Identifier:
                keyid:03:EA:50:8A:85:BC:73:A9:AA:A2:03:A8:A7:BA:F9:C1:62:E6:F3:6C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/A-pQioW8c6mqogOop7r5wWLm82w.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/9eb346-7b07-4108-9fb0-d7270905e923/1/A-pQioW8c6mqogOop7r5wWLm82w.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/9eb346-7b07-4108-9fb0-d7270905e923/1/A-pQioW8c6mqogOop7r5wWLm82w.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         9a:ab:da:4c:e3:17:b3:e5:ea:0d:fc:74:94:dd:d6:c1:f7:e1:
         7d:87:dc:a9:15:e8:4d:41:46:19:62:19:35:eb:1d:e2:65:da:
         d6:3a:fa:49:74:62:90:50:05:c4:bf:ed:56:8e:11:8b:66:8d:
         1f:a0:2e:2d:f9:10:3b:2d:bd:b6:69:5b:26:7d:73:bc:87:7f:
         c0:fc:c1:ce:01:d6:28:79:f0:b4:26:9f:38:37:9b:d1:c0:56:
         a1:ac:50:ac:e7:01:5b:4d:29:21:f2:5b:a4:55:77:47:4a:49:
         23:4e:e4:7a:ad:ab:2e:ac:5d:f7:5b:b5:d0:30:2d:1c:c9:91:
         70:60:94:89:71:65:46:b8:f7:53:38:e8:a9:a0:54:a6:40:5a:
         96:17:c1:7d:44:2b:5c:08:e5:73:12:aa:ad:a8:cb:38:85:37:
         cc:fb:d5:61:ec:84:f7:8d:2e:34:57:e9:c4:ea:ba:82:a4:80:
         94:ee:86:e2:21:7d:24:39:f9:26:94:b2:c3:73:54:98:03:64:
         0a:a8:f5:c8:92:76:68:e3:03:93:23:0a:33:4c:b9:73:a9:51:
         7e:13:0c:2b:fe:44:32:ff:5f:eb:d6:8f:43:3b:b5:5f:41:bf:
         f6:40:70:1e:2f:ff:12:e9:c5:41:3b:25:f3:31:92:56:c1:90:
         3b:27:23:1f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdbAHlQrnR2KGdeZrlsI825MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAzZWE1MDhhODViYzczYTlhYWEyMDNhOGE3YmFmOWMxNjJl
NmYzNmMwHhcNMjUwNjEwMTgwMDQ2WhcNMjUwNjExMTgwMDQ2WjAzMTEwLwYDVQQD
EygwZGNkZWQ3ZDkwZDEyMThhYTdiNGQwMzI0M2YwNTUxOWRiZWVkNDk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu4hWQH1aqpphNLv2wIF9xFY95xl0
J9IfhcBhzolGYK4PRzoD40uoCMCvriwQjN1UKRsOcKoGgTK8eUVsNeMSj1yhTlSw
G2Ga6FGLSgp4TyzEmfC4w3fCK/qe5laZm36WDZ9i9SGsZaU2WMtNm8rGRGc9dQLc
XTVjz8Bv5mKSvd1+cTFLox0T36W9xj4UFT3DzfL3NgnqIbzgde0S46eESVE9v8iQ
+Pcy9+7w8S//RWcDKzULXh8pcCxfAZvbsclCzdWqYIMMe/lidS2Mp1PZKg0VqCnz
l9emWxO12AKrC4G5aj2jbBRUdXWkax0q+aAoiwNpdhMMr8OMbOo+eFU9JQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFA3N7X2Q0SGKp7TQMkPwVRnb7tSXMB8GA1UdIwQY
MBaAFAPqUIqFvHOpqqIDqKe6+cFi5vNsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQS1wUWlvVzhjNm1xb2dPb3A3cjV3V0xtODJ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi85ZWIzNDYtN2IwNy00MTA4LTlmYjAt
ZDcyNzA5MDVlOTIzLzEvQS1wUWlvVzhjNm1xb2dPb3A3cjV3V0xtODJ3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZi85ZWIzNDYtN2IwNy00MTA4LTlmYjAtZDcyNzA5MDVlOTIz
LzEvQS1wUWlvVzhjNm1xb2dPb3A3cjV3V0xtODJ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAmqvaTOMX
s+XqDfx0lN3WwffhfYfcqRXoTUFGGWIZNesd4mXa1jr6SXRikFAFxL/tVo4Ri2aN
H6AuLfkQOy29tmlbJn1zvId/wPzBzgHWKHnwtCafODeb0cBWoaxQrOcBW00pIfJb
pFV3R0pJI07keq2rLqxd91u10DAtHMmRcGCUiXFlRrj3UzjoqaBUpkBalhfBfUQr
XAjlcxKqrajLOIU3zPvVYeyE940uNFfpxOq6gqSAlO6G4iF9JDn5JpSyw3NUmANk
Cqj1yJJ2aOMDkyMKM0y5c6lRfhMMK/5EMv9f69aPQzu1X0G/9kBwHi//EunFQTsl
8zGSVsGQOycjHw==
-----END CERTIFICATE-----
Generated at Tue Jun 10 21:41:07 2025 by rpki-client