Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d2/e08318-2975-417a-b863-85ea63c24474/1/h5kgiOdlXLE0AgypWw5X1Oba9A8.mft
File:                     h5kgiOdlXLE0AgypWw5X1Oba9A8.mft (raw, json)
Hash identifier:          pSGCCwvZ9uu4adfmQIL90moc22Qwv5/6CS4IWTRNAoo=
Subject key identifier:   C3:6B:FC:92:B8:AE:75:64:87:38:EB:EF:9E:0B:B3:93:29:81:A9:7B
Authority key identifier: 87:99:20:88:E7:65:5C:B1:34:02:0C:A9:5B:0E:57:D4:E6:DA:F4:0F
Certificate issuer:       /CN=87992088e7655cb134020ca95b0e57d4e6daf40f
Certificate serial:       019767724A49A10356D39B5344C8BEA5E676
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/h5kgiOdlXLE0AgypWw5X1Oba9A8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d2/e08318-2975-417a-b863-85ea63c24474/1/h5kgiOdlXLE0AgypWw5X1Oba9A8.mft
Manifest number:          158D
Signing time:             Fri 13 Jun 2025 04:00:32 +0000
Manifest this update:     Fri 13 Jun 2025 04:00:32 +0000
Manifest next update:     Sat 14 Jun 2025 04:00:32 +0000
Files and hashes:         1: h5kgiOdlXLE0AgypWw5X1Oba9A8.crl (hash: +98CSCF5048ly0setZ26rUTpAf51RWGrwD2hjPqr9Q0=)
                          2: vH-eK3MDkjfjQIWGcNruZ1gYj6o.roa (hash: X8Ll3xNOyDNsY8OoD7P2fm6g2ckrfD35bOMThe6H4RM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d2/e08318-2975-417a-b863-85ea63c24474/1/h5kgiOdlXLE0AgypWw5X1Oba9A8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d2/e08318-2975-417a-b863-85ea63c24474/1/h5kgiOdlXLE0AgypWw5X1Oba9A8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/h5kgiOdlXLE0AgypWw5X1Oba9A8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 14 Jun 2025 04:00:32 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:67:72:4a:49:a1:03:56:d3:9b:53:44:c8:be:a5:e6:76
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=87992088e7655cb134020ca95b0e57d4e6daf40f
        Validity
            Not Before: Jun 13 04:00:32 2025 GMT
            Not After : Jun 14 04:00:32 2025 GMT
        Subject: CN=c36bfc92b8ae75648738ebef9e0bb3932981a97b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:df:08:97:1d:df:0e:ac:b9:89:34:e9:36:cd:89:
                    7b:b7:66:3c:22:7e:d4:73:0f:53:31:48:24:6e:1a:
                    bb:53:ca:17:ef:96:bb:7f:80:3e:73:2c:0d:8d:45:
                    34:41:a3:93:c9:26:d4:3e:33:6a:7f:a4:7c:97:00:
                    09:fc:4c:78:7e:eb:4d:da:93:19:eb:49:f3:3f:77:
                    63:2b:d0:c4:aa:7b:df:0f:71:8c:9b:94:91:49:b6:
                    de:a8:43:6f:83:80:16:0c:51:e0:84:3c:96:91:1a:
                    a2:24:26:e9:8e:03:f8:89:90:22:4d:b6:07:3f:ca:
                    6c:03:d0:71:04:0b:7e:a4:93:cc:0f:45:16:82:1e:
                    4f:57:b4:34:ea:dd:9b:8f:32:2d:aa:38:e5:9f:09:
                    d2:e8:7d:cd:ff:62:09:75:43:76:67:7b:f5:18:9c:
                    cd:71:af:81:0a:63:ee:f1:29:77:f0:24:a8:f0:05:
                    2a:5c:ab:0a:12:87:fb:bc:c6:b2:53:a8:cc:e7:63:
                    7e:f6:42:0d:6d:77:11:8e:0d:d1:2b:9f:e0:13:0d:
                    2a:2e:f8:97:d0:22:23:f7:c9:de:5d:3e:1d:89:4c:
                    80:0f:32:3b:f4:35:ee:dd:66:c0:66:b1:15:37:f0:
                    dd:30:23:c6:fa:66:e5:ea:78:ff:68:98:ee:fb:33:
                    42:b3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C3:6B:FC:92:B8:AE:75:64:87:38:EB:EF:9E:0B:B3:93:29:81:A9:7B
            X509v3 Authority Key Identifier:
                keyid:87:99:20:88:E7:65:5C:B1:34:02:0C:A9:5B:0E:57:D4:E6:DA:F4:0F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h5kgiOdlXLE0AgypWw5X1Oba9A8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/e08318-2975-417a-b863-85ea63c24474/1/h5kgiOdlXLE0AgypWw5X1Oba9A8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/e08318-2975-417a-b863-85ea63c24474/1/h5kgiOdlXLE0AgypWw5X1Oba9A8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         84:22:70:f0:2d:a3:67:fc:5d:c0:56:8c:58:54:1d:13:27:d4:
         16:1c:ec:0b:2f:28:cf:bb:d7:36:87:fc:cb:56:94:51:e0:64:
         b7:3d:89:7e:a3:c0:b7:31:5c:7b:63:b7:e9:c6:4a:1b:6c:81:
         b0:4d:dc:6c:79:d8:02:a5:3e:90:a9:4b:45:b7:a1:61:c7:b6:
         fb:12:44:87:1e:c1:a6:f6:8c:0f:9b:7a:22:ce:6d:f0:a7:e3:
         6b:50:c2:f3:a3:2b:97:12:00:20:cf:6a:47:01:79:14:53:1b:
         c7:3e:5f:56:a1:59:df:47:ed:90:b6:4f:9d:54:83:9e:70:d7:
         4d:09:e2:01:60:cc:98:9e:4f:86:f3:7a:21:f2:fd:df:fc:56:
         72:fb:29:e7:47:2c:dd:14:41:9a:75:08:d0:9c:cd:f6:f7:d8:
         9f:dc:28:42:2d:d2:9c:13:b6:6a:fc:6d:1c:6d:93:9a:1a:f8:
         79:36:87:44:f7:53:ff:0b:63:a1:c0:c3:8d:68:2e:fd:bc:82:
         cd:b3:7c:fb:08:2b:4d:f5:5a:bc:39:b3:43:5d:2a:37:f2:ff:
         a3:3c:ef:e2:ab:73:42:db:35:4a:76:79:d9:75:30:f8:3e:ff:
         4f:72:f9:ea:91:a3:f4:68:e1:47:5a:89:50:b4:2f:a9:7d:e5:
         4e:e5:2e:2b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdnckpJoQNW05tTRMi+peZ2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3OTkyMDg4ZTc2NTVjYjEzNDAyMGNhOTViMGU1N2Q0ZTZk
YWY0MGYwHhcNMjUwNjEzMDQwMDMyWhcNMjUwNjE0MDQwMDMyWjAzMTEwLwYDVQQD
EyhjMzZiZmM5MmI4YWU3NTY0ODczOGViZWY5ZTBiYjM5MzI5ODFhOTdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3wiXHd8OrLmJNOk2zYl7t2Y8In7U
cw9TMUgkbhq7U8oX75a7f4A+cywNjUU0QaOTySbUPjNqf6R8lwAJ/Ex4futN2pMZ
60nzP3djK9DEqnvfD3GMm5SRSbbeqENvg4AWDFHghDyWkRqiJCbpjgP4iZAiTbYH
P8psA9BxBAt+pJPMD0UWgh5PV7Q06t2bjzItqjjlnwnS6H3N/2IJdUN2Z3v1GJzN
ca+BCmPu8Sl38CSo8AUqXKsKEof7vMayU6jM52N+9kINbXcRjg3RK5/gEw0qLviX
0CIj98neXT4diUyADzI79DXu3WbAZrEVN/DdMCPG+mbl6nj/aJju+zNCswIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMNr/JK4rnVkhzjr754Ls5Mpgal7MB8GA1UdIwQY
MBaAFIeZIIjnZVyxNAIMqVsOV9Tm2vQPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaDVrZ2lPZGxYTEUwQWd5cFd3NVgxT2JhOUE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMi9lMDgzMTgtMjk3NS00MTdhLWI4NjMt
ODVlYTYzYzI0NDc0LzEvaDVrZ2lPZGxYTEUwQWd5cFd3NVgxT2JhOUE4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMi9lMDgzMTgtMjk3NS00MTdhLWI4NjMtODVlYTYzYzI0NDc0
LzEvaDVrZ2lPZGxYTEUwQWd5cFd3NVgxT2JhOUE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhCJw8C2j
Z/xdwFaMWFQdEyfUFhzsCy8oz7vXNof8y1aUUeBktz2JfqPAtzFce2O36cZKG2yB
sE3cbHnYAqU+kKlLRbehYce2+xJEhx7BpvaMD5t6Is5t8Kfja1DC86MrlxIAIM9q
RwF5FFMbxz5fVqFZ30ftkLZPnVSDnnDXTQniAWDMmJ5PhvN6IfL93/xWcvsp50cs
3RRBmnUI0JzN9vfYn9woQi3SnBO2avxtHG2Tmhr4eTaHRPdT/wtjocDDjWgu/byC
zbN8+wgrTfVavDmzQ10qN/L/ozzv4qtzQts1SnZ52XUw+D7/T3L56pGj9GjhR1qJ
ULQvqX3lTuUuKw==
-----END CERTIFICATE-----
Generated at Fri Jun 13 12:58:03 2025 by rpki-client