Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d2/e08318-2975-417a-b863-85ea63c24474/1/h5kgiOdlXLE0AgypWw5X1Oba9A8.mft
File:                     h5kgiOdlXLE0AgypWw5X1Oba9A8.mft (raw, json)
Hash identifier:          kQ+5lQQsoEOgJBl1MkzhhhenzLM8IPfEx5GOI3cVGyc=
Subject key identifier:   39:6D:4D:12:C9:92:45:9C:C1:72:15:93:3F:29:3C:9F:FE:FA:CA:7F
Authority key identifier: 87:99:20:88:E7:65:5C:B1:34:02:0C:A9:5B:0E:57:D4:E6:DA:F4:0F
Certificate issuer:       /CN=87992088e7655cb134020ca95b0e57d4e6daf40f
Certificate serial:       019761A70A30ECF729B6836FAE481100F57E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/h5kgiOdlXLE0AgypWw5X1Oba9A8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d2/e08318-2975-417a-b863-85ea63c24474/1/h5kgiOdlXLE0AgypWw5X1Oba9A8.mft
Manifest number:          158A
Signing time:             Thu 12 Jun 2025 01:00:26 +0000
Manifest this update:     Thu 12 Jun 2025 01:00:26 +0000
Manifest next update:     Fri 13 Jun 2025 01:00:26 +0000
Files and hashes:         1: h5kgiOdlXLE0AgypWw5X1Oba9A8.crl (hash: xdHBX1GwcrzNbhU7qgs7HiUxlPSBTojD2tXOG1uupOg=)
                          2: vH-eK3MDkjfjQIWGcNruZ1gYj6o.roa (hash: X8Ll3xNOyDNsY8OoD7P2fm6g2ckrfD35bOMThe6H4RM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d2/e08318-2975-417a-b863-85ea63c24474/1/h5kgiOdlXLE0AgypWw5X1Oba9A8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d2/e08318-2975-417a-b863-85ea63c24474/1/h5kgiOdlXLE0AgypWw5X1Oba9A8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/h5kgiOdlXLE0AgypWw5X1Oba9A8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 13 Jun 2025 01:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:61:a7:0a:30:ec:f7:29:b6:83:6f:ae:48:11:00:f5:7e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=87992088e7655cb134020ca95b0e57d4e6daf40f
        Validity
            Not Before: Jun 12 01:00:26 2025 GMT
            Not After : Jun 13 01:00:26 2025 GMT
        Subject: CN=396d4d12c992459cc17215933f293c9ffefaca7f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:01:aa:67:ae:22:42:07:60:2d:58:03:86:73:
                    a6:ac:c8:d4:7f:37:78:d1:46:4d:ff:88:32:af:07:
                    b8:e2:ab:c6:4f:62:37:3e:8f:17:80:a1:d7:75:bb:
                    7a:c9:4f:d1:5c:13:80:b4:f8:00:59:9e:4c:d0:b3:
                    aa:d6:c5:a2:a9:d8:8a:49:3f:0d:3c:43:44:07:0c:
                    5f:82:9c:b6:ee:f2:dc:da:92:66:91:29:02:60:b6:
                    00:23:c0:8f:e9:0a:7d:ae:96:34:e7:76:0b:d8:f3:
                    a5:6e:b9:ed:73:7b:ed:33:25:92:64:18:d2:ce:86:
                    1b:f0:0f:fb:2e:40:6b:d7:70:1e:9b:a5:19:b7:57:
                    c7:f2:63:30:62:70:05:1d:21:c3:44:d8:6d:a8:5c:
                    24:40:47:4a:fa:1e:52:de:dc:16:ca:14:2f:0a:c2:
                    18:c7:e8:5c:8b:da:c1:89:75:2d:35:b5:fe:89:23:
                    40:18:f0:9a:9c:08:a8:6e:d8:1a:cc:47:d6:f9:71:
                    97:d4:b9:d1:ba:8a:ae:45:a2:23:1f:cd:07:00:1a:
                    a1:b0:95:c0:25:ca:e1:23:3f:88:27:f7:94:62:18:
                    72:3f:0b:07:36:0e:d8:be:70:78:68:ce:4d:62:c4:
                    c4:52:89:2b:5a:e3:c9:ed:0d:c9:15:91:f5:a3:9f:
                    03:d3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                39:6D:4D:12:C9:92:45:9C:C1:72:15:93:3F:29:3C:9F:FE:FA:CA:7F
            X509v3 Authority Key Identifier:
                keyid:87:99:20:88:E7:65:5C:B1:34:02:0C:A9:5B:0E:57:D4:E6:DA:F4:0F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h5kgiOdlXLE0AgypWw5X1Oba9A8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/e08318-2975-417a-b863-85ea63c24474/1/h5kgiOdlXLE0AgypWw5X1Oba9A8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/e08318-2975-417a-b863-85ea63c24474/1/h5kgiOdlXLE0AgypWw5X1Oba9A8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         94:e0:be:8c:25:40:37:43:bb:95:a1:07:0a:bb:4f:a1:a4:46:
         27:55:11:47:de:e8:9c:3d:4b:2d:87:35:6f:cd:97:fd:2a:c7:
         eb:85:f0:3f:b1:8c:8f:7e:41:9b:71:64:07:8c:e1:8f:04:9c:
         21:45:b2:54:f0:f6:49:e2:d0:33:ce:c8:79:52:ee:e2:80:2b:
         fd:a0:99:5e:38:96:78:b6:36:28:19:c3:47:11:32:05:8b:49:
         e0:c2:6f:ff:12:a7:9b:6d:d2:48:bc:c6:5a:e7:b6:a1:ad:8a:
         60:d7:55:83:4d:37:2c:a2:6a:cf:35:07:70:f8:75:0e:a3:24:
         ac:c7:81:3b:92:22:aa:20:5e:6c:78:6c:36:c7:db:27:92:d5:
         36:bb:17:94:1c:44:b0:a5:36:b6:e8:e6:37:74:8c:94:57:ff:
         e8:c4:45:bf:c7:30:f2:d5:27:34:2a:c8:c3:f0:59:ba:9f:13:
         94:52:22:03:2c:55:08:1f:4e:78:98:b8:5a:a4:8d:74:c1:70:
         59:e0:9c:c2:eb:3f:e1:96:b9:59:f3:95:f5:53:f3:84:bc:38:
         44:2e:54:f8:e3:f7:57:d6:4e:f0:c2:48:a1:ec:9a:b0:0f:ab:
         fd:64:e6:35:a9:70:5e:ff:65:d2:7a:2f:2d:81:96:49:89:f3:
         b4:06:14:87
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdhpwow7PcptoNvrkgRAPV+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3OTkyMDg4ZTc2NTVjYjEzNDAyMGNhOTViMGU1N2Q0ZTZk
YWY0MGYwHhcNMjUwNjEyMDEwMDI2WhcNMjUwNjEzMDEwMDI2WjAzMTEwLwYDVQQD
EygzOTZkNGQxMmM5OTI0NTljYzE3MjE1OTMzZjI5M2M5ZmZlZmFjYTdmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwQGqZ64iQgdgLVgDhnOmrMjUfzd4
0UZN/4gyrwe44qvGT2I3Po8XgKHXdbt6yU/RXBOAtPgAWZ5M0LOq1sWiqdiKST8N
PENEBwxfgpy27vLc2pJmkSkCYLYAI8CP6Qp9rpY053YL2POlbrntc3vtMyWSZBjS
zoYb8A/7LkBr13Aem6UZt1fH8mMwYnAFHSHDRNhtqFwkQEdK+h5S3twWyhQvCsIY
x+hci9rBiXUtNbX+iSNAGPCanAiobtgazEfW+XGX1LnRuoquRaIjH80HABqhsJXA
JcrhIz+IJ/eUYhhyPwsHNg7YvnB4aM5NYsTEUokrWuPJ7Q3JFZH1o58D0wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDltTRLJkkWcwXIVkz8pPJ/++sp/MB8GA1UdIwQY
MBaAFIeZIIjnZVyxNAIMqVsOV9Tm2vQPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaDVrZ2lPZGxYTEUwQWd5cFd3NVgxT2JhOUE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMi9lMDgzMTgtMjk3NS00MTdhLWI4NjMt
ODVlYTYzYzI0NDc0LzEvaDVrZ2lPZGxYTEUwQWd5cFd3NVgxT2JhOUE4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMi9lMDgzMTgtMjk3NS00MTdhLWI4NjMtODVlYTYzYzI0NDc0
LzEvaDVrZ2lPZGxYTEUwQWd5cFd3NVgxT2JhOUE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAlOC+jCVA
N0O7laEHCrtPoaRGJ1URR97onD1LLYc1b82X/SrH64XwP7GMj35Bm3FkB4zhjwSc
IUWyVPD2SeLQM87IeVLu4oAr/aCZXjiWeLY2KBnDRxEyBYtJ4MJv/xKnm23SSLzG
Wue2oa2KYNdVg003LKJqzzUHcPh1DqMkrMeBO5IiqiBebHhsNsfbJ5LVNrsXlBxE
sKU2tujmN3SMlFf/6MRFv8cw8tUnNCrIw/BZup8TlFIiAyxVCB9OeJi4WqSNdMFw
WeCcwus/4Za5WfOV9VPzhLw4RC5U+OP3V9ZO8MJIoeyasA+r/WTmNalwXv9l0nov
LYGWSYnztAYUhw==
-----END CERTIFICATE-----
Generated at Thu Jun 12 11:36:13 2025 by rpki-client