Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d8/5d6491-08ff-494d-8433-098f7c5fd975/1/WKdj8MRnq6pwHZaMN0nG2tA0ibA.mft
File:                     WKdj8MRnq6pwHZaMN0nG2tA0ibA.mft (raw, json)
Hash identifier:          11x6zSZzX0RPACEjEXBioiJFudR4c71ZkmbCoeYnn3Q=
Subject key identifier:   F0:45:F5:9A:65:F7:36:A2:43:FD:42:86:84:B5:E0:B5:0D:7F:C4:79
Authority key identifier: 58:A7:63:F0:C4:67:AB:AA:70:1D:96:8C:37:49:C6:DA:D0:34:89:B0
Certificate issuer:       /CN=58a763f0c467abaa701d968c3749c6dad03489b0
Certificate serial:       0197597FC1F336BADD6849D9375413A9F8F6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/WKdj8MRnq6pwHZaMN0nG2tA0ibA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d8/5d6491-08ff-494d-8433-098f7c5fd975/1/WKdj8MRnq6pwHZaMN0nG2tA0ibA.mft
Manifest number:          0AD3
Signing time:             Tue 10 Jun 2025 11:00:34 +0000
Manifest this update:     Tue 10 Jun 2025 11:00:34 +0000
Manifest next update:     Wed 11 Jun 2025 11:00:34 +0000
Files and hashes:         1: WKdj8MRnq6pwHZaMN0nG2tA0ibA.crl (hash: FXtAGNtTiOaj0Au99XqjPbeVUo7AUfPXeegqGCH/ksk=)
                          2: ZpykCbVPiyWDmZYOTfO_ZDkVQS8.roa (hash: dMJ7baRxj0geuiw7R0CU8VhA5Y/WfKmOFau3mkt++fI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d8/5d6491-08ff-494d-8433-098f7c5fd975/1/WKdj8MRnq6pwHZaMN0nG2tA0ibA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d8/5d6491-08ff-494d-8433-098f7c5fd975/1/WKdj8MRnq6pwHZaMN0nG2tA0ibA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/WKdj8MRnq6pwHZaMN0nG2tA0ibA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 11 Jun 2025 09:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:59:7f:c1:f3:36:ba:dd:68:49:d9:37:54:13:a9:f8:f6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=58a763f0c467abaa701d968c3749c6dad03489b0
        Validity
            Not Before: Jun 10 11:00:34 2025 GMT
            Not After : Jun 11 11:00:34 2025 GMT
        Subject: CN=f045f59a65f736a243fd428684b5e0b50d7fc479
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:90:1b:e2:1c:52:08:9f:10:b3:01:bd:96:40:20:
                    1d:3b:65:ce:fd:e0:36:3d:d6:6a:f9:90:b3:a8:95:
                    8f:e2:a1:7a:62:d5:d8:35:0f:94:92:94:96:3c:8c:
                    2b:de:6e:be:c1:e3:55:e6:7a:15:36:44:a5:47:5d:
                    07:f0:f5:d7:e3:d6:22:67:ae:d7:32:b2:94:fc:55:
                    ab:45:58:67:d6:c3:19:61:55:70:ad:2e:45:8b:20:
                    cd:a6:41:92:2e:a0:ea:9a:f4:43:47:5c:6e:0d:24:
                    1b:88:e4:d4:69:92:90:1c:35:3b:82:82:fa:db:63:
                    06:d3:9f:53:d4:de:24:2e:33:0f:2d:9a:44:b4:8c:
                    fd:6b:11:d5:8a:18:31:e7:72:bb:6e:b5:88:37:d1:
                    d2:50:6e:c8:73:52:72:ae:6d:06:2e:de:13:ce:34:
                    a9:51:c9:7b:e6:0f:82:c5:de:59:64:e8:a9:59:6f:
                    44:18:a4:08:ba:6b:34:91:5a:ac:00:63:40:10:20:
                    d9:54:16:a7:43:79:ed:27:c7:96:81:dc:b9:8a:31:
                    73:9e:88:f6:5d:bc:cb:f3:74:1e:49:b9:d7:dd:2d:
                    b5:e7:0a:64:8b:d0:e5:68:9b:2e:29:3c:dd:d1:9f:
                    e1:b3:f3:b3:4b:ac:71:ee:47:35:18:5f:0a:55:88:
                    c9:c1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F0:45:F5:9A:65:F7:36:A2:43:FD:42:86:84:B5:E0:B5:0D:7F:C4:79
            X509v3 Authority Key Identifier:
                keyid:58:A7:63:F0:C4:67:AB:AA:70:1D:96:8C:37:49:C6:DA:D0:34:89:B0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WKdj8MRnq6pwHZaMN0nG2tA0ibA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/5d6491-08ff-494d-8433-098f7c5fd975/1/WKdj8MRnq6pwHZaMN0nG2tA0ibA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/5d6491-08ff-494d-8433-098f7c5fd975/1/WKdj8MRnq6pwHZaMN0nG2tA0ibA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1c:8f:6c:66:d7:7a:1a:04:04:37:a7:af:c5:3c:b7:46:15:ba:
         ad:0e:7e:2b:9f:45:0b:33:24:aa:7a:3e:d0:b7:12:46:73:ac:
         8f:dd:6c:61:f9:7e:97:81:59:0f:0a:7c:b7:d4:b5:7a:00:67:
         2f:69:56:52:82:09:84:b6:ff:65:56:b8:ea:dd:f8:c7:63:f4:
         66:39:cc:13:70:65:26:c6:cf:db:2d:eb:d1:fd:da:4a:5c:7f:
         e5:8a:ac:b7:b0:aa:fa:de:16:9d:3b:62:9f:e5:48:39:e2:01:
         d1:83:fa:fa:72:b4:77:99:94:c3:70:25:8d:19:ff:09:54:bb:
         21:95:9a:51:83:1e:a9:9c:72:13:1e:c4:9b:01:d7:cc:93:4f:
         a2:b5:39:31:f7:a3:de:4e:6b:2c:82:6d:ac:f1:2c:06:c3:a3:
         70:0e:08:6f:f0:51:df:d3:f1:e2:b2:ae:2a:2b:62:c7:25:5a:
         fb:bf:b0:66:69:65:9e:b4:70:31:9a:3e:45:70:75:e3:04:5e:
         a9:18:2a:8c:be:b0:50:72:2c:d5:0d:0a:39:da:d2:0d:46:33:
         ac:4d:11:fa:59:38:d9:af:10:14:20:91:29:3b:61:f0:eb:7f:
         c0:b2:8d:a6:9e:de:c9:6c:12:04:6a:5b:26:b6:bf:db:e3:1f:
         6b:e6:25:56
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdZf8HzNrrdaEnZN1QTqfj2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4YTc2M2YwYzQ2N2FiYWE3MDFkOTY4YzM3NDljNmRhZDAz
NDg5YjAwHhcNMjUwNjEwMTEwMDM0WhcNMjUwNjExMTEwMDM0WjAzMTEwLwYDVQQD
EyhmMDQ1ZjU5YTY1ZjczNmEyNDNmZDQyODY4NGI1ZTBiNTBkN2ZjNDc5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkBviHFIInxCzAb2WQCAdO2XO/eA2
PdZq+ZCzqJWP4qF6YtXYNQ+UkpSWPIwr3m6+weNV5noVNkSlR10H8PXX49YiZ67X
MrKU/FWrRVhn1sMZYVVwrS5FiyDNpkGSLqDqmvRDR1xuDSQbiOTUaZKQHDU7goL6
22MG059T1N4kLjMPLZpEtIz9axHVihgx53K7brWIN9HSUG7Ic1Jyrm0GLt4TzjSp
Ucl75g+Cxd5ZZOipWW9EGKQIums0kVqsAGNAECDZVBanQ3ntJ8eWgdy5ijFznoj2
XbzL83QeSbnX3S215wpki9DlaJsuKTzd0Z/hs/OzS6xx7kc1GF8KVYjJwQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPBF9Zpl9zaiQ/1ChoS14LUNf8R5MB8GA1UdIwQY
MBaAFFinY/DEZ6uqcB2WjDdJxtrQNImwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV0tkajhNUm5xNnB3SFphTU4wbkcydEEwaWJBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOC81ZDY0OTEtMDhmZi00OTRkLTg0MzMt
MDk4ZjdjNWZkOTc1LzEvV0tkajhNUm5xNnB3SFphTU4wbkcydEEwaWJBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOC81ZDY0OTEtMDhmZi00OTRkLTg0MzMtMDk4ZjdjNWZkOTc1
LzEvV0tkajhNUm5xNnB3SFphTU4wbkcydEEwaWJBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHI9sZtd6
GgQEN6evxTy3RhW6rQ5+K59FCzMkqno+0LcSRnOsj91sYfl+l4FZDwp8t9S1egBn
L2lWUoIJhLb/ZVa46t34x2P0ZjnME3BlJsbP2y3r0f3aSlx/5Yqst7Cq+t4WnTti
n+VIOeIB0YP6+nK0d5mUw3AljRn/CVS7IZWaUYMeqZxyEx7EmwHXzJNPorU5Mfej
3k5rLIJtrPEsBsOjcA4Ib/BR39Px4rKuKitixyVa+7+wZmllnrRwMZo+RXB14wRe
qRgqjL6wUHIs1Q0KOdrSDUYzrE0R+lk42a8QFCCRKTth8Ot/wLKNpp7eyWwSBGpb
Jra/2+Mfa+YlVg==
-----END CERTIFICATE-----
Generated at Tue Jun 10 14:38:59 2025 by rpki-client