Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/571244-9c9a-43ac-930c-370c80769831/1/iJiSZOUPOa6IiuMnYQm7qALkWAE.mft
File:                     iJiSZOUPOa6IiuMnYQm7qALkWAE.mft (raw, json)
Hash identifier:          ejVXg0vu02lBZ2otd4QCjDNqQoK/lm2g/G5DBb9gGU0=
Subject key identifier:   5C:81:F6:44:40:C5:A2:B4:F0:CC:F2:EE:7D:56:9C:4B:80:8D:4F:F4
Authority key identifier: 88:98:92:64:E5:0F:39:AE:88:8A:E3:27:61:09:BB:A8:02:E4:58:01
Certificate issuer:       /CN=88989264e50f39ae888ae3276109bba802e45801
Certificate serial:       019762F0A3FDDF066554299D903384570004
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/iJiSZOUPOa6IiuMnYQm7qALkWAE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/da/571244-9c9a-43ac-930c-370c80769831/1/iJiSZOUPOa6IiuMnYQm7qALkWAE.mft
Manifest number:          0221
Signing time:             Thu 12 Jun 2025 07:00:27 +0000
Manifest this update:     Thu 12 Jun 2025 07:00:27 +0000
Manifest next update:     Fri 13 Jun 2025 07:00:27 +0000
Files and hashes:         1: e7H9B5-pB3ikZ5-oh15fm0ggCqI.roa (hash: We6P0vvIkU060wWseVebnunaD4trxKPA+u+6dudIhmU=)
                          2: iJiSZOUPOa6IiuMnYQm7qALkWAE.crl (hash: adSq3VEb6r//AMdn3NNpjmBedNjIqPqznKRxluBkNxg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/da/571244-9c9a-43ac-930c-370c80769831/1/iJiSZOUPOa6IiuMnYQm7qALkWAE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/da/571244-9c9a-43ac-930c-370c80769831/1/iJiSZOUPOa6IiuMnYQm7qALkWAE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/iJiSZOUPOa6IiuMnYQm7qALkWAE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 13 Jun 2025 00:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:62:f0:a3:fd:df:06:65:54:29:9d:90:33:84:57:00:04
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=88989264e50f39ae888ae3276109bba802e45801
        Validity
            Not Before: Jun 12 07:00:27 2025 GMT
            Not After : Jun 13 07:00:27 2025 GMT
        Subject: CN=5c81f64440c5a2b4f0ccf2ee7d569c4b808d4ff4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:ae:4c:58:a5:76:a6:5c:97:04:d0:25:a6:61:
                    73:13:f2:b6:2c:56:f7:c5:55:a5:80:15:cb:ea:20:
                    45:8a:00:e0:37:e2:65:e0:c2:61:53:af:d5:8c:a3:
                    75:df:63:8f:f0:3a:83:0d:09:8c:81:24:e1:6f:fa:
                    58:ea:bd:4a:3e:77:ec:de:55:04:6a:13:95:ee:88:
                    5a:5e:59:ff:7f:21:5c:db:52:cf:76:9f:a6:87:29:
                    cd:eb:c3:06:8a:e9:5d:4d:54:63:93:96:2e:3b:a9:
                    80:fb:a7:24:5f:30:93:22:5d:cf:93:53:6a:88:a4:
                    6c:58:db:59:94:75:3f:cd:db:fe:a8:f7:43:72:54:
                    19:81:58:c6:f3:a2:37:31:44:bd:c6:78:88:22:b0:
                    52:e1:41:c8:13:dd:c0:62:b9:10:ab:87:9d:9b:e9:
                    a5:09:9e:7a:81:2b:ab:8e:ca:7c:78:82:60:5f:e8:
                    c8:cb:6c:39:43:ed:2d:6f:49:02:f8:ba:15:58:fb:
                    9d:db:a8:4e:08:39:a6:10:73:a3:88:41:33:3c:e0:
                    20:5f:1b:95:cf:da:b7:7c:bd:df:01:17:89:c2:d7:
                    49:f3:6a:51:5d:b6:d0:d2:64:33:65:f9:aa:e0:03:
                    70:a0:ba:a7:57:68:fb:a5:90:c9:5c:a0:ea:d4:d5:
                    92:c1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5C:81:F6:44:40:C5:A2:B4:F0:CC:F2:EE:7D:56:9C:4B:80:8D:4F:F4
            X509v3 Authority Key Identifier:
                keyid:88:98:92:64:E5:0F:39:AE:88:8A:E3:27:61:09:BB:A8:02:E4:58:01

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iJiSZOUPOa6IiuMnYQm7qALkWAE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/571244-9c9a-43ac-930c-370c80769831/1/iJiSZOUPOa6IiuMnYQm7qALkWAE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/da/571244-9c9a-43ac-930c-370c80769831/1/iJiSZOUPOa6IiuMnYQm7qALkWAE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         47:71:b9:56:f9:5c:3b:ac:32:58:53:01:16:20:72:75:c4:43:
         99:86:cc:eb:29:23:b7:80:df:ce:7d:55:4d:63:44:e6:27:96:
         e2:52:3f:ee:37:43:fb:33:90:f4:e2:43:a7:d8:d6:cb:3b:5d:
         63:fa:97:84:23:12:06:9c:a8:71:59:cb:7b:c6:db:33:4e:8d:
         f7:e4:57:f2:13:59:b4:96:dd:1e:71:cb:4c:60:32:9a:de:76:
         da:2a:a3:5f:7c:8c:bc:cb:a3:2b:1f:c4:0b:35:10:94:7f:56:
         95:f7:32:fa:35:07:12:55:d2:ac:6e:0b:ff:b7:ee:05:ed:06:
         ab:b3:29:00:1b:18:30:d1:be:f4:93:1f:35:3a:09:70:c0:a0:
         74:10:1c:82:16:30:35:ff:3f:22:85:05:0b:18:71:5a:2f:b4:
         be:8e:03:9e:58:8e:6b:86:fa:d4:f3:7b:99:95:f1:42:82:0f:
         73:0b:f8:d5:68:bc:ce:49:e1:99:c8:fd:72:cc:45:dc:61:38:
         d4:56:fc:3c:90:23:fc:9b:25:96:f3:e6:36:3b:65:46:6f:2d:
         45:e1:db:03:13:fc:3b:e0:da:57:9f:88:71:ff:c1:1f:03:27:
         d0:03:cc:ae:11:45:76:91:6f:12:69:22:5f:b2:eb:a6:46:b1:
         00:64:26:ff
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdi8KP93wZlVCmdkDOEVwAEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4OTg5MjY0ZTUwZjM5YWU4ODhhZTMyNzYxMDliYmE4MDJl
NDU4MDEwHhcNMjUwNjEyMDcwMDI3WhcNMjUwNjEzMDcwMDI3WjAzMTEwLwYDVQQD
Eyg1YzgxZjY0NDQwYzVhMmI0ZjBjY2YyZWU3ZDU2OWM0YjgwOGQ0ZmY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAra5MWKV2plyXBNAlpmFzE/K2LFb3
xVWlgBXL6iBFigDgN+Jl4MJhU6/VjKN132OP8DqDDQmMgSThb/pY6r1KPnfs3lUE
ahOV7ohaXln/fyFc21LPdp+mhynN68MGiuldTVRjk5YuO6mA+6ckXzCTIl3Pk1Nq
iKRsWNtZlHU/zdv+qPdDclQZgVjG86I3MUS9xniIIrBS4UHIE93AYrkQq4edm+ml
CZ56gSurjsp8eIJgX+jIy2w5Q+0tb0kC+LoVWPud26hOCDmmEHOjiEEzPOAgXxuV
z9q3fL3fAReJwtdJ82pRXbbQ0mQzZfmq4ANwoLqnV2j7pZDJXKDq1NWSwQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFyB9kRAxaK08Mzy7n1WnEuAjU/0MB8GA1UdIwQY
MBaAFIiYkmTlDzmuiIrjJ2EJu6gC5FgBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaUppU1pPVVBPYTZJaXVNbllRbTdxQUxrV0FFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS81NzEyNDQtOWM5YS00M2FjLTkzMGMt
MzcwYzgwNzY5ODMxLzEvaUppU1pPVVBPYTZJaXVNbllRbTdxQUxrV0FFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYS81NzEyNDQtOWM5YS00M2FjLTkzMGMtMzcwYzgwNzY5ODMx
LzEvaUppU1pPVVBPYTZJaXVNbllRbTdxQUxrV0FFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAR3G5Vvlc
O6wyWFMBFiBydcRDmYbM6ykjt4Dfzn1VTWNE5ieW4lI/7jdD+zOQ9OJDp9jWyztd
Y/qXhCMSBpyocVnLe8bbM06N9+RX8hNZtJbdHnHLTGAymt522iqjX3yMvMujKx/E
CzUQlH9Wlfcy+jUHElXSrG4L/7fuBe0Gq7MpABsYMNG+9JMfNToJcMCgdBAcghYw
Nf8/IoUFCxhxWi+0vo4DnliOa4b61PN7mZXxQoIPcwv41Wi8zknhmcj9csxF3GE4
1Fb8PJAj/JsllvPmNjtlRm8tReHbAxP8O+DaV5+Icf/BHwMn0APMrhFFdpFvEmki
X7LrpkaxAGQm/w==
-----END CERTIFICATE-----
Generated at Thu Jun 12 09:40:14 2025 by rpki-client