Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/de/3b5f4e-93ff-4dfb-b02d-dc2301fbbb7c/1/IpoDgXbHlupPJ2n2vjys4aNZdjQ.mft
File:                     IpoDgXbHlupPJ2n2vjys4aNZdjQ.mft (raw, json)
Hash identifier:          rXutdwxYgL/GVmWodUBonk7BnB1S6w/BqE/kWXP1urg=
Subject key identifier:   D0:F0:E4:BE:32:9B:BB:99:D2:0E:94:CC:59:F0:91:1F:06:63:F9:22
Authority key identifier: 22:9A:03:81:76:C7:96:EA:4F:27:69:F6:BE:3C:AC:E1:A3:59:76:34
Certificate issuer:       /CN=229a038176c796ea4f2769f6be3cace1a3597634
Certificate serial:       019764A82F97B58D27268799034E2929B213
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IpoDgXbHlupPJ2n2vjys4aNZdjQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/de/3b5f4e-93ff-4dfb-b02d-dc2301fbbb7c/1/IpoDgXbHlupPJ2n2vjys4aNZdjQ.mft
Manifest number:          158B
Signing time:             Thu 12 Jun 2025 15:00:33 +0000
Manifest this update:     Thu 12 Jun 2025 15:00:33 +0000
Manifest next update:     Fri 13 Jun 2025 15:00:33 +0000
Files and hashes:         1: Hix749q65sYikumyIiO2w3pF6Ac.roa (hash: N0R4AArriY/KzHOEs+CuI34MlSMnkBHaO9k0W7jdIBQ=)
                          2: IpoDgXbHlupPJ2n2vjys4aNZdjQ.crl (hash: GzofHjDntbBOMEj0G5aiZo0TG/nHmxQABk/DAZ80Fo0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/de/3b5f4e-93ff-4dfb-b02d-dc2301fbbb7c/1/IpoDgXbHlupPJ2n2vjys4aNZdjQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/de/3b5f4e-93ff-4dfb-b02d-dc2301fbbb7c/1/IpoDgXbHlupPJ2n2vjys4aNZdjQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/IpoDgXbHlupPJ2n2vjys4aNZdjQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 13 Jun 2025 13:55:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:64:a8:2f:97:b5:8d:27:26:87:99:03:4e:29:29:b2:13
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=229a038176c796ea4f2769f6be3cace1a3597634
        Validity
            Not Before: Jun 12 15:00:33 2025 GMT
            Not After : Jun 13 15:00:33 2025 GMT
        Subject: CN=d0f0e4be329bbb99d20e94cc59f0911f0663f922
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:5b:0a:f9:25:4e:7e:9b:e9:be:f7:1f:fb:f4:
                    e0:01:70:b9:46:69:f5:43:31:ba:ff:e4:4a:6a:29:
                    2f:27:25:a4:7e:f4:c8:3a:ee:72:0d:14:df:87:4e:
                    8a:ce:70:c8:14:b2:c5:f6:3c:b7:47:70:49:05:a6:
                    7f:81:ae:c1:c0:ae:0d:7c:3f:fc:6e:88:e2:9d:d4:
                    c6:37:35:32:37:7e:9c:8f:63:4a:54:91:81:5e:d0:
                    f7:d4:6f:5b:cb:f0:f5:32:9b:fd:16:4f:7e:4c:61:
                    f2:7f:75:66:6d:3d:b2:d7:ec:8a:5d:46:e1:14:46:
                    80:ab:b4:e7:05:1a:80:50:ea:88:39:66:b0:2b:42:
                    44:40:2d:3b:df:b1:52:4e:91:94:fd:17:97:d3:ae:
                    78:68:5a:dd:b2:7d:35:20:8e:6f:08:b1:7b:77:25:
                    51:32:62:81:a5:60:02:04:da:72:5a:a6:26:f4:d2:
                    69:17:80:e6:18:70:11:7d:7d:ab:48:33:85:b2:86:
                    10:27:e6:66:82:68:ea:b3:3c:c8:9f:66:35:12:cc:
                    7d:25:c7:fe:d7:b6:f7:d0:ce:b0:9e:97:79:fb:cd:
                    13:da:ed:b9:a8:6e:44:ae:f2:f2:3e:d8:b6:41:c2:
                    22:32:df:e2:80:c3:2b:e3:17:e8:e6:e7:d7:e6:c0:
                    93:d3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D0:F0:E4:BE:32:9B:BB:99:D2:0E:94:CC:59:F0:91:1F:06:63:F9:22
            X509v3 Authority Key Identifier:
                keyid:22:9A:03:81:76:C7:96:EA:4F:27:69:F6:BE:3C:AC:E1:A3:59:76:34

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IpoDgXbHlupPJ2n2vjys4aNZdjQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/de/3b5f4e-93ff-4dfb-b02d-dc2301fbbb7c/1/IpoDgXbHlupPJ2n2vjys4aNZdjQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/de/3b5f4e-93ff-4dfb-b02d-dc2301fbbb7c/1/IpoDgXbHlupPJ2n2vjys4aNZdjQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         81:3b:31:df:03:b5:d1:ef:2e:cf:a8:77:f4:29:91:e0:ee:56:
         77:b0:74:0f:8d:01:45:25:9d:4f:58:88:64:dd:5b:20:72:d2:
         95:2c:97:d7:0e:e3:0f:09:41:d0:cf:e4:db:7d:ca:0f:86:61:
         70:83:63:c9:c9:3d:21:6a:a7:60:db:cf:46:ff:49:cb:34:8c:
         e0:4e:08:83:8f:06:da:1d:d9:b7:ed:20:6d:9d:7e:32:d3:be:
         ef:2e:c3:0d:63:a3:37:55:59:a0:27:cb:fa:c1:79:b9:e4:b5:
         ad:3d:e2:9a:84:30:4a:29:8a:64:8a:af:41:3a:a5:11:78:d0:
         2d:b6:37:15:fe:ba:3d:d0:9b:54:51:c9:27:63:45:a5:80:93:
         4d:c1:77:2b:dd:a9:f4:eb:93:3d:7c:81:a1:19:96:72:63:43:
         75:f5:e5:64:0c:9f:c8:fa:c8:f5:61:cc:bc:fa:ec:92:49:0d:
         1f:ad:57:0f:a6:59:82:8e:39:d4:43:d7:cf:c9:20:09:49:f1:
         f8:92:67:b9:90:d6:f9:f7:a2:c0:6e:f6:99:cb:87:7c:1a:99:
         3b:0e:2d:26:d7:11:36:38:62:c7:48:3c:d9:be:66:51:2c:c2:
         1c:e9:cd:fe:a9:b6:75:d6:15:8c:00:7c:75:a8:79:e7:1b:20:
         62:64:9f:0a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdkqC+XtY0nJoeZA04pKbITMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyOWEwMzgxNzZjNzk2ZWE0ZjI3NjlmNmJlM2NhY2UxYTM1
OTc2MzQwHhcNMjUwNjEyMTUwMDMzWhcNMjUwNjEzMTUwMDMzWjAzMTEwLwYDVQQD
EyhkMGYwZTRiZTMyOWJiYjk5ZDIwZTk0Y2M1OWYwOTExZjA2NjNmOTIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs1sK+SVOfpvpvvcf+/TgAXC5Rmn1
QzG6/+RKaikvJyWkfvTIOu5yDRTfh06KznDIFLLF9jy3R3BJBaZ/ga7BwK4NfD/8
bojindTGNzUyN36cj2NKVJGBXtD31G9by/D1Mpv9Fk9+TGHyf3VmbT2y1+yKXUbh
FEaAq7TnBRqAUOqIOWawK0JEQC0737FSTpGU/ReX0654aFrdsn01II5vCLF7dyVR
MmKBpWACBNpyWqYm9NJpF4DmGHARfX2rSDOFsoYQJ+ZmgmjqszzIn2Y1Esx9Jcf+
17b30M6wnpd5+80T2u25qG5ErvLyPti2QcIiMt/igMMr4xfo5ufX5sCT0wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNDw5L4ym7uZ0g6UzFnwkR8GY/kiMB8GA1UdIwQY
MBaAFCKaA4F2x5bqTydp9r48rOGjWXY0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXBvRGdYYkhsdXBQSjJuMnZqeXM0YU5aZGpRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZS8zYjVmNGUtOTNmZi00ZGZiLWIwMmQt
ZGMyMzAxZmJiYjdjLzEvSXBvRGdYYkhsdXBQSjJuMnZqeXM0YU5aZGpRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZS8zYjVmNGUtOTNmZi00ZGZiLWIwMmQtZGMyMzAxZmJiYjdj
LzEvSXBvRGdYYkhsdXBQSjJuMnZqeXM0YU5aZGpRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAgTsx3wO1
0e8uz6h39CmR4O5Wd7B0D40BRSWdT1iIZN1bIHLSlSyX1w7jDwlB0M/k233KD4Zh
cINjyck9IWqnYNvPRv9JyzSM4E4Ig48G2h3Zt+0gbZ1+MtO+7y7DDWOjN1VZoCfL
+sF5ueS1rT3imoQwSimKZIqvQTqlEXjQLbY3Ff66PdCbVFHJJ2NFpYCTTcF3K92p
9OuTPXyBoRmWcmNDdfXlZAyfyPrI9WHMvPrskkkNH61XD6ZZgo451EPXz8kgCUnx
+JJnuZDW+feiwG72mcuHfBqZOw4tJtcRNjhix0g82b5mUSzCHOnN/qm2ddYVjAB8
dah55xsgYmSfCg==
-----END CERTIFICATE-----
Generated at Thu Jun 12 17:28:18 2025 by rpki-client