Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e4/1d72ce-be4c-4498-a823-3aebc9f817ce/1/KXpCKXFPNOKdPZKyX3tZx0jw38Y.mft
File:                     KXpCKXFPNOKdPZKyX3tZx0jw38Y.mft (raw, json)
Hash identifier:          NINgb04yW97cURIFlxAvlIuAl+2DCex4TFncRvkcSM8=
Subject key identifier:   D8:77:EE:72:15:8C:0A:7C:81:21:C9:6B:F8:84:D3:C9:C8:97:A3:4F
Authority key identifier: 29:7A:42:29:71:4F:34:E2:9D:3D:92:B2:5F:7B:59:C7:48:F0:DF:C6
Certificate issuer:       /CN=297a4229714f34e29d3d92b25f7b59c748f0dfc6
Certificate serial:       01975DCA88C85A3567F220F787CE1274B24F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/KXpCKXFPNOKdPZKyX3tZx0jw38Y.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e4/1d72ce-be4c-4498-a823-3aebc9f817ce/1/KXpCKXFPNOKdPZKyX3tZx0jw38Y.mft
Manifest number:          0815
Signing time:             Wed 11 Jun 2025 07:00:43 +0000
Manifest this update:     Wed 11 Jun 2025 07:00:43 +0000
Manifest next update:     Thu 12 Jun 2025 07:00:43 +0000
Files and hashes:         1: IrS-qV3W0Ik-KE138sR-ycmjsj0.roa (hash: ZrhZqy7V3sNpl24EYUX1sc+YyDytYvN7JDm/U17ihTc=)
                          2: KXpCKXFPNOKdPZKyX3tZx0jw38Y.crl (hash: dmKdPsVfIaepuCpMOt8Wo7yQHTcv+mxRPj/ag07MrTk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e4/1d72ce-be4c-4498-a823-3aebc9f817ce/1/KXpCKXFPNOKdPZKyX3tZx0jw38Y.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e4/1d72ce-be4c-4498-a823-3aebc9f817ce/1/KXpCKXFPNOKdPZKyX3tZx0jw38Y.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/KXpCKXFPNOKdPZKyX3tZx0jw38Y.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 11 Jun 2025 23:00:18 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:5d:ca:88:c8:5a:35:67:f2:20:f7:87:ce:12:74:b2:4f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=297a4229714f34e29d3d92b25f7b59c748f0dfc6
        Validity
            Not Before: Jun 11 07:00:43 2025 GMT
            Not After : Jun 12 07:00:43 2025 GMT
        Subject: CN=d877ee72158c0a7c8121c96bf884d3c9c897a34f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:6b:8b:36:39:ba:cf:f8:01:ea:46:ee:6e:5f:
                    a9:d3:55:2d:b4:c0:7a:7e:96:24:97:ee:2d:0c:1f:
                    e8:7b:50:06:aa:05:ce:62:6b:e6:84:8e:ca:9a:d0:
                    74:d3:c6:16:3d:b5:fd:b9:35:11:79:f7:8a:c5:aa:
                    a0:d9:16:fd:fe:4a:1a:5c:b6:93:c6:19:41:ee:88:
                    34:a6:22:f2:68:48:5e:6a:c4:f6:78:6a:dd:6e:90:
                    b1:10:ac:c7:d3:d5:1b:2a:64:31:35:b7:3e:3a:5e:
                    98:5b:57:b3:b9:38:18:42:58:92:ac:b9:f0:fa:29:
                    13:05:c6:1c:d2:9d:a7:db:b5:5b:6e:9a:05:94:23:
                    ec:b5:f4:b7:48:51:3c:9c:14:4e:5c:a8:f7:f7:03:
                    13:22:bc:25:0a:e7:f2:f6:5a:e0:b0:33:d7:06:2c:
                    0a:77:4f:fc:27:15:56:18:32:ed:15:0b:a9:f1:5e:
                    70:16:85:6a:45:6a:48:7f:43:24:22:14:49:57:04:
                    3e:95:69:16:0b:fb:80:af:e3:92:2a:93:79:aa:99:
                    21:cc:f5:63:56:c2:c2:50:bf:d8:9d:35:c8:ec:a0:
                    be:98:15:8e:4b:d2:82:94:ca:d2:d5:1d:5f:4f:d1:
                    06:d0:00:05:18:d3:b7:98:54:c4:0a:58:45:a1:79:
                    98:2f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D8:77:EE:72:15:8C:0A:7C:81:21:C9:6B:F8:84:D3:C9:C8:97:A3:4F
            X509v3 Authority Key Identifier:
                keyid:29:7A:42:29:71:4F:34:E2:9D:3D:92:B2:5F:7B:59:C7:48:F0:DF:C6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KXpCKXFPNOKdPZKyX3tZx0jw38Y.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/1d72ce-be4c-4498-a823-3aebc9f817ce/1/KXpCKXFPNOKdPZKyX3tZx0jw38Y.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/1d72ce-be4c-4498-a823-3aebc9f817ce/1/KXpCKXFPNOKdPZKyX3tZx0jw38Y.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5f:c0:e0:21:1f:32:14:68:5f:bf:fd:06:86:c4:b8:37:b2:47:
         c4:d7:c7:54:ad:65:9e:08:5a:f4:de:36:6a:37:d7:9a:cd:c0:
         65:79:81:c9:82:b2:67:01:37:20:8a:b0:49:46:de:90:73:0b:
         20:3f:ad:1e:77:1d:46:da:2e:42:df:5c:b7:a4:0d:d2:a8:09:
         3b:18:64:e2:bb:9f:39:e1:91:47:70:ad:0a:d8:6f:f5:ee:84:
         6e:5d:c7:a0:ab:3c:02:6f:c2:cd:dc:9d:f7:5c:c3:31:cd:66:
         79:95:d6:ad:58:63:e8:43:98:82:4a:1a:f6:d8:5f:c3:ee:ae:
         df:fa:90:61:ff:25:10:c5:69:f9:89:fe:df:81:3c:56:f6:d6:
         e0:12:7e:80:c4:67:94:54:01:94:d5:01:fc:38:ee:c3:18:b8:
         26:e4:41:50:d5:fd:0c:76:55:a5:12:41:56:19:0e:7e:c6:b7:
         0b:f0:f8:df:ea:49:d8:3e:10:dd:36:cf:f1:73:ec:dd:39:ae:
         5e:b4:0d:9e:e4:c7:c4:d5:66:1e:18:32:48:fe:b1:63:ba:94:
         85:82:fb:ca:70:75:2f:d1:20:2b:3c:e4:42:df:ca:99:cf:fd:
         b5:a9:11:e9:a6:50:48:f4:08:09:f1:fc:77:45:ce:9e:a6:aa:
         d8:89:22:4c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZddyojIWjVn8iD3h84SdLJPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5N2E0MjI5NzE0ZjM0ZTI5ZDNkOTJiMjVmN2I1OWM3NDhm
MGRmYzYwHhcNMjUwNjExMDcwMDQzWhcNMjUwNjEyMDcwMDQzWjAzMTEwLwYDVQQD
EyhkODc3ZWU3MjE1OGMwYTdjODEyMWM5NmJmODg0ZDNjOWM4OTdhMzRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr2uLNjm6z/gB6kbubl+p01UttMB6
fpYkl+4tDB/oe1AGqgXOYmvmhI7KmtB008YWPbX9uTURefeKxaqg2Rb9/koaXLaT
xhlB7og0piLyaEheasT2eGrdbpCxEKzH09UbKmQxNbc+Ol6YW1ezuTgYQliSrLnw
+ikTBcYc0p2n27VbbpoFlCPstfS3SFE8nBROXKj39wMTIrwlCufy9lrgsDPXBiwK
d0/8JxVWGDLtFQup8V5wFoVqRWpIf0MkIhRJVwQ+lWkWC/uAr+OSKpN5qpkhzPVj
VsLCUL/YnTXI7KC+mBWOS9KClMrS1R1fT9EG0AAFGNO3mFTEClhFoXmYLwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNh37nIVjAp8gSHJa/iE08nIl6NPMB8GA1UdIwQY
MBaAFCl6QilxTzTinT2Ssl97WcdI8N/GMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1hwQ0tYRlBOT0tkUFpLeVgzdFp4MGp3MzhZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNC8xZDcyY2UtYmU0Yy00NDk4LWE4MjMt
M2FlYmM5ZjgxN2NlLzEvS1hwQ0tYRlBOT0tkUFpLeVgzdFp4MGp3MzhZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNC8xZDcyY2UtYmU0Yy00NDk4LWE4MjMtM2FlYmM5ZjgxN2Nl
LzEvS1hwQ0tYRlBOT0tkUFpLeVgzdFp4MGp3MzhZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAX8DgIR8y
FGhfv/0GhsS4N7JHxNfHVK1lngha9N42ajfXms3AZXmByYKyZwE3IIqwSUbekHML
ID+tHncdRtouQt9ct6QN0qgJOxhk4rufOeGRR3CtCthv9e6Ebl3HoKs8Am/Czdyd
91zDMc1meZXWrVhj6EOYgkoa9thfw+6u3/qQYf8lEMVp+Yn+34E8VvbW4BJ+gMRn
lFQBlNUB/Djuwxi4JuRBUNX9DHZVpRJBVhkOfsa3C/D43+pJ2D4Q3TbP8XPs3Tmu
XrQNnuTHxNVmHhgySP6xY7qUhYL7ynB1L9EgKzzkQt/Kmc/9takR6aZQSPQICfH8
d0XOnqaq2IkiTA==
-----END CERTIFICATE-----
Generated at Wed Jun 11 09:38:07 2025 by rpki-client