Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/d9f9a8-da01-4d35-8284-b64eb8d83658/1/1TVDIcElQ2AUXq8l9pk4uN80ezE.mft
File:                     1TVDIcElQ2AUXq8l9pk4uN80ezE.mft (raw, json)
Hash identifier:          7kRYqBe0M8O9WIaZJxpyuZ8pmlONeyQDhzR8txO7mcQ=
Subject key identifier:   25:3A:EE:A4:2B:A7:95:66:04:13:72:17:FE:7E:D2:4F:1B:E3:73:A0
Authority key identifier: D5:35:43:21:C1:25:43:60:14:5E:AF:25:F6:99:38:B8:DF:34:7B:31
Certificate issuer:       /CN=d5354321c1254360145eaf25f69938b8df347b31
Certificate serial:       0197542274C3940931281CB5B3210F261299
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/1TVDIcElQ2AUXq8l9pk4uN80ezE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ea/d9f9a8-da01-4d35-8284-b64eb8d83658/1/1TVDIcElQ2AUXq8l9pk4uN80ezE.mft
Manifest number:          0A81
Signing time:             Mon 09 Jun 2025 10:00:33 +0000
Manifest this update:     Mon 09 Jun 2025 10:00:33 +0000
Manifest next update:     Tue 10 Jun 2025 10:00:33 +0000
Files and hashes:         1: 1TVDIcElQ2AUXq8l9pk4uN80ezE.crl (hash: 5N2ImW32zCfde8sjedi3JPnXPenyCfZR9yOYefkRoCU=)
                          2: 5hvMdLYnfsXTSuV237JH9FWLZN0.roa (hash: +NNavIzbs+bo3gjOvC6npGrxT+kBJ6ESc9cDAGFiB9M=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ea/d9f9a8-da01-4d35-8284-b64eb8d83658/1/1TVDIcElQ2AUXq8l9pk4uN80ezE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ea/d9f9a8-da01-4d35-8284-b64eb8d83658/1/1TVDIcElQ2AUXq8l9pk4uN80ezE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/1TVDIcElQ2AUXq8l9pk4uN80ezE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 10 Jun 2025 06:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:54:22:74:c3:94:09:31:28:1c:b5:b3:21:0f:26:12:99
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d5354321c1254360145eaf25f69938b8df347b31
        Validity
            Not Before: Jun  9 10:00:33 2025 GMT
            Not After : Jun 10 10:00:33 2025 GMT
        Subject: CN=253aeea42ba7956604137217fe7ed24f1be373a0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:b4:e5:52:c2:97:d2:e7:c3:c4:2a:b9:32:b6:
                    a3:dd:04:a7:09:68:ce:8a:0d:ca:5c:65:93:c0:49:
                    75:f5:ca:48:bc:a4:3d:bb:48:1a:ab:35:9c:a2:8f:
                    6b:ed:88:ae:0e:1a:e3:4c:44:69:c4:1a:3e:0a:86:
                    34:3b:b4:80:e9:93:a9:de:a6:21:2e:6c:d7:16:8a:
                    4b:d6:01:90:1c:66:df:11:8d:cc:13:12:a8:6c:cd:
                    05:9f:b6:47:ef:f8:56:55:a1:ac:d0:39:14:22:2c:
                    31:db:3c:40:7f:9f:e1:5c:86:2b:f9:8f:b6:ac:14:
                    73:6e:e7:13:49:d3:8f:35:49:a0:bd:b6:ce:89:36:
                    e6:94:64:fa:be:d3:fa:a8:18:fe:e0:35:44:3c:61:
                    5b:b6:1e:78:61:aa:7d:c1:7b:87:74:8d:b1:51:fd:
                    6f:de:86:42:57:26:df:2e:d2:03:6f:0f:3e:41:1a:
                    6e:49:94:4b:64:33:97:ef:45:51:a5:e6:f4:4d:89:
                    86:bf:92:b2:0d:a5:e3:08:2c:07:0d:2b:2a:cb:ad:
                    d6:79:fe:c2:fe:bc:5b:ec:36:55:23:5c:dc:ee:a0:
                    99:c8:ef:7a:27:15:cd:e5:23:ae:c2:92:91:12:98:
                    fe:57:fb:dc:47:ca:08:5e:43:43:38:68:66:fa:29:
                    58:5b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                25:3A:EE:A4:2B:A7:95:66:04:13:72:17:FE:7E:D2:4F:1B:E3:73:A0
            X509v3 Authority Key Identifier:
                keyid:D5:35:43:21:C1:25:43:60:14:5E:AF:25:F6:99:38:B8:DF:34:7B:31

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1TVDIcElQ2AUXq8l9pk4uN80ezE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/d9f9a8-da01-4d35-8284-b64eb8d83658/1/1TVDIcElQ2AUXq8l9pk4uN80ezE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/d9f9a8-da01-4d35-8284-b64eb8d83658/1/1TVDIcElQ2AUXq8l9pk4uN80ezE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         32:64:69:2f:6a:09:56:e3:58:8f:f9:9b:fa:89:3d:cc:6d:21:
         29:2b:da:9e:7c:0c:66:e3:15:f4:be:49:58:09:a3:82:79:c7:
         f9:9b:e8:79:76:76:ab:c9:a1:50:15:7c:df:0b:8c:89:05:fa:
         0f:51:9f:a1:44:2e:f8:f8:7d:83:8b:62:1b:59:a7:6a:3b:e5:
         15:3f:19:e9:d1:9e:bd:80:86:35:c2:98:d4:2c:a3:67:d0:22:
         1d:d0:e5:2a:1f:cd:a3:dd:a2:21:8b:28:ff:3c:19:8f:b0:a0:
         a5:b9:f6:1a:8c:35:78:2a:4d:10:f8:e1:af:9f:34:00:63:db:
         91:06:85:eb:3b:47:65:03:02:f1:ad:d3:8d:67:9f:89:0c:4d:
         6f:2f:09:12:fd:15:4e:e8:41:76:3e:03:42:c6:64:6e:ad:e5:
         1d:14:16:f8:e0:6a:15:50:ec:4e:2c:e7:91:af:5f:c9:6a:ec:
         a4:ff:51:0d:18:23:70:2d:6a:11:71:32:ee:28:d6:0d:ce:e6:
         e0:ac:25:1d:bc:79:6e:6a:5f:18:85:dd:86:56:88:1e:ec:c2:
         0c:99:28:4e:8d:21:87:52:db:a5:66:4b:b8:df:6e:81:69:2d:
         2b:a6:20:5c:08:d4:ce:de:4b:50:13:dc:f4:29:2f:0b:9b:6d:
         b2:26:24:0c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdUInTDlAkxKBy1syEPJhKZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ1MzU0MzIxYzEyNTQzNjAxNDVlYWYyNWY2OTkzOGI4ZGYz
NDdiMzEwHhcNMjUwNjA5MTAwMDMzWhcNMjUwNjEwMTAwMDMzWjAzMTEwLwYDVQQD
EygyNTNhZWVhNDJiYTc5NTY2MDQxMzcyMTdmZTdlZDI0ZjFiZTM3M2EwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt7TlUsKX0ufDxCq5Mraj3QSnCWjO
ig3KXGWTwEl19cpIvKQ9u0gaqzWcoo9r7YiuDhrjTERpxBo+CoY0O7SA6ZOp3qYh
LmzXFopL1gGQHGbfEY3MExKobM0Fn7ZH7/hWVaGs0DkUIiwx2zxAf5/hXIYr+Y+2
rBRzbucTSdOPNUmgvbbOiTbmlGT6vtP6qBj+4DVEPGFbth54Yap9wXuHdI2xUf1v
3oZCVybfLtIDbw8+QRpuSZRLZDOX70VRpeb0TYmGv5KyDaXjCCwHDSsqy63Wef7C
/rxb7DZVI1zc7qCZyO96JxXN5SOuwpKREpj+V/vcR8oIXkNDOGhm+ilYWwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCU67qQrp5VmBBNyF/5+0k8b43OgMB8GA1UdIwQY
MBaAFNU1QyHBJUNgFF6vJfaZOLjfNHsxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMVRWREljRWxRMkFVWHE4bDlwazR1TjgwZXpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYS9kOWY5YTgtZGEwMS00ZDM1LTgyODQt
YjY0ZWI4ZDgzNjU4LzEvMVRWREljRWxRMkFVWHE4bDlwazR1TjgwZXpFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYS9kOWY5YTgtZGEwMS00ZDM1LTgyODQtYjY0ZWI4ZDgzNjU4
LzEvMVRWREljRWxRMkFVWHE4bDlwazR1TjgwZXpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMmRpL2oJ
VuNYj/mb+ok9zG0hKSvannwMZuMV9L5JWAmjgnnH+ZvoeXZ2q8mhUBV83wuMiQX6
D1GfoUQu+Ph9g4tiG1mnajvlFT8Z6dGevYCGNcKY1CyjZ9AiHdDlKh/No92iIYso
/zwZj7Cgpbn2Gow1eCpNEPjhr580AGPbkQaF6ztHZQMC8a3TjWefiQxNby8JEv0V
TuhBdj4DQsZkbq3lHRQW+OBqFVDsTiznka9fyWrspP9RDRgjcC1qEXEy7ijWDc7m
4KwlHbx5bmpfGIXdhlaIHuzCDJkoTo0hh1LbpWZLuN9ugWktK6YgXAjUzt5LUBPc
9CkvC5ttsiYkDA==
-----END CERTIFICATE-----
Generated at Mon Jun 9 13:19:55 2025 by rpki-client