Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/d9f9a8-da01-4d35-8284-b64eb8d83658/1/1TVDIcElQ2AUXq8l9pk4uN80ezE.mft
File:                     1TVDIcElQ2AUXq8l9pk4uN80ezE.mft (raw, json)
Hash identifier:          gG9jL5oQ0al4M9fPZKCmraaFRPKLB/ldagyH7LU/sl8=
Subject key identifier:   11:88:DC:36:E8:10:0A:4B:84:D3:23:F2:74:2B:68:6D:C0:5B:87:1A
Authority key identifier: D5:35:43:21:C1:25:43:60:14:5E:AF:25:F6:99:38:B8:DF:34:7B:31
Certificate issuer:       /CN=d5354321c1254360145eaf25f69938b8df347b31
Certificate serial:       0197639694B724E4D51646FF36AC519A81C7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/1TVDIcElQ2AUXq8l9pk4uN80ezE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ea/d9f9a8-da01-4d35-8284-b64eb8d83658/1/1TVDIcElQ2AUXq8l9pk4uN80ezE.mft
Manifest number:          0A89
Signing time:             Thu 12 Jun 2025 10:01:42 +0000
Manifest this update:     Thu 12 Jun 2025 10:01:42 +0000
Manifest next update:     Fri 13 Jun 2025 10:01:42 +0000
Files and hashes:         1: 1TVDIcElQ2AUXq8l9pk4uN80ezE.crl (hash: QoeCRSlumK0Zo9oe+TBBIfoJ2dxpK/UUh8UhqSzcsUM=)
                          2: 5hvMdLYnfsXTSuV237JH9FWLZN0.roa (hash: +NNavIzbs+bo3gjOvC6npGrxT+kBJ6ESc9cDAGFiB9M=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ea/d9f9a8-da01-4d35-8284-b64eb8d83658/1/1TVDIcElQ2AUXq8l9pk4uN80ezE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ea/d9f9a8-da01-4d35-8284-b64eb8d83658/1/1TVDIcElQ2AUXq8l9pk4uN80ezE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/1TVDIcElQ2AUXq8l9pk4uN80ezE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 13 Jun 2025 09:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:63:96:94:b7:24:e4:d5:16:46:ff:36:ac:51:9a:81:c7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d5354321c1254360145eaf25f69938b8df347b31
        Validity
            Not Before: Jun 12 10:01:42 2025 GMT
            Not After : Jun 13 10:01:42 2025 GMT
        Subject: CN=1188dc36e8100a4b84d323f2742b686dc05b871a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c6:f5:b8:ce:54:98:69:da:7a:5d:9b:da:a2:08:
                    fa:de:07:f4:05:e8:aa:9c:ab:b9:f5:4a:78:9b:9a:
                    65:65:ee:5d:4d:fc:44:3c:76:62:33:a4:27:09:8b:
                    97:c1:35:2b:c5:9f:5f:7a:39:33:bd:e8:94:21:29:
                    d1:18:83:1e:6c:de:e0:a4:e8:9d:70:03:4b:13:f2:
                    5d:c5:da:db:5b:c0:96:cb:aa:23:59:65:a7:9d:e4:
                    3c:9b:b6:ac:fd:dd:a0:29:99:41:89:96:cb:9c:9b:
                    b5:b9:10:17:c1:b9:6a:24:b4:07:98:50:50:69:db:
                    40:c5:49:57:64:36:d9:45:0a:51:44:fc:0b:a0:6d:
                    ae:34:7c:5e:cc:e3:e3:41:e6:e0:a9:c9:45:67:b6:
                    e4:04:66:c7:63:bf:93:b0:f8:7e:1b:9b:ca:d7:16:
                    b2:84:a1:06:d7:6b:ed:8d:5d:71:7e:18:49:48:28:
                    17:44:33:c5:16:31:87:ff:1b:6a:58:19:a3:41:7c:
                    01:a4:4d:ef:8d:bf:1c:bb:d7:ce:85:9f:8e:b1:28:
                    ac:4f:18:d2:d9:0d:09:9f:1a:28:c5:97:32:94:7d:
                    47:87:3c:5d:54:ab:c8:f9:f5:9e:99:f5:01:06:fb:
                    17:1f:40:35:84:85:9e:64:88:ad:26:a8:45:ee:e3:
                    54:bf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                11:88:DC:36:E8:10:0A:4B:84:D3:23:F2:74:2B:68:6D:C0:5B:87:1A
            X509v3 Authority Key Identifier:
                keyid:D5:35:43:21:C1:25:43:60:14:5E:AF:25:F6:99:38:B8:DF:34:7B:31

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1TVDIcElQ2AUXq8l9pk4uN80ezE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/d9f9a8-da01-4d35-8284-b64eb8d83658/1/1TVDIcElQ2AUXq8l9pk4uN80ezE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/d9f9a8-da01-4d35-8284-b64eb8d83658/1/1TVDIcElQ2AUXq8l9pk4uN80ezE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5b:39:08:c5:be:ea:9a:8b:82:db:1a:cd:ce:db:53:a9:28:78:
         35:89:18:05:3d:ba:f9:0c:1f:44:cf:53:55:b3:71:27:dd:1e:
         d7:cd:88:19:a4:b4:88:6d:5c:e3:83:10:18:51:31:32:4a:75:
         8f:8a:56:ba:b2:6e:4b:54:63:24:6a:05:f7:be:ff:08:19:37:
         4f:b5:80:bd:6c:7a:be:a9:2d:fd:b1:13:a6:13:d1:90:9e:0a:
         04:ae:fb:30:4c:b4:d5:9e:06:62:c7:d2:76:28:c6:84:43:14:
         b6:95:5a:4d:dc:f5:8a:72:8f:fb:7a:14:c4:38:25:5c:99:55:
         ca:fa:63:4a:f7:1f:6f:92:bb:5a:0c:3e:45:e1:87:92:c5:a1:
         58:ab:78:9a:3f:98:9e:94:ec:81:94:3e:a9:e4:5a:4f:85:90:
         06:42:92:f5:6d:ed:0e:6d:b2:5b:05:91:47:b5:5f:57:fc:2a:
         b5:62:11:53:a4:cc:38:0a:ce:01:7c:96:63:2b:14:a6:4d:c7:
         9b:ed:15:c6:45:47:56:43:e9:ce:85:a7:39:15:bb:ca:94:ce:
         39:19:3a:1b:1c:a7:b1:0b:73:82:8b:af:8d:d8:e4:66:fd:53:
         d8:32:d2:af:45:95:b6:2b:aa:23:53:ff:eb:20:ef:b3:45:80:
         fb:5f:c5:f5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdjlpS3JOTVFkb/NqxRmoHHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ1MzU0MzIxYzEyNTQzNjAxNDVlYWYyNWY2OTkzOGI4ZGYz
NDdiMzEwHhcNMjUwNjEyMTAwMTQyWhcNMjUwNjEzMTAwMTQyWjAzMTEwLwYDVQQD
EygxMTg4ZGMzNmU4MTAwYTRiODRkMzIzZjI3NDJiNjg2ZGMwNWI4NzFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxvW4zlSYadp6XZvaogj63gf0Beiq
nKu59Up4m5plZe5dTfxEPHZiM6QnCYuXwTUrxZ9fejkzveiUISnRGIMebN7gpOid
cANLE/JdxdrbW8CWy6ojWWWnneQ8m7as/d2gKZlBiZbLnJu1uRAXwblqJLQHmFBQ
adtAxUlXZDbZRQpRRPwLoG2uNHxezOPjQebgqclFZ7bkBGbHY7+TsPh+G5vK1xay
hKEG12vtjV1xfhhJSCgXRDPFFjGH/xtqWBmjQXwBpE3vjb8cu9fOhZ+OsSisTxjS
2Q0JnxooxZcylH1HhzxdVKvI+fWemfUBBvsXH0A1hIWeZIitJqhF7uNUvwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBGI3DboEApLhNMj8nQraG3AW4caMB8GA1UdIwQY
MBaAFNU1QyHBJUNgFF6vJfaZOLjfNHsxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMVRWREljRWxRMkFVWHE4bDlwazR1TjgwZXpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYS9kOWY5YTgtZGEwMS00ZDM1LTgyODQt
YjY0ZWI4ZDgzNjU4LzEvMVRWREljRWxRMkFVWHE4bDlwazR1TjgwZXpFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYS9kOWY5YTgtZGEwMS00ZDM1LTgyODQtYjY0ZWI4ZDgzNjU4
LzEvMVRWREljRWxRMkFVWHE4bDlwazR1TjgwZXpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWzkIxb7q
mouC2xrNzttTqSh4NYkYBT26+QwfRM9TVbNxJ90e182IGaS0iG1c44MQGFExMkp1
j4pWurJuS1RjJGoF977/CBk3T7WAvWx6vqkt/bETphPRkJ4KBK77MEy01Z4GYsfS
dijGhEMUtpVaTdz1inKP+3oUxDglXJlVyvpjSvcfb5K7Wgw+ReGHksWhWKt4mj+Y
npTsgZQ+qeRaT4WQBkKS9W3tDm2yWwWRR7VfV/wqtWIRU6TMOArOAXyWYysUpk3H
m+0VxkVHVkPpzoWnORW7ypTOORk6GxynsQtzgouvjdjkZv1T2DLSr0WVtiuqI1P/
6yDvs0WA+1/F9Q==
-----END CERTIFICATE-----
Generated at Thu Jun 12 14:04:34 2025 by rpki-client