Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/31d6c1-1146-4588-838d-147177b837de/1/kRiMpkxGcKbrVrQqUKEFiK2WR-4.mft
File:                     kRiMpkxGcKbrVrQqUKEFiK2WR-4.mft (raw, json)
Hash identifier:          n+08p3WAFhUs+A2KeikF/rAH0UNUU+QcUjWPUuqU970=
Subject key identifier:   6D:9B:9E:01:27:0E:32:7C:4B:52:60:22:D6:86:28:59:86:D1:47:7B
Authority key identifier: 91:18:8C:A6:4C:46:70:A6:EB:56:B4:2A:50:A1:05:88:AD:96:47:EE
Certificate issuer:       /CN=91188ca64c4670a6eb56b42a50a10588ad9647ee
Certificate serial:       01975CEEA96176373A5009B1CD777566F8E7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/kRiMpkxGcKbrVrQqUKEFiK2WR-4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/eb/31d6c1-1146-4588-838d-147177b837de/1/kRiMpkxGcKbrVrQqUKEFiK2WR-4.mft
Manifest number:          0A1A
Signing time:             Wed 11 Jun 2025 03:00:34 +0000
Manifest this update:     Wed 11 Jun 2025 03:00:34 +0000
Manifest next update:     Thu 12 Jun 2025 03:00:34 +0000
Files and hashes:         1: JyQo8VWrljsbu7fdBUyCLnp2fRo.roa (hash: PYNlAKDVxyxJWLdDPpsz5WMXt3MO3ZloO8y7DclxK3I=)
                          2: kRiMpkxGcKbrVrQqUKEFiK2WR-4.crl (hash: lo+nc+mNFIiPFOLYIDOxJWuyKDcNPKCdGbbE44LVLe8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/eb/31d6c1-1146-4588-838d-147177b837de/1/kRiMpkxGcKbrVrQqUKEFiK2WR-4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/eb/31d6c1-1146-4588-838d-147177b837de/1/kRiMpkxGcKbrVrQqUKEFiK2WR-4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/kRiMpkxGcKbrVrQqUKEFiK2WR-4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 11 Jun 2025 20:45:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:5c:ee:a9:61:76:37:3a:50:09:b1:cd:77:75:66:f8:e7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=91188ca64c4670a6eb56b42a50a10588ad9647ee
        Validity
            Not Before: Jun 11 03:00:34 2025 GMT
            Not After : Jun 12 03:00:34 2025 GMT
        Subject: CN=6d9b9e01270e327c4b526022d686285986d1477b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d0:16:52:cb:19:4e:93:62:9b:d8:3c:e5:5d:f3:
                    b6:c0:26:22:92:cd:6b:b7:ec:55:6b:ac:4c:5c:61:
                    38:59:f1:81:72:5f:1f:79:97:a7:b9:d1:40:6f:ca:
                    f7:f8:6d:9b:22:6e:87:02:23:c2:f9:2f:8b:0d:3a:
                    22:3d:b5:b1:78:7a:6a:7a:56:8f:4c:aa:a2:92:35:
                    bf:7e:7f:ad:6a:ab:95:a3:23:bd:31:4f:9c:61:8d:
                    68:22:51:93:9e:21:06:05:c5:ea:c7:94:a5:8c:bb:
                    b0:cb:a9:3b:41:3d:4d:d4:7f:10:49:67:a1:c8:02:
                    47:78:9d:59:18:0e:ce:04:06:5f:8b:ce:d8:98:6f:
                    4e:f6:6c:61:be:29:0a:bc:07:2d:9a:ea:72:e9:9e:
                    62:75:6b:b9:5f:10:d8:8c:8b:43:14:c8:d2:51:e2:
                    bb:1b:f7:1e:3c:62:83:c8:a4:70:8a:85:5c:5d:bc:
                    d0:71:dd:f8:82:2d:aa:00:4e:36:22:77:88:dc:46:
                    3f:ee:a5:66:97:0a:5b:53:c5:43:f2:74:39:1e:4d:
                    7a:51:68:46:5a:28:16:10:4c:c9:82:84:cf:3c:45:
                    9d:ae:23:14:b5:3a:5d:cc:e6:b7:65:b0:94:00:b2:
                    7d:f8:b2:58:e4:3d:7a:de:df:77:0a:2f:19:f4:1a:
                    69:2b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6D:9B:9E:01:27:0E:32:7C:4B:52:60:22:D6:86:28:59:86:D1:47:7B
            X509v3 Authority Key Identifier:
                keyid:91:18:8C:A6:4C:46:70:A6:EB:56:B4:2A:50:A1:05:88:AD:96:47:EE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kRiMpkxGcKbrVrQqUKEFiK2WR-4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/31d6c1-1146-4588-838d-147177b837de/1/kRiMpkxGcKbrVrQqUKEFiK2WR-4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/31d6c1-1146-4588-838d-147177b837de/1/kRiMpkxGcKbrVrQqUKEFiK2WR-4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         10:2d:3f:2b:25:9d:6c:39:14:22:4c:68:91:a4:8a:75:8b:66:
         c2:cc:89:0d:9a:b1:f8:04:8d:4a:f5:66:44:1b:03:28:82:cb:
         33:61:5b:64:c4:e8:9b:2c:3d:ab:e6:81:02:fe:c5:59:a8:bb:
         2f:9a:7a:3f:16:5c:26:b3:79:89:9e:2b:12:92:9d:97:d1:3f:
         4f:a3:f3:86:36:d5:7c:a7:52:d5:c6:9f:29:59:3f:4a:3e:46:
         4e:2f:23:ca:4f:74:44:b0:50:83:fe:2e:f3:be:c6:ce:5e:15:
         c0:dc:05:a3:27:76:d7:b4:7d:5d:f5:14:ba:ba:4d:35:09:69:
         81:29:75:4c:2d:04:a5:e3:3e:56:1a:c3:e7:10:5e:e4:40:73:
         2c:39:25:78:2d:cb:8c:c2:04:35:15:d4:67:c2:0e:e6:ca:34:
         06:17:a8:30:07:b2:4b:ab:02:80:05:50:95:b3:f1:37:db:27:
         cf:15:82:8f:01:db:29:c4:f1:eb:7c:de:20:5d:6c:c1:e3:0a:
         6d:28:9e:86:46:f9:76:32:ae:00:7f:96:78:b4:24:d0:ee:f4:
         c0:f9:5e:92:2c:30:1b:42:d7:a7:49:09:49:63:f0:7e:99:cd:
         9c:2c:d9:88:4f:c7:70:fd:bf:c9:2b:57:e8:84:09:f6:7b:37:
         ad:d1:a7:f1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdc7qlhdjc6UAmxzXd1ZvjnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkxMTg4Y2E2NGM0NjcwYTZlYjU2YjQyYTUwYTEwNTg4YWQ5
NjQ3ZWUwHhcNMjUwNjExMDMwMDM0WhcNMjUwNjEyMDMwMDM0WjAzMTEwLwYDVQQD
Eyg2ZDliOWUwMTI3MGUzMjdjNGI1MjYwMjJkNjg2Mjg1OTg2ZDE0NzdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0BZSyxlOk2Kb2DzlXfO2wCYiks1r
t+xVa6xMXGE4WfGBcl8feZenudFAb8r3+G2bIm6HAiPC+S+LDToiPbWxeHpqelaP
TKqikjW/fn+taquVoyO9MU+cYY1oIlGTniEGBcXqx5SljLuwy6k7QT1N1H8QSWeh
yAJHeJ1ZGA7OBAZfi87YmG9O9mxhvikKvActmupy6Z5idWu5XxDYjItDFMjSUeK7
G/cePGKDyKRwioVcXbzQcd34gi2qAE42IneI3EY/7qVmlwpbU8VD8nQ5Hk16UWhG
WigWEEzJgoTPPEWdriMUtTpdzOa3ZbCUALJ9+LJY5D163t93Ci8Z9BppKwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFG2bngEnDjJ8S1JgItaGKFmG0Ud7MB8GA1UdIwQY
MBaAFJEYjKZMRnCm61a0KlChBYitlkfuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva1JpTXBreEdjS2JyVnJRcVVLRUZpSzJXUi00LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi8zMWQ2YzEtMTE0Ni00NTg4LTgzOGQt
MTQ3MTc3YjgzN2RlLzEva1JpTXBreEdjS2JyVnJRcVVLRUZpSzJXUi00Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi8zMWQ2YzEtMTE0Ni00NTg4LTgzOGQtMTQ3MTc3YjgzN2Rl
LzEva1JpTXBreEdjS2JyVnJRcVVLRUZpSzJXUi00LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAEC0/KyWd
bDkUIkxokaSKdYtmwsyJDZqx+ASNSvVmRBsDKILLM2FbZMTomyw9q+aBAv7FWai7
L5p6PxZcJrN5iZ4rEpKdl9E/T6PzhjbVfKdS1cafKVk/Sj5GTi8jyk90RLBQg/4u
877Gzl4VwNwFoyd217R9XfUUurpNNQlpgSl1TC0EpeM+VhrD5xBe5EBzLDkleC3L
jMIENRXUZ8IO5so0BheoMAeyS6sCgAVQlbPxN9snzxWCjwHbKcTx63zeIF1sweMK
bSiehkb5djKuAH+WeLQk0O70wPlekiwwG0LXp0kJSWPwfpnNnCzZiE/HcP2/yStX
6IQJ9ns3rdGn8Q==
-----END CERTIFICATE-----
Generated at Wed Jun 11 06:17:16 2025 by rpki-client