Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/31d6c1-1146-4588-838d-147177b837de/1/kRiMpkxGcKbrVrQqUKEFiK2WR-4.mft
File:                     kRiMpkxGcKbrVrQqUKEFiK2WR-4.mft (raw, json)
Hash identifier:          KfCl7mzHrSIF+dT64lKYd8gkWOR6y430italU5/xoH0=
Subject key identifier:   46:3A:BA:D0:78:8C:B2:04:7A:6E:68:63:5B:38:78:E9:D9:7D:27:B6
Authority key identifier: 91:18:8C:A6:4C:46:70:A6:EB:56:B4:2A:50:A1:05:88:AD:96:47:EE
Certificate issuer:       /CN=91188ca64c4670a6eb56b42a50a10588ad9647ee
Certificate serial:       01976A735A56C9EB067BA895FCBFD465D56C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/kRiMpkxGcKbrVrQqUKEFiK2WR-4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/eb/31d6c1-1146-4588-838d-147177b837de/1/kRiMpkxGcKbrVrQqUKEFiK2WR-4.mft
Manifest number:          0A21
Signing time:             Fri 13 Jun 2025 18:00:34 +0000
Manifest this update:     Fri 13 Jun 2025 18:00:34 +0000
Manifest next update:     Sat 14 Jun 2025 18:00:34 +0000
Files and hashes:         1: JyQo8VWrljsbu7fdBUyCLnp2fRo.roa (hash: PYNlAKDVxyxJWLdDPpsz5WMXt3MO3ZloO8y7DclxK3I=)
                          2: kRiMpkxGcKbrVrQqUKEFiK2WR-4.crl (hash: 1NEfLj6aCmLfzYqrMoTWfT/Ii6EpDdxWqgVaMR2o4Lw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/eb/31d6c1-1146-4588-838d-147177b837de/1/kRiMpkxGcKbrVrQqUKEFiK2WR-4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/eb/31d6c1-1146-4588-838d-147177b837de/1/kRiMpkxGcKbrVrQqUKEFiK2WR-4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/kRiMpkxGcKbrVrQqUKEFiK2WR-4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 14 Jun 2025 16:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:6a:73:5a:56:c9:eb:06:7b:a8:95:fc:bf:d4:65:d5:6c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=91188ca64c4670a6eb56b42a50a10588ad9647ee
        Validity
            Not Before: Jun 13 18:00:34 2025 GMT
            Not After : Jun 14 18:00:34 2025 GMT
        Subject: CN=463abad0788cb2047a6e68635b3878e9d97d27b6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:66:d2:b8:a4:52:35:6f:b3:1b:60:a8:dc:96:
                    44:bc:09:ee:bc:ff:01:a3:b3:83:0e:a7:b9:ce:4c:
                    61:94:07:63:b9:2e:13:33:cc:9c:0b:00:cf:e5:d3:
                    af:0a:5e:5e:b6:e6:4a:e0:1e:4f:85:b0:19:a6:94:
                    31:b9:27:12:de:f9:21:fb:b9:c4:2a:03:b0:5e:af:
                    58:17:d1:b9:5c:de:a0:cf:51:66:6c:a8:36:86:63:
                    23:a7:3c:da:b0:96:de:aa:e4:a3:fb:d6:88:a1:85:
                    0a:1e:29:84:03:bd:7f:70:32:d1:34:f7:2a:ca:4c:
                    5d:c3:a1:fe:37:34:06:b8:04:2f:85:95:4b:87:09:
                    c9:38:33:d0:31:83:ee:df:75:b8:04:08:a7:77:db:
                    4a:80:3e:93:c1:02:3b:0c:30:44:f5:81:b5:63:ef:
                    d8:bf:ff:84:c6:82:e3:96:85:2f:30:3e:80:8a:fb:
                    7b:2d:46:2d:b7:0a:59:3e:9f:2e:96:bd:f5:50:28:
                    ab:a8:38:ed:77:ab:49:d8:c6:16:06:a1:84:da:d4:
                    d7:82:2d:33:b0:1e:6c:81:b2:b6:34:56:e1:eb:68:
                    c0:87:f1:a4:2e:5d:19:f1:b0:e9:e3:25:86:76:15:
                    fa:b5:80:9d:19:a2:bf:0c:ed:ed:b5:16:c9:e2:5c:
                    08:2d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                46:3A:BA:D0:78:8C:B2:04:7A:6E:68:63:5B:38:78:E9:D9:7D:27:B6
            X509v3 Authority Key Identifier:
                keyid:91:18:8C:A6:4C:46:70:A6:EB:56:B4:2A:50:A1:05:88:AD:96:47:EE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kRiMpkxGcKbrVrQqUKEFiK2WR-4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/31d6c1-1146-4588-838d-147177b837de/1/kRiMpkxGcKbrVrQqUKEFiK2WR-4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/31d6c1-1146-4588-838d-147177b837de/1/kRiMpkxGcKbrVrQqUKEFiK2WR-4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4b:b6:90:67:c3:03:61:5b:74:24:61:8b:49:60:0d:3e:dd:2b:
         17:dd:c9:b0:9b:d0:87:4a:e7:4a:36:94:df:1f:24:a4:73:d9:
         9a:40:bf:c2:40:14:c7:68:14:3b:52:61:87:63:ee:8d:7e:a7:
         99:bc:91:6b:dd:f9:dd:be:8f:38:0b:7a:5a:7c:2e:c2:36:4e:
         b8:68:51:98:59:63:e1:95:78:74:33:05:4e:88:5a:22:74:b2:
         45:98:d7:dd:21:db:c5:c4:46:f6:14:b4:8e:a1:e3:4d:a3:68:
         f6:24:44:dc:0c:61:48:68:11:b6:dc:98:39:54:8f:de:49:58:
         41:c1:fb:32:85:f8:09:9e:75:f5:42:3f:b2:0f:53:9a:42:53:
         e8:6d:07:ab:7b:7e:b5:19:14:8d:ec:38:0e:e6:86:1c:e8:bd:
         2d:c8:ee:0a:81:c5:47:82:d7:28:00:9e:bf:1c:e1:56:2f:7f:
         58:4e:f8:99:fd:13:92:b9:36:dd:62:0f:76:89:de:d9:ef:d8:
         59:38:d4:00:89:98:75:04:6f:16:bf:01:89:46:0c:d8:59:53:
         c9:b5:18:82:9c:69:8b:c2:78:6f:7e:0b:e7:2a:c9:74:8e:ac:
         41:bd:98:96:54:81:66:d4:fd:26:7a:8f:8a:44:cd:b2:62:f1:
         eb:ef:b4:4f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdqc1pWyesGe6iV/L/UZdVsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkxMTg4Y2E2NGM0NjcwYTZlYjU2YjQyYTUwYTEwNTg4YWQ5
NjQ3ZWUwHhcNMjUwNjEzMTgwMDM0WhcNMjUwNjE0MTgwMDM0WjAzMTEwLwYDVQQD
Eyg0NjNhYmFkMDc4OGNiMjA0N2E2ZTY4NjM1YjM4NzhlOWQ5N2QyN2I2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsGbSuKRSNW+zG2Co3JZEvAnuvP8B
o7ODDqe5zkxhlAdjuS4TM8ycCwDP5dOvCl5etuZK4B5PhbAZppQxuScS3vkh+7nE
KgOwXq9YF9G5XN6gz1FmbKg2hmMjpzzasJbequSj+9aIoYUKHimEA71/cDLRNPcq
ykxdw6H+NzQGuAQvhZVLhwnJODPQMYPu33W4BAind9tKgD6TwQI7DDBE9YG1Y+/Y
v/+ExoLjloUvMD6Aivt7LUYttwpZPp8ulr31UCirqDjtd6tJ2MYWBqGE2tTXgi0z
sB5sgbK2NFbh62jAh/GkLl0Z8bDp4yWGdhX6tYCdGaK/DO3ttRbJ4lwILQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEY6utB4jLIEem5oY1s4eOnZfSe2MB8GA1UdIwQY
MBaAFJEYjKZMRnCm61a0KlChBYitlkfuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva1JpTXBreEdjS2JyVnJRcVVLRUZpSzJXUi00LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi8zMWQ2YzEtMTE0Ni00NTg4LTgzOGQt
MTQ3MTc3YjgzN2RlLzEva1JpTXBreEdjS2JyVnJRcVVLRUZpSzJXUi00Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi8zMWQ2YzEtMTE0Ni00NTg4LTgzOGQtMTQ3MTc3YjgzN2Rl
LzEva1JpTXBreEdjS2JyVnJRcVVLRUZpSzJXUi00LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAS7aQZ8MD
YVt0JGGLSWANPt0rF93JsJvQh0rnSjaU3x8kpHPZmkC/wkAUx2gUO1Jhh2PujX6n
mbyRa9353b6POAt6WnwuwjZOuGhRmFlj4ZV4dDMFTohaInSyRZjX3SHbxcRG9hS0
jqHjTaNo9iRE3AxhSGgRttyYOVSP3klYQcH7MoX4CZ519UI/sg9TmkJT6G0Hq3t+
tRkUjew4DuaGHOi9LcjuCoHFR4LXKACevxzhVi9/WE74mf0Tkrk23WIPdone2e/Y
WTjUAImYdQRvFr8BiUYM2FlTybUYgpxpi8J4b34L5yrJdI6sQb2YllSBZtT9JnqP
ikTNsmLx6++0Tw==
-----END CERTIFICATE-----
Generated at Sat Jun 14 02:01:46 2025 by rpki-client