Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/31d6c1-1146-4588-838d-147177b837de/1/kRiMpkxGcKbrVrQqUKEFiK2WR-4.mft
File:                     kRiMpkxGcKbrVrQqUKEFiK2WR-4.mft (raw, json)
Hash identifier:          SkaruFkGOvKtu5anGeh3yjLI4lg+Tn6HurLOMBCl4s8=
Subject key identifier:   7D:90:73:00:83:17:6C:CE:09:E7:22:A7:77:51:CF:58:AB:5D:A0:1A
Authority key identifier: 91:18:8C:A6:4C:46:70:A6:EB:56:B4:2A:50:A1:05:88:AD:96:47:EE
Certificate issuer:       /CN=91188ca64c4670a6eb56b42a50a10588ad9647ee
Certificate serial:       01976E508417B36996DA41B2ABA20EA2592B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/kRiMpkxGcKbrVrQqUKEFiK2WR-4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/eb/31d6c1-1146-4588-838d-147177b837de/1/kRiMpkxGcKbrVrQqUKEFiK2WR-4.mft
Manifest number:          0A23
Signing time:             Sat 14 Jun 2025 12:00:59 +0000
Manifest this update:     Sat 14 Jun 2025 12:00:59 +0000
Manifest next update:     Sun 15 Jun 2025 12:00:59 +0000
Files and hashes:         1: JyQo8VWrljsbu7fdBUyCLnp2fRo.roa (hash: PYNlAKDVxyxJWLdDPpsz5WMXt3MO3ZloO8y7DclxK3I=)
                          2: kRiMpkxGcKbrVrQqUKEFiK2WR-4.crl (hash: GCm6pZBzRP3QPo0+9fzqr/0hOE+qQ1/s8kCPRFNSvvQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/eb/31d6c1-1146-4588-838d-147177b837de/1/kRiMpkxGcKbrVrQqUKEFiK2WR-4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/eb/31d6c1-1146-4588-838d-147177b837de/1/kRiMpkxGcKbrVrQqUKEFiK2WR-4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/kRiMpkxGcKbrVrQqUKEFiK2WR-4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 15 Jun 2025 12:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:6e:50:84:17:b3:69:96:da:41:b2:ab:a2:0e:a2:59:2b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=91188ca64c4670a6eb56b42a50a10588ad9647ee
        Validity
            Not Before: Jun 14 12:00:59 2025 GMT
            Not After : Jun 15 12:00:59 2025 GMT
        Subject: CN=7d90730083176cce09e722a77751cf58ab5da01a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:f7:63:98:d8:2c:8d:0d:04:8f:8b:16:16:76:
                    56:a5:62:17:cd:75:30:a0:9e:1f:13:10:51:82:08:
                    96:4d:3b:03:08:c5:c2:67:02:e8:88:f0:8f:e9:39:
                    0a:69:4e:80:b7:e6:18:2f:07:37:a9:fa:fb:a5:5c:
                    6e:ac:5c:56:33:9d:01:a8:8b:ac:31:2a:eb:a4:1d:
                    f5:9f:b3:0d:3e:f0:70:cd:fd:fa:6c:ac:a6:70:55:
                    c4:a3:2e:75:cc:a4:75:21:b1:27:77:cc:9c:d5:7f:
                    d4:e4:56:b1:f0:7e:6d:07:5a:e8:62:ef:83:8b:a2:
                    7a:f1:ae:d4:16:77:06:80:1b:0a:02:a3:a8:64:c0:
                    31:d7:85:82:f6:b2:92:6f:ec:57:88:fc:83:11:38:
                    16:4d:f7:07:cd:0c:d9:ed:96:77:ca:5a:ce:09:8b:
                    87:eb:38:32:d3:00:4d:55:56:fc:0b:e8:ec:fe:2f:
                    80:07:f4:9a:7b:2e:b7:e6:8d:d1:35:c8:c8:ef:2b:
                    6e:5e:68:f0:2d:aa:55:b4:fa:9f:b3:60:24:2d:7e:
                    8d:ee:2d:71:9d:71:97:d0:ce:63:d3:bf:88:f7:44:
                    90:9e:a1:36:ed:27:d6:7f:7d:a7:67:d1:da:43:e9:
                    d5:9a:b7:18:2a:11:e1:61:61:a5:e6:75:59:32:3f:
                    02:69
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7D:90:73:00:83:17:6C:CE:09:E7:22:A7:77:51:CF:58:AB:5D:A0:1A
            X509v3 Authority Key Identifier:
                keyid:91:18:8C:A6:4C:46:70:A6:EB:56:B4:2A:50:A1:05:88:AD:96:47:EE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kRiMpkxGcKbrVrQqUKEFiK2WR-4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/31d6c1-1146-4588-838d-147177b837de/1/kRiMpkxGcKbrVrQqUKEFiK2WR-4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/31d6c1-1146-4588-838d-147177b837de/1/kRiMpkxGcKbrVrQqUKEFiK2WR-4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         61:f9:38:4d:7f:f0:f9:9e:87:d4:1e:ab:b7:fe:a5:b9:90:c1:
         38:69:e4:1c:1f:11:1f:ee:14:fb:8b:61:49:3b:53:99:5e:7a:
         30:57:ec:2a:1a:24:69:90:4a:28:48:ae:35:5c:ca:60:66:dd:
         5d:f6:25:cc:45:1a:d9:fa:1c:37:f6:78:31:ee:b4:7f:d4:36:
         74:02:73:9f:7d:6d:f4:73:c5:16:bc:41:da:cd:fa:99:93:6e:
         1b:6e:0e:8d:92:30:62:db:88:a2:5f:19:e2:29:c3:0a:17:69:
         ca:10:f6:40:af:f0:ff:13:8c:68:0f:88:5e:e6:68:e4:7e:5d:
         80:a7:57:aa:27:81:81:ac:05:aa:25:19:7e:c9:6d:48:1f:83:
         e5:40:a8:04:83:bf:9b:96:9d:a9:e0:f0:03:3d:25:89:52:05:
         4f:d5:10:58:bf:17:8a:67:5a:a5:2f:b3:9d:f8:cc:74:5c:14:
         4f:be:13:ff:e2:47:f5:92:91:2e:13:12:4e:16:c2:ec:05:c1:
         de:c4:15:9b:f3:fe:cc:a1:fc:a2:42:3b:ed:de:17:9a:cf:f6:
         fe:9a:42:6a:54:d4:9f:75:01:41:6b:93:b4:ae:9f:5f:2d:bf:
         fb:ff:16:b8:5a:f8:32:48:93:35:4b:3a:2d:d8:39:f9:95:37:
         15:e2:a6:0a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZduUIQXs2mW2kGyq6IOolkrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkxMTg4Y2E2NGM0NjcwYTZlYjU2YjQyYTUwYTEwNTg4YWQ5
NjQ3ZWUwHhcNMjUwNjE0MTIwMDU5WhcNMjUwNjE1MTIwMDU5WjAzMTEwLwYDVQQD
Eyg3ZDkwNzMwMDgzMTc2Y2NlMDllNzIyYTc3NzUxY2Y1OGFiNWRhMDFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwPdjmNgsjQ0Ej4sWFnZWpWIXzXUw
oJ4fExBRggiWTTsDCMXCZwLoiPCP6TkKaU6At+YYLwc3qfr7pVxurFxWM50BqIus
MSrrpB31n7MNPvBwzf36bKymcFXEoy51zKR1IbEnd8yc1X/U5Fax8H5tB1roYu+D
i6J68a7UFncGgBsKAqOoZMAx14WC9rKSb+xXiPyDETgWTfcHzQzZ7ZZ3ylrOCYuH
6zgy0wBNVVb8C+js/i+AB/Saey635o3RNcjI7ytuXmjwLapVtPqfs2AkLX6N7i1x
nXGX0M5j07+I90SQnqE27SfWf32nZ9HaQ+nVmrcYKhHhYWGl5nVZMj8CaQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFH2QcwCDF2zOCecip3dRz1irXaAaMB8GA1UdIwQY
MBaAFJEYjKZMRnCm61a0KlChBYitlkfuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva1JpTXBreEdjS2JyVnJRcVVLRUZpSzJXUi00LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi8zMWQ2YzEtMTE0Ni00NTg4LTgzOGQt
MTQ3MTc3YjgzN2RlLzEva1JpTXBreEdjS2JyVnJRcVVLRUZpSzJXUi00Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi8zMWQ2YzEtMTE0Ni00NTg4LTgzOGQtMTQ3MTc3YjgzN2Rl
LzEva1JpTXBreEdjS2JyVnJRcVVLRUZpSzJXUi00LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYfk4TX/w
+Z6H1B6rt/6luZDBOGnkHB8RH+4U+4thSTtTmV56MFfsKhokaZBKKEiuNVzKYGbd
XfYlzEUa2focN/Z4Me60f9Q2dAJzn31t9HPFFrxB2s36mZNuG24OjZIwYtuIol8Z
4inDChdpyhD2QK/w/xOMaA+IXuZo5H5dgKdXqieBgawFqiUZfsltSB+D5UCoBIO/
m5adqeDwAz0liVIFT9UQWL8XimdapS+znfjMdFwUT74T/+JH9ZKRLhMSThbC7AXB
3sQVm/P+zKH8okI77d4Xms/2/ppCalTUn3UBQWuTtK6fXy2/+/8WuFr4MkiTNUs6
Ldg5+ZU3FeKmCg==
-----END CERTIFICATE-----
Generated at Sat Jun 14 20:47:09 2025 by rpki-client