Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ec/c4dada-1a29-449a-9ac6-b12ebf345bc3/1/paimkAmtLokJhr3XbGM8GzHwbzo.mft
File:                     paimkAmtLokJhr3XbGM8GzHwbzo.mft (raw, json)
Hash identifier:          7754tRupBMtFUR5K22d+I4veS+8PzpakqCa/IpgslQg=
Subject key identifier:   BA:CE:5A:6F:4C:6C:E2:0D:56:3C:78:01:B6:BF:BB:0E:51:0B:81:FD
Authority key identifier: A5:A8:A6:90:09:AD:2E:89:09:86:BD:D7:6C:63:3C:1B:31:F0:6F:3A
Certificate issuer:       /CN=a5a8a69009ad2e890986bdd76c633c1b31f06f3a
Certificate serial:       01976EBE2AFB3F87A1080184423E9D791EB1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/paimkAmtLokJhr3XbGM8GzHwbzo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ec/c4dada-1a29-449a-9ac6-b12ebf345bc3/1/paimkAmtLokJhr3XbGM8GzHwbzo.mft
Manifest number:          0678
Signing time:             Sat 14 Jun 2025 14:00:45 +0000
Manifest this update:     Sat 14 Jun 2025 14:00:45 +0000
Manifest next update:     Sun 15 Jun 2025 14:00:45 +0000
Files and hashes:         1: 6FOwPkcLo51Q3D-jQMVy5DzuCjo.roa (hash: ZMfa+VC1JK7r5J2BdtywNHEZxOWql9OfKZrNLteanPw=)
                          2: paimkAmtLokJhr3XbGM8GzHwbzo.crl (hash: jhCbohcdkorS6wYoPu4lMAXvFHoDBogSTPhDJuOZKk4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ec/c4dada-1a29-449a-9ac6-b12ebf345bc3/1/paimkAmtLokJhr3XbGM8GzHwbzo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ec/c4dada-1a29-449a-9ac6-b12ebf345bc3/1/paimkAmtLokJhr3XbGM8GzHwbzo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/paimkAmtLokJhr3XbGM8GzHwbzo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 15 Jun 2025 14:00:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:6e:be:2a:fb:3f:87:a1:08:01:84:42:3e:9d:79:1e:b1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a5a8a69009ad2e890986bdd76c633c1b31f06f3a
        Validity
            Not Before: Jun 14 14:00:45 2025 GMT
            Not After : Jun 15 14:00:45 2025 GMT
        Subject: CN=bace5a6f4c6ce20d563c7801b6bfbb0e510b81fd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e1:b8:98:5e:80:42:3a:7c:97:1c:ec:3b:56:77:
                    2e:de:e2:24:96:03:d2:54:54:91:4a:fd:f2:a7:69:
                    61:8f:5f:e8:d3:e4:2b:13:21:59:18:b2:51:95:a2:
                    bb:46:42:f7:ae:f7:82:25:b0:c5:f8:fc:04:a6:f9:
                    6b:cf:ee:cf:15:2b:74:95:e9:e6:9a:65:4f:77:0d:
                    24:d5:6a:29:ff:7b:5e:df:74:5a:b3:78:00:44:c8:
                    a1:10:42:ac:88:c4:eb:ae:72:44:34:50:04:93:e4:
                    a5:20:7e:48:63:1f:22:8a:16:50:43:2b:f0:01:6c:
                    43:bc:83:9f:fe:0a:dd:76:13:56:26:65:46:4f:93:
                    85:9e:18:26:f3:71:a6:2f:e3:55:3b:20:1a:1b:57:
                    b3:f6:2b:8d:ef:8a:68:9e:cc:4d:01:df:20:f7:e9:
                    9a:a2:e7:02:c9:c5:96:c2:10:f0:4c:62:fc:81:ff:
                    83:52:86:ae:91:08:5a:c4:f4:17:52:74:04:7e:be:
                    fa:e2:9a:22:6a:65:1f:91:a4:81:2e:52:4d:6b:6b:
                    2c:a2:30:25:f2:43:2e:58:38:c1:64:43:6f:9f:da:
                    ca:d3:5d:08:11:44:ed:14:05:06:1a:18:ac:d6:b1:
                    b0:df:01:81:32:60:ce:6e:17:53:0d:a8:8e:10:16:
                    6d:e5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BA:CE:5A:6F:4C:6C:E2:0D:56:3C:78:01:B6:BF:BB:0E:51:0B:81:FD
            X509v3 Authority Key Identifier:
                keyid:A5:A8:A6:90:09:AD:2E:89:09:86:BD:D7:6C:63:3C:1B:31:F0:6F:3A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/paimkAmtLokJhr3XbGM8GzHwbzo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/c4dada-1a29-449a-9ac6-b12ebf345bc3/1/paimkAmtLokJhr3XbGM8GzHwbzo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/c4dada-1a29-449a-9ac6-b12ebf345bc3/1/paimkAmtLokJhr3XbGM8GzHwbzo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         74:97:fd:08:66:e0:93:d7:1c:90:28:0a:16:bb:7e:e1:3e:aa:
         c9:72:98:18:5a:82:94:64:37:86:6e:cf:17:f4:88:c8:92:b4:
         4e:18:d0:79:a8:da:5c:74:db:a3:7d:ff:0b:f1:96:96:35:67:
         b8:7e:cd:e5:dd:54:e8:7b:cf:13:d2:be:7f:e9:17:ba:99:3a:
         b4:f2:30:ef:c5:d5:06:3d:d5:fd:99:8a:1b:ab:e7:4e:91:50:
         4c:76:1f:30:f1:0f:18:fe:ff:f2:0e:56:36:19:24:31:a4:de:
         33:fd:39:13:37:fd:f7:27:2e:4d:cb:26:2b:17:b1:f2:0c:4a:
         43:aa:51:12:77:b1:fb:b5:c1:1f:3c:5e:45:44:a2:f7:2c:c3:
         9b:e0:27:3c:50:b5:1b:e0:53:50:18:76:16:52:5f:4a:8e:c2:
         b6:12:02:82:8c:38:75:de:e2:45:b4:9f:e2:52:9a:ea:d5:ee:
         f0:1d:2f:e7:01:0b:10:2f:eb:64:0f:d3:6e:89:86:a9:bc:57:
         3b:e2:79:3b:9d:47:d1:9e:32:81:af:90:b7:e1:a4:94:8b:fc:
         cd:5a:1c:ee:16:eb:63:84:b9:d8:53:cb:fe:8f:52:1c:f1:b2:
         a9:a6:50:b6:e2:ea:fb:db:d5:f6:fb:37:eb:78:75:5f:2e:05:
         9f:d9:29:f0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZduvir7P4ehCAGEQj6deR6xMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1YThhNjkwMDlhZDJlODkwOTg2YmRkNzZjNjMzYzFiMzFm
MDZmM2EwHhcNMjUwNjE0MTQwMDQ1WhcNMjUwNjE1MTQwMDQ1WjAzMTEwLwYDVQQD
EyhiYWNlNWE2ZjRjNmNlMjBkNTYzYzc4MDFiNmJmYmIwZTUxMGI4MWZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4biYXoBCOnyXHOw7Vncu3uIklgPS
VFSRSv3yp2lhj1/o0+QrEyFZGLJRlaK7RkL3rveCJbDF+PwEpvlrz+7PFSt0lenm
mmVPdw0k1Wop/3te33Ras3gARMihEEKsiMTrrnJENFAEk+SlIH5IYx8iihZQQyvw
AWxDvIOf/grddhNWJmVGT5OFnhgm83GmL+NVOyAaG1ez9iuN74ponsxNAd8g9+ma
oucCycWWwhDwTGL8gf+DUoaukQhaxPQXUnQEfr764poiamUfkaSBLlJNa2ssojAl
8kMuWDjBZENvn9rK010IEUTtFAUGGhis1rGw3wGBMmDObhdTDaiOEBZt5QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLrOWm9MbOINVjx4Aba/uw5RC4H9MB8GA1UdIwQY
MBaAFKWoppAJrS6JCYa912xjPBsx8G86MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcGFpbWtBbXRMb2tKaHIzWGJHTThHekh3YnpvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYy9jNGRhZGEtMWEyOS00NDlhLTlhYzYt
YjEyZWJmMzQ1YmMzLzEvcGFpbWtBbXRMb2tKaHIzWGJHTThHekh3YnpvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYy9jNGRhZGEtMWEyOS00NDlhLTlhYzYtYjEyZWJmMzQ1YmMz
LzEvcGFpbWtBbXRMb2tKaHIzWGJHTThHekh3YnpvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAdJf9CGbg
k9cckCgKFrt+4T6qyXKYGFqClGQ3hm7PF/SIyJK0ThjQeajaXHTbo33/C/GWljVn
uH7N5d1U6HvPE9K+f+kXupk6tPIw78XVBj3V/ZmKG6vnTpFQTHYfMPEPGP7/8g5W
NhkkMaTeM/05Ezf99ycuTcsmKxex8gxKQ6pREnex+7XBHzxeRUSi9yzDm+AnPFC1
G+BTUBh2FlJfSo7CthICgow4dd7iRbSf4lKa6tXu8B0v5wELEC/rZA/TbomGqbxX
O+J5O51H0Z4yga+Qt+GklIv8zVoc7hbrY4S52FPL/o9SHPGyqaZQtuLq+9vV9vs3
63h1Xy4Fn9kp8A==
-----END CERTIFICATE-----
Generated at Sat Jun 14 22:58:34 2025 by rpki-client