Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ed/a6fcc9-d251-42dc-ad02-967c2285ea62/1/QH0twQwC9ewk9pD59mBVVIZWLlk.mft
File:                     QH0twQwC9ewk9pD59mBVVIZWLlk.mft (raw, json)
Hash identifier:          80S26HcYAsx6ZPb/zmUk6n2Lf110xeWOhwZSqMVqDgE=
Subject key identifier:   4C:71:EC:B0:CB:75:A3:5F:1D:62:E3:7F:3A:FB:B3:52:CF:2F:20:9C
Authority key identifier: 40:7D:2D:C1:0C:02:F5:EC:24:F6:90:F9:F6:60:55:54:86:56:2E:59
Certificate issuer:       /CN=407d2dc10c02f5ec24f690f9f660555486562e59
Certificate serial:       0197624C20F9E370F5C05228991721430CD4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/QH0twQwC9ewk9pD59mBVVIZWLlk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ed/a6fcc9-d251-42dc-ad02-967c2285ea62/1/QH0twQwC9ewk9pD59mBVVIZWLlk.mft
Manifest number:          1288
Signing time:             Thu 12 Jun 2025 04:00:45 +0000
Manifest this update:     Thu 12 Jun 2025 04:00:45 +0000
Manifest next update:     Fri 13 Jun 2025 04:00:45 +0000
Files and hashes:         1: H0bQgySRSVEBMsUFWG1LFpsoHvo.roa (hash: xkMnmqfm74JviA1Eb+MeDPeuGBKpBqJAXaeRNQIX3FU=)
                          2: QH0twQwC9ewk9pD59mBVVIZWLlk.crl (hash: T2qe+Orx8/Z/KwhscPiK2WPLXBvbvNJaMBkuYzwvV80=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ed/a6fcc9-d251-42dc-ad02-967c2285ea62/1/QH0twQwC9ewk9pD59mBVVIZWLlk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ed/a6fcc9-d251-42dc-ad02-967c2285ea62/1/QH0twQwC9ewk9pD59mBVVIZWLlk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/QH0twQwC9ewk9pD59mBVVIZWLlk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 13 Jun 2025 00:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:62:4c:20:f9:e3:70:f5:c0:52:28:99:17:21:43:0c:d4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=407d2dc10c02f5ec24f690f9f660555486562e59
        Validity
            Not Before: Jun 12 04:00:45 2025 GMT
            Not After : Jun 13 04:00:45 2025 GMT
        Subject: CN=4c71ecb0cb75a35f1d62e37f3afbb352cf2f209c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:87:4e:a3:e5:bd:53:51:29:43:db:b9:24:e9:
                    82:f4:f2:5d:11:98:e3:d5:f0:2f:4b:75:39:90:f8:
                    c2:03:ad:65:4b:85:93:11:33:37:7f:11:ec:2e:c4:
                    90:bb:47:b8:04:39:8a:78:f9:cc:96:ee:09:73:ca:
                    44:96:30:4c:64:96:d4:30:7f:61:5e:a7:41:0f:7d:
                    4b:be:40:1d:58:11:e6:23:23:3c:4f:ce:46:74:a6:
                    72:bb:f5:d8:18:31:ea:b6:6e:d1:d0:d3:16:ac:86:
                    75:48:77:fb:4b:b3:f3:73:44:bf:a1:98:ae:67:24:
                    dd:78:02:2b:86:b4:db:2e:42:9d:0c:0d:b5:5a:0b:
                    36:28:4f:19:f3:c0:dc:e1:ca:96:b4:3a:81:f3:a9:
                    67:cd:20:42:58:86:a5:06:3b:71:be:14:45:32:17:
                    8d:08:34:22:ea:95:13:d4:0b:0d:e6:e2:eb:ec:c7:
                    ac:b6:0e:09:9e:ce:74:92:e3:63:2b:64:84:cc:25:
                    22:fc:36:12:dc:74:9b:bd:83:1e:ce:7a:f7:b0:41:
                    14:95:9b:31:8c:b2:1e:8a:b6:af:33:29:e8:89:1a:
                    a7:ac:6e:9c:17:68:2b:5b:9c:c2:ec:08:15:91:8f:
                    aa:06:a5:0f:78:ec:5a:e9:1e:98:43:b8:f1:b8:4f:
                    12:8f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4C:71:EC:B0:CB:75:A3:5F:1D:62:E3:7F:3A:FB:B3:52:CF:2F:20:9C
            X509v3 Authority Key Identifier:
                keyid:40:7D:2D:C1:0C:02:F5:EC:24:F6:90:F9:F6:60:55:54:86:56:2E:59

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QH0twQwC9ewk9pD59mBVVIZWLlk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/a6fcc9-d251-42dc-ad02-967c2285ea62/1/QH0twQwC9ewk9pD59mBVVIZWLlk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/a6fcc9-d251-42dc-ad02-967c2285ea62/1/QH0twQwC9ewk9pD59mBVVIZWLlk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         44:80:13:64:19:a9:d3:bd:0c:6a:84:1b:6c:7d:18:b3:3d:89:
         3d:92:3b:61:f7:4f:b7:16:22:be:67:aa:f8:5e:91:b0:1f:ae:
         e1:17:b4:9e:9a:11:07:03:a9:1e:5f:f7:64:8c:40:27:8c:e5:
         38:47:4f:58:4d:41:88:80:13:35:53:0a:94:31:1d:4e:86:77:
         ed:ec:8f:4e:a4:0e:be:1e:42:b0:e4:62:9c:5f:b8:1d:c3:65:
         0c:30:27:bc:8c:22:7e:d9:2c:36:e9:f0:ff:e3:0a:dd:30:e7:
         1f:b6:1d:31:cf:05:be:d2:76:b8:35:2b:dd:0b:64:68:ab:68:
         c8:82:fa:6b:2e:bf:15:e7:d6:3d:1b:a2:a7:06:2f:de:ff:86:
         98:d6:13:4b:e8:c7:6f:94:c9:34:6d:93:22:82:11:98:14:4b:
         3c:fd:08:3d:86:82:9d:cb:ae:5c:aa:ec:ed:f5:9d:c2:c4:b7:
         c6:19:52:60:e8:6f:c2:ca:50:c2:3a:c4:99:37:e5:52:16:6e:
         da:2f:5e:d4:26:a9:de:07:10:c7:41:5e:95:bb:e5:97:bd:e7:
         08:c5:28:58:99:e2:b3:b3:08:68:16:41:2a:bd:c5:a8:9c:74:
         d6:19:15:29:89:38:cd:92:90:52:ee:a2:e5:00:c4:03:86:6d:
         db:e3:f8:62
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdiTCD543D1wFIomRchQwzUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwN2QyZGMxMGMwMmY1ZWMyNGY2OTBmOWY2NjA1NTU0ODY1
NjJlNTkwHhcNMjUwNjEyMDQwMDQ1WhcNMjUwNjEzMDQwMDQ1WjAzMTEwLwYDVQQD
Eyg0YzcxZWNiMGNiNzVhMzVmMWQ2MmUzN2YzYWZiYjM1MmNmMmYyMDljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuIdOo+W9U1EpQ9u5JOmC9PJdEZjj
1fAvS3U5kPjCA61lS4WTETM3fxHsLsSQu0e4BDmKePnMlu4Jc8pEljBMZJbUMH9h
XqdBD31LvkAdWBHmIyM8T85GdKZyu/XYGDHqtm7R0NMWrIZ1SHf7S7Pzc0S/oZiu
ZyTdeAIrhrTbLkKdDA21Wgs2KE8Z88Dc4cqWtDqB86lnzSBCWIalBjtxvhRFMheN
CDQi6pUT1AsN5uLr7Mestg4Jns50kuNjK2SEzCUi/DYS3HSbvYMeznr3sEEUlZsx
jLIeiravMynoiRqnrG6cF2grW5zC7AgVkY+qBqUPeOxa6R6YQ7jxuE8SjwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFExx7LDLdaNfHWLjfzr7s1LPLyCcMB8GA1UdIwQY
MBaAFEB9LcEMAvXsJPaQ+fZgVVSGVi5ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUUgwdHdRd0M5ZXdrOXBENTltQlZWSVpXTGxrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZC9hNmZjYzktZDI1MS00MmRjLWFkMDIt
OTY3YzIyODVlYTYyLzEvUUgwdHdRd0M5ZXdrOXBENTltQlZWSVpXTGxrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZC9hNmZjYzktZDI1MS00MmRjLWFkMDItOTY3YzIyODVlYTYy
LzEvUUgwdHdRd0M5ZXdrOXBENTltQlZWSVpXTGxrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEARIATZBmp
070MaoQbbH0Ysz2JPZI7YfdPtxYivmeq+F6RsB+u4Re0npoRBwOpHl/3ZIxAJ4zl
OEdPWE1BiIATNVMKlDEdToZ37eyPTqQOvh5CsORinF+4HcNlDDAnvIwiftksNunw
/+MK3TDnH7YdMc8FvtJ2uDUr3QtkaKtoyIL6ay6/FefWPRuipwYv3v+GmNYTS+jH
b5TJNG2TIoIRmBRLPP0IPYaCncuuXKrs7fWdwsS3xhlSYOhvwspQwjrEmTflUhZu
2i9e1Cap3gcQx0Felbvll73nCMUoWJnis7MIaBZBKr3FqJx01hkVKYk4zZKQUu6i
5QDEA4Zt2+P4Yg==
-----END CERTIFICATE-----
Generated at Thu Jun 12 10:03:13 2025 by rpki-client