Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ed/a6fcc9-d251-42dc-ad02-967c2285ea62/1/QH0twQwC9ewk9pD59mBVVIZWLlk.mft
File:                     QH0twQwC9ewk9pD59mBVVIZWLlk.mft (raw, json)
Hash identifier:          h93T1EKyIZLzINqJB36VAEFfK9KL5xHYJeAWcg7q92k=
Subject key identifier:   52:49:E4:8C:63:6C:D3:B8:50:91:DD:77:33:56:82:42:41:B9:CE:36
Authority key identifier: 40:7D:2D:C1:0C:02:F5:EC:24:F6:90:F9:F6:60:55:54:86:56:2E:59
Certificate issuer:       /CN=407d2dc10c02f5ec24f690f9f660555486562e59
Certificate serial:       01975C80A10CBFF8C0B3308E3225DC05597A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/QH0twQwC9ewk9pD59mBVVIZWLlk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ed/a6fcc9-d251-42dc-ad02-967c2285ea62/1/QH0twQwC9ewk9pD59mBVVIZWLlk.mft
Manifest number:          1285
Signing time:             Wed 11 Jun 2025 01:00:23 +0000
Manifest this update:     Wed 11 Jun 2025 01:00:23 +0000
Manifest next update:     Thu 12 Jun 2025 01:00:23 +0000
Files and hashes:         1: H0bQgySRSVEBMsUFWG1LFpsoHvo.roa (hash: xkMnmqfm74JviA1Eb+MeDPeuGBKpBqJAXaeRNQIX3FU=)
                          2: QH0twQwC9ewk9pD59mBVVIZWLlk.crl (hash: nfDrNMCowkByziEQRE/AamyHzy4nTuLGkXAIK+huD2Y=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ed/a6fcc9-d251-42dc-ad02-967c2285ea62/1/QH0twQwC9ewk9pD59mBVVIZWLlk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ed/a6fcc9-d251-42dc-ad02-967c2285ea62/1/QH0twQwC9ewk9pD59mBVVIZWLlk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/QH0twQwC9ewk9pD59mBVVIZWLlk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 11 Jun 2025 20:45:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:5c:80:a1:0c:bf:f8:c0:b3:30:8e:32:25:dc:05:59:7a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=407d2dc10c02f5ec24f690f9f660555486562e59
        Validity
            Not Before: Jun 11 01:00:23 2025 GMT
            Not After : Jun 12 01:00:23 2025 GMT
        Subject: CN=5249e48c636cd3b85091dd773356824241b9ce36
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:92:a8:e5:84:9f:8b:5c:32:6f:d3:7a:12:66:f4:
                    a2:15:a4:2e:be:89:b7:a7:ad:9f:d1:1d:52:d8:69:
                    cc:68:87:6c:f5:93:67:80:ee:44:c7:2e:15:c0:6f:
                    e7:fe:3c:c6:e0:54:9e:17:dc:07:1c:6f:61:03:51:
                    59:da:cb:59:f6:a8:6e:79:81:05:bf:93:f0:12:1d:
                    88:8a:d9:d7:cd:1e:59:e0:12:2d:e6:41:38:89:46:
                    af:6b:73:91:78:6c:5b:46:37:d8:de:d0:3d:e1:86:
                    ea:14:e5:b8:2b:31:f5:a1:b4:97:42:47:c6:4a:5a:
                    0f:01:f5:dc:cd:a1:33:15:9f:20:83:f5:de:e4:c7:
                    a2:6f:3f:db:b5:26:bc:f2:21:da:b3:e8:94:40:4f:
                    70:77:6e:8a:58:ae:2f:17:6c:36:0d:a6:63:3a:de:
                    59:11:e0:20:99:d9:d1:45:db:7f:a6:6e:dd:fa:cf:
                    2a:c0:94:44:53:76:44:4b:98:5f:fd:55:74:b6:d9:
                    76:7c:4a:8f:e5:0e:a3:dd:32:6d:a3:48:23:74:e2:
                    3f:10:73:04:26:cb:86:69:1c:2e:32:fb:a0:df:03:
                    68:b1:25:84:7a:ea:a2:6a:d6:45:64:6f:89:98:23:
                    ac:e8:c4:a4:65:d4:53:0c:f2:71:b0:e3:06:d2:9a:
                    05:4b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                52:49:E4:8C:63:6C:D3:B8:50:91:DD:77:33:56:82:42:41:B9:CE:36
            X509v3 Authority Key Identifier:
                keyid:40:7D:2D:C1:0C:02:F5:EC:24:F6:90:F9:F6:60:55:54:86:56:2E:59

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QH0twQwC9ewk9pD59mBVVIZWLlk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/a6fcc9-d251-42dc-ad02-967c2285ea62/1/QH0twQwC9ewk9pD59mBVVIZWLlk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/a6fcc9-d251-42dc-ad02-967c2285ea62/1/QH0twQwC9ewk9pD59mBVVIZWLlk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0c:48:1d:85:83:1a:13:6b:35:c5:1e:21:0d:52:f9:55:03:df:
         b1:b3:1c:0f:d5:00:0c:a5:d9:6b:f3:2f:d6:ed:74:92:5e:e4:
         f7:b4:c5:ae:74:2e:1e:68:8d:dd:36:d7:ee:ed:fe:25:ce:79:
         41:71:ee:4c:c5:ea:33:1c:e2:69:5f:63:a0:d0:b7:30:8e:78:
         5f:29:0b:96:bc:47:df:89:d5:ca:63:d3:0a:ab:4b:96:86:f5:
         b5:87:5d:b8:35:57:cf:c3:27:c6:42:83:84:0c:f5:61:cc:f5:
         3c:0a:f8:59:51:34:8b:91:f5:dc:27:30:3a:90:db:bc:fa:0b:
         ed:62:89:7b:83:e9:59:bb:1a:4b:96:8f:83:17:bb:ad:d5:2c:
         05:f5:34:54:33:c9:68:22:98:dd:7c:90:c7:a7:36:f1:cd:c1:
         5b:71:a2:3e:e8:7e:d2:73:11:b6:0e:be:bc:5e:23:d1:db:29:
         9c:cc:e9:9e:0b:91:52:34:29:b8:15:91:8e:a3:65:dc:ef:9e:
         cb:50:71:5c:75:84:a1:78:66:6a:62:76:25:e0:76:43:5c:29:
         ce:a2:66:28:f1:8f:e8:f1:0f:17:cd:9b:43:87:8d:aa:cb:7f:
         3f:23:a1:5f:36:a8:6c:d1:94:a5:ae:1d:ef:ce:22:0b:34:31:
         46:3b:40:38
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdcgKEMv/jAszCOMiXcBVl6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwN2QyZGMxMGMwMmY1ZWMyNGY2OTBmOWY2NjA1NTU0ODY1
NjJlNTkwHhcNMjUwNjExMDEwMDIzWhcNMjUwNjEyMDEwMDIzWjAzMTEwLwYDVQQD
Eyg1MjQ5ZTQ4YzYzNmNkM2I4NTA5MWRkNzczMzU2ODI0MjQxYjljZTM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkqjlhJ+LXDJv03oSZvSiFaQuvom3
p62f0R1S2GnMaIds9ZNngO5Exy4VwG/n/jzG4FSeF9wHHG9hA1FZ2stZ9qhueYEF
v5PwEh2IitnXzR5Z4BIt5kE4iUava3OReGxbRjfY3tA94YbqFOW4KzH1obSXQkfG
SloPAfXczaEzFZ8gg/Xe5Meibz/btSa88iHas+iUQE9wd26KWK4vF2w2DaZjOt5Z
EeAgmdnRRdt/pm7d+s8qwJREU3ZES5hf/VV0ttl2fEqP5Q6j3TJto0gjdOI/EHME
JsuGaRwuMvug3wNosSWEeuqiatZFZG+JmCOs6MSkZdRTDPJxsOMG0poFSwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFJJ5IxjbNO4UJHddzNWgkJBuc42MB8GA1UdIwQY
MBaAFEB9LcEMAvXsJPaQ+fZgVVSGVi5ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUUgwdHdRd0M5ZXdrOXBENTltQlZWSVpXTGxrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZC9hNmZjYzktZDI1MS00MmRjLWFkMDIt
OTY3YzIyODVlYTYyLzEvUUgwdHdRd0M5ZXdrOXBENTltQlZWSVpXTGxrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZC9hNmZjYzktZDI1MS00MmRjLWFkMDItOTY3YzIyODVlYTYy
LzEvUUgwdHdRd0M5ZXdrOXBENTltQlZWSVpXTGxrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADEgdhYMa
E2s1xR4hDVL5VQPfsbMcD9UADKXZa/Mv1u10kl7k97TFrnQuHmiN3TbX7u3+Jc55
QXHuTMXqMxziaV9joNC3MI54XykLlrxH34nVymPTCqtLlob1tYdduDVXz8MnxkKD
hAz1Ycz1PAr4WVE0i5H13CcwOpDbvPoL7WKJe4PpWbsaS5aPgxe7rdUsBfU0VDPJ
aCKY3XyQx6c28c3BW3GiPuh+0nMRtg6+vF4j0dspnMzpnguRUjQpuBWRjqNl3O+e
y1BxXHWEoXhmamJ2JeB2Q1wpzqJmKPGP6PEPF82bQ4eNqst/PyOhXzaobNGUpa4d
784iCzQxRjtAOA==
-----END CERTIFICATE-----
Generated at Wed Jun 11 04:30:02 2025 by rpki-client