Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ef/010ca1-5b30-4baf-831e-89551e8cce12/1/Brft72GFhyPErevj7lqJ9wBY1f4.mft
File:                     Brft72GFhyPErevj7lqJ9wBY1f4.mft (raw, json)
Hash identifier:          OXiAO2/WgQnSRMS9DS269J8aR30V+DogKuIlID77cto=
Subject key identifier:   D5:34:2D:E3:F8:3D:D2:53:14:B7:19:BF:CF:33:3D:4C:FB:EF:8E:23
Authority key identifier: 06:B7:ED:EF:61:85:87:23:C4:AD:EB:E3:EE:5A:89:F7:00:58:D5:FE
Certificate issuer:       /CN=06b7edef61858723c4adebe3ee5a89f70058d5fe
Certificate serial:       01976403C2F167EF0AE1100F1DA93281DF61
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Brft72GFhyPErevj7lqJ9wBY1f4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ef/010ca1-5b30-4baf-831e-89551e8cce12/1/Brft72GFhyPErevj7lqJ9wBY1f4.mft
Manifest number:          158B
Signing time:             Thu 12 Jun 2025 12:00:57 +0000
Manifest this update:     Thu 12 Jun 2025 12:00:57 +0000
Manifest next update:     Fri 13 Jun 2025 12:00:57 +0000
Files and hashes:         1: Brft72GFhyPErevj7lqJ9wBY1f4.crl (hash: tJWyI17rqWnQ/5/ym3k61YDi+tWNlg+AHhPEKlkt8BA=)
                          2: UkP4jKKKyGHBawn8RPGOoI0g86k.roa (hash: t1NCQU9kIDrxSOL+gI05c500j4/UZOaC1oFaRb7Gluw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ef/010ca1-5b30-4baf-831e-89551e8cce12/1/Brft72GFhyPErevj7lqJ9wBY1f4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ef/010ca1-5b30-4baf-831e-89551e8cce12/1/Brft72GFhyPErevj7lqJ9wBY1f4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Brft72GFhyPErevj7lqJ9wBY1f4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 13 Jun 2025 12:00:57 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:64:03:c2:f1:67:ef:0a:e1:10:0f:1d:a9:32:81:df:61
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=06b7edef61858723c4adebe3ee5a89f70058d5fe
        Validity
            Not Before: Jun 12 12:00:57 2025 GMT
            Not After : Jun 13 12:00:57 2025 GMT
        Subject: CN=d5342de3f83dd25314b719bfcf333d4cfbef8e23
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c5:c4:8c:95:70:72:cf:6b:93:da:7b:15:a9:11:
                    d5:ce:b3:a7:62:51:62:0c:31:84:4a:d0:61:10:0e:
                    50:07:c1:68:7a:b3:a3:b7:db:27:01:48:79:dc:26:
                    91:ff:e0:f0:9e:b7:30:27:cd:57:fb:a0:1d:0a:59:
                    78:19:3c:23:fb:71:d3:3a:23:a2:38:17:ca:90:3a:
                    58:e7:92:01:09:10:19:61:46:9f:18:34:f8:21:6f:
                    c9:bf:0e:e1:6c:69:86:5f:61:18:ed:de:00:5d:f8:
                    6a:78:44:4a:ae:a0:7c:7b:7f:a2:01:5f:05:ea:78:
                    1b:92:e0:6d:f7:1c:f8:ef:94:5b:da:03:6e:a9:88:
                    d5:94:dd:08:5b:49:21:32:9d:d5:9c:38:b3:53:c9:
                    cd:98:37:b3:33:63:77:ce:3c:7d:5f:c8:bb:b0:06:
                    91:c4:21:5d:28:09:60:5c:0f:3b:1c:a6:e6:c9:87:
                    8f:55:63:c5:4e:b6:db:c8:08:33:f2:e0:5a:60:ed:
                    65:d1:11:2a:a1:19:57:87:01:7f:08:55:ad:48:a4:
                    9a:7b:de:60:1f:7c:c3:4e:34:37:04:48:2c:43:8d:
                    32:0b:8b:d2:69:bd:e2:d8:1e:a7:9a:25:af:75:f7:
                    14:7d:a3:b6:48:1d:bb:96:79:b5:9f:fa:f2:ac:6a:
                    bc:03
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D5:34:2D:E3:F8:3D:D2:53:14:B7:19:BF:CF:33:3D:4C:FB:EF:8E:23
            X509v3 Authority Key Identifier:
                keyid:06:B7:ED:EF:61:85:87:23:C4:AD:EB:E3:EE:5A:89:F7:00:58:D5:FE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Brft72GFhyPErevj7lqJ9wBY1f4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/010ca1-5b30-4baf-831e-89551e8cce12/1/Brft72GFhyPErevj7lqJ9wBY1f4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/010ca1-5b30-4baf-831e-89551e8cce12/1/Brft72GFhyPErevj7lqJ9wBY1f4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         49:ee:65:6a:a8:ec:d5:a5:d7:c4:ea:b7:57:db:fe:ad:a6:a1:
         6a:7d:1f:01:3b:ab:07:6f:eb:81:ce:16:35:e5:14:e3:63:17:
         f5:04:8a:b1:bb:3a:81:a5:dd:51:05:e5:0d:13:97:d4:60:26:
         4a:0a:49:a1:f7:a1:98:17:f3:ea:35:ec:f3:db:94:31:a2:0a:
         71:68:9b:f4:2d:82:bc:9b:a5:b4:dc:f8:0b:70:20:6b:8c:bc:
         26:5e:25:6b:46:e6:af:18:9f:51:9d:be:b8:c3:7c:55:fa:78:
         2f:d9:4b:cf:26:73:7e:da:4e:7f:17:85:a0:c7:bf:25:db:48:
         2b:3b:7d:75:f6:fb:0b:fe:e2:3a:f3:5d:02:1c:26:d0:82:ef:
         8d:d4:6c:08:96:76:78:6c:a1:1d:cd:60:71:8b:1a:d6:f8:0b:
         fd:67:17:cb:ca:1b:47:a4:fd:3e:9f:41:63:01:f7:60:2e:ba:
         04:a9:14:4d:ff:bd:27:85:c2:16:f4:0f:ba:41:c2:93:ee:71:
         0f:49:70:56:3e:f6:f8:77:6a:0d:b8:00:4d:89:13:c6:10:d8:
         de:08:57:ec:01:0d:2d:ed:a6:83:a3:08:33:91:b8:c5:75:ca:
         bc:f6:f8:7e:84:66:78:7a:de:18:f8:a9:c4:bf:ba:d6:e9:a3:
         39:4a:20:88
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdkA8LxZ+8K4RAPHakygd9hMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA2YjdlZGVmNjE4NTg3MjNjNGFkZWJlM2VlNWE4OWY3MDA1
OGQ1ZmUwHhcNMjUwNjEyMTIwMDU3WhcNMjUwNjEzMTIwMDU3WjAzMTEwLwYDVQQD
EyhkNTM0MmRlM2Y4M2RkMjUzMTRiNzE5YmZjZjMzM2Q0Y2ZiZWY4ZTIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxcSMlXByz2uT2nsVqRHVzrOnYlFi
DDGEStBhEA5QB8FoerOjt9snAUh53CaR/+DwnrcwJ81X+6AdCll4GTwj+3HTOiOi
OBfKkDpY55IBCRAZYUafGDT4IW/Jvw7hbGmGX2EY7d4AXfhqeERKrqB8e3+iAV8F
6ngbkuBt9xz475Rb2gNuqYjVlN0IW0khMp3VnDizU8nNmDezM2N3zjx9X8i7sAaR
xCFdKAlgXA87HKbmyYePVWPFTrbbyAgz8uBaYO1l0REqoRlXhwF/CFWtSKSae95g
H3zDTjQ3BEgsQ40yC4vSab3i2B6nmiWvdfcUfaO2SB27lnm1n/ryrGq8AwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNU0LeP4PdJTFLcZv88zPUz7744jMB8GA1UdIwQY
MBaAFAa37e9hhYcjxK3r4+5aifcAWNX+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQnJmdDcyR0ZoeVBFcmV2ajdscUo5d0JZMWY0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZi8wMTBjYTEtNWIzMC00YmFmLTgzMWUt
ODk1NTFlOGNjZTEyLzEvQnJmdDcyR0ZoeVBFcmV2ajdscUo5d0JZMWY0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZi8wMTBjYTEtNWIzMC00YmFmLTgzMWUtODk1NTFlOGNjZTEy
LzEvQnJmdDcyR0ZoeVBFcmV2ajdscUo5d0JZMWY0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEASe5laqjs
1aXXxOq3V9v+raahan0fATurB2/rgc4WNeUU42MX9QSKsbs6gaXdUQXlDROX1GAm
SgpJofehmBfz6jXs89uUMaIKcWib9C2CvJultNz4C3Aga4y8Jl4la0bmrxifUZ2+
uMN8Vfp4L9lLzyZzftpOfxeFoMe/JdtIKzt9dfb7C/7iOvNdAhwm0ILvjdRsCJZ2
eGyhHc1gcYsa1vgL/WcXy8obR6T9Pp9BYwH3YC66BKkUTf+9J4XCFvQPukHCk+5x
D0lwVj72+HdqDbgATYkTxhDY3ghX7AENLe2mg6MIM5G4xXXKvPb4foRmeHreGPip
xL+61umjOUogiA==
-----END CERTIFICATE-----
Generated at Thu Jun 12 17:47:02 2025 by rpki-client