Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ef/010ca1-5b30-4baf-831e-89551e8cce12/1/Brft72GFhyPErevj7lqJ9wBY1f4.mft
File:                     Brft72GFhyPErevj7lqJ9wBY1f4.mft (raw, json)
Hash identifier:          iuiyNCSoO+f1zqK97QJ0Qeb/x6BxkJ0BYEQraeJ0Fzk=
Subject key identifier:   C1:85:6B:45:E1:7A:41:58:D5:AE:0E:5C:7C:C9:3F:9C:58:B0:09:EE
Authority key identifier: 06:B7:ED:EF:61:85:87:23:C4:AD:EB:E3:EE:5A:89:F7:00:58:D5:FE
Certificate issuer:       /CN=06b7edef61858723c4adebe3ee5a89f70058d5fe
Certificate serial:       0197586DC29E4B24F369F28C4BE1952C8E5A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Brft72GFhyPErevj7lqJ9wBY1f4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ef/010ca1-5b30-4baf-831e-89551e8cce12/1/Brft72GFhyPErevj7lqJ9wBY1f4.mft
Manifest number:          1585
Signing time:             Tue 10 Jun 2025 06:01:17 +0000
Manifest this update:     Tue 10 Jun 2025 06:01:17 +0000
Manifest next update:     Wed 11 Jun 2025 06:01:17 +0000
Files and hashes:         1: Brft72GFhyPErevj7lqJ9wBY1f4.crl (hash: ouktoENURn+4fZQ6mCSWhLJteh9c8uYaCttdmoJUqXU=)
                          2: UkP4jKKKyGHBawn8RPGOoI0g86k.roa (hash: t1NCQU9kIDrxSOL+gI05c500j4/UZOaC1oFaRb7Gluw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ef/010ca1-5b30-4baf-831e-89551e8cce12/1/Brft72GFhyPErevj7lqJ9wBY1f4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ef/010ca1-5b30-4baf-831e-89551e8cce12/1/Brft72GFhyPErevj7lqJ9wBY1f4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Brft72GFhyPErevj7lqJ9wBY1f4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 11 Jun 2025 06:01:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:58:6d:c2:9e:4b:24:f3:69:f2:8c:4b:e1:95:2c:8e:5a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=06b7edef61858723c4adebe3ee5a89f70058d5fe
        Validity
            Not Before: Jun 10 06:01:17 2025 GMT
            Not After : Jun 11 06:01:17 2025 GMT
        Subject: CN=c1856b45e17a4158d5ae0e5c7cc93f9c58b009ee
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c7:3a:7d:90:3e:10:27:74:72:43:2c:68:8b:f9:
                    b4:b3:87:52:dc:e7:64:59:7e:74:7a:b5:c3:94:e4:
                    a1:62:1c:5b:b3:63:33:e5:c8:f6:e2:a0:27:bc:64:
                    97:d7:2d:70:f7:e7:ab:82:00:0b:51:32:84:e4:4d:
                    23:5f:6e:41:9d:68:bc:e8:02:cb:9a:ed:50:01:6d:
                    d5:b1:59:f3:cd:0c:70:9f:f2:af:21:22:05:e9:12:
                    ac:58:7c:68:94:fd:79:cb:48:f2:46:25:af:d8:55:
                    64:ce:97:39:80:2d:2d:77:e4:cd:75:f5:7d:25:66:
                    35:ad:3d:39:56:13:f8:fb:67:86:75:7c:43:84:8c:
                    95:6d:60:61:36:57:0a:a4:73:23:0d:89:10:e4:b2:
                    69:b4:bf:62:5a:39:3c:ae:ca:f0:db:a6:7b:e5:cf:
                    dc:e2:d0:20:83:e8:98:86:0e:38:2d:89:0c:28:89:
                    45:7c:4f:d1:0a:c0:62:0b:18:90:c4:f6:88:e9:b8:
                    21:5d:04:e3:d5:15:54:bb:33:c0:f8:7d:c3:3a:75:
                    51:2b:a8:ca:0d:ff:99:47:7a:f1:37:d6:3c:aa:b2:
                    6c:02:2a:78:39:70:e4:b5:c9:3d:0d:1f:e2:63:0a:
                    71:0b:e4:8f:eb:ac:80:82:c6:d8:40:08:16:9e:fb:
                    6a:41
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C1:85:6B:45:E1:7A:41:58:D5:AE:0E:5C:7C:C9:3F:9C:58:B0:09:EE
            X509v3 Authority Key Identifier:
                keyid:06:B7:ED:EF:61:85:87:23:C4:AD:EB:E3:EE:5A:89:F7:00:58:D5:FE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Brft72GFhyPErevj7lqJ9wBY1f4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/010ca1-5b30-4baf-831e-89551e8cce12/1/Brft72GFhyPErevj7lqJ9wBY1f4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/010ca1-5b30-4baf-831e-89551e8cce12/1/Brft72GFhyPErevj7lqJ9wBY1f4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         78:7b:cb:6c:04:33:e9:be:7a:ec:25:9e:cd:6a:9b:c3:8a:d7:
         14:57:a5:77:dc:7c:c4:98:67:da:c5:9e:c4:c3:71:9e:79:e6:
         3b:43:13:fe:bc:a3:b8:20:b0:65:68:91:85:b0:77:93:33:7c:
         20:ed:9a:ca:dc:c7:47:4e:45:65:d1:23:89:28:08:1c:2c:64:
         b1:f8:aa:40:38:38:ee:cf:6a:27:10:84:61:fc:dd:82:ae:05:
         1b:4a:c8:77:ff:13:3b:c6:01:29:72:ff:34:69:6e:1e:dd:44:
         a5:98:bd:74:c5:72:ac:cc:98:3b:b6:0b:16:4c:f0:d8:52:dc:
         ba:09:f9:11:77:ab:a8:8f:ec:55:ea:f5:fa:86:9c:53:5f:9c:
         df:d7:7c:07:7e:b5:45:fc:e4:de:83:7f:1d:53:63:83:67:0c:
         d1:6f:01:9f:62:16:b3:bc:aa:53:8c:11:50:0d:1a:27:7e:1e:
         27:e2:10:44:44:a8:2b:97:da:5e:80:ca:33:f3:fa:68:12:49:
         4b:11:a0:65:99:43:df:96:97:4b:8e:cc:de:ae:7c:a9:9a:e1:
         92:f5:f4:3d:8e:26:03:ed:e9:a0:33:dd:d7:f9:a2:2b:70:98:
         1b:a2:f4:1f:73:fd:9a:45:b6:3f:f8:7e:3a:af:11:fc:cc:8f:
         ba:85:f8:f9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdYbcKeSyTzafKMS+GVLI5aMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA2YjdlZGVmNjE4NTg3MjNjNGFkZWJlM2VlNWE4OWY3MDA1
OGQ1ZmUwHhcNMjUwNjEwMDYwMTE3WhcNMjUwNjExMDYwMTE3WjAzMTEwLwYDVQQD
EyhjMTg1NmI0NWUxN2E0MTU4ZDVhZTBlNWM3Y2M5M2Y5YzU4YjAwOWVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxzp9kD4QJ3RyQyxoi/m0s4dS3Odk
WX50erXDlOShYhxbs2Mz5cj24qAnvGSX1y1w9+erggALUTKE5E0jX25BnWi86ALL
mu1QAW3VsVnzzQxwn/KvISIF6RKsWHxolP15y0jyRiWv2FVkzpc5gC0td+TNdfV9
JWY1rT05VhP4+2eGdXxDhIyVbWBhNlcKpHMjDYkQ5LJptL9iWjk8rsrw26Z75c/c
4tAgg+iYhg44LYkMKIlFfE/RCsBiCxiQxPaI6bghXQTj1RVUuzPA+H3DOnVRK6jK
Df+ZR3rxN9Y8qrJsAip4OXDktck9DR/iYwpxC+SP66yAgsbYQAgWnvtqQQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMGFa0XhekFY1a4OXHzJP5xYsAnuMB8GA1UdIwQY
MBaAFAa37e9hhYcjxK3r4+5aifcAWNX+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQnJmdDcyR0ZoeVBFcmV2ajdscUo5d0JZMWY0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZi8wMTBjYTEtNWIzMC00YmFmLTgzMWUt
ODk1NTFlOGNjZTEyLzEvQnJmdDcyR0ZoeVBFcmV2ajdscUo5d0JZMWY0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZi8wMTBjYTEtNWIzMC00YmFmLTgzMWUtODk1NTFlOGNjZTEy
LzEvQnJmdDcyR0ZoeVBFcmV2ajdscUo5d0JZMWY0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAeHvLbAQz
6b567CWezWqbw4rXFFeld9x8xJhn2sWexMNxnnnmO0MT/ryjuCCwZWiRhbB3kzN8
IO2aytzHR05FZdEjiSgIHCxksfiqQDg47s9qJxCEYfzdgq4FG0rId/8TO8YBKXL/
NGluHt1EpZi9dMVyrMyYO7YLFkzw2FLcugn5EXerqI/sVer1+oacU1+c39d8B361
Rfzk3oN/HVNjg2cM0W8Bn2IWs7yqU4wRUA0aJ34eJ+IQRESoK5faXoDKM/P6aBJJ
SxGgZZlD35aXS47M3q58qZrhkvX0PY4mA+3poDPd1/miK3CYG6L0H3P9mkW2P/h+
Oq8R/MyPuoX4+Q==
-----END CERTIFICATE-----
Generated at Tue Jun 10 14:25:23 2025 by rpki-client