Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/8f7148-236d-4088-89e6-665995c62838/1/UxUwA3N9ePci25oo4iBD412Nhx4.mft
File:                     UxUwA3N9ePci25oo4iBD412Nhx4.mft (raw, json)
Hash identifier:          dAP/ezwkorP/sYWPvX5YVM77nThJyY/+FiDmIDC4FS8=
Subject key identifier:   68:AD:00:6D:55:44:EF:72:85:27:A1:73:0E:14:6E:92:92:34:04:2B
Authority key identifier: 53:15:30:03:73:7D:78:F7:22:DB:9A:28:E2:20:43:E3:5D:8D:87:1E
Certificate issuer:       /CN=53153003737d78f722db9a28e22043e35d8d871e
Certificate serial:       019761DE346A7E3744ABBE8F0D21E49A3CB4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/UxUwA3N9ePci25oo4iBD412Nhx4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/fe/8f7148-236d-4088-89e6-665995c62838/1/UxUwA3N9ePci25oo4iBD412Nhx4.mft
Manifest number:          158A
Signing time:             Thu 12 Jun 2025 02:00:41 +0000
Manifest this update:     Thu 12 Jun 2025 02:00:41 +0000
Manifest next update:     Fri 13 Jun 2025 02:00:41 +0000
Files and hashes:         1: UxUwA3N9ePci25oo4iBD412Nhx4.crl (hash: RKPadS+7itND2fYl7RPSxZgX+x78HavC12KVrk45poI=)
                          2: vffye4B_maKGCuAE9ICWvmcHW6I.roa (hash: VaColu6D/X0DZ0KpxU1etnd04XXSodxmzmHPWI2Hjvo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/fe/8f7148-236d-4088-89e6-665995c62838/1/UxUwA3N9ePci25oo4iBD412Nhx4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/fe/8f7148-236d-4088-89e6-665995c62838/1/UxUwA3N9ePci25oo4iBD412Nhx4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/UxUwA3N9ePci25oo4iBD412Nhx4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 12 Jun 2025 21:26:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:61:de:34:6a:7e:37:44:ab:be:8f:0d:21:e4:9a:3c:b4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=53153003737d78f722db9a28e22043e35d8d871e
        Validity
            Not Before: Jun 12 02:00:41 2025 GMT
            Not After : Jun 13 02:00:41 2025 GMT
        Subject: CN=68ad006d5544ef728527a1730e146e929234042b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d8:ce:88:85:1e:e1:7b:87:67:dc:17:12:61:2a:
                    31:5c:43:23:97:94:19:ad:20:b7:54:dd:8c:7e:a0:
                    40:bf:8a:40:17:a6:be:a9:1e:fd:bc:37:c1:b6:8e:
                    c5:60:11:a5:a0:1d:a3:93:6f:71:f5:b7:f8:03:6a:
                    3e:08:7c:ee:84:a8:4e:c9:aa:ac:5b:7a:10:14:f7:
                    21:ac:2e:9e:8c:81:bb:96:97:71:60:81:b7:7b:0c:
                    ed:f0:d6:6c:af:35:ea:14:04:0e:18:b0:f3:e9:ec:
                    99:67:e4:92:98:b9:f9:6f:aa:d7:b7:a5:ba:f7:81:
                    12:8c:b1:17:4b:ab:02:9d:a1:29:a7:4b:02:6a:e9:
                    60:f2:02:3e:c6:49:e2:6a:9e:4e:5d:45:fe:6c:b2:
                    5d:37:8b:10:ac:ea:6e:27:8e:65:a4:aa:ac:1e:2c:
                    37:f6:90:f0:c1:d0:0c:92:4c:35:36:7b:19:d7:ab:
                    fe:1a:56:2c:ce:27:0e:e9:e8:bd:71:d7:73:fb:0b:
                    a8:3b:25:64:3a:dc:51:be:3e:d1:d7:f8:47:6a:3a:
                    6a:2b:e8:63:a0:59:93:a9:fd:40:40:e4:31:5b:33:
                    3d:ef:1b:03:07:02:fb:26:4c:1b:6e:7f:0d:b0:ab:
                    b9:b9:29:fb:fa:c0:32:54:3c:d5:3a:df:8a:71:50:
                    3e:19
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                68:AD:00:6D:55:44:EF:72:85:27:A1:73:0E:14:6E:92:92:34:04:2B
            X509v3 Authority Key Identifier:
                keyid:53:15:30:03:73:7D:78:F7:22:DB:9A:28:E2:20:43:E3:5D:8D:87:1E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UxUwA3N9ePci25oo4iBD412Nhx4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/8f7148-236d-4088-89e6-665995c62838/1/UxUwA3N9ePci25oo4iBD412Nhx4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/8f7148-236d-4088-89e6-665995c62838/1/UxUwA3N9ePci25oo4iBD412Nhx4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         71:17:1a:d9:d1:a9:49:97:ce:a6:bc:52:b2:67:d4:28:f8:c9:
         f5:33:88:73:16:07:fa:2b:d6:71:5b:e8:fc:8e:41:3a:08:03:
         bb:cc:73:b1:81:88:32:48:4b:ab:1d:b8:0c:83:58:72:77:35:
         de:1d:5a:96:42:c3:3d:fc:f0:8d:92:0d:81:97:1d:d5:56:e7:
         f4:7f:a5:ae:0f:f7:2b:95:28:c3:8d:49:af:8e:7d:b3:15:f5:
         db:21:ec:8a:61:6a:c9:97:f5:70:9b:8e:37:02:ab:82:60:29:
         5b:b9:c9:52:2b:5b:52:19:73:83:45:3e:b2:02:9a:2a:96:03:
         6b:2f:4b:c0:58:e7:7b:55:8b:75:b8:b1:24:d6:78:cf:17:99:
         84:50:89:0b:25:73:5b:25:26:02:cb:17:10:74:b6:a9:34:7d:
         e7:17:39:1c:9d:de:d3:6f:a3:11:43:8f:48:4d:4a:5f:af:4d:
         9c:77:dc:17:a1:3d:db:f6:9d:64:82:5e:ce:35:d4:e6:41:2f:
         fc:33:15:62:96:cf:b8:97:a3:d7:1a:2a:c5:16:f0:a8:79:85:
         a2:b7:03:1b:b7:61:2f:07:09:44:1d:fa:ad:42:13:f4:df:c7:
         bb:3e:a1:be:bc:49:49:1d:b6:8a:af:46:15:eb:6b:d2:12:ad:
         86:f2:c7:40
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdh3jRqfjdEq76PDSHkmjy0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUzMTUzMDAzNzM3ZDc4ZjcyMmRiOWEyOGUyMjA0M2UzNWQ4
ZDg3MWUwHhcNMjUwNjEyMDIwMDQxWhcNMjUwNjEzMDIwMDQxWjAzMTEwLwYDVQQD
Eyg2OGFkMDA2ZDU1NDRlZjcyODUyN2ExNzMwZTE0NmU5MjkyMzQwNDJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2M6IhR7he4dn3BcSYSoxXEMjl5QZ
rSC3VN2MfqBAv4pAF6a+qR79vDfBto7FYBGloB2jk29x9bf4A2o+CHzuhKhOyaqs
W3oQFPchrC6ejIG7lpdxYIG3ewzt8NZsrzXqFAQOGLDz6eyZZ+SSmLn5b6rXt6W6
94ESjLEXS6sCnaEpp0sCaulg8gI+xkniap5OXUX+bLJdN4sQrOpuJ45lpKqsHiw3
9pDwwdAMkkw1NnsZ16v+GlYszicO6ei9cddz+wuoOyVkOtxRvj7R1/hHajpqK+hj
oFmTqf1AQOQxWzM97xsDBwL7Jkwbbn8NsKu5uSn7+sAyVDzVOt+KcVA+GQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGitAG1VRO9yhSehcw4UbpKSNAQrMB8GA1UdIwQY
MBaAFFMVMANzfXj3ItuaKOIgQ+NdjYceMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVXhVd0EzTjllUGNpMjVvbzRpQkQ0MTJOaHg0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS84ZjcxNDgtMjM2ZC00MDg4LTg5ZTYt
NjY1OTk1YzYyODM4LzEvVXhVd0EzTjllUGNpMjVvbzRpQkQ0MTJOaHg0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS84ZjcxNDgtMjM2ZC00MDg4LTg5ZTYtNjY1OTk1YzYyODM4
LzEvVXhVd0EzTjllUGNpMjVvbzRpQkQ0MTJOaHg0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAcRca2dGp
SZfOprxSsmfUKPjJ9TOIcxYH+ivWcVvo/I5BOggDu8xzsYGIMkhLqx24DINYcnc1
3h1alkLDPfzwjZINgZcd1Vbn9H+lrg/3K5Uow41Jr459sxX12yHsimFqyZf1cJuO
NwKrgmApW7nJUitbUhlzg0U+sgKaKpYDay9LwFjne1WLdbixJNZ4zxeZhFCJCyVz
WyUmAssXEHS2qTR95xc5HJ3e02+jEUOPSE1KX69NnHfcF6E92/adZIJezjXU5kEv
/DMVYpbPuJej1xoqxRbwqHmForcDG7dhLwcJRB36rUIT9N/Huz6hvrxJSR22iq9G
Fetr0hKthvLHQA==
-----END CERTIFICATE-----
Generated at Thu Jun 12 07:42:45 2025 by rpki-client