Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/ae842b-4cc7-4e07-9827-a82ad54defbc/1/ag1malTV4bw1XA1yUDpFj8Do4Gw.mft
File:                     ag1malTV4bw1XA1yUDpFj8Do4Gw.mft (raw, json)
Hash identifier:          WGtXVujO497AmpS+uIKwwLpTEkXVLeSfb11nl85zBf8=
Subject key identifier:   99:06:D8:BC:84:2F:3F:E3:55:90:B8:63:C1:D0:C7:A6:0B:25:08:A5
Authority key identifier: 6A:0D:66:6A:54:D5:E1:BC:35:5C:0D:72:50:3A:45:8F:C0:E8:E0:6C
Certificate issuer:       /CN=6a0d666a54d5e1bc355c0d72503a458fc0e8e06c
Certificate serial:       01967D20F344DC16983DDECD38D976CEDA9A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ag1malTV4bw1XA1yUDpFj8Do4Gw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/16/ae842b-4cc7-4e07-9827-a82ad54defbc/1/ag1malTV4bw1XA1yUDpFj8Do4Gw.mft
Manifest number:          1512
Signing time:             Mon 28 Apr 2025 16:00:33 +0000
Manifest this update:     Mon 28 Apr 2025 16:00:33 +0000
Manifest next update:     Tue 29 Apr 2025 16:00:33 +0000
Files and hashes:         1: Zbu9lV-TXRr1mjPabkdbQi-tc2k.roa (hash: L0pLG2iq3DWnmdVA1LNHGmiPWiH4T8eZ9Q5L7k/ukzQ=)
                          2: ag1malTV4bw1XA1yUDpFj8Do4Gw.crl (hash: Hf/rJXClI3BApgwoxCpZnLeQrOTuzIjmPljwvNy3jWo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/16/ae842b-4cc7-4e07-9827-a82ad54defbc/1/ag1malTV4bw1XA1yUDpFj8Do4Gw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/16/ae842b-4cc7-4e07-9827-a82ad54defbc/1/ag1malTV4bw1XA1yUDpFj8Do4Gw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ag1malTV4bw1XA1yUDpFj8Do4Gw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 29 Apr 2025 15:01:16 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:7d:20:f3:44:dc:16:98:3d:de:cd:38:d9:76:ce:da:9a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6a0d666a54d5e1bc355c0d72503a458fc0e8e06c
        Validity
            Not Before: Apr 28 16:00:33 2025 GMT
            Not After : Apr 29 16:00:33 2025 GMT
        Subject: CN=9906d8bc842f3fe35590b863c1d0c7a60b2508a5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:a0:29:5d:7d:fe:76:d2:9e:87:3e:5e:b2:9d:
                    8a:2a:8f:b5:47:f6:08:09:70:a4:6f:31:5d:8f:34:
                    bb:b0:9f:1c:fb:05:32:a6:6a:23:bc:49:24:1f:a9:
                    fa:21:b9:9e:8d:17:ae:61:d6:d0:fb:ad:8a:02:5a:
                    07:62:82:a5:dc:9a:1e:01:50:e0:f0:87:18:55:42:
                    91:32:ab:63:65:1e:04:1c:c2:18:01:30:0d:8d:f0:
                    13:d3:be:3e:56:b4:a4:6e:14:e2:92:28:a9:e3:f2:
                    0d:fd:0d:9c:d9:f5:8f:ca:78:da:fa:70:d1:05:b2:
                    47:ef:4a:02:59:dd:8d:dd:c6:87:be:53:d3:70:dc:
                    fe:d2:65:8e:ee:be:f3:b1:2f:d7:09:1c:3b:1a:31:
                    49:6e:0a:da:cb:a8:7c:01:c1:6c:00:08:00:5b:c3:
                    6d:69:77:49:5b:7b:e0:f1:92:ac:80:99:2f:62:67:
                    38:e7:84:3c:31:d3:cd:28:44:4b:15:52:cb:1c:cd:
                    ae:ec:6f:a5:f4:cf:05:bd:7a:af:48:6c:a0:e5:a2:
                    17:93:05:a1:4d:0f:26:6f:eb:48:f2:ba:f0:8f:79:
                    5f:ca:7d:af:c6:ab:63:83:8b:73:85:b8:97:b5:51:
                    dc:ba:4f:4d:cb:80:df:20:5e:8a:bd:ac:e3:11:e7:
                    9c:b9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                99:06:D8:BC:84:2F:3F:E3:55:90:B8:63:C1:D0:C7:A6:0B:25:08:A5
            X509v3 Authority Key Identifier:
                keyid:6A:0D:66:6A:54:D5:E1:BC:35:5C:0D:72:50:3A:45:8F:C0:E8:E0:6C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ag1malTV4bw1XA1yUDpFj8Do4Gw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/ae842b-4cc7-4e07-9827-a82ad54defbc/1/ag1malTV4bw1XA1yUDpFj8Do4Gw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/16/ae842b-4cc7-4e07-9827-a82ad54defbc/1/ag1malTV4bw1XA1yUDpFj8Do4Gw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         68:8b:ae:5e:e0:1c:aa:2f:04:96:6d:24:6e:76:92:80:56:d3:
         c2:30:16:0e:53:f5:07:92:53:95:56:28:e5:9b:34:96:b3:41:
         5b:c2:5d:f2:04:12:cd:00:3a:c9:ae:f5:d8:a5:09:b6:32:e0:
         f0:de:77:5d:fc:69:2d:5e:58:e1:eb:e5:24:d2:82:12:42:7b:
         8f:9f:68:67:08:e5:7b:86:e3:df:6c:dd:61:8c:c2:29:67:2c:
         a5:49:08:d0:f2:94:16:7c:5c:8d:95:0c:1d:a7:88:13:8c:26:
         c9:b4:c9:49:66:6b:7f:ff:25:5f:ad:54:8e:61:6f:7d:4c:1f:
         21:ed:fd:6f:fb:b5:d5:df:9f:f4:44:32:6d:d9:72:34:1d:ea:
         80:30:0f:84:c4:fe:82:d1:74:cf:ba:92:23:03:fc:ea:18:50:
         d7:90:02:a2:09:53:6c:dd:ff:8d:d0:fa:5b:70:57:2e:1b:fc:
         99:23:d7:76:cc:f6:93:87:9b:f8:73:00:ec:05:e5:60:20:90:
         6f:ff:fd:c3:71:2a:a2:dd:92:51:25:ac:22:20:31:9e:85:fc:
         80:67:e0:0d:ce:8d:3e:fc:90:67:9b:51:37:e6:e6:c0:48:23:
         d6:d7:61:f8:dd:03:e0:7a:18:02:16:42:15:89:7e:d5:e0:4d:
         47:16:e2:28
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZ9IPNE3BaYPd7NONl2ztqaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZhMGQ2NjZhNTRkNWUxYmMzNTVjMGQ3MjUwM2E0NThmYzBl
OGUwNmMwHhcNMjUwNDI4MTYwMDMzWhcNMjUwNDI5MTYwMDMzWjAzMTEwLwYDVQQD
Eyg5OTA2ZDhiYzg0MmYzZmUzNTU5MGI4NjNjMWQwYzdhNjBiMjUwOGE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo6ApXX3+dtKehz5esp2KKo+1R/YI
CXCkbzFdjzS7sJ8c+wUypmojvEkkH6n6IbmejReuYdbQ+62KAloHYoKl3JoeAVDg
8IcYVUKRMqtjZR4EHMIYATANjfAT074+VrSkbhTikiip4/IN/Q2c2fWPynja+nDR
BbJH70oCWd2N3caHvlPTcNz+0mWO7r7zsS/XCRw7GjFJbgray6h8AcFsAAgAW8Nt
aXdJW3vg8ZKsgJkvYmc454Q8MdPNKERLFVLLHM2u7G+l9M8FvXqvSGyg5aIXkwWh
TQ8mb+tI8rrwj3lfyn2vxqtjg4tzhbiXtVHcuk9Ny4DfIF6KvazjEeecuQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJkG2LyELz/jVZC4Y8HQx6YLJQilMB8GA1UdIwQY
MBaAFGoNZmpU1eG8NVwNclA6RY/A6OBsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYWcxbWFsVFY0YncxWEExeVVEcEZqOERvNEd3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi9hZTg0MmItNGNjNy00ZTA3LTk4Mjct
YTgyYWQ1NGRlZmJjLzEvYWcxbWFsVFY0YncxWEExeVVEcEZqOERvNEd3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi9hZTg0MmItNGNjNy00ZTA3LTk4MjctYTgyYWQ1NGRlZmJj
LzEvYWcxbWFsVFY0YncxWEExeVVEcEZqOERvNEd3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAaIuuXuAc
qi8Elm0kbnaSgFbTwjAWDlP1B5JTlVYo5Zs0lrNBW8Jd8gQSzQA6ya712KUJtjLg
8N53XfxpLV5Y4evlJNKCEkJ7j59oZwjle4bj32zdYYzCKWcspUkI0PKUFnxcjZUM
HaeIE4wmybTJSWZrf/8lX61UjmFvfUwfIe39b/u11d+f9EQybdlyNB3qgDAPhMT+
gtF0z7qSIwP86hhQ15ACoglTbN3/jdD6W3BXLhv8mSPXdsz2k4eb+HMA7AXlYCCQ
b//9w3Eqot2SUSWsIiAxnoX8gGfgDc6NPvyQZ5tRN+bmwEgj1tdh+N0D4HoYAhZC
FYl+1eBNRxbiKA==
-----END CERTIFICATE-----
Generated at Tue Apr 29 01:35:28 2025 by rpki-client