Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/506db9-12aa-463c-a7ea-d3cdd5c3392c/1/U6i3vKixHSeFDpGMpZlmmIAWKSk.mft
File:                     U6i3vKixHSeFDpGMpZlmmIAWKSk.mft (raw, json)
Hash identifier:          OPZ8ydcN2HhonAInDddCzU26FKqAp6AqaFTNBZKNdrA=
Subject key identifier:   84:55:0F:04:71:83:39:75:C3:42:30:29:1C:93:D7:21:1F:68:67:A3
Authority key identifier: 53:A8:B7:BC:A8:B1:1D:27:85:0E:91:8C:A5:99:66:98:80:16:29:29
Certificate issuer:       /CN=53a8b7bca8b11d27850e918ca599669880162929
Certificate serial:       01967FEB3E5394F3F502E5E862524AFBD8BE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/U6i3vKixHSeFDpGMpZlmmIAWKSk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/25/506db9-12aa-463c-a7ea-d3cdd5c3392c/1/U6i3vKixHSeFDpGMpZlmmIAWKSk.mft
Manifest number:          0124
Signing time:             Tue 29 Apr 2025 05:00:45 +0000
Manifest this update:     Tue 29 Apr 2025 05:00:45 +0000
Manifest next update:     Wed 30 Apr 2025 05:00:45 +0000
Files and hashes:         1: U6i3vKixHSeFDpGMpZlmmIAWKSk.crl (hash: TjyzsJ+qKI8J7G06YkTkhEhmnnYqOMvSTFNKqvWqZP4=)
                          2: qST1YzpfG0Aj9HfkTwxj9U8CUhI.roa (hash: wruCCghr0kJqtbuyZdJFoTZhRH+nhRjwzTxdaCBX4hs=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/25/506db9-12aa-463c-a7ea-d3cdd5c3392c/1/U6i3vKixHSeFDpGMpZlmmIAWKSk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/25/506db9-12aa-463c-a7ea-d3cdd5c3392c/1/U6i3vKixHSeFDpGMpZlmmIAWKSk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/U6i3vKixHSeFDpGMpZlmmIAWKSk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 30 Apr 2025 05:00:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:7f:eb:3e:53:94:f3:f5:02:e5:e8:62:52:4a:fb:d8:be
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=53a8b7bca8b11d27850e918ca599669880162929
        Validity
            Not Before: Apr 29 05:00:45 2025 GMT
            Not After : Apr 30 05:00:45 2025 GMT
        Subject: CN=84550f0471833975c34230291c93d7211f6867a3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:5c:ba:fa:bc:a3:99:10:15:9b:be:1b:0c:9e:
                    00:69:ca:9e:0e:81:66:27:d8:6e:d3:62:6f:0e:2c:
                    18:c3:64:2b:0e:50:79:e3:b6:19:b4:02:46:ee:63:
                    70:e3:d3:59:60:1e:78:d0:3f:30:87:48:78:a2:42:
                    20:df:09:ca:bc:31:ac:74:11:39:bb:20:a3:12:ea:
                    b5:98:f0:07:45:eb:a8:d4:92:d8:f4:98:55:de:24:
                    2f:67:aa:a0:1b:7c:01:4b:4f:03:63:8c:60:47:3b:
                    5b:8c:d3:5d:16:cd:a5:e7:09:45:d1:8b:16:00:bb:
                    2b:86:6b:9f:d5:90:49:b8:3e:a5:09:22:b7:9d:e9:
                    7b:56:13:9f:b5:35:7f:b8:a0:3e:5e:aa:2e:92:96:
                    30:80:1c:98:11:5b:81:7c:e3:14:7b:2b:a4:75:9f:
                    18:a1:40:13:bf:12:34:66:eb:b9:45:c6:aa:9f:fe:
                    63:30:c8:df:0a:2e:6b:af:30:6a:5d:ec:9e:be:66:
                    d7:9c:cf:f2:e4:ad:4b:73:fa:e0:20:06:01:8d:74:
                    2e:2a:95:45:f8:c6:c8:ef:57:17:21:0d:b5:5b:91:
                    e2:31:15:2e:62:46:44:f8:2c:04:e8:18:4a:9a:d0:
                    5d:d6:a6:56:c3:9d:84:d5:97:51:46:b6:c1:85:7d:
                    de:bf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                84:55:0F:04:71:83:39:75:C3:42:30:29:1C:93:D7:21:1F:68:67:A3
            X509v3 Authority Key Identifier:
                keyid:53:A8:B7:BC:A8:B1:1D:27:85:0E:91:8C:A5:99:66:98:80:16:29:29

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/U6i3vKixHSeFDpGMpZlmmIAWKSk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/506db9-12aa-463c-a7ea-d3cdd5c3392c/1/U6i3vKixHSeFDpGMpZlmmIAWKSk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/25/506db9-12aa-463c-a7ea-d3cdd5c3392c/1/U6i3vKixHSeFDpGMpZlmmIAWKSk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         72:88:bc:8c:82:b3:75:69:de:48:55:18:41:80:34:13:d1:df:
         ee:20:2e:f2:62:3d:47:04:4d:1e:7f:67:0c:7b:2a:81:8c:f4:
         37:19:b2:6a:eb:de:87:ab:fb:ce:a8:00:10:28:0f:1e:88:3f:
         c8:3e:38:de:99:3a:cc:76:89:f3:00:31:da:28:b9:78:ff:b7:
         47:5e:0a:42:cb:95:fc:63:0f:fd:1e:06:0b:67:8c:4e:d3:a6:
         cf:60:ee:3f:d9:14:15:39:44:4b:df:81:73:23:6a:3c:de:4c:
         7e:ac:ba:da:74:b3:fa:eb:ae:86:86:8a:5a:ed:80:1e:0d:29:
         5a:d5:4f:d8:cd:79:ae:a6:95:0c:e5:06:6e:3d:c2:2a:0d:fd:
         94:85:eb:e2:b8:1e:cc:e1:0b:be:b7:7c:2e:34:46:d1:e6:6f:
         75:38:3c:9e:58:3c:bf:79:b4:8e:87:8d:f8:17:cf:61:be:b0:
         e1:7d:da:ab:64:9c:db:33:e4:15:51:77:91:6a:ec:ca:ef:39:
         1c:40:06:ec:b7:7c:dc:9d:41:0a:5a:72:97:2f:aa:10:c5:53:
         6d:94:f9:32:cb:19:94:75:f5:b3:0c:83:23:ff:2d:d3:24:d5:
         4d:32:a9:43:8f:1b:fa:a6:ae:b3:65:3e:f7:f0:bf:7c:03:11:
         ee:5c:d7:0d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZ/6z5TlPP1AuXoYlJK+9i+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUzYThiN2JjYThiMTFkMjc4NTBlOTE4Y2E1OTk2Njk4ODAx
NjI5MjkwHhcNMjUwNDI5MDUwMDQ1WhcNMjUwNDMwMDUwMDQ1WjAzMTEwLwYDVQQD
Eyg4NDU1MGYwNDcxODMzOTc1YzM0MjMwMjkxYzkzZDcyMTFmNjg2N2EzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArFy6+ryjmRAVm74bDJ4AacqeDoFm
J9hu02JvDiwYw2QrDlB547YZtAJG7mNw49NZYB540D8wh0h4okIg3wnKvDGsdBE5
uyCjEuq1mPAHReuo1JLY9JhV3iQvZ6qgG3wBS08DY4xgRztbjNNdFs2l5wlF0YsW
ALsrhmuf1ZBJuD6lCSK3nel7VhOftTV/uKA+XqoukpYwgByYEVuBfOMUeyukdZ8Y
oUATvxI0Zuu5Rcaqn/5jMMjfCi5rrzBqXeyevmbXnM/y5K1Lc/rgIAYBjXQuKpVF
+MbI71cXIQ21W5HiMRUuYkZE+CwE6BhKmtBd1qZWw52E1ZdRRrbBhX3evwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIRVDwRxgzl1w0IwKRyT1yEfaGejMB8GA1UdIwQY
MBaAFFOot7yosR0nhQ6RjKWZZpiAFikpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVTZpM3ZLaXhIU2VGRHBHTXBabG1tSUFXS1NrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS81MDZkYjktMTJhYS00NjNjLWE3ZWEt
ZDNjZGQ1YzMzOTJjLzEvVTZpM3ZLaXhIU2VGRHBHTXBabG1tSUFXS1NrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS81MDZkYjktMTJhYS00NjNjLWE3ZWEtZDNjZGQ1YzMzOTJj
LzEvVTZpM3ZLaXhIU2VGRHBHTXBabG1tSUFXS1NrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAcoi8jIKz
dWneSFUYQYA0E9Hf7iAu8mI9RwRNHn9nDHsqgYz0Nxmyauveh6v7zqgAECgPHog/
yD443pk6zHaJ8wAx2ii5eP+3R14KQsuV/GMP/R4GC2eMTtOmz2DuP9kUFTlES9+B
cyNqPN5Mfqy62nSz+uuuhoaKWu2AHg0pWtVP2M15rqaVDOUGbj3CKg39lIXr4rge
zOELvrd8LjRG0eZvdTg8nlg8v3m0joeN+BfPYb6w4X3aq2Sc2zPkFVF3kWrsyu85
HEAG7Ld83J1BClpyly+qEMVTbZT5MssZlHX1swyDI/8t0yTVTTKpQ48b+qaus2U+
9/C/fAMR7lzXDQ==
-----END CERTIFICATE-----
Generated at Tue Apr 29 10:26:58 2025 by rpki-client