Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2c/d02b32-967d-4751-82d3-121a14a9a40e/1/aLw5QAVdFXTyY7X5arCQDGu0xfk.mft
File:                     aLw5QAVdFXTyY7X5arCQDGu0xfk.mft (raw, json)
Hash identifier:          z82axCMjsKxFR1RXVs8XyPB/o/KOurbqxHr48TsJmUE=
Subject key identifier:   74:C2:D3:32:C8:48:C5:00:E9:AB:C8:98:8E:74:F0:DE:B9:90:F2:F0
Authority key identifier: 68:BC:39:40:05:5D:15:74:F2:63:B5:F9:6A:B0:90:0C:6B:B4:C5:F9
Certificate issuer:       /CN=68bc3940055d1574f263b5f96ab0900c6bb4c5f9
Certificate serial:       019677C35DF754937A8359744EDE47E04C4E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/aLw5QAVdFXTyY7X5arCQDGu0xfk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2c/d02b32-967d-4751-82d3-121a14a9a40e/1/aLw5QAVdFXTyY7X5arCQDGu0xfk.mft
Manifest number:          027B
Signing time:             Sun 27 Apr 2025 15:00:14 +0000
Manifest this update:     Sun 27 Apr 2025 15:00:14 +0000
Manifest next update:     Mon 28 Apr 2025 15:00:14 +0000
Files and hashes:         1: UTuku2NoRg5M3213fHsTSechO5U.roa (hash: mmVExhdm+qlv5wjD1nNIr2CTIIUIWrulidPSaVkzZdU=)
                          2: aLw5QAVdFXTyY7X5arCQDGu0xfk.crl (hash: /jsH5WASeIy+N4WOnVq6S2BEjDvaioLDYM/IVNpOqD4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/2c/d02b32-967d-4751-82d3-121a14a9a40e/1/aLw5QAVdFXTyY7X5arCQDGu0xfk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/2c/d02b32-967d-4751-82d3-121a14a9a40e/1/aLw5QAVdFXTyY7X5arCQDGu0xfk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/aLw5QAVdFXTyY7X5arCQDGu0xfk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 28 Apr 2025 07:29:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:77:c3:5d:f7:54:93:7a:83:59:74:4e:de:47:e0:4c:4e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=68bc3940055d1574f263b5f96ab0900c6bb4c5f9
        Validity
            Not Before: Apr 27 15:00:14 2025 GMT
            Not After : Apr 28 15:00:14 2025 GMT
        Subject: CN=74c2d332c848c500e9abc8988e74f0deb990f2f0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:6b:bf:c8:fd:6d:db:e2:dc:1e:d3:c3:1d:c7:
                    f6:d7:fd:2a:ab:30:6b:ac:1f:60:56:0e:da:08:e1:
                    9a:12:ed:e8:01:7e:2a:ef:a0:9d:63:7f:4a:d9:cb:
                    ac:51:d0:f0:9b:ad:ef:12:8d:ad:45:93:7f:d1:5d:
                    de:8a:e7:51:3f:10:ac:7d:4d:36:95:cf:62:73:d4:
                    39:c1:eb:9c:60:74:8d:ac:9d:cf:65:d8:b6:ab:da:
                    8f:dd:ab:67:21:4e:48:a5:96:5a:5d:79:dd:a0:01:
                    15:2b:f7:fd:6b:13:19:fa:0a:da:5b:73:67:b3:ca:
                    96:fc:a9:1f:9f:3e:fa:73:f0:4c:10:38:80:68:99:
                    b7:71:05:34:bc:89:a4:9d:3a:3a:04:f7:1d:de:64:
                    9f:bf:e7:a2:11:e3:57:fa:31:fb:38:19:47:d7:ee:
                    cd:84:f0:e8:3a:e2:dd:55:c8:ff:bc:08:a6:4e:77:
                    03:45:f3:55:bf:a3:8a:8b:3d:39:96:b8:4d:96:1e:
                    1a:22:40:be:84:c2:51:96:96:02:fa:38:cb:27:0a:
                    d2:ba:dc:ba:fa:f8:d0:91:c3:f3:85:84:b7:39:ba:
                    be:b6:c3:0a:20:d5:0c:5b:5d:59:0d:40:6d:6d:cb:
                    59:2c:6b:ef:c0:0d:5b:bc:e9:c5:d2:f4:cf:40:f2:
                    d9:cf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                74:C2:D3:32:C8:48:C5:00:E9:AB:C8:98:8E:74:F0:DE:B9:90:F2:F0
            X509v3 Authority Key Identifier:
                keyid:68:BC:39:40:05:5D:15:74:F2:63:B5:F9:6A:B0:90:0C:6B:B4:C5:F9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aLw5QAVdFXTyY7X5arCQDGu0xfk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/d02b32-967d-4751-82d3-121a14a9a40e/1/aLw5QAVdFXTyY7X5arCQDGu0xfk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/d02b32-967d-4751-82d3-121a14a9a40e/1/aLw5QAVdFXTyY7X5arCQDGu0xfk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         50:7b:18:b1:36:6c:39:de:a2:53:6a:b1:07:68:e5:5b:72:f7:
         bf:29:d3:ae:c0:c3:d2:e9:0c:3f:e3:29:d9:ad:08:81:d3:c2:
         5b:48:76:42:ca:6e:21:d0:72:31:c5:ea:c4:29:d7:12:3e:1c:
         3f:9f:eb:77:f0:0f:78:a2:4d:d8:45:32:1f:69:0b:a6:7b:5d:
         21:86:78:15:52:c4:71:41:f5:b6:9e:47:de:2e:c4:99:17:1d:
         95:02:cd:c7:1c:59:b5:bb:03:6b:75:dd:94:df:3e:b6:ca:8e:
         63:63:2f:ed:fa:6d:8f:7e:21:72:aa:0e:61:44:94:7c:2e:05:
         9d:ee:15:b4:9d:1c:5b:10:40:5b:35:19:87:2e:21:5f:c2:54:
         b4:fc:88:47:41:c7:46:66:a7:37:10:46:7b:32:4e:97:89:6b:
         eb:bd:c2:52:d6:ab:8f:7a:48:18:90:f8:06:3f:27:2a:82:ca:
         20:bf:53:ae:c5:28:be:42:18:e8:50:01:fb:9d:ae:22:5d:3d:
         33:05:a6:43:dc:70:2b:2f:60:b9:6c:40:45:f5:f9:14:d9:c5:
         5c:51:de:c7:d1:bf:a7:ca:d7:36:02:ae:a0:d1:8f:b8:ee:da:
         fd:10:a1:5e:7e:7b:5e:1d:8c:9d:22:07:44:79:1f:44:9d:ab:
         71:08:88:8e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZ3w133VJN6g1l0Tt5H4ExOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4YmMzOTQwMDU1ZDE1NzRmMjYzYjVmOTZhYjA5MDBjNmJi
NGM1ZjkwHhcNMjUwNDI3MTUwMDE0WhcNMjUwNDI4MTUwMDE0WjAzMTEwLwYDVQQD
Eyg3NGMyZDMzMmM4NDhjNTAwZTlhYmM4OTg4ZTc0ZjBkZWI5OTBmMmYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApWu/yP1t2+LcHtPDHcf21/0qqzBr
rB9gVg7aCOGaEu3oAX4q76CdY39K2cusUdDwm63vEo2tRZN/0V3eiudRPxCsfU02
lc9ic9Q5weucYHSNrJ3PZdi2q9qP3atnIU5IpZZaXXndoAEVK/f9axMZ+graW3Nn
s8qW/Kkfnz76c/BMEDiAaJm3cQU0vImknTo6BPcd3mSfv+eiEeNX+jH7OBlH1+7N
hPDoOuLdVcj/vAimTncDRfNVv6OKiz05lrhNlh4aIkC+hMJRlpYC+jjLJwrSuty6
+vjQkcPzhYS3Obq+tsMKINUMW11ZDUBtbctZLGvvwA1bvOnF0vTPQPLZzwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHTC0zLISMUA6avImI508N65kPLwMB8GA1UdIwQY
MBaAFGi8OUAFXRV08mO1+WqwkAxrtMX5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYUx3NVFBVmRGWFR5WTdYNWFyQ1FER3UweGZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYy9kMDJiMzItOTY3ZC00NzUxLTgyZDMt
MTIxYTE0YTlhNDBlLzEvYUx3NVFBVmRGWFR5WTdYNWFyQ1FER3UweGZrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYy9kMDJiMzItOTY3ZC00NzUxLTgyZDMtMTIxYTE0YTlhNDBl
LzEvYUx3NVFBVmRGWFR5WTdYNWFyQ1FER3UweGZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAUHsYsTZs
Od6iU2qxB2jlW3L3vynTrsDD0ukMP+Mp2a0IgdPCW0h2QspuIdByMcXqxCnXEj4c
P5/rd/APeKJN2EUyH2kLpntdIYZ4FVLEcUH1tp5H3i7EmRcdlQLNxxxZtbsDa3Xd
lN8+tsqOY2Mv7fptj34hcqoOYUSUfC4Fne4VtJ0cWxBAWzUZhy4hX8JUtPyIR0HH
RmanNxBGezJOl4lr673CUtarj3pIGJD4Bj8nKoLKIL9TrsUovkIY6FAB+52uIl09
MwWmQ9xwKy9guWxARfX5FNnFXFHex9G/p8rXNgKuoNGPuO7a/RChXn57Xh2MnSIH
RHkfRJ2rcQiIjg==
-----END CERTIFICATE-----
Generated at Sun Apr 27 17:13:09 2025 by rpki-client