Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/32/8de4a3-8d5a-46b1-a735-2f46e9317cc6/1/s7b1TqmxWovU8zglOGyyd7A0Od0.mft
File:                     s7b1TqmxWovU8zglOGyyd7A0Od0.mft (raw, json)
Hash identifier:          aiX7txuJBI5E7fv+mUDdPpatx68q7zWJ9hsGF2skfhA=
Subject key identifier:   99:22:10:A9:C9:D3:6C:E7:E0:30:89:77:E1:E1:66:7D:A5:69:43:9B
Authority key identifier: B3:B6:F5:4E:A9:B1:5A:8B:D4:F3:38:25:38:6C:B2:77:B0:34:39:DD
Certificate issuer:       /CN=b3b6f54ea9b15a8bd4f33825386cb277b03439dd
Certificate serial:       01977866042CC2DF595831E16D35D0599C6B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/s7b1TqmxWovU8zglOGyyd7A0Od0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/32/8de4a3-8d5a-46b1-a735-2f46e9317cc6/1/s7b1TqmxWovU8zglOGyyd7A0Od0.mft
Manifest number:          159A
Signing time:             Mon 16 Jun 2025 11:00:41 +0000
Manifest this update:     Mon 16 Jun 2025 11:00:41 +0000
Manifest next update:     Tue 17 Jun 2025 11:00:41 +0000
Files and hashes:         1: SpsqNCwISL1D7YWDs8MOUK4XUcQ.roa (hash: VKTdP32emCO1Alc2phplZ6z5V0MT3UL3VXfP0BBA76I=)
                          2: s7b1TqmxWovU8zglOGyyd7A0Od0.crl (hash: hN1NQCflPYhq74+ry545eAzoLNjL0Q1iiBvNk8sFyAw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/32/8de4a3-8d5a-46b1-a735-2f46e9317cc6/1/s7b1TqmxWovU8zglOGyyd7A0Od0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/32/8de4a3-8d5a-46b1-a735-2f46e9317cc6/1/s7b1TqmxWovU8zglOGyyd7A0Od0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/s7b1TqmxWovU8zglOGyyd7A0Od0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 17 Jun 2025 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:78:66:04:2c:c2:df:59:58:31:e1:6d:35:d0:59:9c:6b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b3b6f54ea9b15a8bd4f33825386cb277b03439dd
        Validity
            Not Before: Jun 16 11:00:41 2025 GMT
            Not After : Jun 17 11:00:41 2025 GMT
        Subject: CN=992210a9c9d36ce7e0308977e1e1667da569439b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:03:ca:1c:3a:30:65:1b:05:bb:5d:40:34:2f:
                    85:58:83:2e:b8:9a:52:69:d9:d6:a7:ae:08:a3:6d:
                    a7:a7:0d:f4:ce:7a:63:ba:eb:f4:0f:d9:1f:0a:42:
                    df:09:8d:1b:5c:23:4c:ca:87:99:47:ea:b9:15:fd:
                    39:f6:ca:dd:bd:70:bf:d8:a7:aa:44:ff:2c:1c:f9:
                    b1:76:6e:db:94:ab:2f:73:75:8b:58:4f:52:96:60:
                    11:08:05:71:c6:da:47:bb:9d:d9:a1:24:0d:48:3a:
                    be:0a:3f:4f:cd:11:ee:a3:12:31:d3:4f:5c:80:bb:
                    26:49:63:a7:4f:e4:fc:c5:f3:43:18:26:73:06:d6:
                    f6:12:15:3f:4f:f5:9d:1f:1b:2b:8d:b3:a2:af:ce:
                    b3:d0:e4:93:d0:f3:e8:af:46:23:ea:70:5d:b4:28:
                    ea:a9:85:d9:26:e5:02:e8:c2:de:e0:93:ed:97:ff:
                    b3:a1:62:c5:4a:4d:98:c4:1e:99:27:e8:29:6a:30:
                    b6:a3:ec:73:97:7f:86:d3:57:fb:cb:61:5e:d5:15:
                    c1:12:ef:e3:f3:a8:b4:94:90:f0:d7:19:aa:9f:22:
                    93:bf:bd:40:5c:f7:e7:97:48:f4:f2:65:12:50:b1:
                    80:54:78:96:ec:e2:81:98:33:12:ba:34:d6:52:e2:
                    95:29
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                99:22:10:A9:C9:D3:6C:E7:E0:30:89:77:E1:E1:66:7D:A5:69:43:9B
            X509v3 Authority Key Identifier:
                keyid:B3:B6:F5:4E:A9:B1:5A:8B:D4:F3:38:25:38:6C:B2:77:B0:34:39:DD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s7b1TqmxWovU8zglOGyyd7A0Od0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/8de4a3-8d5a-46b1-a735-2f46e9317cc6/1/s7b1TqmxWovU8zglOGyyd7A0Od0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/32/8de4a3-8d5a-46b1-a735-2f46e9317cc6/1/s7b1TqmxWovU8zglOGyyd7A0Od0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         05:72:6d:a5:99:56:2c:c5:63:21:bb:41:f7:f8:a3:03:fc:ad:
         3f:5b:bd:ec:40:f6:f5:6c:2f:52:01:77:1a:bd:6f:44:db:bb:
         c1:5f:21:da:c7:fc:73:b5:96:b8:0d:9f:ad:44:9d:63:72:80:
         65:dc:19:a6:08:c0:97:1c:e7:65:32:87:3f:31:cf:20:9b:c3:
         87:a1:98:2c:64:2b:c1:d3:9a:5c:8d:e6:c9:66:8e:e8:89:4c:
         eb:e3:b7:b7:ef:f3:0f:73:00:5b:b8:d0:a5:c1:62:f6:ed:33:
         cb:be:d8:e4:16:46:4a:cc:af:46:d2:fd:63:20:76:ed:d8:77:
         10:d8:9b:68:48:49:ef:6d:7f:d2:22:5f:55:3f:cf:05:31:99:
         62:19:cd:bd:29:0b:66:57:7b:98:72:f0:31:84:95:9a:3b:05:
         fb:68:a9:5b:61:29:bf:13:0e:fd:4f:b9:24:1a:af:26:b7:e7:
         d8:38:46:e9:25:41:58:da:cb:e7:61:87:37:8c:cf:fb:69:cd:
         a8:28:58:e8:b1:fa:7a:68:08:83:2d:07:5b:7f:a0:4f:b8:ed:
         6f:2d:57:5a:4a:a9:3c:7e:7f:4f:80:a4:0d:d1:85:c2:f1:47:
         85:55:c0:84:85:1f:54:5a:14:4b:3b:b8:4f:ab:3a:e8:10:7c:
         f4:d9:be:6f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZd4ZgQswt9ZWDHhbTXQWZxrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzYjZmNTRlYTliMTVhOGJkNGYzMzgyNTM4NmNiMjc3YjAz
NDM5ZGQwHhcNMjUwNjE2MTEwMDQxWhcNMjUwNjE3MTEwMDQxWjAzMTEwLwYDVQQD
Eyg5OTIyMTBhOWM5ZDM2Y2U3ZTAzMDg5NzdlMWUxNjY3ZGE1Njk0MzliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtAPKHDowZRsFu11ANC+FWIMuuJpS
adnWp64Io22npw30znpjuuv0D9kfCkLfCY0bXCNMyoeZR+q5Ff059srdvXC/2Keq
RP8sHPmxdm7blKsvc3WLWE9SlmARCAVxxtpHu53ZoSQNSDq+Cj9PzRHuoxIx009c
gLsmSWOnT+T8xfNDGCZzBtb2EhU/T/WdHxsrjbOir86z0OST0PPor0Yj6nBdtCjq
qYXZJuUC6MLe4JPtl/+zoWLFSk2YxB6ZJ+gpajC2o+xzl3+G01f7y2Fe1RXBEu/j
86i0lJDw1xmqnyKTv71AXPfnl0j08mUSULGAVHiW7OKBmDMSujTWUuKVKQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJkiEKnJ02zn4DCJd+HhZn2laUObMB8GA1UdIwQY
MBaAFLO29U6psVqL1PM4JThssnewNDndMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvczdiMVRxbXhXb3ZVOHpnbE9HeXlkN0EwT2QwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMi84ZGU0YTMtOGQ1YS00NmIxLWE3MzUt
MmY0NmU5MzE3Y2M2LzEvczdiMVRxbXhXb3ZVOHpnbE9HeXlkN0EwT2QwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMi84ZGU0YTMtOGQ1YS00NmIxLWE3MzUtMmY0NmU5MzE3Y2M2
LzEvczdiMVRxbXhXb3ZVOHpnbE9HeXlkN0EwT2QwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEABXJtpZlW
LMVjIbtB9/ijA/ytP1u97ED29WwvUgF3Gr1vRNu7wV8h2sf8c7WWuA2frUSdY3KA
ZdwZpgjAlxznZTKHPzHPIJvDh6GYLGQrwdOaXI3myWaO6IlM6+O3t+/zD3MAW7jQ
pcFi9u0zy77Y5BZGSsyvRtL9YyB27dh3ENibaEhJ721/0iJfVT/PBTGZYhnNvSkL
Zld7mHLwMYSVmjsF+2ipW2EpvxMO/U+5JBqvJrfn2DhG6SVBWNrL52GHN4zP+2nN
qChY6LH6emgIgy0HW3+gT7jtby1XWkqpPH5/T4CkDdGFwvFHhVXAhIUfVFoUSzu4
T6s66BB89Nm+bw==
-----END CERTIFICATE-----
Generated at Mon Jun 16 14:45:59 2025 by rpki-client