Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/49/b544d5-fefa-4240-bf40-68ef24cf5ef9/1/hoXgXYBZLGzxEyDrUCnKwEpNm7Q.mft
File:                     hoXgXYBZLGzxEyDrUCnKwEpNm7Q.mft (raw, json)
Hash identifier:          qiYNzw3R/HBUdi5UbPGfGaSCPi67q6/oQ3ZFcjEjyFw=
Subject key identifier:   AF:49:F3:32:1D:CB:35:E9:72:A1:65:10:9B:39:F9:A8:20:65:D7:BC
Authority key identifier: 86:85:E0:5D:80:59:2C:6C:F1:13:20:EB:50:29:CA:C0:4A:4D:9B:B4
Certificate issuer:       /CN=8685e05d80592c6cf11320eb5029cac04a4d9bb4
Certificate serial:       019691156FCADAA79298B02FE975C0CDC54B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hoXgXYBZLGzxEyDrUCnKwEpNm7Q.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/49/b544d5-fefa-4240-bf40-68ef24cf5ef9/1/hoXgXYBZLGzxEyDrUCnKwEpNm7Q.mft
Manifest number:          05E2
Signing time:             Fri 02 May 2025 13:00:23 +0000
Manifest this update:     Fri 02 May 2025 13:00:23 +0000
Manifest next update:     Sat 03 May 2025 13:00:23 +0000
Files and hashes:         1: 6rszyN8yZZcIFadBDy7iWBsKHqI.roa (hash: dWt4x4jxo9KCoGxn2Sm9VBzQBMC43sDUxeYLn9feg7U=)
                          2: hoXgXYBZLGzxEyDrUCnKwEpNm7Q.crl (hash: y8Qhzk4rsxVLOrFIfDAmZMYeEMhZ05OoQ47u+HBNlC4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/49/b544d5-fefa-4240-bf40-68ef24cf5ef9/1/hoXgXYBZLGzxEyDrUCnKwEpNm7Q.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/49/b544d5-fefa-4240-bf40-68ef24cf5ef9/1/hoXgXYBZLGzxEyDrUCnKwEpNm7Q.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/hoXgXYBZLGzxEyDrUCnKwEpNm7Q.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 03 May 2025 13:00:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:91:15:6f:ca:da:a7:92:98:b0:2f:e9:75:c0:cd:c5:4b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8685e05d80592c6cf11320eb5029cac04a4d9bb4
        Validity
            Not Before: May  2 13:00:23 2025 GMT
            Not After : May  3 13:00:23 2025 GMT
        Subject: CN=af49f3321dcb35e972a165109b39f9a82065d7bc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ce:3d:7e:56:fb:27:79:f2:00:b1:a3:ee:f3:1b:
                    03:03:39:7d:75:57:89:e7:a0:a8:11:f3:30:3e:9f:
                    6b:17:9d:ae:ab:ff:a2:30:b1:0b:e7:c5:a8:f7:ac:
                    c2:98:5c:b2:f7:39:31:a1:f3:30:4b:d0:98:36:06:
                    a3:bf:1d:00:04:60:10:16:10:cc:89:2f:59:d6:ed:
                    72:0a:29:21:fc:d9:f9:65:63:d4:1f:c7:ae:03:d3:
                    69:cd:84:4f:7a:46:d4:b0:a0:a2:3c:1d:49:6f:52:
                    d6:bb:79:9f:df:bd:39:01:67:49:df:bf:82:fc:dd:
                    7e:bd:cc:76:fe:a2:0c:3c:ab:e3:b8:57:f9:1c:a1:
                    34:57:4f:8c:c8:b5:30:a8:25:26:3b:72:2c:65:e4:
                    7b:4f:c1:19:96:37:cd:80:64:bb:6c:33:81:82:dd:
                    1b:66:cf:0c:08:fb:71:e7:aa:f2:c5:88:84:80:7a:
                    8c:6e:8a:fc:88:2d:68:cd:2c:40:eb:12:02:98:9e:
                    2c:13:cc:d3:84:77:34:56:fa:d7:ec:58:6f:2f:ca:
                    64:3d:65:a0:86:8a:ff:66:92:5c:45:92:4f:ac:e6:
                    54:79:e1:a1:06:b9:92:93:9e:a0:61:28:38:69:d2:
                    1e:33:b3:62:56:6d:c5:77:62:0b:f1:d5:b6:c9:dd:
                    6c:49
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AF:49:F3:32:1D:CB:35:E9:72:A1:65:10:9B:39:F9:A8:20:65:D7:BC
            X509v3 Authority Key Identifier:
                keyid:86:85:E0:5D:80:59:2C:6C:F1:13:20:EB:50:29:CA:C0:4A:4D:9B:B4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hoXgXYBZLGzxEyDrUCnKwEpNm7Q.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/49/b544d5-fefa-4240-bf40-68ef24cf5ef9/1/hoXgXYBZLGzxEyDrUCnKwEpNm7Q.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/49/b544d5-fefa-4240-bf40-68ef24cf5ef9/1/hoXgXYBZLGzxEyDrUCnKwEpNm7Q.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         81:9f:c2:eb:69:6e:08:4c:86:f2:8f:ce:b6:6a:bc:9f:5c:4c:
         a1:46:b7:88:8b:d7:5c:77:59:73:25:9e:c6:bc:e6:46:bf:51:
         21:00:f0:3b:b3:18:37:47:ce:b8:7e:4a:ac:77:a3:b8:33:ae:
         29:fe:c4:87:dc:e8:d3:e0:09:de:1a:79:ec:7a:85:a1:cd:86:
         8d:41:cb:13:83:3d:d3:8b:f8:5f:9d:9d:55:9b:81:d5:c8:72:
         5c:c2:7e:dc:87:a6:a5:b8:db:f0:86:8c:7f:f6:7a:5d:34:d6:
         36:fc:d7:af:c7:d4:d0:80:c9:c8:6a:34:3c:0e:65:c6:e4:6e:
         e4:ae:94:1c:87:8d:2e:8a:0e:57:a8:03:7a:25:0d:fe:e6:15:
         6a:c9:1b:ef:2a:ea:b8:a3:d2:cc:e4:78:c1:c5:78:46:b5:28:
         dc:b3:36:74:08:42:7d:8f:d6:c4:b4:a9:a5:9c:1f:b3:46:fc:
         5f:1a:8c:62:91:0f:d2:93:5c:53:0a:5e:7d:ee:cb:35:ed:f8:
         87:27:4d:5e:79:98:af:e8:17:83:ac:ac:65:73:74:85:d5:5d:
         03:13:0f:76:4d:9e:97:20:48:ab:6a:39:f3:a5:b3:b8:01:f5:
         19:66:09:04:21:70:62:a0:9b:25:8d:80:8a:63:bd:87:e4:6d:
         bf:0a:d4:a0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZaRFW/K2qeSmLAv6XXAzcVLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2ODVlMDVkODA1OTJjNmNmMTEzMjBlYjUwMjljYWMwNGE0
ZDliYjQwHhcNMjUwNTAyMTMwMDIzWhcNMjUwNTAzMTMwMDIzWjAzMTEwLwYDVQQD
EyhhZjQ5ZjMzMjFkY2IzNWU5NzJhMTY1MTA5YjM5ZjlhODIwNjVkN2JjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzj1+VvsnefIAsaPu8xsDAzl9dVeJ
56CoEfMwPp9rF52uq/+iMLEL58Wo96zCmFyy9zkxofMwS9CYNgajvx0ABGAQFhDM
iS9Z1u1yCikh/Nn5ZWPUH8euA9NpzYRPekbUsKCiPB1Jb1LWu3mf3705AWdJ37+C
/N1+vcx2/qIMPKvjuFf5HKE0V0+MyLUwqCUmO3IsZeR7T8EZljfNgGS7bDOBgt0b
Zs8MCPtx56ryxYiEgHqMbor8iC1ozSxA6xICmJ4sE8zThHc0VvrX7FhvL8pkPWWg
hor/ZpJcRZJPrOZUeeGhBrmSk56gYSg4adIeM7NiVm3Fd2IL8dW2yd1sSQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFK9J8zIdyzXpcqFlEJs5+aggZde8MB8GA1UdIwQY
MBaAFIaF4F2AWSxs8RMg61ApysBKTZu0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaG9YZ1hZQlpMR3p4RXlEclVDbkt3RXBObTdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OS9iNTQ0ZDUtZmVmYS00MjQwLWJmNDAt
NjhlZjI0Y2Y1ZWY5LzEvaG9YZ1hZQlpMR3p4RXlEclVDbkt3RXBObTdRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OS9iNTQ0ZDUtZmVmYS00MjQwLWJmNDAtNjhlZjI0Y2Y1ZWY5
LzEvaG9YZ1hZQlpMR3p4RXlEclVDbkt3RXBObTdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAgZ/C62lu
CEyG8o/Otmq8n1xMoUa3iIvXXHdZcyWexrzmRr9RIQDwO7MYN0fOuH5KrHejuDOu
Kf7Eh9zo0+AJ3hp57HqFoc2GjUHLE4M904v4X52dVZuB1chyXMJ+3Iempbjb8IaM
f/Z6XTTWNvzXr8fU0IDJyGo0PA5lxuRu5K6UHIeNLooOV6gDeiUN/uYVaskb7yrq
uKPSzOR4wcV4RrUo3LM2dAhCfY/WxLSppZwfs0b8XxqMYpEP0pNcUwpefe7LNe34
hydNXnmYr+gXg6ysZXN0hdVdAxMPdk2elyBIq2o586WzuAH1GWYJBCFwYqCbJY2A
imO9h+RtvwrUoA==
-----END CERTIFICATE-----
Generated at Fri May 2 21:39:48 2025 by rpki-client