Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/fe3fef-e176-451a-95d5-905196eba0be/1/M-okCE9ribBlVZkQ4DEetRS-uxE.mft
File:                     M-okCE9ribBlVZkQ4DEetRS-uxE.mft (raw, json)
Hash identifier:          qS/UkmLW1B1t5ZK6Ui8DBp0nX6h5tv5i0xC7zKtYrDM=
Subject key identifier:   D7:CB:15:2B:AF:E8:2F:9C:AF:10:19:68:9C:81:46:EA:19:FE:D6:EE
Authority key identifier: 33:EA:24:08:4F:6B:89:B0:65:55:99:10:E0:31:1E:B5:14:BE:BB:11
Certificate issuer:       /CN=33ea24084f6b89b065559910e0311eb514bebb11
Certificate serial:       019690712C3FEA0679F17E72198E00B8BA41
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/M-okCE9ribBlVZkQ4DEetRS-uxE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/66/fe3fef-e176-451a-95d5-905196eba0be/1/M-okCE9ribBlVZkQ4DEetRS-uxE.mft
Manifest number:          0854
Signing time:             Fri 02 May 2025 10:00:58 +0000
Manifest this update:     Fri 02 May 2025 10:00:58 +0000
Manifest next update:     Sat 03 May 2025 10:00:58 +0000
Files and hashes:         1: M-okCE9ribBlVZkQ4DEetRS-uxE.crl (hash: 0luinOE2JWEG49YeKbs7VVtfYn+oPA2HTbus15LZGqM=)
                          2: q5bfraBywGI6OWgME5lOUXQvdtQ.roa (hash: VPJfRwAlvqbFoPlw0asR42eLfzS3WBMbNuvc2HvQmEs=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/66/fe3fef-e176-451a-95d5-905196eba0be/1/M-okCE9ribBlVZkQ4DEetRS-uxE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/66/fe3fef-e176-451a-95d5-905196eba0be/1/M-okCE9ribBlVZkQ4DEetRS-uxE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/M-okCE9ribBlVZkQ4DEetRS-uxE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 03 May 2025 10:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:90:71:2c:3f:ea:06:79:f1:7e:72:19:8e:00:b8:ba:41
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=33ea24084f6b89b065559910e0311eb514bebb11
        Validity
            Not Before: May  2 10:00:58 2025 GMT
            Not After : May  3 10:00:58 2025 GMT
        Subject: CN=d7cb152bafe82f9caf1019689c8146ea19fed6ee
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f7:c3:c5:43:81:4e:ea:49:6a:ae:21:8d:5b:15:
                    2c:0e:27:90:36:fd:52:57:de:5e:42:ed:e3:c1:83:
                    a6:e0:8a:f5:04:98:0c:64:b2:83:9e:02:91:9a:cb:
                    7b:be:85:f6:5b:0f:0a:82:a5:6e:3f:79:ed:f7:99:
                    8c:b4:79:89:e9:72:f1:95:f7:97:98:3b:0a:85:29:
                    d1:19:9e:2a:95:ab:72:d2:36:51:52:66:8f:b7:93:
                    c9:64:fb:cf:29:fd:44:3c:f6:90:12:fe:9e:e2:25:
                    33:de:e1:53:20:e7:d4:dc:a8:ef:de:94:70:d6:62:
                    fb:aa:54:6f:e0:40:05:9e:6a:8d:6c:79:4f:50:49:
                    96:3e:e4:bf:43:4b:6b:cc:b0:aa:ba:1e:4d:30:6f:
                    f8:78:41:27:93:78:c1:7a:4c:bf:e4:d3:23:32:80:
                    ef:c4:09:44:22:4e:3e:0e:a2:2e:ba:ed:5a:2e:fc:
                    0a:ce:9b:f8:d7:f3:e7:eb:2c:9d:fd:f4:62:7f:20:
                    45:63:55:fc:8a:71:3e:83:2c:e2:11:03:0e:75:bb:
                    7c:12:0d:77:bc:91:75:94:f7:af:b7:b2:cd:1d:5a:
                    d3:92:6c:26:72:f7:f5:02:1b:39:d3:58:7c:e3:98:
                    bb:64:dc:36:79:d9:69:5f:c9:7a:7d:8b:2d:82:2a:
                    f1:4d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D7:CB:15:2B:AF:E8:2F:9C:AF:10:19:68:9C:81:46:EA:19:FE:D6:EE
            X509v3 Authority Key Identifier:
                keyid:33:EA:24:08:4F:6B:89:B0:65:55:99:10:E0:31:1E:B5:14:BE:BB:11

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/M-okCE9ribBlVZkQ4DEetRS-uxE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/fe3fef-e176-451a-95d5-905196eba0be/1/M-okCE9ribBlVZkQ4DEetRS-uxE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/66/fe3fef-e176-451a-95d5-905196eba0be/1/M-okCE9ribBlVZkQ4DEetRS-uxE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         91:dd:fb:88:74:cc:ec:d8:24:fe:a7:41:6d:38:03:e6:58:fb:
         dc:be:d1:2d:91:d3:8a:d7:9a:6e:78:fa:43:29:83:5b:5d:81:
         b1:f8:9c:3d:21:f1:f2:b1:be:f6:9f:bf:bd:af:b8:23:3c:38:
         24:27:34:03:18:dc:a2:4d:3f:7d:33:29:a8:86:bf:5e:6f:e2:
         1b:59:5f:2e:42:c7:c5:38:d1:01:61:fc:ca:fc:df:81:a8:43:
         b4:28:32:42:22:0b:e6:cb:4a:22:57:d8:e0:14:83:37:7f:51:
         ac:28:b9:b7:b4:8d:2f:70:4b:72:a3:af:23:a9:c4:cf:f8:3f:
         35:89:55:8d:73:b0:f2:5a:ae:0b:27:b2:00:97:00:3c:19:54:
         d7:8c:ce:90:a0:0b:19:58:34:54:aa:3a:54:64:ac:78:68:b6:
         66:a8:31:c6:f6:df:d5:75:d6:cb:2e:cd:3e:64:6d:2d:4b:6b:
         11:b1:af:e4:ab:0d:19:23:43:b0:9d:2d:29:a1:df:b3:89:3b:
         1d:f2:09:c5:9b:23:8b:ce:5d:f0:1f:b2:11:d5:75:42:9b:67:
         86:b5:b6:33:d1:2a:34:ff:25:7d:2c:19:05:9f:71:17:18:36:
         56:96:25:ec:c9:16:8a:f3:00:c6:6a:99:e4:73:29:c7:cf:de:
         35:7a:8a:1c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZaQcSw/6gZ58X5yGY4AuLpBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMzZWEyNDA4NGY2Yjg5YjA2NTU1OTkxMGUwMzExZWI1MTRi
ZWJiMTEwHhcNMjUwNTAyMTAwMDU4WhcNMjUwNTAzMTAwMDU4WjAzMTEwLwYDVQQD
EyhkN2NiMTUyYmFmZTgyZjljYWYxMDE5Njg5YzgxNDZlYTE5ZmVkNmVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA98PFQ4FO6klqriGNWxUsDieQNv1S
V95eQu3jwYOm4Ir1BJgMZLKDngKRmst7voX2Ww8KgqVuP3nt95mMtHmJ6XLxlfeX
mDsKhSnRGZ4qlaty0jZRUmaPt5PJZPvPKf1EPPaQEv6e4iUz3uFTIOfU3Kjv3pRw
1mL7qlRv4EAFnmqNbHlPUEmWPuS/Q0trzLCquh5NMG/4eEEnk3jBeky/5NMjMoDv
xAlEIk4+DqIuuu1aLvwKzpv41/Pn6yyd/fRifyBFY1X8inE+gyziEQMOdbt8Eg13
vJF1lPevt7LNHVrTkmwmcvf1Ahs501h845i7ZNw2edlpX8l6fYstgirxTQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNfLFSuv6C+crxAZaJyBRuoZ/tbuMB8GA1UdIwQY
MBaAFDPqJAhPa4mwZVWZEOAxHrUUvrsRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTS1va0NFOXJpYkJsVlprUTRERWV0UlMtdXhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni9mZTNmZWYtZTE3Ni00NTFhLTk1ZDUt
OTA1MTk2ZWJhMGJlLzEvTS1va0NFOXJpYkJsVlprUTRERWV0UlMtdXhFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni9mZTNmZWYtZTE3Ni00NTFhLTk1ZDUtOTA1MTk2ZWJhMGJl
LzEvTS1va0NFOXJpYkJsVlprUTRERWV0UlMtdXhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAkd37iHTM
7Ngk/qdBbTgD5lj73L7RLZHTiteabnj6QymDW12BsficPSHx8rG+9p+/va+4Izw4
JCc0Axjcok0/fTMpqIa/Xm/iG1lfLkLHxTjRAWH8yvzfgahDtCgyQiIL5stKIlfY
4BSDN39RrCi5t7SNL3BLcqOvI6nEz/g/NYlVjXOw8lquCyeyAJcAPBlU14zOkKAL
GVg0VKo6VGSseGi2Zqgxxvbf1XXWyy7NPmRtLUtrEbGv5KsNGSNDsJ0tKaHfs4k7
HfIJxZsji85d8B+yEdV1QptnhrW2M9EqNP8lfSwZBZ9xFxg2VpYl7MkWivMAxmqZ
5HMpx8/eNXqKHA==
-----END CERTIFICATE-----
Generated at Fri May 2 15:42:45 2025 by rpki-client