Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/73/0be9d0-999a-449a-8519-3523e3030be4/1/d0HROhWph91gAZwCZdLs7EhAlEo.mft
File:                     d0HROhWph91gAZwCZdLs7EhAlEo.mft (raw, json)
Hash identifier:          tJ+ZrRxSYNaOEsq7UfiGxrg5kp+9gIKuQj+3nEOQx1Y=
Subject key identifier:   7C:5B:BD:A0:60:02:50:50:51:26:47:03:56:58:3C:AF:E8:5E:BA:55
Authority key identifier: 77:41:D1:3A:15:A9:87:DD:60:01:9C:02:65:D2:EC:EC:48:40:94:4A
Certificate issuer:       /CN=7741d13a15a987dd60019c0265d2ecec4840944a
Certificate serial:       019672D474C8BCEC72F2EE908811F3539497
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/d0HROhWph91gAZwCZdLs7EhAlEo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/73/0be9d0-999a-449a-8519-3523e3030be4/1/d0HROhWph91gAZwCZdLs7EhAlEo.mft
Manifest number:          0620
Signing time:             Sat 26 Apr 2025 16:00:48 +0000
Manifest this update:     Sat 26 Apr 2025 16:00:48 +0000
Manifest next update:     Sun 27 Apr 2025 16:00:48 +0000
Files and hashes:         1: EKdJIayRjGqpNjC_sXcLD4LpFxg.roa (hash: Q7XyDf/+ZYlwIoQHzzpWgBVzZ1z6oDECbrHcCzM9GG4=)
                          2: _-z4nvaTTyccKXJFwod66iKewX0.roa (hash: B/6vrb0o2kiLAGPMrkOgglOkupcsHoxdqdIe49F5XFQ=)
                          3: d0HROhWph91gAZwCZdLs7EhAlEo.crl (hash: KFXvZyTwXvk1G0ZrG0VVWDwg5n1uEzADParwPY8oVnc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/73/0be9d0-999a-449a-8519-3523e3030be4/1/d0HROhWph91gAZwCZdLs7EhAlEo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/73/0be9d0-999a-449a-8519-3523e3030be4/1/d0HROhWph91gAZwCZdLs7EhAlEo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/d0HROhWph91gAZwCZdLs7EhAlEo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 27 Apr 2025 16:00:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:72:d4:74:c8:bc:ec:72:f2:ee:90:88:11:f3:53:94:97
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7741d13a15a987dd60019c0265d2ecec4840944a
        Validity
            Not Before: Apr 26 16:00:48 2025 GMT
            Not After : Apr 27 16:00:48 2025 GMT
        Subject: CN=7c5bbda0600250505126470356583cafe85eba55
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:99:0d:0f:e8:05:a8:b6:96:8c:23:33:1e:b5:27:
                    e2:e5:04:45:20:78:9d:7c:ff:42:de:0a:c5:81:da:
                    f1:e7:c8:f6:87:fd:70:a4:07:e3:1c:1e:08:40:89:
                    a2:c6:0d:7e:51:84:a9:55:3b:87:68:59:c8:de:c4:
                    cd:55:70:89:97:a2:c5:51:55:1f:cd:fa:20:0a:0d:
                    4a:48:6a:bc:ce:68:aa:2e:bd:62:6c:60:ae:1a:b6:
                    22:88:72:43:5a:21:9d:ba:1c:3a:83:fe:4f:02:25:
                    3c:fd:7c:26:7c:97:9e:51:48:7a:c7:bf:14:24:6e:
                    98:cd:57:ca:d4:67:15:6e:62:68:03:84:8b:c2:c7:
                    c3:c3:ae:b9:7c:85:bc:ef:7b:19:ee:6a:a4:a3:4c:
                    ed:b6:7b:d1:de:2b:5b:ea:29:17:d5:22:e3:ca:44:
                    9f:5a:57:93:6b:2f:67:75:0a:3d:b9:eb:3f:2c:cd:
                    6e:18:58:32:2e:a1:85:55:ce:ad:42:3c:d3:d5:f7:
                    f6:21:c1:86:63:91:f3:d7:1c:98:db:c4:85:85:d5:
                    76:86:64:eb:6d:b5:33:7c:76:9b:96:6a:eb:fb:20:
                    2e:65:fb:d0:22:66:a4:90:8c:c3:8a:3b:b6:fb:71:
                    46:46:46:4c:35:21:3b:51:0f:60:c1:c7:ab:cf:77:
                    de:f9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7C:5B:BD:A0:60:02:50:50:51:26:47:03:56:58:3C:AF:E8:5E:BA:55
            X509v3 Authority Key Identifier:
                keyid:77:41:D1:3A:15:A9:87:DD:60:01:9C:02:65:D2:EC:EC:48:40:94:4A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0HROhWph91gAZwCZdLs7EhAlEo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/73/0be9d0-999a-449a-8519-3523e3030be4/1/d0HROhWph91gAZwCZdLs7EhAlEo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/73/0be9d0-999a-449a-8519-3523e3030be4/1/d0HROhWph91gAZwCZdLs7EhAlEo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         10:3a:3c:74:a5:18:7f:78:17:0f:1e:e9:ed:44:12:74:a1:57:
         8f:5a:90:49:1a:cd:3a:1f:a9:d5:cf:7c:46:3e:25:8d:87:0c:
         8f:19:ec:8b:e8:64:c0:02:dd:7b:31:14:6e:87:7c:45:67:ba:
         1b:1e:2d:60:c1:a0:df:27:22:98:f2:94:05:30:7e:f4:86:83:
         b2:f5:a1:bd:ea:0f:24:be:4f:e3:52:8b:3c:99:fa:e2:ab:02:
         7b:89:8e:b5:2b:c9:e3:47:b2:87:ec:64:ec:25:d3:eb:f4:77:
         a3:e3:6f:9b:9b:a7:24:2f:4e:1f:5b:c0:7e:39:cd:64:ad:2e:
         3a:2e:88:e9:f7:eb:2b:c8:4e:4e:3d:27:4c:c7:de:3a:0b:73:
         fb:4a:15:88:c3:fb:8b:2e:ad:32:c9:53:c7:4f:ba:22:e5:e0:
         96:6f:a8:75:e2:a7:66:e3:fd:11:f9:ed:39:71:e8:80:f7:fa:
         c5:68:db:d5:c3:74:be:e4:22:c5:66:e3:6b:91:46:c3:eb:50:
         80:79:32:e3:31:ff:cf:e2:9c:bd:14:6e:86:0f:3d:0f:5e:fb:
         6e:95:7f:27:28:49:71:d6:0e:55:a3:74:90:42:98:27:08:d9:
         94:56:31:0d:23:cc:21:71:00:ad:dc:50:d6:c5:90:b0:7f:f6:
         5c:03:e6:95
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZy1HTIvOxy8u6QiBHzU5SXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc3NDFkMTNhMTVhOTg3ZGQ2MDAxOWMwMjY1ZDJlY2VjNDg0
MDk0NGEwHhcNMjUwNDI2MTYwMDQ4WhcNMjUwNDI3MTYwMDQ4WjAzMTEwLwYDVQQD
Eyg3YzViYmRhMDYwMDI1MDUwNTEyNjQ3MDM1NjU4M2NhZmU4NWViYTU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmQ0P6AWotpaMIzMetSfi5QRFIHid
fP9C3grFgdrx58j2h/1wpAfjHB4IQImixg1+UYSpVTuHaFnI3sTNVXCJl6LFUVUf
zfogCg1KSGq8zmiqLr1ibGCuGrYiiHJDWiGduhw6g/5PAiU8/XwmfJeeUUh6x78U
JG6YzVfK1GcVbmJoA4SLwsfDw665fIW873sZ7mqko0zttnvR3itb6ikX1SLjykSf
WleTay9ndQo9ues/LM1uGFgyLqGFVc6tQjzT1ff2IcGGY5Hz1xyY28SFhdV2hmTr
bbUzfHablmrr+yAuZfvQImakkIzDiju2+3FGRkZMNSE7UQ9gwcerz3fe+QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHxbvaBgAlBQUSZHA1ZYPK/oXrpVMB8GA1UdIwQY
MBaAFHdB0ToVqYfdYAGcAmXS7OxIQJRKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZDBIUk9oV3BoOTFnQVp3Q1pkTHM3RWhBbEVvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83My8wYmU5ZDAtOTk5YS00NDlhLTg1MTkt
MzUyM2UzMDMwYmU0LzEvZDBIUk9oV3BoOTFnQVp3Q1pkTHM3RWhBbEVvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83My8wYmU5ZDAtOTk5YS00NDlhLTg1MTktMzUyM2UzMDMwYmU0
LzEvZDBIUk9oV3BoOTFnQVp3Q1pkTHM3RWhBbEVvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAEDo8dKUY
f3gXDx7p7UQSdKFXj1qQSRrNOh+p1c98Rj4ljYcMjxnsi+hkwALdezEUbod8RWe6
Gx4tYMGg3ycimPKUBTB+9IaDsvWhveoPJL5P41KLPJn64qsCe4mOtSvJ40eyh+xk
7CXT6/R3o+Nvm5unJC9OH1vAfjnNZK0uOi6I6ffrK8hOTj0nTMfeOgtz+0oViMP7
iy6tMslTx0+6IuXglm+odeKnZuP9EfntOXHogPf6xWjb1cN0vuQixWbja5FGw+tQ
gHky4zH/z+KcvRRuhg89D177bpV/JyhJcdYOVaN0kEKYJwjZlFYxDSPMIXEArdxQ
1sWQsH/2XAPmlQ==
-----END CERTIFICATE-----
Generated at Sat Apr 26 22:55:37 2025 by rpki-client