Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/73/0be9d0-999a-449a-8519-3523e3030be4/1/d0HROhWph91gAZwCZdLs7EhAlEo.mft
File:                     d0HROhWph91gAZwCZdLs7EhAlEo.mft (raw, json)
Hash identifier:          nV2LpK/Esq6bepwaW5MfI8SyuLJBH9nYxHuYSNMfPro=
Subject key identifier:   0C:A7:2D:EB:8E:AA:FE:35:E5:AF:F8:F8:2E:32:1B:76:2A:BA:25:E5
Authority key identifier: 77:41:D1:3A:15:A9:87:DD:60:01:9C:02:65:D2:EC:EC:48:40:94:4A
Certificate issuer:       /CN=7741d13a15a987dd60019c0265d2ecec4840944a
Certificate serial:       019682476FDE9BC05F21ABD057F721246799
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/d0HROhWph91gAZwCZdLs7EhAlEo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/73/0be9d0-999a-449a-8519-3523e3030be4/1/d0HROhWph91gAZwCZdLs7EhAlEo.mft
Manifest number:          0628
Signing time:             Tue 29 Apr 2025 16:00:41 +0000
Manifest this update:     Tue 29 Apr 2025 16:00:41 +0000
Manifest next update:     Wed 30 Apr 2025 16:00:41 +0000
Files and hashes:         1: EKdJIayRjGqpNjC_sXcLD4LpFxg.roa (hash: Q7XyDf/+ZYlwIoQHzzpWgBVzZ1z6oDECbrHcCzM9GG4=)
                          2: _-z4nvaTTyccKXJFwod66iKewX0.roa (hash: B/6vrb0o2kiLAGPMrkOgglOkupcsHoxdqdIe49F5XFQ=)
                          3: d0HROhWph91gAZwCZdLs7EhAlEo.crl (hash: OhwzovGyjFaHAlB2VRU0dgG+J4u9YXYeJAzz1mVxZXY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/73/0be9d0-999a-449a-8519-3523e3030be4/1/d0HROhWph91gAZwCZdLs7EhAlEo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/73/0be9d0-999a-449a-8519-3523e3030be4/1/d0HROhWph91gAZwCZdLs7EhAlEo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/d0HROhWph91gAZwCZdLs7EhAlEo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 30 Apr 2025 15:02:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:82:47:6f:de:9b:c0:5f:21:ab:d0:57:f7:21:24:67:99
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7741d13a15a987dd60019c0265d2ecec4840944a
        Validity
            Not Before: Apr 29 16:00:41 2025 GMT
            Not After : Apr 30 16:00:41 2025 GMT
        Subject: CN=0ca72deb8eaafe35e5aff8f82e321b762aba25e5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:10:8f:8a:68:fa:77:60:c1:5d:12:c5:56:94:
                    f1:62:18:10:2d:2e:5a:c5:55:8c:22:61:b7:99:0e:
                    1d:fd:bf:d3:28:16:57:31:5a:2e:99:0d:8d:d1:0e:
                    a5:b2:2e:c9:a8:51:9a:78:40:8a:67:f4:09:6f:21:
                    4a:6c:40:e9:bf:27:07:90:c1:e6:40:6a:cc:14:e1:
                    99:31:a0:8b:2b:a5:02:9f:51:fd:44:87:cd:9b:1c:
                    c9:91:e3:ef:e0:95:46:48:3c:bb:fd:96:f6:b2:ef:
                    2b:f8:72:dd:bd:58:e0:97:d1:a8:5e:82:70:c4:db:
                    4d:d5:89:23:24:4e:28:e7:d7:9f:a4:f8:b3:f2:62:
                    52:11:74:15:fb:71:d1:52:41:fd:28:c2:0e:a8:34:
                    e8:0a:65:93:c8:80:7f:6a:b1:37:f1:c5:54:92:f3:
                    43:b4:40:8e:19:4f:57:32:12:e6:36:b5:2c:96:7b:
                    a4:c0:80:86:ba:8b:36:2d:ad:f6:43:88:48:fd:3b:
                    99:65:56:fd:d6:72:24:4b:a1:c1:91:29:2f:d5:19:
                    9d:ab:cf:3a:be:5c:ea:af:47:14:ae:a5:15:e8:12:
                    c6:a5:89:ae:69:99:18:64:d8:a3:ba:46:4b:61:59:
                    60:e8:8f:23:82:92:1a:3e:ff:c0:c3:09:cc:40:8e:
                    99:e5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0C:A7:2D:EB:8E:AA:FE:35:E5:AF:F8:F8:2E:32:1B:76:2A:BA:25:E5
            X509v3 Authority Key Identifier:
                keyid:77:41:D1:3A:15:A9:87:DD:60:01:9C:02:65:D2:EC:EC:48:40:94:4A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0HROhWph91gAZwCZdLs7EhAlEo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/73/0be9d0-999a-449a-8519-3523e3030be4/1/d0HROhWph91gAZwCZdLs7EhAlEo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/73/0be9d0-999a-449a-8519-3523e3030be4/1/d0HROhWph91gAZwCZdLs7EhAlEo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         00:88:71:33:ce:10:58:6e:68:4a:15:50:8d:7c:95:c6:f5:a5:
         bc:a0:22:80:c4:34:bb:c3:0c:c9:f8:d2:0c:7a:e7:87:b0:74:
         11:51:1c:08:c4:aa:af:8c:c6:e6:25:7d:1d:53:25:99:71:0e:
         aa:77:a6:a2:d1:b7:e2:9b:27:f1:16:cc:0e:b0:62:fa:b6:6f:
         6c:78:f9:09:76:cf:60:30:1b:81:9c:06:71:b5:5c:aa:46:46:
         d3:36:d2:33:2f:e1:d1:e0:53:b2:27:63:c9:3e:f4:69:2b:f5:
         b8:61:40:ec:ec:f4:82:11:e4:02:7f:04:67:db:9c:e5:a3:df:
         cf:e9:82:60:df:4f:78:83:cc:49:0a:19:3a:c2:67:8b:6e:7f:
         75:18:3e:58:74:53:b4:c4:59:47:9e:2a:20:d5:48:1c:2a:84:
         b3:e0:a4:54:a6:f7:4a:e0:d2:e9:a8:20:53:7b:05:e5:4f:09:
         3e:ec:64:7b:a9:32:3a:39:26:42:74:a1:ed:17:41:1b:05:16:
         27:70:ec:c6:5c:63:47:53:2f:90:8b:02:3e:00:47:f4:2c:8a:
         17:f8:b2:95:02:6e:13:6a:9e:9a:76:65:12:53:93:d8:ce:d9:
         ee:e0:1f:f1:97:b5:f5:ee:e0:f0:38:ca:b5:a8:32:3e:fc:e5:
         4b:35:74:7e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZaCR2/em8BfIavQV/chJGeZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc3NDFkMTNhMTVhOTg3ZGQ2MDAxOWMwMjY1ZDJlY2VjNDg0
MDk0NGEwHhcNMjUwNDI5MTYwMDQxWhcNMjUwNDMwMTYwMDQxWjAzMTEwLwYDVQQD
EygwY2E3MmRlYjhlYWFmZTM1ZTVhZmY4ZjgyZTMyMWI3NjJhYmEyNWU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsRCPimj6d2DBXRLFVpTxYhgQLS5a
xVWMImG3mQ4d/b/TKBZXMVoumQ2N0Q6lsi7JqFGaeECKZ/QJbyFKbEDpvycHkMHm
QGrMFOGZMaCLK6UCn1H9RIfNmxzJkePv4JVGSDy7/Zb2su8r+HLdvVjgl9GoXoJw
xNtN1YkjJE4o59efpPiz8mJSEXQV+3HRUkH9KMIOqDToCmWTyIB/arE38cVUkvND
tECOGU9XMhLmNrUslnukwICGuos2La32Q4hI/TuZZVb91nIkS6HBkSkv1Rmdq886
vlzqr0cUrqUV6BLGpYmuaZkYZNijukZLYVlg6I8jgpIaPv/AwwnMQI6Z5QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAynLeuOqv415a/4+C4yG3YquiXlMB8GA1UdIwQY
MBaAFHdB0ToVqYfdYAGcAmXS7OxIQJRKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZDBIUk9oV3BoOTFnQVp3Q1pkTHM3RWhBbEVvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83My8wYmU5ZDAtOTk5YS00NDlhLTg1MTkt
MzUyM2UzMDMwYmU0LzEvZDBIUk9oV3BoOTFnQVp3Q1pkTHM3RWhBbEVvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83My8wYmU5ZDAtOTk5YS00NDlhLTg1MTktMzUyM2UzMDMwYmU0
LzEvZDBIUk9oV3BoOTFnQVp3Q1pkTHM3RWhBbEVvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAAIhxM84Q
WG5oShVQjXyVxvWlvKAigMQ0u8MMyfjSDHrnh7B0EVEcCMSqr4zG5iV9HVMlmXEO
qnemotG34psn8RbMDrBi+rZvbHj5CXbPYDAbgZwGcbVcqkZG0zbSMy/h0eBTsidj
yT70aSv1uGFA7Oz0ghHkAn8EZ9uc5aPfz+mCYN9PeIPMSQoZOsJni25/dRg+WHRT
tMRZR54qINVIHCqEs+CkVKb3SuDS6aggU3sF5U8JPuxke6kyOjkmQnSh7RdBGwUW
J3DsxlxjR1MvkIsCPgBH9CyKF/iylQJuE2qemnZlElOT2M7Z7uAf8Ze19e7g8DjK
tagyPvzlSzV0fg==
-----END CERTIFICATE-----
Generated at Tue Apr 29 20:47:54 2025 by rpki-client