Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/95/19bd8a-c6f1-42e2-8460-cdab19a3fdeb/1/4zTsOTRI2DvxUV9JZ6RICY5V-0M.mft
File:                     4zTsOTRI2DvxUV9JZ6RICY5V-0M.mft (raw, json)
Hash identifier:          fymQekVArHIIzbZ1niJecEmlVEgC1SSambuLlydsaY8=
Subject key identifier:   BC:65:7F:A3:A7:77:6B:3E:8B:D5:DA:7D:38:A0:2E:07:9C:B0:02:DB
Authority key identifier: E3:34:EC:39:34:48:D8:3B:F1:51:5F:49:67:A4:48:09:8E:55:FB:43
Certificate issuer:       /CN=e334ec393448d83bf1515f4967a448098e55fb43
Certificate serial:       01967831606036FC43F0F200781B3932952E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/4zTsOTRI2DvxUV9JZ6RICY5V-0M.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/95/19bd8a-c6f1-42e2-8460-cdab19a3fdeb/1/4zTsOTRI2DvxUV9JZ6RICY5V-0M.mft
Manifest number:          150F
Signing time:             Sun 27 Apr 2025 17:00:23 +0000
Manifest this update:     Sun 27 Apr 2025 17:00:23 +0000
Manifest next update:     Mon 28 Apr 2025 17:00:23 +0000
Files and hashes:         1: 3i7bDwmXfkGeboYerA9gz4okFig.roa (hash: fWhHLCsrKiodDbQX5MlZg8yk8IDQZFwIAhXPpQk2VnY=)
                          2: 4zTsOTRI2DvxUV9JZ6RICY5V-0M.crl (hash: L+T6wj6vuKRqhjK4WsqAKgRhNdkYYH3Qd2YfuULxJBY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/95/19bd8a-c6f1-42e2-8460-cdab19a3fdeb/1/4zTsOTRI2DvxUV9JZ6RICY5V-0M.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/95/19bd8a-c6f1-42e2-8460-cdab19a3fdeb/1/4zTsOTRI2DvxUV9JZ6RICY5V-0M.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/4zTsOTRI2DvxUV9JZ6RICY5V-0M.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 28 Apr 2025 14:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:78:31:60:60:36:fc:43:f0:f2:00:78:1b:39:32:95:2e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e334ec393448d83bf1515f4967a448098e55fb43
        Validity
            Not Before: Apr 27 17:00:23 2025 GMT
            Not After : Apr 28 17:00:23 2025 GMT
        Subject: CN=bc657fa3a7776b3e8bd5da7d38a02e079cb002db
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:4e:6d:7d:d2:1a:1f:1a:21:8f:0f:9e:20:28:
                    f6:91:a9:c0:a1:34:2e:07:fb:25:d2:b0:d0:6e:3c:
                    e4:64:38:43:5e:d6:b3:ee:32:df:60:74:dd:f0:90:
                    a4:31:ee:ef:b5:cb:82:fa:ab:fa:dc:54:1f:c9:ae:
                    f9:52:6a:db:c7:42:d8:ca:65:31:a6:83:50:36:cc:
                    06:86:67:68:ce:fd:67:fc:ee:9e:92:8e:f6:78:f3:
                    43:93:7e:89:8a:e2:b6:cc:bc:a7:96:de:8f:e1:8b:
                    dd:b0:d7:f5:fc:cb:4b:16:85:e8:fa:68:38:8a:b0:
                    a9:3d:dd:6d:93:6c:a3:2f:4d:00:b8:78:78:00:a7:
                    b6:64:c6:0c:b3:44:58:8e:6f:be:e6:70:50:8e:4b:
                    c2:e3:00:9f:90:13:3e:41:b5:8b:e1:7a:0d:f9:cd:
                    2b:32:57:45:41:6b:af:2d:7e:5e:01:53:09:37:73:
                    46:8f:a5:56:eb:7f:c1:fe:4d:92:40:e1:f5:6b:6b:
                    38:db:78:e6:74:36:52:8e:2b:56:fe:c9:5d:70:40:
                    ef:15:8e:6b:42:ad:5f:19:2c:a2:92:94:61:93:0a:
                    58:03:fc:08:a2:6c:f9:ce:34:d3:fb:e9:3a:b2:f7:
                    db:d2:76:00:2b:a1:2d:66:ad:07:ef:21:5d:f3:f3:
                    21:6d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BC:65:7F:A3:A7:77:6B:3E:8B:D5:DA:7D:38:A0:2E:07:9C:B0:02:DB
            X509v3 Authority Key Identifier:
                keyid:E3:34:EC:39:34:48:D8:3B:F1:51:5F:49:67:A4:48:09:8E:55:FB:43

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4zTsOTRI2DvxUV9JZ6RICY5V-0M.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/95/19bd8a-c6f1-42e2-8460-cdab19a3fdeb/1/4zTsOTRI2DvxUV9JZ6RICY5V-0M.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/95/19bd8a-c6f1-42e2-8460-cdab19a3fdeb/1/4zTsOTRI2DvxUV9JZ6RICY5V-0M.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         76:cc:5e:41:19:88:30:9b:d7:bc:ce:57:02:07:6f:c5:63:f7:
         db:67:fd:e8:c8:1c:5e:21:40:c6:b9:45:b2:dc:fd:1a:47:5c:
         7e:9d:26:f8:ab:fa:9e:31:b2:c0:bf:a7:21:a9:a1:30:31:1c:
         27:be:b4:db:58:85:24:0f:ea:d2:1b:2a:92:ad:98:db:fb:12:
         86:84:bb:09:61:29:91:38:b5:cb:05:9e:17:d8:3b:ea:9d:fa:
         a6:68:df:10:ce:72:a8:3b:f4:c3:53:19:df:42:6e:6e:45:f9:
         1f:ee:49:ea:bf:88:37:0e:75:1e:89:b9:f8:c8:b4:9a:9e:04:
         38:6a:3f:43:e4:7c:30:eb:3b:07:2e:50:9f:2b:66:36:e7:49:
         5e:f4:86:45:9b:b0:7c:cb:24:9e:24:d1:23:44:b5:01:f1:22:
         99:53:1f:15:a9:30:8b:88:89:26:10:62:68:f4:23:29:09:72:
         6d:88:8b:70:4c:2e:65:34:d1:25:6a:a3:b6:4c:42:45:ca:53:
         1b:9f:37:b4:0d:dc:6d:92:dd:e0:73:7e:ab:88:88:0a:0c:d5:
         a0:8c:98:67:dd:7e:d5:51:23:ad:2b:97:76:c9:e1:b3:24:2a:
         75:f1:9f:55:ad:f2:21:51:77:d9:c4:2c:07:a0:77:17:61:ee:
         01:4a:3d:80
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZ4MWBgNvxD8PIAeBs5MpUuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUzMzRlYzM5MzQ0OGQ4M2JmMTUxNWY0OTY3YTQ0ODA5OGU1
NWZiNDMwHhcNMjUwNDI3MTcwMDIzWhcNMjUwNDI4MTcwMDIzWjAzMTEwLwYDVQQD
EyhiYzY1N2ZhM2E3Nzc2YjNlOGJkNWRhN2QzOGEwMmUwNzljYjAwMmRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoE5tfdIaHxohjw+eICj2kanAoTQu
B/sl0rDQbjzkZDhDXtaz7jLfYHTd8JCkMe7vtcuC+qv63FQfya75Umrbx0LYymUx
poNQNswGhmdozv1n/O6eko72ePNDk36JiuK2zLynlt6P4YvdsNf1/MtLFoXo+mg4
irCpPd1tk2yjL00AuHh4AKe2ZMYMs0RYjm++5nBQjkvC4wCfkBM+QbWL4XoN+c0r
MldFQWuvLX5eAVMJN3NGj6VW63/B/k2SQOH1a2s423jmdDZSjitW/sldcEDvFY5r
Qq1fGSyikpRhkwpYA/wIomz5zjTT++k6svfb0nYAK6EtZq0H7yFd8/MhbQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLxlf6Ond2s+i9XafTigLgecsALbMB8GA1UdIwQY
MBaAFOM07Dk0SNg78VFfSWekSAmOVftDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNHpUc09UUkkyRHZ4VVY5Slo2UklDWTVWLTBNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NS8xOWJkOGEtYzZmMS00MmUyLTg0NjAt
Y2RhYjE5YTNmZGViLzEvNHpUc09UUkkyRHZ4VVY5Slo2UklDWTVWLTBNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85NS8xOWJkOGEtYzZmMS00MmUyLTg0NjAtY2RhYjE5YTNmZGVi
LzEvNHpUc09UUkkyRHZ4VVY5Slo2UklDWTVWLTBNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAdsxeQRmI
MJvXvM5XAgdvxWP322f96MgcXiFAxrlFstz9Gkdcfp0m+Kv6njGywL+nIamhMDEc
J76021iFJA/q0hsqkq2Y2/sShoS7CWEpkTi1ywWeF9g76p36pmjfEM5yqDv0w1MZ
30JubkX5H+5J6r+INw51Hom5+Mi0mp4EOGo/Q+R8MOs7By5QnytmNudJXvSGRZuw
fMskniTRI0S1AfEimVMfFakwi4iJJhBiaPQjKQlybYiLcEwuZTTRJWqjtkxCRcpT
G583tA3cbZLd4HN+q4iICgzVoIyYZ91+1VEjrSuXdsnhsyQqdfGfVa3yIVF32cQs
B6B3F2HuAUo9gA==
-----END CERTIFICATE-----
Generated at Sun Apr 27 22:48:36 2025 by rpki-client