Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/95/19bd8a-c6f1-42e2-8460-cdab19a3fdeb/1/4zTsOTRI2DvxUV9JZ6RICY5V-0M.mft
File:                     4zTsOTRI2DvxUV9JZ6RICY5V-0M.mft (raw, json)
Hash identifier:          3YSfCKcV0xaDNzrfRSzFAxFRUl5vUKyJgDEicCEUyiE=
Subject key identifier:   32:B9:3A:0D:F0:9B:6D:D9:A1:F5:15:71:40:98:DB:E0:26:95:DD:F7
Authority key identifier: E3:34:EC:39:34:48:D8:3B:F1:51:5F:49:67:A4:48:09:8E:55:FB:43
Certificate issuer:       /CN=e334ec393448d83bf1515f4967a448098e55fb43
Certificate serial:       01967C0E2590F417EE33C01B9A5FD998A31D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/4zTsOTRI2DvxUV9JZ6RICY5V-0M.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/95/19bd8a-c6f1-42e2-8460-cdab19a3fdeb/1/4zTsOTRI2DvxUV9JZ6RICY5V-0M.mft
Manifest number:          1511
Signing time:             Mon 28 Apr 2025 11:00:23 +0000
Manifest this update:     Mon 28 Apr 2025 11:00:23 +0000
Manifest next update:     Tue 29 Apr 2025 11:00:23 +0000
Files and hashes:         1: 3i7bDwmXfkGeboYerA9gz4okFig.roa (hash: fWhHLCsrKiodDbQX5MlZg8yk8IDQZFwIAhXPpQk2VnY=)
                          2: 4zTsOTRI2DvxUV9JZ6RICY5V-0M.crl (hash: vVNqgCb0xlBY3LqcEPAqnjaEVgL31Isv+7IANENacPE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/95/19bd8a-c6f1-42e2-8460-cdab19a3fdeb/1/4zTsOTRI2DvxUV9JZ6RICY5V-0M.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/95/19bd8a-c6f1-42e2-8460-cdab19a3fdeb/1/4zTsOTRI2DvxUV9JZ6RICY5V-0M.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/4zTsOTRI2DvxUV9JZ6RICY5V-0M.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 29 Apr 2025 11:00:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:7c:0e:25:90:f4:17:ee:33:c0:1b:9a:5f:d9:98:a3:1d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e334ec393448d83bf1515f4967a448098e55fb43
        Validity
            Not Before: Apr 28 11:00:23 2025 GMT
            Not After : Apr 29 11:00:23 2025 GMT
        Subject: CN=32b93a0df09b6dd9a1f515714098dbe02695ddf7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:72:f4:bc:dd:98:02:4d:13:45:0f:56:09:73:
                    83:16:67:b8:31:fb:27:e0:b7:2b:7f:40:e6:af:63:
                    82:50:6a:c8:a8:4c:a4:a2:9c:c0:3c:24:73:da:e3:
                    d7:ac:ee:21:f2:63:b5:6b:7d:af:23:c6:02:47:c5:
                    8c:a5:1f:00:09:96:5f:1b:c5:81:f3:5e:b9:1e:01:
                    b7:8d:c4:93:da:e7:0a:a5:4a:2f:5b:49:8a:d1:91:
                    e9:c7:0b:71:13:6d:28:2e:10:43:be:b5:26:e3:ad:
                    01:77:c4:3b:06:6e:6a:3c:44:0f:c6:6a:24:4a:54:
                    e3:be:0e:1a:1d:8a:63:fb:1d:c0:23:17:5a:19:f1:
                    7b:2d:72:8a:e9:49:e2:2a:92:00:8e:91:1f:74:14:
                    74:34:c0:e8:ba:44:99:9f:14:01:5d:ad:b8:43:c0:
                    39:2f:18:ec:59:3b:5c:bc:4a:d4:61:19:58:2a:92:
                    0a:66:68:1c:ad:fb:c7:f4:7c:c7:4d:86:3a:bb:83:
                    14:de:dc:88:56:3b:84:76:e4:42:54:41:10:1d:10:
                    53:93:7d:8c:0c:73:76:f0:19:3c:5f:73:e5:b9:d1:
                    f0:c1:91:ae:65:cf:48:96:f9:45:94:63:e2:b4:9a:
                    d6:e8:7c:02:07:b6:df:a3:ea:b3:75:96:78:b2:4a:
                    11:0b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                32:B9:3A:0D:F0:9B:6D:D9:A1:F5:15:71:40:98:DB:E0:26:95:DD:F7
            X509v3 Authority Key Identifier:
                keyid:E3:34:EC:39:34:48:D8:3B:F1:51:5F:49:67:A4:48:09:8E:55:FB:43

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4zTsOTRI2DvxUV9JZ6RICY5V-0M.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/95/19bd8a-c6f1-42e2-8460-cdab19a3fdeb/1/4zTsOTRI2DvxUV9JZ6RICY5V-0M.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/95/19bd8a-c6f1-42e2-8460-cdab19a3fdeb/1/4zTsOTRI2DvxUV9JZ6RICY5V-0M.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         32:d2:79:6a:de:3f:f9:3b:e1:b6:0a:fd:40:9c:41:8a:28:e8:
         4e:ac:48:00:bd:29:f4:85:a9:a5:ec:05:cd:f0:54:00:4a:e5:
         7a:c6:56:a6:ff:54:81:e6:c2:6f:70:f8:3e:65:d0:35:c9:93:
         b6:e0:65:50:ec:78:f3:e6:1d:d3:a0:19:89:8e:5c:69:84:5d:
         05:61:a2:fa:0e:33:89:05:5d:29:68:e4:1b:b8:96:04:19:97:
         9b:35:39:d4:f8:2e:70:24:23:77:5d:62:7d:2c:9b:1c:b0:10:
         00:67:9f:22:a6:e5:e5:ee:88:a9:78:1c:01:c7:4d:32:d6:90:
         a3:85:70:d2:bc:52:6f:be:c9:89:40:86:fe:b8:71:9e:bd:4d:
         32:ef:e1:f0:c0:ca:af:6e:c3:5b:32:21:49:cc:e2:df:93:a3:
         42:48:c2:3e:1e:1b:c1:34:b0:71:53:cc:45:8c:15:7a:34:bb:
         5f:3f:62:14:70:6f:53:28:1b:91:11:90:ba:28:6c:5e:64:c4:
         b7:aa:9b:78:a2:78:1a:3f:2e:2c:98:2c:91:19:0b:c2:bf:18:
         87:78:56:19:54:4a:f4:88:fd:4f:e5:9a:f6:39:7d:be:1f:07:
         29:38:92:ce:86:ff:cf:e3:8f:53:4e:1c:12:7b:11:a2:e7:10:
         b2:a7:ff:69
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZ8DiWQ9BfuM8Abml/ZmKMdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUzMzRlYzM5MzQ0OGQ4M2JmMTUxNWY0OTY3YTQ0ODA5OGU1
NWZiNDMwHhcNMjUwNDI4MTEwMDIzWhcNMjUwNDI5MTEwMDIzWjAzMTEwLwYDVQQD
EygzMmI5M2EwZGYwOWI2ZGQ5YTFmNTE1NzE0MDk4ZGJlMDI2OTVkZGY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw3L0vN2YAk0TRQ9WCXODFme4Mfsn
4Lcrf0Dmr2OCUGrIqEykopzAPCRz2uPXrO4h8mO1a32vI8YCR8WMpR8ACZZfG8WB
8165HgG3jcST2ucKpUovW0mK0ZHpxwtxE20oLhBDvrUm460Bd8Q7Bm5qPEQPxmok
SlTjvg4aHYpj+x3AIxdaGfF7LXKK6UniKpIAjpEfdBR0NMDoukSZnxQBXa24Q8A5
LxjsWTtcvErUYRlYKpIKZmgcrfvH9HzHTYY6u4MU3tyIVjuEduRCVEEQHRBTk32M
DHN28Bk8X3PludHwwZGuZc9IlvlFlGPitJrW6HwCB7bfo+qzdZZ4skoRCwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDK5Og3wm23ZofUVcUCY2+Amld33MB8GA1UdIwQY
MBaAFOM07Dk0SNg78VFfSWekSAmOVftDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNHpUc09UUkkyRHZ4VVY5Slo2UklDWTVWLTBNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NS8xOWJkOGEtYzZmMS00MmUyLTg0NjAt
Y2RhYjE5YTNmZGViLzEvNHpUc09UUkkyRHZ4VVY5Slo2UklDWTVWLTBNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85NS8xOWJkOGEtYzZmMS00MmUyLTg0NjAtY2RhYjE5YTNmZGVi
LzEvNHpUc09UUkkyRHZ4VVY5Slo2UklDWTVWLTBNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMtJ5at4/
+Tvhtgr9QJxBiijoTqxIAL0p9IWppewFzfBUAErlesZWpv9UgebCb3D4PmXQNcmT
tuBlUOx48+Yd06AZiY5caYRdBWGi+g4ziQVdKWjkG7iWBBmXmzU51PgucCQjd11i
fSybHLAQAGefIqbl5e6IqXgcAcdNMtaQo4Vw0rxSb77JiUCG/rhxnr1NMu/h8MDK
r27DWzIhSczi35OjQkjCPh4bwTSwcVPMRYwVejS7Xz9iFHBvUygbkRGQuihsXmTE
t6qbeKJ4Gj8uLJgskRkLwr8Yh3hWGVRK9Ij9T+Wa9jl9vh8HKTiSzob/z+OPU04c
EnsRoucQsqf/aQ==
-----END CERTIFICATE-----
Generated at Mon Apr 28 20:11:16 2025 by rpki-client