Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9d/a27a03-f645-462b-94e7-66c5ae8a36b4/1/XHkaG6CbnU01jvBare1_DoXogbY.mft
File:                     XHkaG6CbnU01jvBare1_DoXogbY.mft (raw, json)
Hash identifier:          yDsZ2UxYSE4Cpe32EjqkstKxIFhPp4A2LtwNf8D0/50=
Subject key identifier:   E6:A9:A8:07:1E:62:B4:8E:A6:B7:FC:D9:01:4D:76:E0:04:51:23:52
Authority key identifier: 5C:79:1A:1B:A0:9B:9D:4D:35:8E:F0:5A:AD:ED:7F:0E:85:E8:81:B6
Certificate issuer:       /CN=5c791a1ba09b9d4d358ef05aaded7f0e85e881b6
Certificate serial:       019686FF7966FCAA5559E0BC51FA884C65EA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/XHkaG6CbnU01jvBare1_DoXogbY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/9d/a27a03-f645-462b-94e7-66c5ae8a36b4/1/XHkaG6CbnU01jvBare1_DoXogbY.mft
Manifest number:          0A54
Signing time:             Wed 30 Apr 2025 14:00:11 +0000
Manifest this update:     Wed 30 Apr 2025 14:00:11 +0000
Manifest next update:     Thu 01 May 2025 14:00:11 +0000
Files and hashes:         1: XHkaG6CbnU01jvBare1_DoXogbY.crl (hash: YZ79kgLSjo0v0lu/cMSWGNxYOSn2dN5F7uNR5A0aWmQ=)
                          2: _GYD1AJUDNposAkJpRDfG9xq6dk.roa (hash: afY5Qh0XccEeUiEofkFyRBQd+JnAG3mTgUzmW0se7YQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/9d/a27a03-f645-462b-94e7-66c5ae8a36b4/1/XHkaG6CbnU01jvBare1_DoXogbY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/9d/a27a03-f645-462b-94e7-66c5ae8a36b4/1/XHkaG6CbnU01jvBare1_DoXogbY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/XHkaG6CbnU01jvBare1_DoXogbY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 01 May 2025 13:16:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:86:ff:79:66:fc:aa:55:59:e0:bc:51:fa:88:4c:65:ea
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5c791a1ba09b9d4d358ef05aaded7f0e85e881b6
        Validity
            Not Before: Apr 30 14:00:11 2025 GMT
            Not After : May  1 14:00:11 2025 GMT
        Subject: CN=e6a9a8071e62b48ea6b7fcd9014d76e004512352
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ea:0b:24:b1:98:ca:17:05:2e:68:b9:8c:72:04:
                    30:cf:41:d7:2c:31:8c:d3:af:9f:1f:4e:71:36:f5:
                    c5:30:c5:4b:e3:b9:76:df:6d:35:50:03:79:be:9a:
                    f8:dd:b2:2c:b1:7d:36:5b:41:cd:fe:a8:de:eb:f3:
                    2e:6e:e8:ad:18:2c:ea:cf:85:5f:a4:de:d9:26:52:
                    09:dc:6d:1f:c0:ec:05:d0:ac:68:ae:f2:07:b9:2c:
                    b4:96:c3:43:a5:ba:de:4c:2f:cf:df:6e:0f:88:9f:
                    f6:aa:4f:39:66:86:25:b0:a1:7e:a8:de:21:da:be:
                    31:9c:4e:5b:b5:ba:df:b5:a7:a3:7b:61:ab:7d:f4:
                    94:a6:47:95:bd:92:dd:62:38:c6:09:1a:28:e9:8d:
                    47:6b:63:cb:a4:41:71:d0:3a:95:05:de:cb:57:86:
                    40:e6:8e:db:74:54:ad:89:20:79:39:de:7f:6b:09:
                    98:76:89:9d:36:9a:5c:dc:31:a4:9b:eb:d8:5a:8c:
                    c0:c2:14:a2:55:a4:51:7a:2e:c3:4d:ae:67:db:a8:
                    f2:4a:70:2b:ca:e6:5e:a9:56:18:75:c2:be:f9:97:
                    5a:f0:1d:51:a9:c5:72:fb:1c:d1:be:2f:24:87:e2:
                    aa:6f:d7:b6:3a:10:5e:6c:5b:b5:68:d2:18:94:64:
                    52:83
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E6:A9:A8:07:1E:62:B4:8E:A6:B7:FC:D9:01:4D:76:E0:04:51:23:52
            X509v3 Authority Key Identifier:
                keyid:5C:79:1A:1B:A0:9B:9D:4D:35:8E:F0:5A:AD:ED:7F:0E:85:E8:81:B6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XHkaG6CbnU01jvBare1_DoXogbY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/a27a03-f645-462b-94e7-66c5ae8a36b4/1/XHkaG6CbnU01jvBare1_DoXogbY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/a27a03-f645-462b-94e7-66c5ae8a36b4/1/XHkaG6CbnU01jvBare1_DoXogbY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3e:66:3e:07:83:25:5c:07:c2:6e:ce:54:67:9a:79:25:91:06:
         09:72:aa:b1:5b:03:fc:85:b9:f3:71:3c:c5:43:35:cf:db:21:
         0c:b6:e5:14:fc:2f:72:98:10:ae:94:f4:dd:80:5f:ab:a6:f2:
         88:76:b7:fc:a9:98:ef:af:17:c8:f9:5e:54:a4:c8:2b:c7:de:
         a1:43:24:80:0e:c2:1a:9e:53:55:7e:8f:f8:5a:86:f9:72:a0:
         5a:cc:a7:9e:36:02:84:32:22:4b:d7:8b:57:5d:77:cc:cf:73:
         3b:f5:61:76:33:28:47:b2:5d:a4:9a:a9:6f:21:96:00:a1:dc:
         82:51:7a:f2:0e:69:3f:96:ed:51:85:a6:05:ac:b3:81:b4:a1:
         31:6a:6e:17:48:f5:61:9e:ab:02:ad:14:32:5b:7e:c7:05:14:
         ea:4d:41:7f:72:00:3d:fc:1b:d9:e8:47:19:ef:93:d9:47:b1:
         3c:62:c2:e0:7c:2b:56:d6:3c:6e:f8:45:2f:75:85:38:95:9a:
         96:29:bd:f6:01:cb:5c:5f:a7:d5:83:95:72:8a:7a:da:2f:a2:
         c7:dd:d6:2f:49:01:4b:be:ac:c4:8c:5e:6a:5d:3e:f1:78:dc:
         68:30:e9:af:91:00:d4:df:eb:d6:cc:c8:c4:18:b8:67:e6:7f:
         14:0f:a1:9e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZaG/3lm/KpVWeC8UfqITGXqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVjNzkxYTFiYTA5YjlkNGQzNThlZjA1YWFkZWQ3ZjBlODVl
ODgxYjYwHhcNMjUwNDMwMTQwMDExWhcNMjUwNTAxMTQwMDExWjAzMTEwLwYDVQQD
EyhlNmE5YTgwNzFlNjJiNDhlYTZiN2ZjZDkwMTRkNzZlMDA0NTEyMzUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6gsksZjKFwUuaLmMcgQwz0HXLDGM
06+fH05xNvXFMMVL47l23201UAN5vpr43bIssX02W0HN/qje6/MubuitGCzqz4Vf
pN7ZJlIJ3G0fwOwF0KxorvIHuSy0lsNDpbreTC/P324PiJ/2qk85ZoYlsKF+qN4h
2r4xnE5btbrftaeje2GrffSUpkeVvZLdYjjGCRoo6Y1Ha2PLpEFx0DqVBd7LV4ZA
5o7bdFStiSB5Od5/awmYdomdNppc3DGkm+vYWozAwhSiVaRRei7DTa5n26jySnAr
yuZeqVYYdcK++Zda8B1RqcVy+xzRvi8kh+Kqb9e2OhBebFu1aNIYlGRSgwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOapqAceYrSOprf82QFNduAEUSNSMB8GA1UdIwQY
MBaAFFx5Ghugm51NNY7wWq3tfw6F6IG2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWEhrYUc2Q2JuVTAxanZCYXJlMV9Eb1hvZ2JZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZC9hMjdhMDMtZjY0NS00NjJiLTk0ZTct
NjZjNWFlOGEzNmI0LzEvWEhrYUc2Q2JuVTAxanZCYXJlMV9Eb1hvZ2JZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZC9hMjdhMDMtZjY0NS00NjJiLTk0ZTctNjZjNWFlOGEzNmI0
LzEvWEhrYUc2Q2JuVTAxanZCYXJlMV9Eb1hvZ2JZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAPmY+B4Ml
XAfCbs5UZ5p5JZEGCXKqsVsD/IW583E8xUM1z9shDLblFPwvcpgQrpT03YBfq6by
iHa3/KmY768XyPleVKTIK8feoUMkgA7CGp5TVX6P+FqG+XKgWsynnjYChDIiS9eL
V113zM9zO/VhdjMoR7JdpJqpbyGWAKHcglF68g5pP5btUYWmBayzgbShMWpuF0j1
YZ6rAq0UMlt+xwUU6k1Bf3IAPfwb2ehHGe+T2UexPGLC4HwrVtY8bvhFL3WFOJWa
lim99gHLXF+n1YOVcop62i+ix93WL0kBS76sxIxeal0+8XjcaDDpr5EA1N/r1szI
xBi4Z+Z/FA+hng==
-----END CERTIFICATE-----
Generated at Wed Apr 30 21:19:58 2025 by rpki-client