Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/20d593-723f-4963-901d-17e3158954da/1/SM83s2Rv2pPL3QuKrM__MTpvcY8.mft
File:                     SM83s2Rv2pPL3QuKrM__MTpvcY8.mft (raw, json)
Hash identifier:          bdvCWPDXEl1G+N4bkV8mh98hgoq7kRfEtr3UNtyvUDs=
Subject key identifier:   6B:8B:3E:8E:C5:E5:B0:09:4D:2C:B5:49:BE:16:0B:B0:34:D1:E9:B1
Authority key identifier: 48:CF:37:B3:64:6F:DA:93:CB:DD:0B:8A:AC:CF:FF:31:3A:6F:71:8F
Certificate issuer:       /CN=48cf37b3646fda93cbdd0b8aaccfff313a6f718f
Certificate serial:       01968C93E7982C1A51D67BE9B230C93901FA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/SM83s2Rv2pPL3QuKrM__MTpvcY8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/aa/20d593-723f-4963-901d-17e3158954da/1/SM83s2Rv2pPL3QuKrM__MTpvcY8.mft
Manifest number:          14B3
Signing time:             Thu 01 May 2025 16:00:25 +0000
Manifest this update:     Thu 01 May 2025 16:00:25 +0000
Manifest next update:     Fri 02 May 2025 16:00:25 +0000
Files and hashes:         1: Os6xDD1H4LsrEU2Pwmq0YT-o8IM.roa (hash: 9WTAK5WFdauUxfw4Aw74xq8JjOOgRjy/Qe/px+Cijao=)
                          2: SM83s2Rv2pPL3QuKrM__MTpvcY8.crl (hash: 43wKHf3FsOjYvMFi/f7Xw6zbwbdRIz6aOom7fZ5QVLE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/aa/20d593-723f-4963-901d-17e3158954da/1/SM83s2Rv2pPL3QuKrM__MTpvcY8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/aa/20d593-723f-4963-901d-17e3158954da/1/SM83s2Rv2pPL3QuKrM__MTpvcY8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/SM83s2Rv2pPL3QuKrM__MTpvcY8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 02 May 2025 16:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:8c:93:e7:98:2c:1a:51:d6:7b:e9:b2:30:c9:39:01:fa
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=48cf37b3646fda93cbdd0b8aaccfff313a6f718f
        Validity
            Not Before: May  1 16:00:25 2025 GMT
            Not After : May  2 16:00:25 2025 GMT
        Subject: CN=6b8b3e8ec5e5b0094d2cb549be160bb034d1e9b1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:a6:29:7a:2f:00:ed:3f:4a:71:41:67:6e:67:
                    eb:b0:f8:90:61:54:85:69:fa:68:4d:db:9d:53:9b:
                    81:75:5c:e5:46:6a:60:8b:2a:6f:b9:f5:5b:27:3b:
                    64:88:1b:6b:16:01:29:ba:95:5e:31:6a:9a:38:6f:
                    19:eb:e2:c8:9b:07:70:ed:83:e6:98:70:06:19:16:
                    c0:f8:63:2b:03:82:42:5c:e9:40:7a:d2:b8:fc:94:
                    6b:ea:13:f7:f8:06:d0:97:fa:5e:30:be:c2:7f:a1:
                    4e:6b:79:b4:4b:ad:b9:03:ee:35:be:11:83:05:e1:
                    40:db:d8:23:ed:0a:78:47:0d:ab:f8:1d:45:71:91:
                    cf:2a:d2:77:34:b8:25:b8:de:b3:20:f1:8d:9b:a3:
                    40:62:c5:2b:af:b4:60:73:43:dd:e1:7f:27:b8:04:
                    6c:5f:ec:b1:8d:41:ce:62:dd:77:7d:e4:6b:5e:cb:
                    26:3e:df:c3:83:11:d7:45:5b:ab:63:87:58:0f:9b:
                    51:56:03:c8:03:b9:f5:09:83:ca:a8:ca:71:e6:c5:
                    25:89:7e:3c:64:42:17:6c:4e:e1:b1:cf:8c:44:96:
                    7b:c1:97:11:fd:36:bc:87:0c:eb:54:28:62:18:c2:
                    f1:4b:34:6d:44:17:93:74:75:6e:cd:d7:75:17:f3:
                    40:af
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6B:8B:3E:8E:C5:E5:B0:09:4D:2C:B5:49:BE:16:0B:B0:34:D1:E9:B1
            X509v3 Authority Key Identifier:
                keyid:48:CF:37:B3:64:6F:DA:93:CB:DD:0B:8A:AC:CF:FF:31:3A:6F:71:8F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SM83s2Rv2pPL3QuKrM__MTpvcY8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/20d593-723f-4963-901d-17e3158954da/1/SM83s2Rv2pPL3QuKrM__MTpvcY8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/20d593-723f-4963-901d-17e3158954da/1/SM83s2Rv2pPL3QuKrM__MTpvcY8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         22:18:ac:5e:73:e7:9d:77:55:a8:95:81:fe:b7:50:ca:df:22:
         67:0c:9f:b4:dd:54:15:66:d4:29:86:15:22:cd:65:39:ad:b1:
         be:c1:8f:33:1a:54:7d:20:c3:52:32:f2:fc:d1:b5:ce:f1:f0:
         92:84:7f:ae:95:94:8c:07:81:fa:c5:d6:49:32:e0:00:38:13:
         bc:53:62:12:c4:44:e5:fb:54:22:b4:bc:5d:f2:28:ac:0f:d5:
         38:23:9c:76:81:ca:6d:e0:ca:93:ad:04:7a:0e:31:78:89:42:
         c6:50:e5:49:d1:42:de:57:9b:3f:47:07:c6:65:07:7a:6d:da:
         4c:86:7d:75:8f:5c:54:8a:3e:f3:4e:02:37:73:97:a5:dc:2e:
         25:e3:9b:fe:09:e2:2a:b5:7d:ea:0d:74:aa:2b:40:8e:4a:be:
         5e:73:d8:ba:92:c0:ef:a2:65:06:18:0d:03:24:ff:ae:0a:05:
         4b:a3:cd:44:3c:c0:70:6a:1d:39:cc:df:91:af:e7:b2:35:d3:
         73:6e:99:88:06:c3:fb:b9:b5:5e:68:27:d6:c9:c2:3b:37:95:
         ce:d9:b9:52:0e:b4:0b:a0:1f:91:69:65:2a:2d:2a:1f:55:35:
         fb:d0:d5:d2:98:67:17:21:cd:31:2c:23:07:b7:27:a3:a8:f6:
         ff:32:eb:4a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZaMk+eYLBpR1nvpsjDJOQH6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ4Y2YzN2IzNjQ2ZmRhOTNjYmRkMGI4YWFjY2ZmZjMxM2E2
ZjcxOGYwHhcNMjUwNTAxMTYwMDI1WhcNMjUwNTAyMTYwMDI1WjAzMTEwLwYDVQQD
Eyg2YjhiM2U4ZWM1ZTViMDA5NGQyY2I1NDliZTE2MGJiMDM0ZDFlOWIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuaYpei8A7T9KcUFnbmfrsPiQYVSF
afpoTdudU5uBdVzlRmpgiypvufVbJztkiBtrFgEpupVeMWqaOG8Z6+LImwdw7YPm
mHAGGRbA+GMrA4JCXOlAetK4/JRr6hP3+AbQl/peML7Cf6FOa3m0S625A+41vhGD
BeFA29gj7Qp4Rw2r+B1FcZHPKtJ3NLgluN6zIPGNm6NAYsUrr7Rgc0Pd4X8nuARs
X+yxjUHOYt13feRrXssmPt/DgxHXRVurY4dYD5tRVgPIA7n1CYPKqMpx5sUliX48
ZEIXbE7hsc+MRJZ7wZcR/Ta8hwzrVChiGMLxSzRtRBeTdHVuzdd1F/NArwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGuLPo7F5bAJTSy1Sb4WC7A00emxMB8GA1UdIwQY
MBaAFEjPN7Nkb9qTy90LiqzP/zE6b3GPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU004M3MyUnYycFBMM1F1S3JNX19NVHB2Y1k4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS8yMGQ1OTMtNzIzZi00OTYzLTkwMWQt
MTdlMzE1ODk1NGRhLzEvU004M3MyUnYycFBMM1F1S3JNX19NVHB2Y1k4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYS8yMGQ1OTMtNzIzZi00OTYzLTkwMWQtMTdlMzE1ODk1NGRh
LzEvU004M3MyUnYycFBMM1F1S3JNX19NVHB2Y1k4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAIhisXnPn
nXdVqJWB/rdQyt8iZwyftN1UFWbUKYYVIs1lOa2xvsGPMxpUfSDDUjLy/NG1zvHw
koR/rpWUjAeB+sXWSTLgADgTvFNiEsRE5ftUIrS8XfIorA/VOCOcdoHKbeDKk60E
eg4xeIlCxlDlSdFC3lebP0cHxmUHem3aTIZ9dY9cVIo+804CN3OXpdwuJeOb/gni
KrV96g10qitAjkq+XnPYupLA76JlBhgNAyT/rgoFS6PNRDzAcGodOczfka/nsjXT
c26ZiAbD+7m1Xmgn1snCOzeVztm5Ug60C6AfkWllKi0qH1U1+9DV0phnFyHNMSwj
B7cno6j2/zLrSg==
-----END CERTIFICATE-----
Generated at Fri May 2 00:01:16 2025 by rpki-client