Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/20d593-723f-4963-901d-17e3158954da/1/SM83s2Rv2pPL3QuKrM__MTpvcY8.mft
File:                     SM83s2Rv2pPL3QuKrM__MTpvcY8.mft (raw, json)
Hash identifier:          SCSCy4qanHJZSSjkvN1LZw93he7NedfoY0y0mylo+9E=
Subject key identifier:   57:1C:BF:A7:6B:54:DC:D3:05:FE:5E:B1:74:A5:4D:1E:B1:B8:21:DE
Authority key identifier: 48:CF:37:B3:64:6F:DA:93:CB:DD:0B:8A:AC:CF:FF:31:3A:6F:71:8F
Certificate issuer:       /CN=48cf37b3646fda93cbdd0b8aaccfff313a6f718f
Certificate serial:       01969070C20B687A1B81E5A1DFC92926778A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/SM83s2Rv2pPL3QuKrM__MTpvcY8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/aa/20d593-723f-4963-901d-17e3158954da/1/SM83s2Rv2pPL3QuKrM__MTpvcY8.mft
Manifest number:          14B5
Signing time:             Fri 02 May 2025 10:00:30 +0000
Manifest this update:     Fri 02 May 2025 10:00:30 +0000
Manifest next update:     Sat 03 May 2025 10:00:30 +0000
Files and hashes:         1: Os6xDD1H4LsrEU2Pwmq0YT-o8IM.roa (hash: 9WTAK5WFdauUxfw4Aw74xq8JjOOgRjy/Qe/px+Cijao=)
                          2: SM83s2Rv2pPL3QuKrM__MTpvcY8.crl (hash: Ux5CsEuZy5muYB47/31jx7fElqgLGPCoGESQpl3UxyA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/aa/20d593-723f-4963-901d-17e3158954da/1/SM83s2Rv2pPL3QuKrM__MTpvcY8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/aa/20d593-723f-4963-901d-17e3158954da/1/SM83s2Rv2pPL3QuKrM__MTpvcY8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/SM83s2Rv2pPL3QuKrM__MTpvcY8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 03 May 2025 07:31:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:90:70:c2:0b:68:7a:1b:81:e5:a1:df:c9:29:26:77:8a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=48cf37b3646fda93cbdd0b8aaccfff313a6f718f
        Validity
            Not Before: May  2 10:00:30 2025 GMT
            Not After : May  3 10:00:30 2025 GMT
        Subject: CN=571cbfa76b54dcd305fe5eb174a54d1eb1b821de
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:6d:b5:30:1f:54:23:e3:f8:54:1e:e3:28:cc:
                    7e:5a:df:a2:37:8c:eb:d7:d9:9b:bc:cf:b3:2f:f0:
                    f8:da:e3:74:27:4e:b9:c4:0c:aa:ab:ef:8c:ee:8b:
                    89:0d:9f:2e:a0:db:fd:f6:05:7b:37:8e:33:a8:09:
                    51:65:14:84:9c:48:d8:c3:7d:0c:b8:1a:0d:13:45:
                    f7:dd:2b:54:3e:bd:95:37:07:4f:84:05:7c:fd:25:
                    00:fd:de:9d:bc:6c:50:a6:df:90:fd:da:eb:7e:93:
                    aa:41:31:32:a4:aa:87:12:12:ec:b2:2a:72:51:b1:
                    50:42:c7:2d:63:5e:ef:7a:ad:e5:ec:10:89:2a:7a:
                    51:d3:0f:40:81:41:4e:b8:14:a4:2b:9a:36:ad:1d:
                    fb:b8:88:3e:3b:c2:c3:87:81:a3:49:9e:9e:9b:d4:
                    51:b4:e6:b3:6d:b0:8d:0b:ef:c8:bf:e8:65:a9:2e:
                    f0:18:5b:43:b3:11:ba:4c:0e:0b:65:2e:4e:3e:6f:
                    4d:ba:89:3e:92:ea:26:9c:4e:fe:ef:ce:1d:7e:bf:
                    b2:da:27:98:5b:61:9e:26:6b:1b:73:b1:36:d6:33:
                    aa:57:79:7b:17:34:ab:ab:ef:c5:ca:4d:97:55:72:
                    b5:71:42:8c:69:6a:90:96:6f:39:64:a8:d0:dd:8e:
                    68:39
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                57:1C:BF:A7:6B:54:DC:D3:05:FE:5E:B1:74:A5:4D:1E:B1:B8:21:DE
            X509v3 Authority Key Identifier:
                keyid:48:CF:37:B3:64:6F:DA:93:CB:DD:0B:8A:AC:CF:FF:31:3A:6F:71:8F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SM83s2Rv2pPL3QuKrM__MTpvcY8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/20d593-723f-4963-901d-17e3158954da/1/SM83s2Rv2pPL3QuKrM__MTpvcY8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/20d593-723f-4963-901d-17e3158954da/1/SM83s2Rv2pPL3QuKrM__MTpvcY8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5e:66:13:76:42:e3:7e:17:f8:d1:4c:0b:e1:9a:3f:3f:3c:03:
         99:4b:14:9c:e8:ea:55:98:44:cc:f2:75:02:db:4a:48:5e:eb:
         d8:73:95:ce:64:7c:48:9c:6b:1a:2f:c0:05:03:47:56:2a:5d:
         67:24:19:b9:73:55:d0:47:8d:55:cf:3d:a3:cf:18:1f:6a:7f:
         4d:4c:f5:09:88:05:ab:63:43:3a:d2:29:52:ed:05:a0:c0:ea:
         3f:55:13:9f:9a:65:c3:91:2b:3d:e0:ca:aa:5c:6c:5b:4a:4b:
         b3:46:bf:56:0d:fc:31:45:e8:25:77:23:67:6a:f7:79:76:e2:
         b9:02:e1:84:6c:ab:af:3e:97:ba:61:a0:9b:da:e9:97:4d:ca:
         ef:81:e5:3b:2a:34:93:06:64:86:0a:ee:7a:34:28:6e:71:98:
         79:4c:df:43:f7:fb:f4:7e:44:34:f2:a1:43:5e:67:53:cc:13:
         8f:23:0c:d7:dd:36:d3:97:db:a5:08:5f:eb:14:73:d5:8f:be:
         77:48:16:b4:ee:67:ee:2b:74:4b:78:6a:f7:ba:cb:7c:ec:57:
         ae:36:7f:7d:cb:a9:5c:07:df:5a:88:4e:b3:f8:cc:4c:67:d8:
         19:a0:7a:18:18:15:19:0e:f5:02:2f:50:a9:82:f1:0e:d5:08:
         7c:74:07:cd
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZaQcMILaHobgeWh38kpJneKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ4Y2YzN2IzNjQ2ZmRhOTNjYmRkMGI4YWFjY2ZmZjMxM2E2
ZjcxOGYwHhcNMjUwNTAyMTAwMDMwWhcNMjUwNTAzMTAwMDMwWjAzMTEwLwYDVQQD
Eyg1NzFjYmZhNzZiNTRkY2QzMDVmZTVlYjE3NGE1NGQxZWIxYjgyMWRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArm21MB9UI+P4VB7jKMx+Wt+iN4zr
19mbvM+zL/D42uN0J065xAyqq++M7ouJDZ8uoNv99gV7N44zqAlRZRSEnEjYw30M
uBoNE0X33StUPr2VNwdPhAV8/SUA/d6dvGxQpt+Q/drrfpOqQTEypKqHEhLssipy
UbFQQsctY17veq3l7BCJKnpR0w9AgUFOuBSkK5o2rR37uIg+O8LDh4GjSZ6em9RR
tOazbbCNC+/Iv+hlqS7wGFtDsxG6TA4LZS5OPm9Nuok+kuomnE7+784dfr+y2ieY
W2GeJmsbc7E21jOqV3l7FzSrq+/Fyk2XVXK1cUKMaWqQlm85ZKjQ3Y5oOQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFccv6drVNzTBf5esXSlTR6xuCHeMB8GA1UdIwQY
MBaAFEjPN7Nkb9qTy90LiqzP/zE6b3GPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU004M3MyUnYycFBMM1F1S3JNX19NVHB2Y1k4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS8yMGQ1OTMtNzIzZi00OTYzLTkwMWQt
MTdlMzE1ODk1NGRhLzEvU004M3MyUnYycFBMM1F1S3JNX19NVHB2Y1k4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYS8yMGQ1OTMtNzIzZi00OTYzLTkwMWQtMTdlMzE1ODk1NGRh
LzEvU004M3MyUnYycFBMM1F1S3JNX19NVHB2Y1k4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXmYTdkLj
fhf40UwL4Zo/PzwDmUsUnOjqVZhEzPJ1AttKSF7r2HOVzmR8SJxrGi/ABQNHVipd
ZyQZuXNV0EeNVc89o88YH2p/TUz1CYgFq2NDOtIpUu0FoMDqP1UTn5plw5ErPeDK
qlxsW0pLs0a/Vg38MUXoJXcjZ2r3eXbiuQLhhGyrrz6XumGgm9rpl03K74HlOyo0
kwZkhgruejQobnGYeUzfQ/f79H5ENPKhQ15nU8wTjyMM190205fbpQhf6xRz1Y++
d0gWtO5n7it0S3hq97rLfOxXrjZ/fcupXAffWohOs/jMTGfYGaB6GBgVGQ71Ai9Q
qYLxDtUIfHQHzQ==
-----END CERTIFICATE-----
Generated at Fri May 2 12:52:56 2025 by rpki-client