Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c4/f2d0cb-c3d4-49be-b0f2-305fb09556c9/1/iXN4Em9V2WUZVT2qSOAuMoISFkQ.mft
File:                     iXN4Em9V2WUZVT2qSOAuMoISFkQ.mft (raw, json)
Hash identifier:          dY+87b9vl5lB2nAlMHTtx53JVHg1NDk7pV1AJsHITZk=
Subject key identifier:   32:BD:D1:CB:BE:64:4C:44:CE:24:2D:8B:94:21:10:A5:69:A5:3B:45
Authority key identifier: 89:73:78:12:6F:55:D9:65:19:55:3D:AA:48:E0:2E:32:82:12:16:44
Certificate issuer:       /CN=897378126f55d96519553daa48e02e3282121644
Certificate serial:       01967BD7DD590E18A6C029D0571753F1622E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/iXN4Em9V2WUZVT2qSOAuMoISFkQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c4/f2d0cb-c3d4-49be-b0f2-305fb09556c9/1/iXN4Em9V2WUZVT2qSOAuMoISFkQ.mft
Manifest number:          0D6D
Signing time:             Mon 28 Apr 2025 10:01:06 +0000
Manifest this update:     Mon 28 Apr 2025 10:01:06 +0000
Manifest next update:     Tue 29 Apr 2025 10:01:06 +0000
Files and hashes:         1: gGw6ft1sLBQmsJ-vRfx6KJXkhbk.roa (hash: S1p9cVSO3FaBQReociITznoI/L2Cqm4kk12uycY2TsA=)
                          2: iXN4Em9V2WUZVT2qSOAuMoISFkQ.crl (hash: Tr09YtWMmdB/7zgtBV22IPmwDWiQD1SG4yBtLbs1l3Q=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c4/f2d0cb-c3d4-49be-b0f2-305fb09556c9/1/iXN4Em9V2WUZVT2qSOAuMoISFkQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c4/f2d0cb-c3d4-49be-b0f2-305fb09556c9/1/iXN4Em9V2WUZVT2qSOAuMoISFkQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/iXN4Em9V2WUZVT2qSOAuMoISFkQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 29 Apr 2025 10:01:06 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:7b:d7:dd:59:0e:18:a6:c0:29:d0:57:17:53:f1:62:2e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=897378126f55d96519553daa48e02e3282121644
        Validity
            Not Before: Apr 28 10:01:06 2025 GMT
            Not After : Apr 29 10:01:06 2025 GMT
        Subject: CN=32bdd1cbbe644c44ce242d8b942110a569a53b45
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d6:c1:de:e2:63:66:11:cb:03:25:e6:36:12:9f:
                    38:d7:5a:b0:71:32:83:d4:53:38:dc:b1:a7:5a:9b:
                    e5:4f:1e:de:5c:cd:2a:67:7a:9d:00:91:b5:3f:99:
                    64:4d:14:5f:6e:ab:39:50:d4:b5:64:d1:ed:7a:0c:
                    db:82:66:d5:ac:d0:07:e8:45:af:c0:a9:c4:98:6d:
                    64:f7:ad:ec:85:6f:19:a5:1d:6f:6d:4a:17:a9:51:
                    c9:2a:1d:54:82:45:27:c8:23:32:c8:67:7a:0f:84:
                    39:94:3d:c2:e3:65:97:ac:3c:86:76:73:56:cf:d3:
                    22:05:52:ae:d2:32:c9:ff:62:81:62:b5:9e:05:aa:
                    ac:f2:22:1a:58:85:db:84:29:e8:e6:4d:8d:fe:c4:
                    20:81:96:63:c7:24:d4:19:d3:34:06:d2:08:e6:35:
                    73:20:04:f4:e6:c2:33:61:e2:8d:02:2c:0d:7f:43:
                    59:a5:9a:9d:e8:8c:c6:ff:a9:c5:9a:a7:82:1a:6b:
                    e9:32:f2:bb:39:62:37:f2:1d:aa:c0:44:a5:f4:7b:
                    a2:c5:98:0e:af:13:a2:4f:19:da:4a:dc:a1:c6:d5:
                    a5:2b:d0:c1:bd:16:aa:a0:3d:30:3a:1c:80:96:06:
                    8c:af:ce:37:f6:a9:17:79:c2:bf:c0:eb:ff:65:f3:
                    ec:6b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                32:BD:D1:CB:BE:64:4C:44:CE:24:2D:8B:94:21:10:A5:69:A5:3B:45
            X509v3 Authority Key Identifier:
                keyid:89:73:78:12:6F:55:D9:65:19:55:3D:AA:48:E0:2E:32:82:12:16:44

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iXN4Em9V2WUZVT2qSOAuMoISFkQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/f2d0cb-c3d4-49be-b0f2-305fb09556c9/1/iXN4Em9V2WUZVT2qSOAuMoISFkQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/f2d0cb-c3d4-49be-b0f2-305fb09556c9/1/iXN4Em9V2WUZVT2qSOAuMoISFkQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         ee:39:6a:01:9d:18:cd:0f:8b:df:ca:2a:7c:b4:f2:53:7f:da:
         55:d4:53:ca:3c:eb:2a:e2:fb:f6:58:fb:00:56:f0:0c:c5:1b:
         8b:ee:aa:8a:22:cd:08:20:87:33:5c:55:1c:f2:80:f7:65:27:
         c2:3f:61:67:8c:fc:2b:76:73:0c:ec:1d:81:55:81:09:d0:4c:
         9d:2b:32:c5:c0:cd:08:dc:16:b6:0c:73:95:91:61:98:c8:7c:
         1d:6b:05:ad:0a:33:0d:46:15:b7:2d:23:aa:7a:e8:84:5e:31:
         d5:a4:49:a7:79:25:d6:af:3d:9d:04:e7:e6:6b:56:f7:1a:3c:
         29:04:f2:9e:6c:ec:c2:ff:71:80:ac:16:fe:60:15:bf:10:6b:
         17:8d:2b:76:78:98:51:fb:1b:46:3f:af:a6:0e:68:7b:01:df:
         89:a3:ff:e0:4e:f0:c8:1a:7b:8a:6e:67:70:7e:2e:5d:61:a9:
         15:22:8b:51:3e:04:63:5c:dd:66:2a:54:0e:04:dc:f2:89:38:
         53:49:0a:b0:d7:4a:9f:6c:9d:57:52:2e:01:26:4f:59:3e:a3:
         76:a3:1b:ab:ef:64:65:cf:c2:0d:2f:17:20:c9:da:c7:67:83:
         78:4c:f7:c1:c8:a0:e2:65:96:0c:a2:91:75:83:05:f8:0b:d0:
         32:a1:79:d1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZ7191ZDhimwCnQVxdT8WIuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg5NzM3ODEyNmY1NWQ5NjUxOTU1M2RhYTQ4ZTAyZTMyODIx
MjE2NDQwHhcNMjUwNDI4MTAwMTA2WhcNMjUwNDI5MTAwMTA2WjAzMTEwLwYDVQQD
EygzMmJkZDFjYmJlNjQ0YzQ0Y2UyNDJkOGI5NDIxMTBhNTY5YTUzYjQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1sHe4mNmEcsDJeY2Ep8411qwcTKD
1FM43LGnWpvlTx7eXM0qZ3qdAJG1P5lkTRRfbqs5UNS1ZNHtegzbgmbVrNAH6EWv
wKnEmG1k963shW8ZpR1vbUoXqVHJKh1UgkUnyCMyyGd6D4Q5lD3C42WXrDyGdnNW
z9MiBVKu0jLJ/2KBYrWeBaqs8iIaWIXbhCno5k2N/sQggZZjxyTUGdM0BtII5jVz
IAT05sIzYeKNAiwNf0NZpZqd6IzG/6nFmqeCGmvpMvK7OWI38h2qwESl9HuixZgO
rxOiTxnaStyhxtWlK9DBvRaqoD0wOhyAlgaMr8439qkXecK/wOv/ZfPsawIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDK90cu+ZExEziQti5QhEKVppTtFMB8GA1UdIwQY
MBaAFIlzeBJvVdllGVU9qkjgLjKCEhZEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaVhONEVtOVYyV1VaVlQycVNPQXVNb0lTRmtRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNC9mMmQwY2ItYzNkNC00OWJlLWIwZjIt
MzA1ZmIwOTU1NmM5LzEvaVhONEVtOVYyV1VaVlQycVNPQXVNb0lTRmtRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNC9mMmQwY2ItYzNkNC00OWJlLWIwZjItMzA1ZmIwOTU1NmM5
LzEvaVhONEVtOVYyV1VaVlQycVNPQXVNb0lTRmtRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEA7jlqAZ0Y
zQ+L38oqfLTyU3/aVdRTyjzrKuL79lj7AFbwDMUbi+6qiiLNCCCHM1xVHPKA92Un
wj9hZ4z8K3ZzDOwdgVWBCdBMnSsyxcDNCNwWtgxzlZFhmMh8HWsFrQozDUYVty0j
qnrohF4x1aRJp3kl1q89nQTn5mtW9xo8KQTynmzswv9xgKwW/mAVvxBrF40rdniY
UfsbRj+vpg5oewHfiaP/4E7wyBp7im5ncH4uXWGpFSKLUT4EY1zdZipUDgTc8ok4
U0kKsNdKn2ydV1IuASZPWT6jdqMbq+9kZc/CDS8XIMnax2eDeEz3wcig4mWWDKKR
dYMF+AvQMqF50Q==
-----END CERTIFICATE-----
Generated at Mon Apr 28 20:09:57 2025 by rpki-client