Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c4/f2d0cb-c3d4-49be-b0f2-305fb09556c9/1/iXN4Em9V2WUZVT2qSOAuMoISFkQ.mft
File:                     iXN4Em9V2WUZVT2qSOAuMoISFkQ.mft (raw, json)
Hash identifier:          9dCbknfULYWZiACaNx38/w9UJ6CqY/nI0TS+6rlfRAc=
Subject key identifier:   43:73:E4:71:52:5A:59:25:FB:7F:F3:15:06:97:8F:D7:80:FB:8A:B7
Authority key identifier: 89:73:78:12:6F:55:D9:65:19:55:3D:AA:48:E0:2E:32:82:12:16:44
Certificate issuer:       /CN=897378126f55d96519553daa48e02e3282121644
Certificate serial:       019679E9B953B546A891E6CDFF089A6CDD35
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/iXN4Em9V2WUZVT2qSOAuMoISFkQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c4/f2d0cb-c3d4-49be-b0f2-305fb09556c9/1/iXN4Em9V2WUZVT2qSOAuMoISFkQ.mft
Manifest number:          0D6C
Signing time:             Mon 28 Apr 2025 01:01:22 +0000
Manifest this update:     Mon 28 Apr 2025 01:01:22 +0000
Manifest next update:     Tue 29 Apr 2025 01:01:22 +0000
Files and hashes:         1: gGw6ft1sLBQmsJ-vRfx6KJXkhbk.roa (hash: S1p9cVSO3FaBQReociITznoI/L2Cqm4kk12uycY2TsA=)
                          2: iXN4Em9V2WUZVT2qSOAuMoISFkQ.crl (hash: cLDZqQOy8pdE4ggGOOfPt/7t+0+fvHdmgOjfu+Jlsz0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c4/f2d0cb-c3d4-49be-b0f2-305fb09556c9/1/iXN4Em9V2WUZVT2qSOAuMoISFkQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c4/f2d0cb-c3d4-49be-b0f2-305fb09556c9/1/iXN4Em9V2WUZVT2qSOAuMoISFkQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/iXN4Em9V2WUZVT2qSOAuMoISFkQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 28 Apr 2025 23:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:79:e9:b9:53:b5:46:a8:91:e6:cd:ff:08:9a:6c:dd:35
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=897378126f55d96519553daa48e02e3282121644
        Validity
            Not Before: Apr 28 01:01:22 2025 GMT
            Not After : Apr 29 01:01:22 2025 GMT
        Subject: CN=4373e471525a5925fb7ff31506978fd780fb8ab7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9f:15:f0:c0:9b:16:6f:40:1b:7c:c9:b9:cd:e5:
                    fd:44:0c:70:d5:33:3b:28:fb:0a:ed:f6:f8:c0:f4:
                    3a:82:78:4d:5e:bb:79:ad:47:9a:9f:4c:20:a0:d9:
                    7d:c6:b0:0b:f5:61:f4:ba:20:70:65:7e:de:0a:53:
                    73:60:03:e9:06:38:83:b4:47:95:af:35:5c:ba:dd:
                    2f:34:78:27:18:04:8d:26:fc:88:e4:12:d3:7a:9a:
                    31:81:2e:c0:5e:a7:28:6a:02:86:ad:8a:a2:4b:f1:
                    c1:e5:f3:4c:69:56:c0:c6:7d:f4:8c:df:41:08:24:
                    59:b0:1e:ff:8b:e8:74:9c:15:d0:5d:37:8b:40:0e:
                    5d:74:f2:b7:f3:0f:eb:e0:c1:41:d7:a3:2f:2a:2c:
                    56:30:19:06:dc:6f:57:73:65:4b:8b:40:68:3f:75:
                    e7:bf:c6:d2:c0:43:92:21:f4:d8:8c:c7:12:fc:0c:
                    47:42:50:e1:d8:9d:e9:3a:f1:ac:68:7b:d7:ab:7a:
                    14:e5:ad:a7:7f:a0:da:a7:20:33:18:cb:21:d3:cd:
                    cc:0c:f8:48:ba:f2:1d:a4:ba:2b:b4:e3:8b:e1:dd:
                    9b:61:1d:c1:e3:4c:d8:5e:16:56:bf:80:14:68:fc:
                    55:d0:2e:f4:e6:a5:55:ce:49:7f:d1:ad:51:e4:df:
                    c9:1f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                43:73:E4:71:52:5A:59:25:FB:7F:F3:15:06:97:8F:D7:80:FB:8A:B7
            X509v3 Authority Key Identifier:
                keyid:89:73:78:12:6F:55:D9:65:19:55:3D:AA:48:E0:2E:32:82:12:16:44

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iXN4Em9V2WUZVT2qSOAuMoISFkQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/f2d0cb-c3d4-49be-b0f2-305fb09556c9/1/iXN4Em9V2WUZVT2qSOAuMoISFkQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/f2d0cb-c3d4-49be-b0f2-305fb09556c9/1/iXN4Em9V2WUZVT2qSOAuMoISFkQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         cc:44:0d:9a:50:c6:37:63:e7:3e:9c:4a:20:70:04:f0:a8:dc:
         36:d0:6f:40:5f:5d:6a:8e:56:89:a4:43:0d:bb:31:2f:2f:b1:
         d1:10:c6:20:4c:39:a1:49:01:e1:8d:40:fb:12:dc:7b:09:84:
         45:c5:d6:ea:79:61:0b:df:47:4a:79:a2:66:5e:0a:17:62:5c:
         83:b8:56:79:2d:59:e0:2e:95:75:cc:3c:66:0a:c1:0f:81:0c:
         1c:19:2f:d4:6f:c7:21:81:b9:73:3e:3d:66:f3:7f:70:f2:fa:
         c4:0b:6b:fd:cd:2a:6b:03:b0:fb:ba:c6:dc:31:16:19:5e:46:
         c8:6d:e3:11:02:7a:3a:36:60:94:81:5a:c9:f5:11:b8:17:16:
         6c:74:5a:21:e1:6a:da:d6:48:32:a1:0a:ae:63:e8:3d:16:9d:
         b0:cf:ba:3f:19:f5:d2:4f:63:78:e8:af:a1:d5:13:a6:73:dd:
         a6:5e:eb:89:06:ba:36:0d:83:fd:9a:81:d1:26:3d:f4:db:25:
         41:80:11:91:ab:57:f0:6b:9b:37:d9:2b:98:14:6c:02:30:9e:
         af:58:4e:06:1b:d2:c2:66:84:aa:a1:62:ed:cf:17:0c:72:9a:
         f6:e4:0a:c7:19:64:82:1b:3b:ad:72:a8:a5:42:b2:15:5f:b1:
         cc:48:e3:d0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZ56blTtUaokebN/wiabN01MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg5NzM3ODEyNmY1NWQ5NjUxOTU1M2RhYTQ4ZTAyZTMyODIx
MjE2NDQwHhcNMjUwNDI4MDEwMTIyWhcNMjUwNDI5MDEwMTIyWjAzMTEwLwYDVQQD
Eyg0MzczZTQ3MTUyNWE1OTI1ZmI3ZmYzMTUwNjk3OGZkNzgwZmI4YWI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnxXwwJsWb0AbfMm5zeX9RAxw1TM7
KPsK7fb4wPQ6gnhNXrt5rUean0wgoNl9xrAL9WH0uiBwZX7eClNzYAPpBjiDtEeV
rzVcut0vNHgnGASNJvyI5BLTepoxgS7AXqcoagKGrYqiS/HB5fNMaVbAxn30jN9B
CCRZsB7/i+h0nBXQXTeLQA5ddPK38w/r4MFB16MvKixWMBkG3G9Xc2VLi0BoP3Xn
v8bSwEOSIfTYjMcS/AxHQlDh2J3pOvGsaHvXq3oU5a2nf6DapyAzGMsh083MDPhI
uvIdpLortOOL4d2bYR3B40zYXhZWv4AUaPxV0C705qVVzkl/0a1R5N/JHwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFENz5HFSWlkl+3/zFQaXj9eA+4q3MB8GA1UdIwQY
MBaAFIlzeBJvVdllGVU9qkjgLjKCEhZEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaVhONEVtOVYyV1VaVlQycVNPQXVNb0lTRmtRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNC9mMmQwY2ItYzNkNC00OWJlLWIwZjIt
MzA1ZmIwOTU1NmM5LzEvaVhONEVtOVYyV1VaVlQycVNPQXVNb0lTRmtRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNC9mMmQwY2ItYzNkNC00OWJlLWIwZjItMzA1ZmIwOTU1NmM5
LzEvaVhONEVtOVYyV1VaVlQycVNPQXVNb0lTRmtRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAzEQNmlDG
N2PnPpxKIHAE8KjcNtBvQF9dao5WiaRDDbsxLy+x0RDGIEw5oUkB4Y1A+xLcewmE
RcXW6nlhC99HSnmiZl4KF2Jcg7hWeS1Z4C6Vdcw8ZgrBD4EMHBkv1G/HIYG5cz49
ZvN/cPL6xAtr/c0qawOw+7rG3DEWGV5GyG3jEQJ6OjZglIFayfURuBcWbHRaIeFq
2tZIMqEKrmPoPRadsM+6Pxn10k9jeOivodUTpnPdpl7riQa6Ng2D/ZqB0SY99Nsl
QYARkatX8GubN9krmBRsAjCer1hOBhvSwmaEqqFi7c8XDHKa9uQKxxlkghs7rXKo
pUKyFV+xzEjj0A==
-----END CERTIFICATE-----
Generated at Mon Apr 28 07:03:29 2025 by rpki-client