Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/a32872-88a3-4e84-9f83-aa7353d4d98f/1/rBoLnMXOi_2e4m0J1-kRUaQtNw0.mft
File:                     rBoLnMXOi_2e4m0J1-kRUaQtNw0.mft (raw, json)
Hash identifier:          NG8RP+h6tLYjrtIsnWKg1mR2S2NLJANnb8WyRw9ODek=
Subject key identifier:   DC:0A:51:95:F4:F6:BB:82:03:00:96:17:01:10:28:B3:86:86:0F:B4
Authority key identifier: AC:1A:0B:9C:C5:CE:8B:FD:9E:E2:6D:09:D7:E9:11:51:A4:2D:37:0D
Certificate issuer:       /CN=ac1a0b9cc5ce8bfd9ee26d09d7e91151a42d370d
Certificate serial:       01967CB386789E5652ED14AB3FEDECFFA04C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/rBoLnMXOi_2e4m0J1-kRUaQtNw0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d0/a32872-88a3-4e84-9f83-aa7353d4d98f/1/rBoLnMXOi_2e4m0J1-kRUaQtNw0.mft
Manifest number:          1512
Signing time:             Mon 28 Apr 2025 14:01:02 +0000
Manifest this update:     Mon 28 Apr 2025 14:01:02 +0000
Manifest next update:     Tue 29 Apr 2025 14:01:02 +0000
Files and hashes:         1: e7v6KfsQ42Ju_th6J-KjayhE0pc.roa (hash: 2QzdBlDL7vaApFGThIZoir4ZfxpYLQiDlB23vrYFa1A=)
                          2: rBoLnMXOi_2e4m0J1-kRUaQtNw0.crl (hash: wiSoffKsjxuNOcEJpoE2ASTFO7rs+U6yB5H4haIHGjY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d0/a32872-88a3-4e84-9f83-aa7353d4d98f/1/rBoLnMXOi_2e4m0J1-kRUaQtNw0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d0/a32872-88a3-4e84-9f83-aa7353d4d98f/1/rBoLnMXOi_2e4m0J1-kRUaQtNw0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/rBoLnMXOi_2e4m0J1-kRUaQtNw0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 29 Apr 2025 14:01:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:7c:b3:86:78:9e:56:52:ed:14:ab:3f:ed:ec:ff:a0:4c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ac1a0b9cc5ce8bfd9ee26d09d7e91151a42d370d
        Validity
            Not Before: Apr 28 14:01:02 2025 GMT
            Not After : Apr 29 14:01:02 2025 GMT
        Subject: CN=dc0a5195f4f6bb8203009617011028b386860fb4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f5:13:5d:ef:f7:4e:7d:4b:79:e6:08:2a:4c:8c:
                    85:d0:4a:bc:c2:93:65:ea:9d:4b:5d:c3:8e:c9:f1:
                    9d:f1:31:99:74:0a:6b:ca:0c:03:eb:a6:a0:e1:49:
                    ef:34:bb:05:ba:6d:cc:ce:6b:7c:6c:8f:95:08:1a:
                    50:77:ae:2a:bc:68:a4:0d:ae:96:5d:aa:2e:03:59:
                    8d:f3:51:b4:5f:37:c0:55:4f:6e:cc:f8:c1:c9:08:
                    e0:43:5e:03:ad:13:20:9b:2b:9c:e8:32:2f:39:9b:
                    e0:00:e2:bf:49:34:1b:a3:3d:23:e2:8c:d6:b5:cc:
                    92:d4:87:96:37:ba:20:da:3c:6a:bb:97:da:aa:6d:
                    cb:5c:c4:34:4d:db:a8:f0:38:5f:2a:fe:1e:92:34:
                    7b:ec:67:14:f8:d5:44:12:e1:80:b3:f2:6c:7c:73:
                    d1:b3:5a:67:1a:19:4a:d0:25:33:b1:9c:53:5a:74:
                    98:27:af:ec:37:63:8f:79:13:a1:9a:d3:3e:83:13:
                    0e:87:54:e6:02:35:5c:b2:d1:ba:65:bc:27:10:47:
                    53:1e:9a:c5:91:b9:40:68:1c:8e:1f:b8:05:19:50:
                    9f:81:4a:c7:41:88:6d:76:77:4a:c5:f7:da:09:88:
                    8b:a4:1a:81:1d:75:31:51:74:48:ab:00:f7:02:20:
                    df:6d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DC:0A:51:95:F4:F6:BB:82:03:00:96:17:01:10:28:B3:86:86:0F:B4
            X509v3 Authority Key Identifier:
                keyid:AC:1A:0B:9C:C5:CE:8B:FD:9E:E2:6D:09:D7:E9:11:51:A4:2D:37:0D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rBoLnMXOi_2e4m0J1-kRUaQtNw0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/a32872-88a3-4e84-9f83-aa7353d4d98f/1/rBoLnMXOi_2e4m0J1-kRUaQtNw0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/a32872-88a3-4e84-9f83-aa7353d4d98f/1/rBoLnMXOi_2e4m0J1-kRUaQtNw0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4b:20:06:73:a0:27:25:f5:03:42:03:e9:d6:79:7d:b5:a4:97:
         9c:d8:ef:e8:68:ce:e9:69:ae:a7:51:c3:a5:c1:9f:dc:db:55:
         99:c9:f5:17:da:f1:bd:43:f2:84:ac:63:e8:f9:12:f3:d0:dc:
         e3:31:5a:e6:7b:d2:b4:eb:3f:48:17:8a:ea:e6:4f:db:27:42:
         93:fb:26:55:d5:90:49:75:ca:cd:2d:6a:47:72:f6:50:9b:ad:
         53:34:3c:67:eb:77:78:f3:88:b7:a0:0a:e6:b5:0d:6b:20:16:
         30:91:5a:6e:3f:c1:44:64:fb:c1:83:d6:41:24:db:30:7e:52:
         83:5c:aa:8e:f9:08:88:ea:f3:08:0b:24:50:75:ef:8a:9d:1a:
         f7:e5:90:f0:bd:b4:fa:af:fc:3d:87:49:11:5a:4c:a7:93:2a:
         f4:a8:1a:67:44:eb:0b:f5:d7:61:41:a1:6e:62:ee:34:22:20:
         a3:87:10:58:d1:c1:0a:94:82:12:78:82:6e:ad:55:8e:d6:0c:
         2b:f5:2e:9a:97:7c:17:eb:82:b4:20:f4:d7:bb:9d:cf:5e:bb:
         c0:d8:67:46:2b:59:da:62:4a:77:17:e7:1c:50:ab:bf:7d:26:
         f8:96:0c:96:7d:be:62:21:a8:69:2c:ad:94:79:66:76:ee:06:
         6e:1f:6b:d1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZ8s4Z4nlZS7RSrP+3s/6BMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFjMWEwYjljYzVjZThiZmQ5ZWUyNmQwOWQ3ZTkxMTUxYTQy
ZDM3MGQwHhcNMjUwNDI4MTQwMTAyWhcNMjUwNDI5MTQwMTAyWjAzMTEwLwYDVQQD
EyhkYzBhNTE5NWY0ZjZiYjgyMDMwMDk2MTcwMTEwMjhiMzg2ODYwZmI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9RNd7/dOfUt55ggqTIyF0Eq8wpNl
6p1LXcOOyfGd8TGZdAprygwD66ag4UnvNLsFum3Mzmt8bI+VCBpQd64qvGikDa6W
XaouA1mN81G0XzfAVU9uzPjByQjgQ14DrRMgmyuc6DIvOZvgAOK/STQboz0j4ozW
tcyS1IeWN7og2jxqu5faqm3LXMQ0Tduo8DhfKv4ekjR77GcU+NVEEuGAs/JsfHPR
s1pnGhlK0CUzsZxTWnSYJ6/sN2OPeROhmtM+gxMOh1TmAjVcstG6ZbwnEEdTHprF
kblAaByOH7gFGVCfgUrHQYhtdndKxffaCYiLpBqBHXUxUXRIqwD3AiDfbQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNwKUZX09ruCAwCWFwEQKLOGhg+0MB8GA1UdIwQY
MBaAFKwaC5zFzov9nuJtCdfpEVGkLTcNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvckJvTG5NWE9pXzJlNG0wSjEta1JVYVF0TncwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC9hMzI4NzItODhhMy00ZTg0LTlmODMt
YWE3MzUzZDRkOThmLzEvckJvTG5NWE9pXzJlNG0wSjEta1JVYVF0TncwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC9hMzI4NzItODhhMy00ZTg0LTlmODMtYWE3MzUzZDRkOThm
LzEvckJvTG5NWE9pXzJlNG0wSjEta1JVYVF0TncwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEASyAGc6An
JfUDQgPp1nl9taSXnNjv6GjO6Wmup1HDpcGf3NtVmcn1F9rxvUPyhKxj6PkS89Dc
4zFa5nvStOs/SBeK6uZP2ydCk/smVdWQSXXKzS1qR3L2UJutUzQ8Z+t3ePOIt6AK
5rUNayAWMJFabj/BRGT7wYPWQSTbMH5Sg1yqjvkIiOrzCAskUHXvip0a9+WQ8L20
+q/8PYdJEVpMp5Mq9KgaZ0TrC/XXYUGhbmLuNCIgo4cQWNHBCpSCEniCbq1VjtYM
K/Uumpd8F+uCtCD017udz167wNhnRitZ2mJKdxfnHFCrv30m+JYMln2+YiGoaSyt
lHlmdu4Gbh9r0Q==
-----END CERTIFICATE-----
Generated at Mon Apr 28 19:32:27 2025 by rpki-client