Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/f50e2d-e400-44f1-8832-e26960bf34e5/1/UztG46ndW36oqL_aL247rRVQkRM.mft
File:                     UztG46ndW36oqL_aL247rRVQkRM.mft (raw, json)
Hash identifier:          VHMZa7GDZB63vNPNUkSYbGvTxYYYbcpLEuc4D2IZzFU=
Subject key identifier:   65:F6:F8:09:F5:DA:9F:8B:4C:54:03:C7:FF:58:62:C9:FA:7E:1D:09
Authority key identifier: 53:3B:46:E3:A9:DD:5B:7E:A8:A8:BF:DA:2F:6E:3B:AD:15:50:91:13
Certificate issuer:       /CN=533b46e3a9dd5b7ea8a8bfda2f6e3bad15509113
Certificate serial:       0196846C63C1A65BEBA6E3A9A613820A868D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/UztG46ndW36oqL_aL247rRVQkRM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/da/f50e2d-e400-44f1-8832-e26960bf34e5/1/UztG46ndW36oqL_aL247rRVQkRM.mft
Manifest number:          1517
Signing time:             Wed 30 Apr 2025 02:00:17 +0000
Manifest this update:     Wed 30 Apr 2025 02:00:17 +0000
Manifest next update:     Thu 01 May 2025 02:00:17 +0000
Files and hashes:         1: 8xMxjtO-k2WYJj5fJmeVkGV5YA4.roa (hash: h2/dulkFhykUkX0igL56x6SI1vv2NsPZ43/9G+3BAxs=)
                          2: UztG46ndW36oqL_aL247rRVQkRM.crl (hash: BzzgDwjVZgWGcJbWcG0WNkE4DnUrRxUuQJZiYHxAR5c=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/da/f50e2d-e400-44f1-8832-e26960bf34e5/1/UztG46ndW36oqL_aL247rRVQkRM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/da/f50e2d-e400-44f1-8832-e26960bf34e5/1/UztG46ndW36oqL_aL247rRVQkRM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/UztG46ndW36oqL_aL247rRVQkRM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 01 May 2025 00:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:84:6c:63:c1:a6:5b:eb:a6:e3:a9:a6:13:82:0a:86:8d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=533b46e3a9dd5b7ea8a8bfda2f6e3bad15509113
        Validity
            Not Before: Apr 30 02:00:17 2025 GMT
            Not After : May  1 02:00:17 2025 GMT
        Subject: CN=65f6f809f5da9f8b4c5403c7ff5862c9fa7e1d09
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:1e:c4:99:e8:80:51:1b:9f:7c:69:b1:b0:bf:
                    ae:94:a5:72:b6:72:1c:0a:b5:20:30:a0:da:db:74:
                    e4:4a:66:96:49:65:56:91:40:d7:51:18:90:a3:13:
                    33:f4:c2:26:43:f8:d6:64:61:e9:f0:80:f2:0a:bf:
                    bb:00:6a:a3:83:7b:fa:db:0b:fd:0d:3c:6b:93:04:
                    36:82:a6:17:b7:2a:55:1f:2c:98:87:b4:56:a3:47:
                    f6:13:0f:2f:f5:4b:e7:1a:94:b7:05:57:c9:6d:92:
                    41:87:99:7e:44:2d:40:d9:09:99:3e:4b:c2:8d:c6:
                    cf:4a:a9:4b:59:ec:86:de:79:35:1c:9f:3f:d1:12:
                    b2:c1:8c:27:83:b3:78:24:a5:ca:cc:38:2b:50:3e:
                    d9:9b:1f:e2:0e:6c:b9:4f:a8:21:25:a2:56:1b:cc:
                    f5:da:59:c1:fd:c4:6b:dd:09:08:2b:c7:c6:d9:6e:
                    c1:52:52:e5:a3:4a:03:72:47:9a:d0:c4:57:d2:d9:
                    2b:9e:01:70:72:1d:00:f6:4a:81:1b:fd:b4:67:79:
                    25:c7:96:ce:44:ad:d2:d4:1c:4d:ee:3a:ee:a9:18:
                    9b:cc:48:cb:1c:33:fa:04:91:e6:1d:64:fe:42:03:
                    03:b8:2f:af:1e:12:75:cb:72:ab:c2:81:aa:ce:00:
                    f1:5b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                65:F6:F8:09:F5:DA:9F:8B:4C:54:03:C7:FF:58:62:C9:FA:7E:1D:09
            X509v3 Authority Key Identifier:
                keyid:53:3B:46:E3:A9:DD:5B:7E:A8:A8:BF:DA:2F:6E:3B:AD:15:50:91:13

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UztG46ndW36oqL_aL247rRVQkRM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/f50e2d-e400-44f1-8832-e26960bf34e5/1/UztG46ndW36oqL_aL247rRVQkRM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/da/f50e2d-e400-44f1-8832-e26960bf34e5/1/UztG46ndW36oqL_aL247rRVQkRM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7c:65:d3:19:4c:fa:6d:38:c0:50:ba:60:ba:31:2f:87:ff:10:
         75:21:91:ba:51:a1:b2:05:63:60:23:51:f1:e6:57:bc:d9:0a:
         b0:36:26:af:c5:98:ff:32:26:34:07:ad:fd:6b:55:4c:b2:fe:
         4c:4e:f1:32:ce:9a:0b:95:6c:70:bc:d1:66:1e:1a:f3:eb:bb:
         7a:84:7e:0b:44:82:f1:a8:61:7c:e4:e5:ce:45:cf:d2:61:f9:
         d9:a5:40:13:82:ad:e7:74:a7:eb:73:7b:49:8d:c0:a7:6a:4b:
         53:58:4a:8f:28:ec:ce:51:96:c0:c8:40:c7:9b:d1:22:2b:77:
         f5:aa:25:b7:d2:fc:4b:8c:f5:17:ab:47:a4:59:2f:5e:98:df:
         75:11:ac:1e:32:95:26:6b:34:da:2d:a5:f4:1a:88:2b:00:fe:
         92:91:9c:de:90:3e:73:30:23:46:17:36:0f:42:2f:ef:6a:76:
         0a:ca:cf:ae:bf:89:4f:e4:e9:2f:bb:a9:a5:6d:7e:19:f1:c8:
         9d:32:c7:89:57:93:00:fa:de:aa:1e:4c:9f:20:4a:d1:3f:11:
         29:a9:9e:bb:3d:1b:21:1d:b7:d8:e4:19:69:57:f0:e1:dc:26:
         c9:6b:17:8f:e6:ba:00:22:a3:24:8a:a0:d3:c8:71:01:a8:a2:
         ee:13:af:5e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZaEbGPBplvrpuOpphOCCoaNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUzM2I0NmUzYTlkZDViN2VhOGE4YmZkYTJmNmUzYmFkMTU1
MDkxMTMwHhcNMjUwNDMwMDIwMDE3WhcNMjUwNTAxMDIwMDE3WjAzMTEwLwYDVQQD
Eyg2NWY2ZjgwOWY1ZGE5ZjhiNGM1NDAzYzdmZjU4NjJjOWZhN2UxZDA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvh7EmeiAURuffGmxsL+ulKVytnIc
CrUgMKDa23TkSmaWSWVWkUDXURiQoxMz9MImQ/jWZGHp8IDyCr+7AGqjg3v62wv9
DTxrkwQ2gqYXtypVHyyYh7RWo0f2Ew8v9UvnGpS3BVfJbZJBh5l+RC1A2QmZPkvC
jcbPSqlLWeyG3nk1HJ8/0RKywYwng7N4JKXKzDgrUD7Zmx/iDmy5T6ghJaJWG8z1
2lnB/cRr3QkIK8fG2W7BUlLlo0oDckea0MRX0tkrngFwch0A9kqBG/20Z3klx5bO
RK3S1BxN7jruqRibzEjLHDP6BJHmHWT+QgMDuC+vHhJ1y3KrwoGqzgDxWwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGX2+An12p+LTFQDx/9YYsn6fh0JMB8GA1UdIwQY
MBaAFFM7RuOp3Vt+qKi/2i9uO60VUJETMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVXp0RzQ2bmRXMzZvcUxfYUwyNDdyUlZRa1JNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS9mNTBlMmQtZTQwMC00NGYxLTg4MzIt
ZTI2OTYwYmYzNGU1LzEvVXp0RzQ2bmRXMzZvcUxfYUwyNDdyUlZRa1JNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYS9mNTBlMmQtZTQwMC00NGYxLTg4MzItZTI2OTYwYmYzNGU1
LzEvVXp0RzQ2bmRXMzZvcUxfYUwyNDdyUlZRa1JNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAfGXTGUz6
bTjAULpgujEvh/8QdSGRulGhsgVjYCNR8eZXvNkKsDYmr8WY/zImNAet/WtVTLL+
TE7xMs6aC5VscLzRZh4a8+u7eoR+C0SC8ahhfOTlzkXP0mH52aVAE4Kt53Sn63N7
SY3Ap2pLU1hKjyjszlGWwMhAx5vRIit39aolt9L8S4z1F6tHpFkvXpjfdRGsHjKV
Jms02i2l9BqIKwD+kpGc3pA+czAjRhc2D0Iv72p2CsrPrr+JT+TpL7uppW1+GfHI
nTLHiVeTAPreqh5MnyBK0T8RKameuz0bIR232OQZaVfw4dwmyWsXj+a6ACKjJIqg
08hxAaii7hOvXg==
-----END CERTIFICATE-----
Generated at Wed Apr 30 08:28:52 2025 by rpki-client