Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/f50e2d-e400-44f1-8832-e26960bf34e5/1/UztG46ndW36oqL_aL247rRVQkRM.mft
File:                     UztG46ndW36oqL_aL247rRVQkRM.mft (raw, json)
Hash identifier:          N2eI6/crN+fAFSLxF4McwONYuQVToJnVUgNBLyVGyKY=
Subject key identifier:   ED:3B:E5:E2:90:CE:B0:9E:EB:E3:54:00:99:B6:1D:A9:23:CB:69:F3
Authority key identifier: 53:3B:46:E3:A9:DD:5B:7E:A8:A8:BF:DA:2F:6E:3B:AD:15:50:91:13
Certificate issuer:       /CN=533b46e3a9dd5b7ea8a8bfda2f6e3bad15509113
Certificate serial:       0196827E7940883B521B0CCC72431377AE7F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/UztG46ndW36oqL_aL247rRVQkRM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/da/f50e2d-e400-44f1-8832-e26960bf34e5/1/UztG46ndW36oqL_aL247rRVQkRM.mft
Manifest number:          1516
Signing time:             Tue 29 Apr 2025 17:00:48 +0000
Manifest this update:     Tue 29 Apr 2025 17:00:48 +0000
Manifest next update:     Wed 30 Apr 2025 17:00:48 +0000
Files and hashes:         1: 8xMxjtO-k2WYJj5fJmeVkGV5YA4.roa (hash: h2/dulkFhykUkX0igL56x6SI1vv2NsPZ43/9G+3BAxs=)
                          2: UztG46ndW36oqL_aL247rRVQkRM.crl (hash: xRRlLnUIveRLqPPurHaLKjvYoqqpjRXnfTghxW8bHK0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/da/f50e2d-e400-44f1-8832-e26960bf34e5/1/UztG46ndW36oqL_aL247rRVQkRM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/da/f50e2d-e400-44f1-8832-e26960bf34e5/1/UztG46ndW36oqL_aL247rRVQkRM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/UztG46ndW36oqL_aL247rRVQkRM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 30 Apr 2025 15:02:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:82:7e:79:40:88:3b:52:1b:0c:cc:72:43:13:77:ae:7f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=533b46e3a9dd5b7ea8a8bfda2f6e3bad15509113
        Validity
            Not Before: Apr 29 17:00:48 2025 GMT
            Not After : Apr 30 17:00:48 2025 GMT
        Subject: CN=ed3be5e290ceb09eebe3540099b61da923cb69f3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e7:15:6e:1a:6d:4c:29:c7:e9:7c:34:76:75:20:
                    22:c8:db:1d:b2:df:ff:e4:9b:ba:6a:06:92:66:66:
                    cc:dd:ae:3c:78:eb:88:29:19:02:67:24:e2:56:eb:
                    a9:dd:27:e8:f8:42:e0:ca:de:96:bc:35:10:cd:89:
                    54:a0:8e:52:0e:54:2a:dc:53:41:14:ad:92:94:1b:
                    ce:1a:7f:0e:5e:36:97:99:2e:a1:fb:b2:6f:e9:40:
                    2f:cf:05:91:16:70:77:b7:3f:06:5c:f7:86:ca:bf:
                    c3:9b:7c:6e:71:b8:11:f0:d4:85:74:86:bc:ee:2c:
                    43:91:61:05:43:14:5b:d1:5d:2b:48:79:65:7a:6b:
                    0e:b8:63:13:1d:86:d1:1c:a9:c0:e9:73:63:66:e9:
                    42:41:e2:06:cf:ba:b0:04:bf:cd:8e:2d:1d:f7:45:
                    be:fb:62:6c:60:17:12:51:08:44:21:78:0e:14:cd:
                    2e:ac:91:9b:7d:bf:32:fb:df:0e:6c:4b:fa:77:b3:
                    1c:c9:8d:50:a2:3e:8e:10:11:53:1f:df:d2:e9:08:
                    3c:2b:95:2d:32:66:93:ad:48:36:87:d5:14:cf:ce:
                    4c:ad:8c:74:7c:8b:73:e4:78:cc:b4:12:9d:6e:64:
                    0c:0b:0a:c5:97:93:02:10:1d:b5:64:03:75:94:52:
                    7c:2b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                ED:3B:E5:E2:90:CE:B0:9E:EB:E3:54:00:99:B6:1D:A9:23:CB:69:F3
            X509v3 Authority Key Identifier:
                keyid:53:3B:46:E3:A9:DD:5B:7E:A8:A8:BF:DA:2F:6E:3B:AD:15:50:91:13

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UztG46ndW36oqL_aL247rRVQkRM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/f50e2d-e400-44f1-8832-e26960bf34e5/1/UztG46ndW36oqL_aL247rRVQkRM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/da/f50e2d-e400-44f1-8832-e26960bf34e5/1/UztG46ndW36oqL_aL247rRVQkRM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         11:d1:f4:86:ec:79:46:48:ed:31:4b:6d:a2:28:62:4e:79:1f:
         c1:a5:a4:78:e4:c3:b8:13:b5:d1:86:0c:60:7c:cc:90:99:a3:
         7a:d3:6e:fc:96:a5:11:51:be:82:43:26:7a:cd:76:59:65:26:
         a0:93:29:c0:14:f0:3b:84:dc:0a:5a:18:82:0f:16:a5:7b:87:
         dc:c1:5b:77:0e:6d:72:7c:70:0c:04:22:41:2e:c2:2f:d9:05:
         b5:03:08:ce:d1:11:94:48:2b:8e:46:69:75:1c:9f:e0:20:5d:
         a3:d6:63:8b:85:63:b1:01:4a:f6:63:d9:e9:13:f7:15:d7:1b:
         8c:62:a3:e0:49:6c:51:21:10:39:af:95:7f:2f:83:09:22:4b:
         7b:96:33:27:f5:f9:03:a9:f2:66:ba:e1:5a:65:9b:e1:97:4c:
         48:83:29:19:18:f2:86:17:14:74:52:04:21:81:70:fd:fb:c2:
         6a:29:48:ab:f4:7f:09:85:96:73:4e:b6:87:fd:b6:dd:4c:5c:
         90:27:46:54:23:9f:61:f5:0d:44:b5:f3:ab:b9:74:68:f9:22:
         a6:cf:f7:16:b5:1d:25:b6:84:35:7c:54:83:57:84:58:57:d5:
         cc:c6:78:7a:27:39:95:c0:76:8f:ae:67:aa:48:e9:42:6d:56:
         fd:30:83:28
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZaCfnlAiDtSGwzMckMTd65/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUzM2I0NmUzYTlkZDViN2VhOGE4YmZkYTJmNmUzYmFkMTU1
MDkxMTMwHhcNMjUwNDI5MTcwMDQ4WhcNMjUwNDMwMTcwMDQ4WjAzMTEwLwYDVQQD
EyhlZDNiZTVlMjkwY2ViMDllZWJlMzU0MDA5OWI2MWRhOTIzY2I2OWYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5xVuGm1MKcfpfDR2dSAiyNsdst//
5Ju6agaSZmbM3a48eOuIKRkCZyTiVuup3Sfo+ELgyt6WvDUQzYlUoI5SDlQq3FNB
FK2SlBvOGn8OXjaXmS6h+7Jv6UAvzwWRFnB3tz8GXPeGyr/Dm3xucbgR8NSFdIa8
7ixDkWEFQxRb0V0rSHllemsOuGMTHYbRHKnA6XNjZulCQeIGz7qwBL/Nji0d90W+
+2JsYBcSUQhEIXgOFM0urJGbfb8y+98ObEv6d7McyY1Qoj6OEBFTH9/S6Qg8K5Ut
MmaTrUg2h9UUz85MrYx0fItz5HjMtBKdbmQMCwrFl5MCEB21ZAN1lFJ8KwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFO075eKQzrCe6+NUAJm2Hakjy2nzMB8GA1UdIwQY
MBaAFFM7RuOp3Vt+qKi/2i9uO60VUJETMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVXp0RzQ2bmRXMzZvcUxfYUwyNDdyUlZRa1JNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS9mNTBlMmQtZTQwMC00NGYxLTg4MzIt
ZTI2OTYwYmYzNGU1LzEvVXp0RzQ2bmRXMzZvcUxfYUwyNDdyUlZRa1JNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYS9mNTBlMmQtZTQwMC00NGYxLTg4MzItZTI2OTYwYmYzNGU1
LzEvVXp0RzQ2bmRXMzZvcUxfYUwyNDdyUlZRa1JNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAEdH0hux5
RkjtMUttoihiTnkfwaWkeOTDuBO10YYMYHzMkJmjetNu/JalEVG+gkMmes12WWUm
oJMpwBTwO4TcCloYgg8WpXuH3MFbdw5tcnxwDAQiQS7CL9kFtQMIztERlEgrjkZp
dRyf4CBdo9Zji4VjsQFK9mPZ6RP3FdcbjGKj4ElsUSEQOa+Vfy+DCSJLe5YzJ/X5
A6nyZrrhWmWb4ZdMSIMpGRjyhhcUdFIEIYFw/fvCailIq/R/CYWWc062h/223Uxc
kCdGVCOfYfUNRLXzq7l0aPkips/3FrUdJbaENXxUg1eEWFfVzMZ4eic5lcB2j65n
qkjpQm1W/TCDKA==
-----END CERTIFICATE-----
Generated at Wed Apr 30 00:22:46 2025 by rpki-client