Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/893850-a855-4a54-b5d0-8d5246a20245/1/bhWkM20vXhvWBzfelXlomSp0cOk.mft
File:                     bhWkM20vXhvWBzfelXlomSp0cOk.mft (raw, json)
Hash identifier:          9YVWm4seb9kyXrBMS6bTUf1VJXsRxHpmPSBaoN7C0f4=
Subject key identifier:   EF:4D:0B:2D:90:46:3E:C2:53:BA:34:C0:A8:B2:80:2D:CD:6A:9E:5F
Authority key identifier: 6E:15:A4:33:6D:2F:5E:1B:D6:07:37:DE:95:79:68:99:2A:74:70:E9
Certificate issuer:       /CN=6e15a4336d2f5e1bd60737de957968992a7470e9
Certificate serial:       0197CD28B7313AECF0BA0E832694132088BC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/bhWkM20vXhvWBzfelXlomSp0cOk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/87/893850-a855-4a54-b5d0-8d5246a20245/1/bhWkM20vXhvWBzfelXlomSp0cOk.mft
Manifest number:          15C1
Signing time:             Wed 02 Jul 2025 22:01:26 +0000
Manifest this update:     Wed 02 Jul 2025 22:01:26 +0000
Manifest next update:     Thu 03 Jul 2025 22:01:26 +0000
Files and hashes:         1: bhWkM20vXhvWBzfelXlomSp0cOk.crl (hash: 3Dq4tV/K8013iQy920OuoXzm8Y2cxUtM6EYVlIHRdkA=)
                          2: zgsEDv3otZRAtHyWvGAv7rzQjXg.roa (hash: ZyzEtsDUzNfUy6YLDq0VYYYmMcE0twVe+0tLjGTigwU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/87/893850-a855-4a54-b5d0-8d5246a20245/1/bhWkM20vXhvWBzfelXlomSp0cOk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/87/893850-a855-4a54-b5d0-8d5246a20245/1/bhWkM20vXhvWBzfelXlomSp0cOk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/bhWkM20vXhvWBzfelXlomSp0cOk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 03 Jul 2025 20:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:cd:28:b7:31:3a:ec:f0:ba:0e:83:26:94:13:20:88:bc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6e15a4336d2f5e1bd60737de957968992a7470e9
        Validity
            Not Before: Jul  2 22:01:26 2025 GMT
            Not After : Jul  3 22:01:26 2025 GMT
        Subject: CN=ef4d0b2d90463ec253ba34c0a8b2802dcd6a9e5f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:91:7d:78:e4:74:03:47:5f:3a:57:af:55:6f:58:
                    ac:e4:83:84:c5:0a:7b:df:25:0d:cd:31:81:43:d1:
                    7c:2f:01:2d:90:5e:2e:78:55:80:23:e5:8e:d9:3c:
                    36:3d:db:09:14:b6:6c:5b:f8:2d:e5:b2:da:2b:e0:
                    13:1e:65:77:6c:a9:2d:64:4a:0f:5f:5f:8c:c2:76:
                    c3:90:f6:3f:6f:ce:b6:09:63:df:a2:f3:fd:c2:63:
                    06:0c:87:90:28:36:2e:e8:55:8c:f9:4e:4a:a8:8a:
                    93:fb:80:28:73:86:a4:2e:b5:ea:c6:1b:d0:9c:42:
                    73:a2:b6:98:79:49:32:d2:a7:a6:72:ea:9a:4a:40:
                    9d:1c:9f:19:6b:43:83:f5:23:0f:df:5f:c4:a9:93:
                    b6:cf:52:fd:9b:72:1a:dc:7b:3d:f7:bf:4f:15:e8:
                    19:30:fa:cf:0d:dc:4f:35:4c:73:80:bc:4a:65:20:
                    74:22:6e:1f:49:f4:93:6e:c1:2c:de:65:33:f5:be:
                    8e:f7:6b:7a:38:9f:b1:9e:cc:77:fb:d5:f5:6d:05:
                    7b:04:8e:78:41:56:e9:ff:55:4f:e7:3d:d9:16:91:
                    8d:77:3d:49:31:27:9d:93:c0:38:84:8a:c5:76:4f:
                    b2:48:46:6e:25:77:4d:ad:c3:07:d4:df:e3:10:db:
                    fb:f1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EF:4D:0B:2D:90:46:3E:C2:53:BA:34:C0:A8:B2:80:2D:CD:6A:9E:5F
            X509v3 Authority Key Identifier:
                keyid:6E:15:A4:33:6D:2F:5E:1B:D6:07:37:DE:95:79:68:99:2A:74:70:E9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bhWkM20vXhvWBzfelXlomSp0cOk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/893850-a855-4a54-b5d0-8d5246a20245/1/bhWkM20vXhvWBzfelXlomSp0cOk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/87/893850-a855-4a54-b5d0-8d5246a20245/1/bhWkM20vXhvWBzfelXlomSp0cOk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0e:79:64:77:f9:4d:16:cf:98:bb:5d:bc:ce:7d:33:23:13:82:
         8a:02:6a:f7:22:0b:ff:99:f5:57:a6:0f:2c:c6:8f:5a:83:6e:
         93:1d:b3:92:35:71:7e:e4:6b:60:8c:57:87:8e:a2:1a:13:ef:
         62:d8:09:05:d8:9d:b6:a7:54:06:6d:8a:42:1b:a1:6a:0a:65:
         0d:d8:e6:41:53:b8:fd:56:9c:8a:87:17:38:37:9b:49:58:b7:
         44:56:c3:78:05:0f:9b:b1:4f:bc:cc:68:3c:8b:cb:1a:f4:69:
         c6:c5:45:42:3f:b1:4e:6a:75:bd:a7:97:41:33:48:6c:f0:a1:
         eb:aa:0b:df:e3:18:6a:65:21:68:35:4f:3a:a7:ea:db:87:10:
         c1:b0:56:3f:ec:e2:ad:48:c4:9f:82:6f:b8:c5:d1:76:d7:3b:
         23:4f:00:7a:ab:ba:94:7f:1e:0e:5c:44:6b:35:2c:07:c9:7d:
         61:eb:86:bd:fb:7b:9b:b9:50:25:a1:c1:66:cf:ee:c5:41:11:
         48:aa:f0:9b:df:c4:18:99:bc:5f:29:68:87:8e:56:68:37:91:
         14:da:68:c6:7a:bf:cb:57:26:f6:19:cf:82:15:1a:69:9c:07:
         a9:f3:e4:86:07:e2:3a:0f:c0:52:72:a9:ee:3e:55:94:a9:42:
         b2:a3:98:ce
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZfNKLcxOuzwug6DJpQTIIi8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlMTVhNDMzNmQyZjVlMWJkNjA3MzdkZTk1Nzk2ODk5MmE3
NDcwZTkwHhcNMjUwNzAyMjIwMTI2WhcNMjUwNzAzMjIwMTI2WjAzMTEwLwYDVQQD
EyhlZjRkMGIyZDkwNDYzZWMyNTNiYTM0YzBhOGIyODAyZGNkNmE5ZTVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkX145HQDR186V69Vb1is5IOExQp7
3yUNzTGBQ9F8LwEtkF4ueFWAI+WO2Tw2PdsJFLZsW/gt5bLaK+ATHmV3bKktZEoP
X1+MwnbDkPY/b862CWPfovP9wmMGDIeQKDYu6FWM+U5KqIqT+4Aoc4akLrXqxhvQ
nEJzoraYeUky0qemcuqaSkCdHJ8Za0OD9SMP31/EqZO2z1L9m3Ia3Hs9979PFegZ
MPrPDdxPNUxzgLxKZSB0Im4fSfSTbsEs3mUz9b6O92t6OJ+xnsx3+9X1bQV7BI54
QVbp/1VP5z3ZFpGNdz1JMSedk8A4hIrFdk+ySEZuJXdNrcMH1N/jENv78QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFO9NCy2QRj7CU7o0wKiygC3Nap5fMB8GA1UdIwQY
MBaAFG4VpDNtL14b1gc33pV5aJkqdHDpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYmhXa00yMHZYaHZXQnpmZWxYbG9tU3AwY09rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny84OTM4NTAtYTg1NS00YTU0LWI1ZDAt
OGQ1MjQ2YTIwMjQ1LzEvYmhXa00yMHZYaHZXQnpmZWxYbG9tU3AwY09rLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny84OTM4NTAtYTg1NS00YTU0LWI1ZDAtOGQ1MjQ2YTIwMjQ1
LzEvYmhXa00yMHZYaHZXQnpmZWxYbG9tU3AwY09rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADnlkd/lN
Fs+Yu128zn0zIxOCigJq9yIL/5n1V6YPLMaPWoNukx2zkjVxfuRrYIxXh46iGhPv
YtgJBdidtqdUBm2KQhuhagplDdjmQVO4/VaciocXODebSVi3RFbDeAUPm7FPvMxo
PIvLGvRpxsVFQj+xTmp1vaeXQTNIbPCh66oL3+MYamUhaDVPOqfq24cQwbBWP+zi
rUjEn4JvuMXRdtc7I08Aequ6lH8eDlxEazUsB8l9YeuGvft7m7lQJaHBZs/uxUER
SKrwm9/EGJm8Xyloh45WaDeRFNpoxnq/y1cm9hnPghUaaZwHqfPkhgfiOg/AUnKp
7j5VlKlCsqOYzg==
-----END CERTIFICATE-----
Generated at Thu Jul 3 02:47:00 2025 by rpki-client