Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/f0358f-0d50-4704-85cf-262da883c8e2/1/MjFs1IgVYto785JbSRi24R12UUw.mft
File:                     MjFs1IgVYto785JbSRi24R12UUw.mft (raw, json)
Hash identifier:          3X60+teVM9dvaDiW4oFN6SWKxCjFqz2xf74tP9hjtik=
Subject key identifier:   C6:FD:C4:E2:3F:9C:20:2C:C7:F3:7C:16:23:BD:BC:2F:74:CC:6F:E4
Authority key identifier: 32:31:6C:D4:88:15:62:DA:3B:F3:92:5B:49:18:B6:E1:1D:76:51:4C
Certificate issuer:       /CN=32316cd4881562da3bf3925b4918b6e11d76514c
Certificate serial:       0197B89094A729FE4DD0F435008F82A5A01B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/MjFs1IgVYto785JbSRi24R12UUw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bd/f0358f-0d50-4704-85cf-262da883c8e2/1/MjFs1IgVYto785JbSRi24R12UUw.mft
Manifest number:          0D12
Signing time:             Sat 28 Jun 2025 22:02:52 +0000
Manifest this update:     Sat 28 Jun 2025 22:02:52 +0000
Manifest next update:     Sun 29 Jun 2025 22:02:52 +0000
Files and hashes:         1: MjFs1IgVYto785JbSRi24R12UUw.crl (hash: XVHCMiU84ONfpGE6aiWZusPYOd0I2JZA1CQ1Hz/apf0=)
                          2: O3osI0EMQ6lE3X_ye8aviCt4iTA.roa (hash: 9DOrDt/vfxy297yCahpwE4Xa/8MH6AlQc6vnFQ987B0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/bd/f0358f-0d50-4704-85cf-262da883c8e2/1/MjFs1IgVYto785JbSRi24R12UUw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/bd/f0358f-0d50-4704-85cf-262da883c8e2/1/MjFs1IgVYto785JbSRi24R12UUw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/MjFs1IgVYto785JbSRi24R12UUw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 15:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b8:90:94:a7:29:fe:4d:d0:f4:35:00:8f:82:a5:a0:1b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=32316cd4881562da3bf3925b4918b6e11d76514c
        Validity
            Not Before: Jun 28 22:02:52 2025 GMT
            Not After : Jun 29 22:02:52 2025 GMT
        Subject: CN=c6fdc4e23f9c202cc7f37c1623bdbc2f74cc6fe4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:94:76:3b:c5:da:bd:e5:6e:9b:0e:77:4b:32:f6:
                    98:cb:f0:fc:03:d9:45:de:6e:3e:86:17:c7:6c:da:
                    5e:e8:91:8c:14:eb:86:97:82:54:7a:5e:dc:90:27:
                    81:75:c2:f9:73:81:c5:4b:4d:93:6c:9b:51:66:9a:
                    5e:b3:d0:67:2a:e9:97:8b:79:18:54:44:ab:6a:eb:
                    f7:a0:f3:fb:cf:7c:ea:e6:63:a7:6d:a8:bb:c6:13:
                    ca:5b:c7:99:5b:9d:31:b6:af:ea:2c:8d:0a:9a:02:
                    92:50:54:dd:4c:26:73:ab:f5:4f:65:3a:85:2d:25:
                    5e:37:e3:4e:96:40:61:5f:17:4a:ac:13:05:d2:11:
                    89:c4:bb:d5:bb:c1:f1:97:2d:fe:22:f3:3e:5c:10:
                    d1:ff:e4:8b:8a:37:e3:a0:0f:ae:59:84:4b:d8:a0:
                    2f:a9:f1:68:bc:12:63:8e:5f:68:f7:0d:3f:e6:77:
                    4b:cd:14:58:88:1e:36:f8:ba:4c:8a:33:c6:07:1d:
                    cd:f4:99:09:cb:df:5c:b7:f0:6e:16:7f:9b:39:39:
                    90:1b:5c:d3:42:30:05:ba:c1:2a:96:eb:9a:6f:89:
                    ef:46:c6:5b:1c:9a:15:a2:4e:a1:9f:03:1b:8b:74:
                    87:43:0a:b7:92:4f:ce:c6:94:d5:ca:c2:0b:d0:b3:
                    3b:c5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C6:FD:C4:E2:3F:9C:20:2C:C7:F3:7C:16:23:BD:BC:2F:74:CC:6F:E4
            X509v3 Authority Key Identifier:
                keyid:32:31:6C:D4:88:15:62:DA:3B:F3:92:5B:49:18:B6:E1:1D:76:51:4C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MjFs1IgVYto785JbSRi24R12UUw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/f0358f-0d50-4704-85cf-262da883c8e2/1/MjFs1IgVYto785JbSRi24R12UUw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/f0358f-0d50-4704-85cf-262da883c8e2/1/MjFs1IgVYto785JbSRi24R12UUw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         38:66:ee:31:52:0d:0f:bf:57:44:a4:e9:5c:f9:1a:ec:d6:43:
         0e:8b:3c:21:b1:d2:b9:40:ab:e3:82:c2:7e:88:e7:95:78:9c:
         0d:4d:11:05:8b:0b:cc:af:76:c2:fe:00:d9:18:ac:4f:32:c6:
         9a:6b:31:f8:0b:b1:bc:c5:ea:79:2a:f7:43:8f:af:f6:c3:09:
         2d:ab:23:0e:ff:1e:34:15:31:5c:67:00:b3:34:2d:6e:35:1e:
         47:e4:69:ea:8d:30:9c:20:66:69:ff:42:4f:c4:c8:43:c4:c4:
         c0:4e:c1:0d:20:bf:30:fd:7b:2f:09:fc:db:c8:92:dc:04:15:
         05:94:2c:31:2c:50:a2:00:18:b4:f1:bc:0a:74:68:6f:e0:c2:
         50:f4:4b:b0:2c:9f:2c:6f:5a:b6:fb:9e:5a:db:44:b0:09:5f:
         a4:25:5c:0c:2f:6c:74:ad:f4:80:56:e5:65:4c:56:f7:bc:3e:
         8c:24:5d:69:46:a3:8f:73:f2:bf:12:46:7c:1a:82:22:61:8e:
         41:e4:09:72:a5:cb:63:22:03:44:f6:13:ab:34:93:4b:df:af:
         fd:cf:b4:ce:8c:15:35:32:44:1b:0c:95:f1:fe:1c:12:aa:cd:
         1b:5a:11:02:76:da:52:93:cd:21:12:90:4c:50:37:a7:f2:31:
         54:d1:e0:5c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe4kJSnKf5N0PQ1AI+CpaAbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMyMzE2Y2Q0ODgxNTYyZGEzYmYzOTI1YjQ5MThiNmUxMWQ3
NjUxNGMwHhcNMjUwNjI4MjIwMjUyWhcNMjUwNjI5MjIwMjUyWjAzMTEwLwYDVQQD
EyhjNmZkYzRlMjNmOWMyMDJjYzdmMzdjMTYyM2JkYmMyZjc0Y2M2ZmU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlHY7xdq95W6bDndLMvaYy/D8A9lF
3m4+hhfHbNpe6JGMFOuGl4JUel7ckCeBdcL5c4HFS02TbJtRZppes9BnKumXi3kY
VESrauv3oPP7z3zq5mOnbai7xhPKW8eZW50xtq/qLI0KmgKSUFTdTCZzq/VPZTqF
LSVeN+NOlkBhXxdKrBMF0hGJxLvVu8Hxly3+IvM+XBDR/+SLijfjoA+uWYRL2KAv
qfFovBJjjl9o9w0/5ndLzRRYiB42+LpMijPGBx3N9JkJy99ct/BuFn+bOTmQG1zT
QjAFusEqluuab4nvRsZbHJoVok6hnwMbi3SHQwq3kk/OxpTVysIL0LM7xQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMb9xOI/nCAsx/N8FiO9vC90zG/kMB8GA1UdIwQY
MBaAFDIxbNSIFWLaO/OSW0kYtuEddlFMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTWpGczFJZ1ZZdG83ODVKYlNSaTI0UjEyVVV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZC9mMDM1OGYtMGQ1MC00NzA0LTg1Y2Yt
MjYyZGE4ODNjOGUyLzEvTWpGczFJZ1ZZdG83ODVKYlNSaTI0UjEyVVV3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZC9mMDM1OGYtMGQ1MC00NzA0LTg1Y2YtMjYyZGE4ODNjOGUy
LzEvTWpGczFJZ1ZZdG83ODVKYlNSaTI0UjEyVVV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAOGbuMVIN
D79XRKTpXPka7NZDDos8IbHSuUCr44LCfojnlXicDU0RBYsLzK92wv4A2RisTzLG
mmsx+AuxvMXqeSr3Q4+v9sMJLasjDv8eNBUxXGcAszQtbjUeR+Rp6o0wnCBmaf9C
T8TIQ8TEwE7BDSC/MP17Lwn828iS3AQVBZQsMSxQogAYtPG8CnRob+DCUPRLsCyf
LG9atvueWttEsAlfpCVcDC9sdK30gFblZUxW97w+jCRdaUajj3PyvxJGfBqCImGO
QeQJcqXLYyIDRPYTqzSTS9+v/c+0zowVNTJEGwyV8f4cEqrNG1oRAnbaUpPNIRKQ
TFA3p/IxVNHgXA==
-----END CERTIFICATE-----
Generated at Sat Jun 28 23:17:33 2025 by rpki-client