Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/1face1-9e28-4d89-bf52-91795319845c/1/gzbKFR7UwyPUmPBt18WuOUzqxZ8.mft
File:                     gzbKFR7UwyPUmPBt18WuOUzqxZ8.mft (raw, json)
Hash identifier:          7KB6NMEbrky1sCh/d5z1eiYEuCjRvp+ipn1gdxu3cIk=
Subject key identifier:   1D:43:D4:1A:AB:80:98:AB:3C:1D:7D:9A:C9:EA:1C:CA:75:33:66:6F
Authority key identifier: 83:36:CA:15:1E:D4:C3:23:D4:98:F0:6D:D7:C5:AE:39:4C:EA:C5:9F
Certificate issuer:       /CN=8336ca151ed4c323d498f06dd7c5ae394ceac59f
Certificate serial:       019759B6D87E1F514C69613E29F69ACB582A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/gzbKFR7UwyPUmPBt18WuOUzqxZ8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/15/1face1-9e28-4d89-bf52-91795319845c/1/gzbKFR7UwyPUmPBt18WuOUzqxZ8.mft
Manifest number:          0EE7
Signing time:             Tue 10 Jun 2025 12:00:44 +0000
Manifest this update:     Tue 10 Jun 2025 12:00:44 +0000
Manifest next update:     Wed 11 Jun 2025 12:00:44 +0000
Files and hashes:         1: bNgvelwVPVFr3h5RMUdr0LrSObg.roa (hash: 8+lwoJWYw+/prpcpMbrRUmfEGjzLktOqFPr4MMdHS+M=)
                          2: gzbKFR7UwyPUmPBt18WuOUzqxZ8.crl (hash: aufTgBoYUz7QmKJWAq4KZZbjduY4nighgkrcs4UfRgw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/15/1face1-9e28-4d89-bf52-91795319845c/1/gzbKFR7UwyPUmPBt18WuOUzqxZ8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/15/1face1-9e28-4d89-bf52-91795319845c/1/gzbKFR7UwyPUmPBt18WuOUzqxZ8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/gzbKFR7UwyPUmPBt18WuOUzqxZ8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 11 Jun 2025 12:00:44 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:59:b6:d8:7e:1f:51:4c:69:61:3e:29:f6:9a:cb:58:2a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8336ca151ed4c323d498f06dd7c5ae394ceac59f
        Validity
            Not Before: Jun 10 12:00:44 2025 GMT
            Not After : Jun 11 12:00:44 2025 GMT
        Subject: CN=1d43d41aab8098ab3c1d7d9ac9ea1cca7533666f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:27:2b:59:ee:0e:d3:bf:c7:6b:e5:1e:4a:69:
                    24:62:4b:3b:9c:16:e9:98:88:f5:d1:9b:40:ad:b9:
                    d1:df:b0:76:4c:03:e4:41:13:ec:01:b3:40:17:ff:
                    ae:e4:15:26:bf:e8:54:b2:7d:36:97:75:8d:0d:be:
                    61:b3:62:45:24:9e:fd:ae:be:76:59:ba:50:6c:ed:
                    cc:b4:9d:ed:b0:e3:f5:03:7f:a6:2f:40:38:e5:1a:
                    0f:f8:9a:32:2f:a8:7c:8c:e7:cc:dc:f4:99:74:d1:
                    ff:b3:2b:5c:7e:df:43:67:96:44:93:a9:4f:28:0e:
                    cd:c5:d4:6f:64:17:2e:4f:67:2d:48:ed:89:2b:2b:
                    67:87:39:48:5e:a6:ef:57:7e:d7:2b:28:cc:7c:65:
                    95:4a:30:c5:29:0e:03:50:33:5a:c6:02:36:17:ad:
                    78:e9:bf:e9:18:71:2d:3c:f9:11:d2:40:00:2c:5f:
                    4e:6c:01:41:50:be:8e:25:41:c2:9a:a2:b6:a9:8d:
                    5c:92:ab:93:18:9c:9c:6d:ea:64:18:3f:01:e0:e3:
                    bb:90:77:a1:35:84:71:85:75:a6:b6:c0:32:c3:24:
                    5e:97:11:b3:52:ad:2e:0d:90:9c:83:28:55:a8:50:
                    db:6d:87:84:f3:85:63:34:3b:30:fd:59:c5:05:69:
                    7a:cd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1D:43:D4:1A:AB:80:98:AB:3C:1D:7D:9A:C9:EA:1C:CA:75:33:66:6F
            X509v3 Authority Key Identifier:
                keyid:83:36:CA:15:1E:D4:C3:23:D4:98:F0:6D:D7:C5:AE:39:4C:EA:C5:9F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gzbKFR7UwyPUmPBt18WuOUzqxZ8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/1face1-9e28-4d89-bf52-91795319845c/1/gzbKFR7UwyPUmPBt18WuOUzqxZ8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/15/1face1-9e28-4d89-bf52-91795319845c/1/gzbKFR7UwyPUmPBt18WuOUzqxZ8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         89:33:0a:ca:43:b2:15:2a:fd:d9:cf:50:31:9f:7d:ef:43:0d:
         bf:a4:97:f6:10:e2:d4:ed:45:9e:11:88:bb:38:ae:45:72:53:
         47:3f:8d:4b:2a:2e:31:c1:de:37:4a:09:29:ce:5a:32:e1:fc:
         c5:22:b6:15:d4:02:11:ee:46:b3:68:82:52:73:15:1c:b4:f5:
         ed:d6:5e:57:ad:58:24:e3:f5:38:91:72:24:02:3f:91:a5:20:
         6b:13:3e:d1:27:d3:68:93:2d:e4:11:ab:15:e9:5c:82:ab:76:
         5e:7f:00:12:b0:29:c4:47:cf:49:75:bc:61:cb:c3:00:34:dc:
         3e:96:08:70:98:ee:ee:4d:da:bb:e9:21:70:2b:e4:b1:46:0e:
         6a:99:6a:b7:3d:65:50:a5:79:3f:ce:7d:dc:48:c4:c3:f9:61:
         e9:4c:0a:6e:ac:cc:c2:ea:ef:eb:7a:d9:42:bc:4d:e7:77:c8:
         8c:6e:e0:9e:0f:f7:0b:55:0b:3c:10:b6:3d:a4:fa:0a:66:91:
         0b:c2:10:9c:34:b5:55:ff:0a:5c:e6:9f:d1:90:5e:50:8e:c6:
         c0:13:6c:31:f0:58:92:5f:7e:98:a5:24:a7:10:96:86:e9:e1:
         4b:52:34:c1:b2:3e:51:10:9d:de:e2:8b:ff:91:ac:ec:6c:03:
         48:81:f5:4d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdZtth+H1FMaWE+Kfaay1gqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzMzZjYTE1MWVkNGMzMjNkNDk4ZjA2ZGQ3YzVhZTM5NGNl
YWM1OWYwHhcNMjUwNjEwMTIwMDQ0WhcNMjUwNjExMTIwMDQ0WjAzMTEwLwYDVQQD
EygxZDQzZDQxYWFiODA5OGFiM2MxZDdkOWFjOWVhMWNjYTc1MzM2NjZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyCcrWe4O07/Ha+UeSmkkYks7nBbp
mIj10ZtArbnR37B2TAPkQRPsAbNAF/+u5BUmv+hUsn02l3WNDb5hs2JFJJ79rr52
WbpQbO3MtJ3tsOP1A3+mL0A45RoP+JoyL6h8jOfM3PSZdNH/sytcft9DZ5ZEk6lP
KA7NxdRvZBcuT2ctSO2JKytnhzlIXqbvV37XKyjMfGWVSjDFKQ4DUDNaxgI2F614
6b/pGHEtPPkR0kAALF9ObAFBUL6OJUHCmqK2qY1ckquTGJycbepkGD8B4OO7kHeh
NYRxhXWmtsAywyRelxGzUq0uDZCcgyhVqFDbbYeE84VjNDsw/VnFBWl6zQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFB1D1BqrgJirPB19msnqHMp1M2ZvMB8GA1UdIwQY
MBaAFIM2yhUe1MMj1JjwbdfFrjlM6sWfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3piS0ZSN1V3eVBVbVBCdDE4V3VPVXpxeFo4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS8xZmFjZTEtOWUyOC00ZDg5LWJmNTIt
OTE3OTUzMTk4NDVjLzEvZ3piS0ZSN1V3eVBVbVBCdDE4V3VPVXpxeFo4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNS8xZmFjZTEtOWUyOC00ZDg5LWJmNTItOTE3OTUzMTk4NDVj
LzEvZ3piS0ZSN1V3eVBVbVBCdDE4V3VPVXpxeFo4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAiTMKykOy
FSr92c9QMZ9970MNv6SX9hDi1O1FnhGIuziuRXJTRz+NSyouMcHeN0oJKc5aMuH8
xSK2FdQCEe5Gs2iCUnMVHLT17dZeV61YJOP1OJFyJAI/kaUgaxM+0SfTaJMt5BGr
Felcgqt2Xn8AErApxEfPSXW8YcvDADTcPpYIcJju7k3au+khcCvksUYOaplqtz1l
UKV5P8593EjEw/lh6UwKbqzMwurv63rZQrxN53fIjG7gng/3C1ULPBC2PaT6CmaR
C8IQnDS1Vf8KXOaf0ZBeUI7GwBNsMfBYkl9+mKUkpxCWhunhS1I0wbI+URCd3uKL
/5Gs7GwDSIH1TQ==
-----END CERTIFICATE-----
Generated at Tue Jun 10 19:17:36 2025 by rpki-client