Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/1face1-9e28-4d89-bf52-91795319845c/1/gzbKFR7UwyPUmPBt18WuOUzqxZ8.mft
File:                     gzbKFR7UwyPUmPBt18WuOUzqxZ8.mft (raw, json)
Hash identifier:          0ISuRxRCgOA0sND5sjwNvPWcv7USVHrvkpX1zx98wI0=
Subject key identifier:   77:1F:6B:5F:DB:55:84:F4:B2:FF:9C:DE:0D:E3:4C:BD:A8:EF:06:8E
Authority key identifier: 83:36:CA:15:1E:D4:C3:23:D4:98:F0:6D:D7:C5:AE:39:4C:EA:C5:9F
Certificate issuer:       /CN=8336ca151ed4c323d498f06dd7c5ae394ceac59f
Certificate serial:       01975D939C9392A924C926D1BB04CC784E9A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/gzbKFR7UwyPUmPBt18WuOUzqxZ8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/15/1face1-9e28-4d89-bf52-91795319845c/1/gzbKFR7UwyPUmPBt18WuOUzqxZ8.mft
Manifest number:          0EE9
Signing time:             Wed 11 Jun 2025 06:00:44 +0000
Manifest this update:     Wed 11 Jun 2025 06:00:44 +0000
Manifest next update:     Thu 12 Jun 2025 06:00:44 +0000
Files and hashes:         1: bNgvelwVPVFr3h5RMUdr0LrSObg.roa (hash: 8+lwoJWYw+/prpcpMbrRUmfEGjzLktOqFPr4MMdHS+M=)
                          2: gzbKFR7UwyPUmPBt18WuOUzqxZ8.crl (hash: VlTmPQQs0xOxXMXARJk4H+0f+s+Q0pYxC6R16rS4X6E=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/15/1face1-9e28-4d89-bf52-91795319845c/1/gzbKFR7UwyPUmPBt18WuOUzqxZ8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/15/1face1-9e28-4d89-bf52-91795319845c/1/gzbKFR7UwyPUmPBt18WuOUzqxZ8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/gzbKFR7UwyPUmPBt18WuOUzqxZ8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 12 Jun 2025 06:00:44 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:5d:93:9c:93:92:a9:24:c9:26:d1:bb:04:cc:78:4e:9a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8336ca151ed4c323d498f06dd7c5ae394ceac59f
        Validity
            Not Before: Jun 11 06:00:44 2025 GMT
            Not After : Jun 12 06:00:44 2025 GMT
        Subject: CN=771f6b5fdb5584f4b2ff9cde0de34cbda8ef068e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9a:e6:44:86:9d:a2:d2:6d:c4:53:4c:8c:2b:7f:
                    aa:40:4e:b7:13:71:4c:c9:49:eb:37:e7:3a:f3:cc:
                    ad:fd:b2:78:d6:f4:cc:23:29:fe:21:27:a9:d2:25:
                    2d:aa:22:c7:7d:32:a6:10:ca:0a:69:34:0e:c9:56:
                    a3:56:19:65:2b:59:6e:0d:2b:7e:7f:b8:d2:4c:a6:
                    6b:bc:4b:45:86:7d:16:e8:3c:df:10:e7:ca:93:1f:
                    ef:ef:49:dd:40:02:03:9b:00:ec:ef:48:dc:ca:16:
                    ee:74:7f:f2:3d:e4:62:ec:d4:0c:89:b4:f2:fb:2f:
                    6d:b3:99:c8:4f:03:ba:3c:5e:e5:e5:b8:90:2a:79:
                    07:4a:17:54:4b:d8:f2:ca:db:f5:a3:47:1b:30:9a:
                    ab:e3:2a:2a:59:3f:b3:70:d6:4a:63:37:69:80:85:
                    c5:4b:b8:94:58:92:b8:a5:57:8a:d9:ce:88:11:84:
                    d6:2a:8c:95:40:d2:a9:35:b9:4b:86:92:2a:72:4c:
                    b1:7d:93:77:9d:3c:fa:ce:41:d7:44:4b:ad:ed:ab:
                    d8:81:31:ae:29:47:d0:e6:5a:46:06:05:2c:d6:88:
                    34:59:da:d6:0e:89:6c:dd:ec:26:45:10:72:f9:7c:
                    02:12:60:ca:73:16:35:40:67:71:49:d0:1f:39:ce:
                    1d:f3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                77:1F:6B:5F:DB:55:84:F4:B2:FF:9C:DE:0D:E3:4C:BD:A8:EF:06:8E
            X509v3 Authority Key Identifier:
                keyid:83:36:CA:15:1E:D4:C3:23:D4:98:F0:6D:D7:C5:AE:39:4C:EA:C5:9F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gzbKFR7UwyPUmPBt18WuOUzqxZ8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/1face1-9e28-4d89-bf52-91795319845c/1/gzbKFR7UwyPUmPBt18WuOUzqxZ8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/15/1face1-9e28-4d89-bf52-91795319845c/1/gzbKFR7UwyPUmPBt18WuOUzqxZ8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         9f:ee:0f:61:74:26:45:f4:7a:ab:77:04:1c:71:a6:28:84:89:
         4f:27:28:b9:9d:22:27:bb:8c:c1:a9:72:71:ae:3c:79:8b:9c:
         c4:ed:0b:c5:00:f5:f7:40:a3:e8:7d:1e:51:a1:17:98:d1:c7:
         77:ab:ab:46:a5:4a:24:f4:31:1f:5a:27:d6:6a:a7:c8:ea:f6:
         25:ba:1f:7e:83:6d:6b:b8:28:a9:d5:a9:99:96:c3:19:59:82:
         02:e7:3a:74:bf:04:fc:18:1a:e7:0e:bd:2c:13:61:f4:92:a2:
         60:70:60:37:08:cd:ab:57:da:99:c2:af:83:26:73:84:02:07:
         ee:11:0b:c1:9b:81:85:96:5f:75:55:4e:dc:84:81:c6:74:c1:
         4a:f3:d6:e3:3a:f3:1b:ce:33:35:fc:c4:76:e9:27:bf:cb:60:
         1b:c6:4e:58:03:b9:87:b4:5c:67:7e:46:0e:0f:0a:a4:26:1a:
         5e:e1:91:3b:af:25:0c:5a:0e:79:87:9e:8f:f9:b3:d0:73:18:
         24:36:dd:53:3e:df:18:59:88:c7:a3:dd:0a:f2:38:65:6c:60:
         e1:2e:95:8a:59:b9:cc:1b:80:ef:4b:67:4e:f4:6c:d9:bb:ac:
         28:49:d4:d1:7b:93:2a:36:3b:0f:cc:58:24:b4:6e:db:ed:89:
         9c:84:07:d7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZddk5yTkqkkySbRuwTMeE6aMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzMzZjYTE1MWVkNGMzMjNkNDk4ZjA2ZGQ3YzVhZTM5NGNl
YWM1OWYwHhcNMjUwNjExMDYwMDQ0WhcNMjUwNjEyMDYwMDQ0WjAzMTEwLwYDVQQD
Eyg3NzFmNmI1ZmRiNTU4NGY0YjJmZjljZGUwZGUzNGNiZGE4ZWYwNjhlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmuZEhp2i0m3EU0yMK3+qQE63E3FM
yUnrN+c688yt/bJ41vTMIyn+ISep0iUtqiLHfTKmEMoKaTQOyVajVhllK1luDSt+
f7jSTKZrvEtFhn0W6DzfEOfKkx/v70ndQAIDmwDs70jcyhbudH/yPeRi7NQMibTy
+y9ts5nITwO6PF7l5biQKnkHShdUS9jyytv1o0cbMJqr4yoqWT+zcNZKYzdpgIXF
S7iUWJK4pVeK2c6IEYTWKoyVQNKpNblLhpIqckyxfZN3nTz6zkHXREut7avYgTGu
KUfQ5lpGBgUs1og0WdrWDols3ewmRRBy+XwCEmDKcxY1QGdxSdAfOc4d8wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHcfa1/bVYT0sv+c3g3jTL2o7waOMB8GA1UdIwQY
MBaAFIM2yhUe1MMj1JjwbdfFrjlM6sWfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3piS0ZSN1V3eVBVbVBCdDE4V3VPVXpxeFo4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS8xZmFjZTEtOWUyOC00ZDg5LWJmNTIt
OTE3OTUzMTk4NDVjLzEvZ3piS0ZSN1V3eVBVbVBCdDE4V3VPVXpxeFo4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNS8xZmFjZTEtOWUyOC00ZDg5LWJmNTItOTE3OTUzMTk4NDVj
LzEvZ3piS0ZSN1V3eVBVbVBCdDE4V3VPVXpxeFo4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAn+4PYXQm
RfR6q3cEHHGmKISJTycouZ0iJ7uMwalyca48eYucxO0LxQD190Cj6H0eUaEXmNHH
d6urRqVKJPQxH1on1mqnyOr2JboffoNta7goqdWpmZbDGVmCAuc6dL8E/Bga5w69
LBNh9JKiYHBgNwjNq1famcKvgyZzhAIH7hELwZuBhZZfdVVO3ISBxnTBSvPW4zrz
G84zNfzEduknv8tgG8ZOWAO5h7RcZ35GDg8KpCYaXuGRO68lDFoOeYeej/mz0HMY
JDbdUz7fGFmIx6PdCvI4ZWxg4S6Vilm5zBuA70tnTvRs2busKEnU0XuTKjY7D8xY
JLRu2+2JnIQH1w==
-----END CERTIFICATE-----
Generated at Wed Jun 11 14:20:29 2025 by rpki-client