Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/1face1-9e28-4d89-bf52-91795319845c/1/gzbKFR7UwyPUmPBt18WuOUzqxZ8.mft
File:                     gzbKFR7UwyPUmPBt18WuOUzqxZ8.mft (raw, json)
Hash identifier:          jfwSGRr+8uzoJ0rn5U2hL1IPtoi/TOHONsNLVYnw0zE=
Subject key identifier:   D5:33:EA:D8:50:B9:00:F4:8A:BE:CE:5F:5A:1F:42:83:23:7B:13:17
Authority key identifier: 83:36:CA:15:1E:D4:C3:23:D4:98:F0:6D:D7:C5:AE:39:4C:EA:C5:9F
Certificate issuer:       /CN=8336ca151ed4c323d498f06dd7c5ae394ceac59f
Certificate serial:       01975F820E1EFBA660BDCF2063F0BB591500
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/gzbKFR7UwyPUmPBt18WuOUzqxZ8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/15/1face1-9e28-4d89-bf52-91795319845c/1/gzbKFR7UwyPUmPBt18WuOUzqxZ8.mft
Manifest number:          0EEA
Signing time:             Wed 11 Jun 2025 15:00:48 +0000
Manifest this update:     Wed 11 Jun 2025 15:00:48 +0000
Manifest next update:     Thu 12 Jun 2025 15:00:48 +0000
Files and hashes:         1: bNgvelwVPVFr3h5RMUdr0LrSObg.roa (hash: 8+lwoJWYw+/prpcpMbrRUmfEGjzLktOqFPr4MMdHS+M=)
                          2: gzbKFR7UwyPUmPBt18WuOUzqxZ8.crl (hash: XomEYUsSeCEHrwRo90YXg9OxY023tIOO3coB9Fxy+sI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/15/1face1-9e28-4d89-bf52-91795319845c/1/gzbKFR7UwyPUmPBt18WuOUzqxZ8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/15/1face1-9e28-4d89-bf52-91795319845c/1/gzbKFR7UwyPUmPBt18WuOUzqxZ8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/gzbKFR7UwyPUmPBt18WuOUzqxZ8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 12 Jun 2025 15:00:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:5f:82:0e:1e:fb:a6:60:bd:cf:20:63:f0:bb:59:15:00
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8336ca151ed4c323d498f06dd7c5ae394ceac59f
        Validity
            Not Before: Jun 11 15:00:48 2025 GMT
            Not After : Jun 12 15:00:48 2025 GMT
        Subject: CN=d533ead850b900f48abece5f5a1f4283237b1317
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e1:fd:10:b5:e6:43:1e:45:83:72:df:1e:04:b0:
                    ac:bb:cb:82:58:eb:9e:d1:f9:c2:e4:a9:07:23:03:
                    c5:b0:79:7b:bb:c7:f6:3d:95:2f:81:96:8f:34:ec:
                    1d:4f:e3:d7:3b:c0:08:35:4c:be:b8:3e:6b:d4:15:
                    d9:6a:e5:f4:4c:a9:77:d6:d7:42:1e:77:4f:bb:45:
                    db:44:14:8c:fd:14:81:c7:2f:05:b1:18:5f:0f:40:
                    a6:e5:e4:9e:46:1f:86:70:2f:6f:58:f4:8c:6a:d7:
                    2b:a0:85:c3:74:e3:0d:68:8b:7c:79:09:f6:9a:0e:
                    09:83:bb:34:4d:28:12:2f:1c:cb:c1:71:0c:8e:77:
                    ba:36:ec:f5:b1:c7:9a:81:2f:af:fa:cc:83:eb:76:
                    b0:1a:13:a7:32:a5:87:32:25:4d:68:26:9b:7d:68:
                    5a:d8:a3:6e:ee:32:2c:87:c0:89:0b:b7:5c:7b:fa:
                    2e:41:2c:5e:20:a1:2d:63:1b:ec:22:ed:45:47:55:
                    96:d3:a2:57:0e:85:39:a0:5d:b1:a0:9f:e3:fe:e3:
                    1d:5a:1b:79:45:ca:b9:33:df:2f:e4:2d:b2:df:a2:
                    ed:ae:c8:e5:a8:e7:82:ed:73:f5:07:0b:55:d7:ec:
                    fa:73:af:df:92:16:c9:72:c3:2a:cc:c2:cb:c6:5b:
                    d6:21
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D5:33:EA:D8:50:B9:00:F4:8A:BE:CE:5F:5A:1F:42:83:23:7B:13:17
            X509v3 Authority Key Identifier:
                keyid:83:36:CA:15:1E:D4:C3:23:D4:98:F0:6D:D7:C5:AE:39:4C:EA:C5:9F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gzbKFR7UwyPUmPBt18WuOUzqxZ8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/1face1-9e28-4d89-bf52-91795319845c/1/gzbKFR7UwyPUmPBt18WuOUzqxZ8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/15/1face1-9e28-4d89-bf52-91795319845c/1/gzbKFR7UwyPUmPBt18WuOUzqxZ8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         56:47:00:db:39:a0:0a:e9:94:6c:7d:3a:20:47:ea:c1:9b:10:
         d3:6c:08:4c:b1:a9:06:17:9b:cb:81:e4:f4:de:9e:e9:39:96:
         b4:95:d9:34:92:86:d4:77:33:1e:87:2e:18:a0:35:7b:56:53:
         ec:c1:7d:5f:39:78:29:ef:79:0c:d9:08:26:c3:04:9e:80:5d:
         59:1d:fd:c0:9e:75:fc:c7:e9:80:01:21:57:f3:f4:18:eb:78:
         07:4d:28:30:35:0d:1f:1e:29:12:5e:f5:3c:19:80:ea:3d:03:
         aa:05:4d:db:be:14:6f:69:f2:23:b5:93:2f:aa:f6:06:a9:cb:
         44:fa:d6:18:7f:bb:a2:b8:fa:5e:61:55:e2:94:9c:03:55:fa:
         ec:00:c1:32:dc:b1:f9:76:1c:13:bb:14:5d:4a:aa:dd:49:f9:
         69:27:2b:09:c6:a2:64:62:b4:9f:8a:54:66:53:f4:8f:41:f4:
         ad:fe:0c:80:11:7c:3d:b7:42:ae:20:75:47:2c:e8:e4:bd:b4:
         12:30:6c:83:1c:2e:83:4c:73:d4:8c:08:ae:c1:a6:50:f1:f7:
         a7:44:5e:30:96:35:ef:6b:ca:49:91:cb:41:9c:2f:34:7c:af:
         9c:b9:a1:27:7a:46:b0:c0:32:ec:b0:e8:3c:8d:2e:7a:b8:94:
         42:8a:a2:64
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdfgg4e+6Zgvc8gY/C7WRUAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzMzZjYTE1MWVkNGMzMjNkNDk4ZjA2ZGQ3YzVhZTM5NGNl
YWM1OWYwHhcNMjUwNjExMTUwMDQ4WhcNMjUwNjEyMTUwMDQ4WjAzMTEwLwYDVQQD
EyhkNTMzZWFkODUwYjkwMGY0OGFiZWNlNWY1YTFmNDI4MzIzN2IxMzE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4f0QteZDHkWDct8eBLCsu8uCWOue
0fnC5KkHIwPFsHl7u8f2PZUvgZaPNOwdT+PXO8AINUy+uD5r1BXZauX0TKl31tdC
HndPu0XbRBSM/RSBxy8FsRhfD0Cm5eSeRh+GcC9vWPSMatcroIXDdOMNaIt8eQn2
mg4Jg7s0TSgSLxzLwXEMjne6Nuz1sceagS+v+syD63awGhOnMqWHMiVNaCabfWha
2KNu7jIsh8CJC7dce/ouQSxeIKEtYxvsIu1FR1WW06JXDoU5oF2xoJ/j/uMdWht5
Rcq5M98v5C2y36LtrsjlqOeC7XP1BwtV1+z6c6/fkhbJcsMqzMLLxlvWIQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNUz6thQuQD0ir7OX1ofQoMjexMXMB8GA1UdIwQY
MBaAFIM2yhUe1MMj1JjwbdfFrjlM6sWfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3piS0ZSN1V3eVBVbVBCdDE4V3VPVXpxeFo4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS8xZmFjZTEtOWUyOC00ZDg5LWJmNTIt
OTE3OTUzMTk4NDVjLzEvZ3piS0ZSN1V3eVBVbVBCdDE4V3VPVXpxeFo4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNS8xZmFjZTEtOWUyOC00ZDg5LWJmNTItOTE3OTUzMTk4NDVj
LzEvZ3piS0ZSN1V3eVBVbVBCdDE4V3VPVXpxeFo4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVkcA2zmg
CumUbH06IEfqwZsQ02wITLGpBheby4Hk9N6e6TmWtJXZNJKG1HczHocuGKA1e1ZT
7MF9Xzl4Ke95DNkIJsMEnoBdWR39wJ51/MfpgAEhV/P0GOt4B00oMDUNHx4pEl71
PBmA6j0DqgVN274Ub2nyI7WTL6r2BqnLRPrWGH+7orj6XmFV4pScA1X67ADBMtyx
+XYcE7sUXUqq3Un5aScrCcaiZGK0n4pUZlP0j0H0rf4MgBF8PbdCriB1Ryzo5L20
EjBsgxwug0xz1IwIrsGmUPH3p0ReMJY172vKSZHLQZwvNHyvnLmhJ3pGsMAy7LDo
PI0ueriUQoqiZA==
-----END CERTIFICATE-----
Generated at Wed Jun 11 22:38:49 2025 by rpki-client