Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/1face1-9e28-4d89-bf52-91795319845c/1/gzbKFR7UwyPUmPBt18WuOUzqxZ8.mft
File:                     gzbKFR7UwyPUmPBt18WuOUzqxZ8.mft (raw, json)
Hash identifier:          yf/curZpm9hjlS1A5gdJMED9YmcBclpyXAWMw9cnBYw=
Subject key identifier:   FC:75:68:67:AE:7C:BA:33:35:4C:C1:07:DC:E6:23:F5:21:B3:6D:29
Authority key identifier: 83:36:CA:15:1E:D4:C3:23:D4:98:F0:6D:D7:C5:AE:39:4C:EA:C5:9F
Certificate issuer:       /CN=8336ca151ed4c323d498f06dd7c5ae394ceac59f
Certificate serial:       0197635F48F44CE85388FC35E36A570B7013
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/gzbKFR7UwyPUmPBt18WuOUzqxZ8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/15/1face1-9e28-4d89-bf52-91795319845c/1/gzbKFR7UwyPUmPBt18WuOUzqxZ8.mft
Manifest number:          0EEC
Signing time:             Thu 12 Jun 2025 09:01:18 +0000
Manifest this update:     Thu 12 Jun 2025 09:01:18 +0000
Manifest next update:     Fri 13 Jun 2025 09:01:18 +0000
Files and hashes:         1: bNgvelwVPVFr3h5RMUdr0LrSObg.roa (hash: 8+lwoJWYw+/prpcpMbrRUmfEGjzLktOqFPr4MMdHS+M=)
                          2: gzbKFR7UwyPUmPBt18WuOUzqxZ8.crl (hash: Z/nayw/Gn3Dmu6uzE4CQkZJqMme3VEqC8SMlH40yas0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/15/1face1-9e28-4d89-bf52-91795319845c/1/gzbKFR7UwyPUmPBt18WuOUzqxZ8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/15/1face1-9e28-4d89-bf52-91795319845c/1/gzbKFR7UwyPUmPBt18WuOUzqxZ8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/gzbKFR7UwyPUmPBt18WuOUzqxZ8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 13 Jun 2025 09:01:18 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:63:5f:48:f4:4c:e8:53:88:fc:35:e3:6a:57:0b:70:13
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8336ca151ed4c323d498f06dd7c5ae394ceac59f
        Validity
            Not Before: Jun 12 09:01:18 2025 GMT
            Not After : Jun 13 09:01:18 2025 GMT
        Subject: CN=fc756867ae7cba33354cc107dce623f521b36d29
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:15:23:d7:d7:b7:09:23:19:86:b3:7a:bb:08:
                    83:1c:53:a9:e3:62:66:d1:05:7d:be:a1:65:7a:74:
                    da:0b:ee:25:51:ab:86:25:ca:33:f9:12:fa:8a:c8:
                    8f:e2:1d:76:4c:06:83:ac:9b:d2:f3:81:59:a8:2c:
                    fb:40:36:00:88:05:35:a2:ff:71:66:1b:20:1a:92:
                    88:3e:13:ac:f7:e8:59:c4:b8:ca:8c:f4:dc:a4:23:
                    d0:17:1b:90:f6:26:18:41:b6:b6:e6:5a:53:a6:c2:
                    b0:82:11:f0:02:bb:6a:06:83:d4:d5:46:5a:85:b1:
                    9d:ed:4a:58:89:21:ad:7c:6b:26:88:b2:10:3e:4f:
                    86:95:b6:5e:f2:79:0c:a2:f6:64:ed:ea:76:51:64:
                    03:c9:b0:c5:97:01:7c:a8:79:78:c3:1d:65:53:6f:
                    de:85:dd:a0:05:88:d8:d1:94:12:4c:14:86:27:61:
                    48:1b:48:cf:99:a9:6d:2c:30:4a:83:a5:38:2e:f5:
                    e3:1b:ff:eb:08:16:f5:b4:dd:02:76:b6:3f:f0:d3:
                    b6:e7:53:ea:09:dd:b9:b2:77:10:1a:38:71:75:76:
                    b2:16:2b:26:21:e8:83:c4:59:df:43:4c:b2:90:53:
                    7b:e4:69:fc:d1:5a:a4:db:56:a4:0b:7c:f3:6e:ee:
                    11:3d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FC:75:68:67:AE:7C:BA:33:35:4C:C1:07:DC:E6:23:F5:21:B3:6D:29
            X509v3 Authority Key Identifier:
                keyid:83:36:CA:15:1E:D4:C3:23:D4:98:F0:6D:D7:C5:AE:39:4C:EA:C5:9F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gzbKFR7UwyPUmPBt18WuOUzqxZ8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/1face1-9e28-4d89-bf52-91795319845c/1/gzbKFR7UwyPUmPBt18WuOUzqxZ8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/15/1face1-9e28-4d89-bf52-91795319845c/1/gzbKFR7UwyPUmPBt18WuOUzqxZ8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         40:1a:11:b0:8d:27:12:21:d1:b6:5f:2c:c4:ad:7b:34:93:3f:
         6b:91:f1:0e:18:e8:72:37:5b:da:ce:8b:35:36:0b:32:75:7b:
         21:9d:5e:a0:b0:29:6d:d2:56:74:53:ac:8e:e7:48:2c:2f:1e:
         8f:78:13:39:69:cf:f5:f3:08:8a:5c:0b:cc:20:ac:9d:98:2a:
         13:b7:9b:e2:cb:62:c3:52:78:47:a0:91:5e:ce:10:bf:1e:f9:
         fa:f7:dd:ee:07:26:bf:67:4d:4e:b6:31:70:02:ef:d8:04:83:
         11:6f:25:a7:b7:eb:43:d3:98:4d:49:64:67:4e:5f:fc:d5:4d:
         cf:17:3a:11:3f:09:68:58:8c:4c:ed:e7:81:20:82:86:3f:28:
         62:9d:71:5a:4b:0c:db:e4:8a:2f:a4:50:2b:ea:20:c5:23:84:
         73:84:27:60:6a:a4:a7:3a:5d:36:90:49:38:dc:3a:4d:0b:dc:
         ec:2c:39:3b:be:70:27:5c:91:fb:d2:4b:2b:e4:28:2c:11:a5:
         37:1a:c1:3d:43:89:3a:bf:7f:c4:96:74:64:da:25:5f:2b:09:
         9f:a5:12:b5:77:6c:aa:65:10:1a:85:56:40:aa:b9:2d:35:44:
         46:c8:87:31:40:16:2b:3c:9b:b9:2f:22:03:dc:f9:16:b8:eb:
         7a:85:b7:f9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdjX0j0TOhTiPw142pXC3ATMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzMzZjYTE1MWVkNGMzMjNkNDk4ZjA2ZGQ3YzVhZTM5NGNl
YWM1OWYwHhcNMjUwNjEyMDkwMTE4WhcNMjUwNjEzMDkwMTE4WjAzMTEwLwYDVQQD
EyhmYzc1Njg2N2FlN2NiYTMzMzU0Y2MxMDdkY2U2MjNmNTIxYjM2ZDI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuBUj19e3CSMZhrN6uwiDHFOp42Jm
0QV9vqFlenTaC+4lUauGJcoz+RL6isiP4h12TAaDrJvS84FZqCz7QDYAiAU1ov9x
ZhsgGpKIPhOs9+hZxLjKjPTcpCPQFxuQ9iYYQba25lpTpsKwghHwArtqBoPU1UZa
hbGd7UpYiSGtfGsmiLIQPk+GlbZe8nkMovZk7ep2UWQDybDFlwF8qHl4wx1lU2/e
hd2gBYjY0ZQSTBSGJ2FIG0jPmaltLDBKg6U4LvXjG//rCBb1tN0CdrY/8NO251Pq
Cd25sncQGjhxdXayFismIeiDxFnfQ0yykFN75Gn80Vqk21akC3zzbu4RPQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPx1aGeufLozNUzBB9zmI/Uhs20pMB8GA1UdIwQY
MBaAFIM2yhUe1MMj1JjwbdfFrjlM6sWfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3piS0ZSN1V3eVBVbVBCdDE4V3VPVXpxeFo4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS8xZmFjZTEtOWUyOC00ZDg5LWJmNTIt
OTE3OTUzMTk4NDVjLzEvZ3piS0ZSN1V3eVBVbVBCdDE4V3VPVXpxeFo4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNS8xZmFjZTEtOWUyOC00ZDg5LWJmNTItOTE3OTUzMTk4NDVj
LzEvZ3piS0ZSN1V3eVBVbVBCdDE4V3VPVXpxeFo4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQBoRsI0n
EiHRtl8sxK17NJM/a5HxDhjocjdb2s6LNTYLMnV7IZ1eoLApbdJWdFOsjudILC8e
j3gTOWnP9fMIilwLzCCsnZgqE7eb4stiw1J4R6CRXs4Qvx75+vfd7gcmv2dNTrYx
cALv2ASDEW8lp7frQ9OYTUlkZ05f/NVNzxc6ET8JaFiMTO3ngSCChj8oYp1xWksM
2+SKL6RQK+ogxSOEc4QnYGqkpzpdNpBJONw6TQvc7Cw5O75wJ1yR+9JLK+QoLBGl
NxrBPUOJOr9/xJZ0ZNolXysJn6UStXdsqmUQGoVWQKq5LTVERsiHMUAWKzybuS8i
A9z5FrjreoW3+Q==
-----END CERTIFICATE-----
Generated at Thu Jun 12 19:17:42 2025 by rpki-client