Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/1face1-9e28-4d89-bf52-91795319845c/1/gzbKFR7UwyPUmPBt18WuOUzqxZ8.mft
File:                     gzbKFR7UwyPUmPBt18WuOUzqxZ8.mft (raw, json)
Hash identifier:          hkjCoVpEhZnOf5kBF1ZPKVRUAMR1YUM2tiRFLiCYuHw=
Subject key identifier:   0D:3F:B4:3F:24:37:DB:B3:B0:2E:D5:23:C4:97:C3:AF:59:58:EB:4C
Authority key identifier: 83:36:CA:15:1E:D4:C3:23:D4:98:F0:6D:D7:C5:AE:39:4C:EA:C5:9F
Certificate issuer:       /CN=8336ca151ed4c323d498f06dd7c5ae394ceac59f
Certificate serial:       01976170A3F02E7C7465B234BF5E336BA191
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/gzbKFR7UwyPUmPBt18WuOUzqxZ8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/15/1face1-9e28-4d89-bf52-91795319845c/1/gzbKFR7UwyPUmPBt18WuOUzqxZ8.mft
Manifest number:          0EEB
Signing time:             Thu 12 Jun 2025 00:01:01 +0000
Manifest this update:     Thu 12 Jun 2025 00:01:01 +0000
Manifest next update:     Fri 13 Jun 2025 00:01:01 +0000
Files and hashes:         1: bNgvelwVPVFr3h5RMUdr0LrSObg.roa (hash: 8+lwoJWYw+/prpcpMbrRUmfEGjzLktOqFPr4MMdHS+M=)
                          2: gzbKFR7UwyPUmPBt18WuOUzqxZ8.crl (hash: pMZpSep0cYFBAyExUj65IZsfOQc5LL4MZn5w2toG2Dw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/15/1face1-9e28-4d89-bf52-91795319845c/1/gzbKFR7UwyPUmPBt18WuOUzqxZ8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/15/1face1-9e28-4d89-bf52-91795319845c/1/gzbKFR7UwyPUmPBt18WuOUzqxZ8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/gzbKFR7UwyPUmPBt18WuOUzqxZ8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 12 Jun 2025 21:26:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:61:70:a3:f0:2e:7c:74:65:b2:34:bf:5e:33:6b:a1:91
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8336ca151ed4c323d498f06dd7c5ae394ceac59f
        Validity
            Not Before: Jun 12 00:01:01 2025 GMT
            Not After : Jun 13 00:01:01 2025 GMT
        Subject: CN=0d3fb43f2437dbb3b02ed523c497c3af5958eb4c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d0:b4:3f:40:58:00:c4:26:83:0b:0c:5c:76:2e:
                    2d:78:49:ef:e0:d6:a0:e4:d5:83:7a:38:fe:c7:e9:
                    14:09:cb:c3:ba:17:f2:85:f3:5d:78:6b:45:91:3b:
                    4d:37:46:0c:45:db:9f:e2:6c:13:90:c9:66:8f:44:
                    aa:d5:98:2f:bb:5d:90:41:33:8b:c3:32:8a:2f:9f:
                    b2:1e:49:d4:e3:69:9e:6f:c2:ae:7a:80:b6:a1:05:
                    d5:ac:46:19:71:6c:de:88:c7:d1:96:ca:a7:a5:72:
                    47:b9:ba:f4:eb:ec:d3:c1:b2:52:15:d2:5d:b4:b6:
                    e0:6e:ce:79:c3:ff:6c:1b:99:20:5e:26:01:87:fa:
                    6a:55:37:6c:3e:26:35:61:7b:b3:99:c2:72:6a:b1:
                    ab:d9:50:52:6f:06:c4:21:7b:b4:f1:2a:31:61:29:
                    22:c0:8a:bd:dd:ac:88:05:b6:ba:a6:c5:53:55:39:
                    4c:cb:d7:85:46:82:8d:89:cb:ee:65:76:ef:1d:24:
                    79:c2:bf:f3:b4:3b:40:f4:98:4b:53:ff:38:e7:38:
                    43:82:2e:59:04:ad:3c:14:43:37:c2:20:cb:fd:30:
                    24:f2:83:1b:04:93:54:18:6c:79:49:43:f5:c7:30:
                    2e:2b:cf:04:f2:0e:1b:28:12:09:83:49:d1:ea:e4:
                    75:b5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0D:3F:B4:3F:24:37:DB:B3:B0:2E:D5:23:C4:97:C3:AF:59:58:EB:4C
            X509v3 Authority Key Identifier:
                keyid:83:36:CA:15:1E:D4:C3:23:D4:98:F0:6D:D7:C5:AE:39:4C:EA:C5:9F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gzbKFR7UwyPUmPBt18WuOUzqxZ8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/1face1-9e28-4d89-bf52-91795319845c/1/gzbKFR7UwyPUmPBt18WuOUzqxZ8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/15/1face1-9e28-4d89-bf52-91795319845c/1/gzbKFR7UwyPUmPBt18WuOUzqxZ8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         ac:b5:34:49:30:c0:f2:10:9b:ab:47:ba:1d:c9:75:f8:84:c2:
         39:c8:d2:76:0d:5f:96:ce:81:ba:15:4a:3c:df:9e:a6:40:4e:
         34:2e:44:a3:9c:95:69:dd:b1:60:bf:d5:ec:4a:bc:36:6c:fb:
         5e:e1:21:7b:71:a5:b0:b9:78:68:28:82:3e:b0:43:a4:c0:d1:
         2b:01:96:3a:97:b1:e1:aa:61:13:d8:21:0d:13:75:ce:32:2c:
         2c:85:47:f2:0a:89:fd:4e:5d:d1:c6:25:73:d2:9f:41:3c:3b:
         f1:fd:56:6f:09:ee:3e:32:a2:81:25:55:fa:e5:c0:12:d9:8b:
         8a:08:c9:ea:72:62:41:7b:1d:ef:46:1e:fc:fb:ad:ee:5c:dc:
         b2:81:ce:09:c0:d5:34:b8:bc:51:c5:8f:91:d9:66:e6:5a:b0:
         25:bf:63:ea:80:a5:92:5a:1b:65:9a:18:2c:d7:6e:7d:38:75:
         1b:7a:78:66:f6:a1:a9:a2:bf:62:3b:ef:02:e0:31:02:2a:9e:
         af:e1:8c:db:47:63:74:6b:e7:e6:3a:95:3f:f0:0a:32:5b:d7:
         30:71:4a:31:67:b5:50:8c:e3:ae:1b:8d:6c:fd:1e:62:78:ef:
         9b:1a:c6:00:20:ba:3e:10:dd:97:07:2a:e5:0b:37:d4:8b:a1:
         28:27:b6:fd
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdhcKPwLnx0ZbI0v14za6GRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzMzZjYTE1MWVkNGMzMjNkNDk4ZjA2ZGQ3YzVhZTM5NGNl
YWM1OWYwHhcNMjUwNjEyMDAwMTAxWhcNMjUwNjEzMDAwMTAxWjAzMTEwLwYDVQQD
EygwZDNmYjQzZjI0MzdkYmIzYjAyZWQ1MjNjNDk3YzNhZjU5NThlYjRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0LQ/QFgAxCaDCwxcdi4teEnv4Nag
5NWDejj+x+kUCcvDuhfyhfNdeGtFkTtNN0YMRduf4mwTkMlmj0Sq1Zgvu12QQTOL
wzKKL5+yHknU42meb8KueoC2oQXVrEYZcWzeiMfRlsqnpXJHubr06+zTwbJSFdJd
tLbgbs55w/9sG5kgXiYBh/pqVTdsPiY1YXuzmcJyarGr2VBSbwbEIXu08SoxYSki
wIq93ayIBba6psVTVTlMy9eFRoKNicvuZXbvHSR5wr/ztDtA9JhLU/845zhDgi5Z
BK08FEM3wiDL/TAk8oMbBJNUGGx5SUP1xzAuK88E8g4bKBIJg0nR6uR1tQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFA0/tD8kN9uzsC7VI8SXw69ZWOtMMB8GA1UdIwQY
MBaAFIM2yhUe1MMj1JjwbdfFrjlM6sWfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3piS0ZSN1V3eVBVbVBCdDE4V3VPVXpxeFo4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS8xZmFjZTEtOWUyOC00ZDg5LWJmNTIt
OTE3OTUzMTk4NDVjLzEvZ3piS0ZSN1V3eVBVbVBCdDE4V3VPVXpxeFo4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNS8xZmFjZTEtOWUyOC00ZDg5LWJmNTItOTE3OTUzMTk4NDVj
LzEvZ3piS0ZSN1V3eVBVbVBCdDE4V3VPVXpxeFo4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEArLU0STDA
8hCbq0e6Hcl1+ITCOcjSdg1fls6BuhVKPN+epkBONC5Eo5yVad2xYL/V7Eq8Nmz7
XuEhe3GlsLl4aCiCPrBDpMDRKwGWOpex4aphE9ghDRN1zjIsLIVH8gqJ/U5d0cYl
c9KfQTw78f1WbwnuPjKigSVV+uXAEtmLigjJ6nJiQXsd70Ye/Put7lzcsoHOCcDV
NLi8UcWPkdlm5lqwJb9j6oClklobZZoYLNdufTh1G3p4ZvahqaK/YjvvAuAxAiqe
r+GM20djdGvn5jqVP/AKMlvXMHFKMWe1UIzjrhuNbP0eYnjvmxrGACC6PhDdlwcq
5Qs31IuhKCe2/Q==
-----END CERTIFICATE-----
Generated at Thu Jun 12 04:05:27 2025 by rpki-client