Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/23/389424-aaba-4491-9fba-fcb43d4f6714/1/nhuhZT_KfIAXI8pG_0Qua6wekaA.mft
File:                     nhuhZT_KfIAXI8pG_0Qua6wekaA.mft (raw, json)
Hash identifier:          fZj1Tsw3Dwb6wzr3ocXA+2uTSwsQWSbqlzUzbkrEQ4o=
Subject key identifier:   CC:48:27:0D:2F:BA:1F:A4:DA:A6:6E:92:4B:44:E4:2C:81:DB:1F:1C
Authority key identifier: 9E:1B:A1:65:3F:CA:7C:80:17:23:CA:46:FF:44:2E:6B:AC:1E:91:A0
Certificate issuer:       /CN=9e1ba1653fca7c801723ca46ff442e6bac1e91a0
Certificate serial:       019759ED967FAA9BAE889B7161139ACECFAE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/nhuhZT_KfIAXI8pG_0Qua6wekaA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/23/389424-aaba-4491-9fba-fcb43d4f6714/1/nhuhZT_KfIAXI8pG_0Qua6wekaA.mft
Manifest number:          07FD
Signing time:             Tue 10 Jun 2025 13:00:31 +0000
Manifest this update:     Tue 10 Jun 2025 13:00:31 +0000
Manifest next update:     Wed 11 Jun 2025 13:00:31 +0000
Files and hashes:         1: cb8dWgekdgTmGEn_puzoSrtajs0.roa (hash: klMt7aeT4NJnkoShXspgSHaq5Jk7n53EuU54bLRTaLc=)
                          2: nhuhZT_KfIAXI8pG_0Qua6wekaA.crl (hash: SWpBbYpOK8h8JTcyUvCDfyvDx1SsbjKVW2zsHwboxgA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/23/389424-aaba-4491-9fba-fcb43d4f6714/1/nhuhZT_KfIAXI8pG_0Qua6wekaA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/23/389424-aaba-4491-9fba-fcb43d4f6714/1/nhuhZT_KfIAXI8pG_0Qua6wekaA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/nhuhZT_KfIAXI8pG_0Qua6wekaA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 11 Jun 2025 13:00:31 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:59:ed:96:7f:aa:9b:ae:88:9b:71:61:13:9a:ce:cf:ae
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9e1ba1653fca7c801723ca46ff442e6bac1e91a0
        Validity
            Not Before: Jun 10 13:00:31 2025 GMT
            Not After : Jun 11 13:00:31 2025 GMT
        Subject: CN=cc48270d2fba1fa4daa66e924b44e42c81db1f1c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9b:03:c8:a6:c3:b8:42:43:9e:0f:c2:f2:4a:cb:
                    8f:c8:d3:c6:64:88:0c:60:75:52:0c:d1:3e:99:83:
                    f2:58:a5:b2:2b:93:68:55:95:ab:b0:a8:9b:7a:0d:
                    d9:1f:4a:74:00:3d:9f:83:ee:8a:9b:5f:be:a9:8f:
                    e1:8c:4f:14:d8:91:fd:24:c0:04:f1:07:13:3b:e5:
                    ef:e4:38:06:ea:b6:4f:c2:6d:06:9d:28:9c:34:54:
                    45:0e:1c:69:af:66:2f:6d:10:f6:ad:45:37:88:0c:
                    af:b8:fd:f9:83:7f:64:e0:7b:75:94:06:90:af:e2:
                    36:61:a8:8b:ed:ac:d9:b7:eb:e2:28:f5:3f:d1:95:
                    fb:a4:f0:e6:85:f5:99:3a:de:75:15:04:f6:4f:d2:
                    9c:ae:17:8b:45:0b:a1:f1:e0:d3:02:55:a5:85:51:
                    c9:a7:10:d6:cd:47:ba:43:0f:16:ea:c8:81:cf:18:
                    a2:fd:1d:77:91:2f:4f:22:b4:9f:63:0c:ea:d2:47:
                    77:10:e2:23:ce:f2:e4:3f:6f:a3:19:b9:f7:ba:9e:
                    02:de:8c:29:cd:89:cf:13:eb:ee:1b:9f:e8:03:48:
                    61:3d:15:2c:99:ed:e6:79:14:75:26:76:1b:67:46:
                    c5:f4:92:d1:d4:f1:1a:82:31:e8:cd:79:98:0b:0f:
                    c5:ff
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CC:48:27:0D:2F:BA:1F:A4:DA:A6:6E:92:4B:44:E4:2C:81:DB:1F:1C
            X509v3 Authority Key Identifier:
                keyid:9E:1B:A1:65:3F:CA:7C:80:17:23:CA:46:FF:44:2E:6B:AC:1E:91:A0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nhuhZT_KfIAXI8pG_0Qua6wekaA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/23/389424-aaba-4491-9fba-fcb43d4f6714/1/nhuhZT_KfIAXI8pG_0Qua6wekaA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/23/389424-aaba-4491-9fba-fcb43d4f6714/1/nhuhZT_KfIAXI8pG_0Qua6wekaA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         13:d2:b8:32:27:61:10:ba:05:ca:0c:bf:8a:d1:8c:46:e7:ff:
         35:cf:d1:ca:73:86:41:af:b9:6c:43:b3:72:16:6f:d8:67:8c:
         47:3a:75:22:3c:dd:85:cc:c8:fa:f0:95:fa:fd:d7:ac:69:d9:
         c2:8a:08:c9:53:77:7f:bc:83:46:8b:91:40:7c:f2:fc:3b:da:
         6d:67:a1:9d:61:a8:31:78:53:66:75:0a:f4:32:4c:f8:cf:d7:
         e8:b4:d5:92:db:e5:c7:19:c7:d4:8a:cd:79:d9:d3:30:a0:e1:
         e3:0f:2f:21:46:33:72:de:ca:9c:53:de:a5:b5:5f:f6:5b:c7:
         64:cc:b0:d0:a6:9a:47:d1:03:8d:26:35:6e:a6:26:1a:36:11:
         8a:f2:9c:ef:b5:09:6b:c2:9d:d2:60:60:cf:4c:ab:bc:ae:1d:
         86:5b:14:34:b2:2f:90:ee:92:b3:7b:ee:af:55:f3:25:40:6d:
         04:18:78:f3:81:2c:a7:ce:1c:b3:92:d2:a6:d3:ad:39:58:bb:
         2a:b3:a3:13:28:a0:ef:88:36:e4:25:b8:97:de:3f:3d:1c:1b:
         26:6b:16:32:34:cc:80:59:65:61:3f:c1:4a:8f:f7:99:07:7d:
         4c:5b:d3:2d:f2:53:a2:78:36:86:78:11:60:98:3d:31:dc:d2:
         28:a9:83:38
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdZ7ZZ/qpuuiJtxYROazs+uMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllMWJhMTY1M2ZjYTdjODAxNzIzY2E0NmZmNDQyZTZiYWMx
ZTkxYTAwHhcNMjUwNjEwMTMwMDMxWhcNMjUwNjExMTMwMDMxWjAzMTEwLwYDVQQD
EyhjYzQ4MjcwZDJmYmExZmE0ZGFhNjZlOTI0YjQ0ZTQyYzgxZGIxZjFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmwPIpsO4QkOeD8LySsuPyNPGZIgM
YHVSDNE+mYPyWKWyK5NoVZWrsKibeg3ZH0p0AD2fg+6Km1++qY/hjE8U2JH9JMAE
8QcTO+Xv5DgG6rZPwm0GnSicNFRFDhxpr2YvbRD2rUU3iAyvuP35g39k4Ht1lAaQ
r+I2YaiL7azZt+viKPU/0ZX7pPDmhfWZOt51FQT2T9KcrheLRQuh8eDTAlWlhVHJ
pxDWzUe6Qw8W6siBzxii/R13kS9PIrSfYwzq0kd3EOIjzvLkP2+jGbn3up4C3owp
zYnPE+vuG5/oA0hhPRUsme3meRR1JnYbZ0bF9JLR1PEagjHozXmYCw/F/wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMxIJw0vuh+k2qZukktE5CyB2x8cMB8GA1UdIwQY
MBaAFJ4boWU/ynyAFyPKRv9ELmusHpGgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbmh1aFpUX0tmSUFYSThwR18wUXVhNndla2FBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMy8zODk0MjQtYWFiYS00NDkxLTlmYmEt
ZmNiNDNkNGY2NzE0LzEvbmh1aFpUX0tmSUFYSThwR18wUXVhNndla2FBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMy8zODk0MjQtYWFiYS00NDkxLTlmYmEtZmNiNDNkNGY2NzE0
LzEvbmh1aFpUX0tmSUFYSThwR18wUXVhNndla2FBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAE9K4Midh
ELoFygy/itGMRuf/Nc/RynOGQa+5bEOzchZv2GeMRzp1IjzdhczI+vCV+v3XrGnZ
wooIyVN3f7yDRouRQHzy/DvabWehnWGoMXhTZnUK9DJM+M/X6LTVktvlxxnH1IrN
ednTMKDh4w8vIUYzct7KnFPepbVf9lvHZMyw0KaaR9EDjSY1bqYmGjYRivKc77UJ
a8Kd0mBgz0yrvK4dhlsUNLIvkO6Ss3vur1XzJUBtBBh484Esp84cs5LSptOtOVi7
KrOjEyig74g25CW4l94/PRwbJmsWMjTMgFllYT/BSo/3mQd9TFvTLfJTong2hngR
YJg9MdzSKKmDOA==
-----END CERTIFICATE-----
Generated at Tue Jun 10 16:07:27 2025 by rpki-client