Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/23/389424-aaba-4491-9fba-fcb43d4f6714/1/nhuhZT_KfIAXI8pG_0Qua6wekaA.mft
File:                     nhuhZT_KfIAXI8pG_0Qua6wekaA.mft (raw, json)
Hash identifier:          USbpduR5GxF6at7l6SNx9OCK0Y88J3eaS9/5gZDQZCA=
Subject key identifier:   16:3A:04:DE:1B:BE:B0:17:68:B4:50:74:7D:2D:50:5D:B5:E4:56:2F
Authority key identifier: 9E:1B:A1:65:3F:CA:7C:80:17:23:CA:46:FF:44:2E:6B:AC:1E:91:A0
Certificate issuer:       /CN=9e1ba1653fca7c801723ca46ff442e6bac1e91a0
Certificate serial:       01976960AA01A994EF1FB2DD600A84EFBDE5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/nhuhZT_KfIAXI8pG_0Qua6wekaA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/23/389424-aaba-4491-9fba-fcb43d4f6714/1/nhuhZT_KfIAXI8pG_0Qua6wekaA.mft
Manifest number:          0805
Signing time:             Fri 13 Jun 2025 13:00:31 +0000
Manifest this update:     Fri 13 Jun 2025 13:00:31 +0000
Manifest next update:     Sat 14 Jun 2025 13:00:31 +0000
Files and hashes:         1: cb8dWgekdgTmGEn_puzoSrtajs0.roa (hash: klMt7aeT4NJnkoShXspgSHaq5Jk7n53EuU54bLRTaLc=)
                          2: nhuhZT_KfIAXI8pG_0Qua6wekaA.crl (hash: /rFVhTbP277nVJaKbDlHGJFNm0NG98kfEp/7lc8uZ/A=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/23/389424-aaba-4491-9fba-fcb43d4f6714/1/nhuhZT_KfIAXI8pG_0Qua6wekaA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/23/389424-aaba-4491-9fba-fcb43d4f6714/1/nhuhZT_KfIAXI8pG_0Qua6wekaA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/nhuhZT_KfIAXI8pG_0Qua6wekaA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 14 Jun 2025 13:00:31 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:69:60:aa:01:a9:94:ef:1f:b2:dd:60:0a:84:ef:bd:e5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9e1ba1653fca7c801723ca46ff442e6bac1e91a0
        Validity
            Not Before: Jun 13 13:00:31 2025 GMT
            Not After : Jun 14 13:00:31 2025 GMT
        Subject: CN=163a04de1bbeb01768b450747d2d505db5e4562f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9e:c5:2b:8c:a7:bb:81:82:13:28:eb:df:d3:dd:
                    76:5c:3d:14:db:f1:66:66:7d:4c:65:3d:34:a8:82:
                    e9:04:f5:74:e5:19:c2:c7:d4:b0:bd:00:3c:7f:5c:
                    50:5c:84:1e:ce:05:77:aa:33:0c:fd:d0:18:10:a5:
                    8c:55:15:e5:0f:98:8f:d3:bc:c5:df:a3:84:e9:69:
                    cc:f8:0a:fc:ea:ed:8d:29:02:9a:c5:8f:f8:d6:31:
                    42:42:e0:e5:99:54:34:31:82:2e:48:08:df:e1:c6:
                    e1:a0:f3:23:f4:39:f9:f9:21:65:bb:3c:7d:66:ab:
                    ee:3e:94:dc:e6:1e:b3:9c:05:8f:89:2f:94:46:b1:
                    89:96:e0:b5:87:db:c8:7f:e7:e1:4f:98:2e:98:36:
                    95:1d:74:42:05:e6:b1:12:4d:da:02:9d:2f:e5:6e:
                    22:af:be:86:24:1e:79:d8:fd:e6:60:b9:12:aa:04:
                    5a:c3:5a:32:f8:08:23:98:26:4c:ce:8f:46:aa:36:
                    48:12:f5:4e:19:24:3c:64:f4:4d:57:d0:09:d0:3b:
                    89:91:d7:83:25:e9:ad:a3:b5:a7:06:b9:12:a6:ac:
                    c4:c9:a6:ae:2b:f7:ad:48:8e:61:87:6a:53:a3:10:
                    20:17:e7:49:df:0b:13:f9:70:ec:2f:78:b9:ac:11:
                    d1:19
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                16:3A:04:DE:1B:BE:B0:17:68:B4:50:74:7D:2D:50:5D:B5:E4:56:2F
            X509v3 Authority Key Identifier:
                keyid:9E:1B:A1:65:3F:CA:7C:80:17:23:CA:46:FF:44:2E:6B:AC:1E:91:A0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nhuhZT_KfIAXI8pG_0Qua6wekaA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/23/389424-aaba-4491-9fba-fcb43d4f6714/1/nhuhZT_KfIAXI8pG_0Qua6wekaA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/23/389424-aaba-4491-9fba-fcb43d4f6714/1/nhuhZT_KfIAXI8pG_0Qua6wekaA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4d:ba:f0:3b:18:bf:44:80:f6:73:88:5e:b6:ce:5c:cc:81:35:
         db:2e:c4:e1:49:f9:9b:44:7e:95:ee:2f:17:c7:bd:d1:30:ab:
         37:66:14:fb:c5:e3:26:24:98:c7:16:5b:55:81:bb:1c:09:27:
         a5:3d:ae:14:fc:3c:e5:47:6b:09:75:0b:36:9d:3b:76:2c:51:
         88:7d:fe:66:e7:b0:42:e2:ad:07:c6:35:e3:90:ec:af:83:5c:
         07:da:d5:d9:f7:00:8d:ef:c5:9d:d4:3c:ea:21:be:93:cf:c6:
         ac:f0:3a:96:c0:06:86:b1:22:eb:44:c3:aa:9a:61:d3:5e:98:
         fb:2e:5a:b6:50:2c:9f:20:86:e7:e7:5a:78:0e:73:a2:13:67:
         82:c4:d7:14:44:5a:d2:fe:07:45:18:97:e9:62:c7:84:2d:23:
         0a:0b:a7:e8:72:67:e9:f8:a7:2c:e6:ee:59:4f:7f:4b:05:9e:
         7f:55:18:0b:7a:26:42:a8:d1:b1:63:6c:11:95:8e:30:68:1e:
         26:42:af:b2:72:ae:e7:a1:9e:02:2f:57:e7:23:f0:0b:ae:c0:
         95:f7:73:2e:f4:fd:2c:ee:19:63:93:bd:c8:fc:36:fa:b9:0c:
         f6:9f:67:c6:5e:50:3e:14:68:fc:2e:e5:c5:b3:16:10:3b:c3:
         11:28:a1:d6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdpYKoBqZTvH7LdYAqE773lMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllMWJhMTY1M2ZjYTdjODAxNzIzY2E0NmZmNDQyZTZiYWMx
ZTkxYTAwHhcNMjUwNjEzMTMwMDMxWhcNMjUwNjE0MTMwMDMxWjAzMTEwLwYDVQQD
EygxNjNhMDRkZTFiYmViMDE3NjhiNDUwNzQ3ZDJkNTA1ZGI1ZTQ1NjJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnsUrjKe7gYITKOvf0912XD0U2/Fm
Zn1MZT00qILpBPV05RnCx9SwvQA8f1xQXIQezgV3qjMM/dAYEKWMVRXlD5iP07zF
36OE6WnM+Ar86u2NKQKaxY/41jFCQuDlmVQ0MYIuSAjf4cbhoPMj9Dn5+SFluzx9
ZqvuPpTc5h6znAWPiS+URrGJluC1h9vIf+fhT5gumDaVHXRCBeaxEk3aAp0v5W4i
r76GJB552P3mYLkSqgRaw1oy+AgjmCZMzo9GqjZIEvVOGSQ8ZPRNV9AJ0DuJkdeD
Jemto7WnBrkSpqzEyaauK/etSI5hh2pToxAgF+dJ3wsT+XDsL3i5rBHRGQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBY6BN4bvrAXaLRQdH0tUF215FYvMB8GA1UdIwQY
MBaAFJ4boWU/ynyAFyPKRv9ELmusHpGgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbmh1aFpUX0tmSUFYSThwR18wUXVhNndla2FBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMy8zODk0MjQtYWFiYS00NDkxLTlmYmEt
ZmNiNDNkNGY2NzE0LzEvbmh1aFpUX0tmSUFYSThwR18wUXVhNndla2FBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMy8zODk0MjQtYWFiYS00NDkxLTlmYmEtZmNiNDNkNGY2NzE0
LzEvbmh1aFpUX0tmSUFYSThwR18wUXVhNndla2FBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATbrwOxi/
RID2c4hets5czIE12y7E4Un5m0R+le4vF8e90TCrN2YU+8XjJiSYxxZbVYG7HAkn
pT2uFPw85UdrCXULNp07dixRiH3+ZuewQuKtB8Y145Dsr4NcB9rV2fcAje/FndQ8
6iG+k8/GrPA6lsAGhrEi60TDqpph016Y+y5atlAsnyCG5+daeA5zohNngsTXFERa
0v4HRRiX6WLHhC0jCgun6HJn6finLObuWU9/SwWef1UYC3omQqjRsWNsEZWOMGge
JkKvsnKu56GeAi9X5yPwC67AlfdzLvT9LO4ZY5O9yPw2+rkM9p9nxl5QPhRo/C7l
xbMWEDvDESih1g==
-----END CERTIFICATE-----
Generated at Fri Jun 13 21:27:11 2025 by rpki-client