Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/cfa7c3-f0c8-4622-8a47-9ab26b266aa7/1/g8jQHK8rB1HQNcU3Vm9FYnkl5PY.mft
File:                     g8jQHK8rB1HQNcU3Vm9FYnkl5PY.mft (raw, json)
Hash identifier:          p+Wz2yzIZestGTqIJbnOHXllYCKxldz01cXWBmO2/uk=
Subject key identifier:   B9:E9:25:72:A8:0D:5C:61:37:03:AB:DB:73:9B:B4:0A:4D:E7:47:6E
Authority key identifier: 83:C8:D0:1C:AF:2B:07:51:D0:35:C5:37:56:6F:45:62:79:25:E4:F6
Certificate issuer:       /CN=83c8d01caf2b0751d035c537566f45627925e4f6
Certificate serial:       01975D934B2DEC05E04691BAFB37268457A9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/g8jQHK8rB1HQNcU3Vm9FYnkl5PY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2b/cfa7c3-f0c8-4622-8a47-9ab26b266aa7/1/g8jQHK8rB1HQNcU3Vm9FYnkl5PY.mft
Manifest number:          10CC
Signing time:             Wed 11 Jun 2025 06:00:23 +0000
Manifest this update:     Wed 11 Jun 2025 06:00:23 +0000
Manifest next update:     Thu 12 Jun 2025 06:00:23 +0000
Files and hashes:         1: J4HW2mYS6aU6LfQRgOlYRDbLp5k.roa (hash: Bt4aDKGWyvEeRSoxrjAjHWSOknnKJY9L9kMvMSuInRo=)
                          2: g8jQHK8rB1HQNcU3Vm9FYnkl5PY.crl (hash: fchIqbrdnXRHRzLO5SOfCfqPPZ6S6ioPIcJaCLatK7c=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/2b/cfa7c3-f0c8-4622-8a47-9ab26b266aa7/1/g8jQHK8rB1HQNcU3Vm9FYnkl5PY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/2b/cfa7c3-f0c8-4622-8a47-9ab26b266aa7/1/g8jQHK8rB1HQNcU3Vm9FYnkl5PY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/g8jQHK8rB1HQNcU3Vm9FYnkl5PY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 11 Jun 2025 23:00:18 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:5d:93:4b:2d:ec:05:e0:46:91:ba:fb:37:26:84:57:a9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=83c8d01caf2b0751d035c537566f45627925e4f6
        Validity
            Not Before: Jun 11 06:00:23 2025 GMT
            Not After : Jun 12 06:00:23 2025 GMT
        Subject: CN=b9e92572a80d5c613703abdb739bb40a4de7476e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:30:fa:8f:7e:35:31:6c:96:c8:18:2d:82:1f:
                    fb:0e:5c:b3:3e:74:31:7e:3c:f7:77:5a:19:f9:f1:
                    0e:a4:bc:ec:a8:c9:25:ad:d6:bd:c5:cb:d0:dd:6d:
                    19:64:35:e1:72:32:19:ff:b3:a7:97:8b:17:8c:93:
                    da:20:56:7e:3d:43:fe:56:d5:2a:7f:6f:88:b5:09:
                    84:75:e2:80:02:c5:2d:9e:8f:e1:f0:04:c7:d2:93:
                    35:11:7e:e5:f2:bd:7a:0a:08:f1:df:0c:3b:fe:e0:
                    19:37:9b:b5:b8:1b:58:48:a3:f7:11:75:58:16:30:
                    58:8c:31:87:88:68:7f:9a:cf:94:7c:22:cb:b9:3a:
                    ff:87:1c:7d:4a:07:69:76:4c:b0:a3:06:72:cd:fd:
                    6d:97:26:8a:47:db:fd:d8:50:07:78:49:a3:fb:5d:
                    85:42:77:f4:77:ac:d7:06:67:79:25:00:56:8a:cf:
                    0b:2b:92:3e:32:6d:0b:dd:81:8a:c3:63:bb:c9:d7:
                    c0:bd:06:fa:78:48:ea:24:90:26:12:ba:4f:7b:38:
                    6b:6b:54:d2:41:8d:d5:26:b9:78:e9:6b:d5:96:f6:
                    a7:8a:f3:3b:fd:0a:f7:12:0d:00:87:1b:e5:8f:a5:
                    83:8b:e0:c1:79:41:64:2d:dd:7c:58:01:68:04:94:
                    e2:d9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B9:E9:25:72:A8:0D:5C:61:37:03:AB:DB:73:9B:B4:0A:4D:E7:47:6E
            X509v3 Authority Key Identifier:
                keyid:83:C8:D0:1C:AF:2B:07:51:D0:35:C5:37:56:6F:45:62:79:25:E4:F6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/g8jQHK8rB1HQNcU3Vm9FYnkl5PY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/cfa7c3-f0c8-4622-8a47-9ab26b266aa7/1/g8jQHK8rB1HQNcU3Vm9FYnkl5PY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/cfa7c3-f0c8-4622-8a47-9ab26b266aa7/1/g8jQHK8rB1HQNcU3Vm9FYnkl5PY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         20:c6:f0:38:28:0f:d0:69:84:86:06:10:e8:1c:82:03:40:2d:
         10:ed:f8:a3:cf:98:70:8d:2a:6c:79:4b:76:12:ef:58:b5:2c:
         7d:f4:54:9b:49:3f:0d:39:6a:82:c8:7c:59:7a:ea:dd:97:f3:
         a2:84:c0:e2:33:92:9f:cd:d0:86:52:c8:78:1d:2d:30:fc:ff:
         5c:43:43:7d:e5:0b:27:4e:9f:1d:3d:88:89:10:62:48:16:2f:
         2b:27:34:03:2f:99:0f:8d:66:da:5a:4b:56:14:70:0f:37:b9:
         d0:b1:05:13:ab:4b:e3:0f:c5:a7:cf:1f:6a:b4:71:23:eb:28:
         67:0c:f6:0e:2f:57:b7:a2:5c:80:bb:d9:50:0b:29:fb:ee:4e:
         88:25:82:c2:a7:3e:a8:13:9c:65:01:b3:78:bd:71:a3:91:be:
         11:54:04:d1:eb:83:f6:2b:4f:34:e4:33:a3:5e:1a:15:39:9e:
         95:af:94:59:c2:f3:7b:f1:c3:a1:5a:f1:c6:6c:9e:87:fe:e2:
         bc:0e:13:7a:de:9a:fc:64:50:49:47:39:01:a2:5d:4d:a7:86:
         f8:c6:78:5f:83:6f:7a:c0:f6:e4:14:91:e7:c7:d3:58:bd:8d:
         96:2d:7d:26:d6:b7:12:6c:2e:35:a6:67:f6:41:ba:b3:81:11:
         8e:af:7e:14
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZddk0st7AXgRpG6+zcmhFepMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzYzhkMDFjYWYyYjA3NTFkMDM1YzUzNzU2NmY0NTYyNzky
NWU0ZjYwHhcNMjUwNjExMDYwMDIzWhcNMjUwNjEyMDYwMDIzWjAzMTEwLwYDVQQD
EyhiOWU5MjU3MmE4MGQ1YzYxMzcwM2FiZGI3MzliYjQwYTRkZTc0NzZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtDD6j341MWyWyBgtgh/7DlyzPnQx
fjz3d1oZ+fEOpLzsqMklrda9xcvQ3W0ZZDXhcjIZ/7Onl4sXjJPaIFZ+PUP+VtUq
f2+ItQmEdeKAAsUtno/h8ATH0pM1EX7l8r16Cgjx3ww7/uAZN5u1uBtYSKP3EXVY
FjBYjDGHiGh/ms+UfCLLuTr/hxx9SgdpdkywowZyzf1tlyaKR9v92FAHeEmj+12F
Qnf0d6zXBmd5JQBWis8LK5I+Mm0L3YGKw2O7ydfAvQb6eEjqJJAmErpPezhra1TS
QY3VJrl46WvVlvanivM7/Qr3Eg0Ahxvlj6WDi+DBeUFkLd18WAFoBJTi2QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLnpJXKoDVxhNwOr23ObtApN50duMB8GA1UdIwQY
MBaAFIPI0ByvKwdR0DXFN1ZvRWJ5JeT2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZzhqUUhLOHJCMUhRTmNVM1ZtOUZZbmtsNVBZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi9jZmE3YzMtZjBjOC00NjIyLThhNDct
OWFiMjZiMjY2YWE3LzEvZzhqUUhLOHJCMUhRTmNVM1ZtOUZZbmtsNVBZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi9jZmE3YzMtZjBjOC00NjIyLThhNDctOWFiMjZiMjY2YWE3
LzEvZzhqUUhLOHJCMUhRTmNVM1ZtOUZZbmtsNVBZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAIMbwOCgP
0GmEhgYQ6ByCA0AtEO34o8+YcI0qbHlLdhLvWLUsffRUm0k/DTlqgsh8WXrq3Zfz
ooTA4jOSn83QhlLIeB0tMPz/XENDfeULJ06fHT2IiRBiSBYvKyc0Ay+ZD41m2lpL
VhRwDze50LEFE6tL4w/Fp88farRxI+soZwz2Di9Xt6JcgLvZUAsp++5OiCWCwqc+
qBOcZQGzeL1xo5G+EVQE0euD9itPNOQzo14aFTmela+UWcLze/HDoVrxxmyeh/7i
vA4Tet6a/GRQSUc5AaJdTaeG+MZ4X4NvesD25BSR58fTWL2Nli19Jta3EmwuNaZn
9kG6s4ERjq9+FA==
-----END CERTIFICATE-----
Generated at Wed Jun 11 09:48:06 2025 by rpki-client