Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/cfa7c3-f0c8-4622-8a47-9ab26b266aa7/1/g8jQHK8rB1HQNcU3Vm9FYnkl5PY.mft
File:                     g8jQHK8rB1HQNcU3Vm9FYnkl5PY.mft (raw, json)
Hash identifier:          rcUeHNV/+axGCNvwucpro/Zc+5sLcFbeW1PqdhL2rk0=
Subject key identifier:   52:8B:78:47:7F:0A:F5:CD:82:80:26:22:1C:3A:DD:3C:51:BE:60:39
Authority key identifier: 83:C8:D0:1C:AF:2B:07:51:D0:35:C5:37:56:6F:45:62:79:25:E4:F6
Certificate issuer:       /CN=83c8d01caf2b0751d035c537566f45627925e4f6
Certificate serial:       01976D067E593E6DEB75301D1BCBEE7106A3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/g8jQHK8rB1HQNcU3Vm9FYnkl5PY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2b/cfa7c3-f0c8-4622-8a47-9ab26b266aa7/1/g8jQHK8rB1HQNcU3Vm9FYnkl5PY.mft
Manifest number:          10D4
Signing time:             Sat 14 Jun 2025 06:00:31 +0000
Manifest this update:     Sat 14 Jun 2025 06:00:31 +0000
Manifest next update:     Sun 15 Jun 2025 06:00:31 +0000
Files and hashes:         1: J4HW2mYS6aU6LfQRgOlYRDbLp5k.roa (hash: Bt4aDKGWyvEeRSoxrjAjHWSOknnKJY9L9kMvMSuInRo=)
                          2: g8jQHK8rB1HQNcU3Vm9FYnkl5PY.crl (hash: KSWDQzyko0SmNFyNgn8+G3B1IhW9qLCLDtZpB/j26Kk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/2b/cfa7c3-f0c8-4622-8a47-9ab26b266aa7/1/g8jQHK8rB1HQNcU3Vm9FYnkl5PY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/2b/cfa7c3-f0c8-4622-8a47-9ab26b266aa7/1/g8jQHK8rB1HQNcU3Vm9FYnkl5PY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/g8jQHK8rB1HQNcU3Vm9FYnkl5PY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 15 Jun 2025 03:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:6d:06:7e:59:3e:6d:eb:75:30:1d:1b:cb:ee:71:06:a3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=83c8d01caf2b0751d035c537566f45627925e4f6
        Validity
            Not Before: Jun 14 06:00:31 2025 GMT
            Not After : Jun 15 06:00:31 2025 GMT
        Subject: CN=528b78477f0af5cd828026221c3add3c51be6039
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:60:55:b1:3c:fb:28:97:ce:97:1d:ea:8c:6e:
                    df:d7:df:af:6f:8b:f2:9b:61:92:bb:32:3b:e5:6f:
                    77:37:e8:6e:30:ee:33:68:0d:f0:29:cd:e6:9c:9c:
                    51:22:3a:1b:34:1a:af:62:d6:33:fe:36:23:1d:b5:
                    ad:5f:b1:fd:08:24:b3:e8:86:2d:88:54:91:0a:bb:
                    1b:5c:32:a5:21:02:b7:80:1e:12:e7:31:d8:33:ff:
                    75:6d:ea:33:93:1a:3d:ce:b0:8a:e6:88:d6:6c:27:
                    1f:eb:1a:cb:99:10:d2:c0:b5:c8:69:77:6f:ac:2f:
                    17:09:90:56:88:e8:aa:5f:ff:48:3d:a7:14:9f:3d:
                    d8:8f:74:ef:63:c4:d7:65:8b:57:da:ea:41:e6:8e:
                    b7:29:ef:54:88:d7:47:ea:de:c7:89:f1:60:6e:de:
                    3f:7e:86:ec:e7:5e:9f:d2:f4:6c:b8:61:05:3b:06:
                    46:32:15:4b:95:d9:29:56:f3:55:92:eb:75:07:1b:
                    de:93:0d:8e:8a:75:e2:2a:6d:2a:f0:9f:a3:3c:87:
                    98:23:b7:4d:5a:f5:29:08:32:80:02:0a:6e:17:a3:
                    0d:e1:28:41:1c:8d:1b:34:40:11:4d:b4:6e:43:09:
                    4f:26:d2:d7:63:c5:74:07:17:f7:b4:fa:03:6c:f4:
                    0e:ad
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                52:8B:78:47:7F:0A:F5:CD:82:80:26:22:1C:3A:DD:3C:51:BE:60:39
            X509v3 Authority Key Identifier:
                keyid:83:C8:D0:1C:AF:2B:07:51:D0:35:C5:37:56:6F:45:62:79:25:E4:F6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/g8jQHK8rB1HQNcU3Vm9FYnkl5PY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/cfa7c3-f0c8-4622-8a47-9ab26b266aa7/1/g8jQHK8rB1HQNcU3Vm9FYnkl5PY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/cfa7c3-f0c8-4622-8a47-9ab26b266aa7/1/g8jQHK8rB1HQNcU3Vm9FYnkl5PY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3c:99:eb:e0:21:1c:13:e0:48:80:dd:96:94:e5:55:82:9f:23:
         df:90:63:a8:7f:91:39:f5:ce:a2:4c:60:6d:54:ea:c7:39:9c:
         7e:a2:7c:15:3a:c8:8a:c3:89:d1:e3:66:ad:b5:4a:5e:4b:4a:
         d6:6a:10:83:9a:c0:c1:5a:e3:a1:38:19:28:db:1c:a6:62:a9:
         47:8e:9e:7f:1e:df:71:c4:0d:b1:eb:44:28:b8:c3:2a:9c:a4:
         b4:42:61:37:df:96:75:64:da:c1:dd:d8:cf:71:3c:5e:d6:4e:
         35:08:0d:9c:e4:a9:b6:de:98:aa:a2:e7:c7:6d:82:7d:48:74:
         7e:df:51:bf:1c:0f:71:f9:17:12:1b:09:92:da:60:7e:40:af:
         14:d5:66:40:e4:37:e0:67:ba:65:cf:a9:94:16:74:5e:70:b6:
         6a:84:ba:13:d5:2c:fa:0c:f4:d1:cb:58:ec:c8:33:7c:27:63:
         e4:5c:4a:00:15:b1:89:79:06:a6:bc:fb:77:cf:f7:53:d3:ed:
         45:0c:30:e1:47:8f:a3:e3:96:01:c5:9a:d4:bc:ae:34:53:c7:
         1a:71:c0:22:34:c9:b3:37:4f:69:a4:74:72:5a:c4:01:b8:4d:
         31:32:38:4e:d9:12:e1:e1:86:04:d3:af:fa:72:f7:73:71:44:
         11:5d:d1:ca
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdtBn5ZPm3rdTAdG8vucQajMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzYzhkMDFjYWYyYjA3NTFkMDM1YzUzNzU2NmY0NTYyNzky
NWU0ZjYwHhcNMjUwNjE0MDYwMDMxWhcNMjUwNjE1MDYwMDMxWjAzMTEwLwYDVQQD
Eyg1MjhiNzg0NzdmMGFmNWNkODI4MDI2MjIxYzNhZGQzYzUxYmU2MDM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqmBVsTz7KJfOlx3qjG7f19+vb4vy
m2GSuzI75W93N+huMO4zaA3wKc3mnJxRIjobNBqvYtYz/jYjHbWtX7H9CCSz6IYt
iFSRCrsbXDKlIQK3gB4S5zHYM/91beozkxo9zrCK5ojWbCcf6xrLmRDSwLXIaXdv
rC8XCZBWiOiqX/9IPacUnz3Yj3TvY8TXZYtX2upB5o63Ke9UiNdH6t7HifFgbt4/
fobs516f0vRsuGEFOwZGMhVLldkpVvNVkut1Bxvekw2OinXiKm0q8J+jPIeYI7dN
WvUpCDKAAgpuF6MN4ShBHI0bNEARTbRuQwlPJtLXY8V0Bxf3tPoDbPQOrQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFKLeEd/CvXNgoAmIhw63TxRvmA5MB8GA1UdIwQY
MBaAFIPI0ByvKwdR0DXFN1ZvRWJ5JeT2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZzhqUUhLOHJCMUhRTmNVM1ZtOUZZbmtsNVBZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi9jZmE3YzMtZjBjOC00NjIyLThhNDct
OWFiMjZiMjY2YWE3LzEvZzhqUUhLOHJCMUhRTmNVM1ZtOUZZbmtsNVBZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi9jZmE3YzMtZjBjOC00NjIyLThhNDctOWFiMjZiMjY2YWE3
LzEvZzhqUUhLOHJCMUhRTmNVM1ZtOUZZbmtsNVBZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAPJnr4CEc
E+BIgN2WlOVVgp8j35BjqH+ROfXOokxgbVTqxzmcfqJ8FTrIisOJ0eNmrbVKXktK
1moQg5rAwVrjoTgZKNscpmKpR46efx7fccQNsetEKLjDKpyktEJhN9+WdWTawd3Y
z3E8XtZONQgNnOSptt6YqqLnx22CfUh0ft9RvxwPcfkXEhsJktpgfkCvFNVmQOQ3
4Ge6Zc+plBZ0XnC2aoS6E9Us+gz00ctY7MgzfCdj5FxKABWxiXkGprz7d8/3U9Pt
RQww4UePo+OWAcWa1LyuNFPHGnHAIjTJszdPaaR0clrEAbhNMTI4TtkS4eGGBNOv
+nL3c3FEEV3Ryg==
-----END CERTIFICATE-----
Generated at Sat Jun 14 12:03:50 2025 by rpki-client