Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/fefc12-2fc2-430d-9606-f4946f03f542/1/NADZSQmD598yx88Xyh6tTwX3lkY.mft
File:                     NADZSQmD598yx88Xyh6tTwX3lkY.mft (raw, json)
Hash identifier:          BTd0R8FqToGpM9Rletu/YSLDSVrwqO8NL/v+Qd2OS0U=
Subject key identifier:   92:9D:DC:52:26:B3:9F:E9:F1:29:82:B9:C5:6A:0A:BD:66:6F:03:D0
Authority key identifier: 34:00:D9:49:09:83:E7:DF:32:C7:CF:17:CA:1E:AD:4F:05:F7:96:46
Certificate issuer:       /CN=3400d9490983e7df32c7cf17ca1ead4f05f79646
Certificate serial:       0197537DA3256BE67EADB16A0123A01955FD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NADZSQmD598yx88Xyh6tTwX3lkY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4c/fefc12-2fc2-430d-9606-f4946f03f542/1/NADZSQmD598yx88Xyh6tTwX3lkY.mft
Manifest number:          06F4
Signing time:             Mon 09 Jun 2025 07:00:31 +0000
Manifest this update:     Mon 09 Jun 2025 07:00:31 +0000
Manifest next update:     Tue 10 Jun 2025 07:00:31 +0000
Files and hashes:         1: NADZSQmD598yx88Xyh6tTwX3lkY.crl (hash: Qo947E5XW7Y0HuCY4WI4i3/+UvBysax0WPn7ENZ9+m0=)
                          2: wGV9gdNmWFtWWUn9dwqAU6O3Xlw.roa (hash: e5ewBGv57i41ziAigHZZOeL98kqI4hYVQ5SbzM8SjnI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/4c/fefc12-2fc2-430d-9606-f4946f03f542/1/NADZSQmD598yx88Xyh6tTwX3lkY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/4c/fefc12-2fc2-430d-9606-f4946f03f542/1/NADZSQmD598yx88Xyh6tTwX3lkY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/NADZSQmD598yx88Xyh6tTwX3lkY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 10 Jun 2025 06:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:53:7d:a3:25:6b:e6:7e:ad:b1:6a:01:23:a0:19:55:fd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3400d9490983e7df32c7cf17ca1ead4f05f79646
        Validity
            Not Before: Jun  9 07:00:31 2025 GMT
            Not After : Jun 10 07:00:31 2025 GMT
        Subject: CN=929ddc5226b39fe9f12982b9c56a0abd666f03d0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:7a:d5:f4:a0:0b:47:a2:6e:1e:e4:0e:34:18:
                    5e:3c:57:0f:e4:a0:0a:1e:79:2d:dd:ad:64:85:37:
                    bb:d0:eb:95:96:61:ed:78:55:ae:b9:b2:ae:b5:7a:
                    49:c2:3f:0a:ed:d8:87:6c:8a:ff:f8:f5:26:cf:0c:
                    79:21:b0:77:c2:a3:a8:dc:19:86:73:19:18:96:b2:
                    3e:29:29:29:2b:07:cd:11:5c:32:9e:e6:81:f3:b8:
                    1c:60:c8:db:53:0a:44:1e:a5:97:f0:b8:de:4c:7a:
                    6a:39:34:f0:fa:9e:44:69:22:c4:15:3f:39:f8:3b:
                    77:b3:fc:db:a1:78:8a:f8:98:c0:b8:7f:c0:46:ca:
                    61:59:d0:62:86:8e:f9:9c:cc:72:e3:70:64:b7:dc:
                    44:6f:67:65:fa:22:61:99:b9:45:1b:74:dc:70:f3:
                    1c:c0:e8:3a:c1:56:43:96:b9:f2:a2:cd:81:ea:3c:
                    44:bb:99:58:c1:92:ab:57:cb:60:e8:4e:50:ff:ad:
                    24:c0:5f:d3:d2:ca:01:b4:2e:51:c3:24:51:bc:55:
                    9b:58:81:61:95:ba:46:e9:5b:ec:08:46:05:3f:fa:
                    cc:9d:56:a7:39:d3:7e:39:87:aa:ff:0a:c1:9d:cb:
                    ea:b5:1c:f5:90:09:ff:a3:82:9e:4e:a6:ef:92:d4:
                    56:37
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                92:9D:DC:52:26:B3:9F:E9:F1:29:82:B9:C5:6A:0A:BD:66:6F:03:D0
            X509v3 Authority Key Identifier:
                keyid:34:00:D9:49:09:83:E7:DF:32:C7:CF:17:CA:1E:AD:4F:05:F7:96:46

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NADZSQmD598yx88Xyh6tTwX3lkY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/fefc12-2fc2-430d-9606-f4946f03f542/1/NADZSQmD598yx88Xyh6tTwX3lkY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/fefc12-2fc2-430d-9606-f4946f03f542/1/NADZSQmD598yx88Xyh6tTwX3lkY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         66:a3:13:30:f6:7a:bf:24:33:a8:3f:c6:56:d6:24:e9:ce:f4:
         93:fb:24:48:5e:96:a0:b9:59:30:d7:da:de:c1:06:96:0f:2f:
         45:49:0b:fe:4f:28:19:2b:89:6d:c3:31:94:65:27:94:8e:53:
         12:f6:36:bf:30:19:c2:f8:82:ed:76:88:c7:d6:42:a3:cd:b8:
         34:23:45:72:ac:f7:f9:2f:cb:18:f4:4b:9b:84:c5:c5:8b:f9:
         24:65:1f:f4:5e:b7:51:d4:c7:5b:55:d6:42:a0:76:a2:c2:24:
         35:31:95:c7:dc:b1:b9:22:1b:35:53:fc:82:95:29:eb:67:94:
         74:d9:07:a8:c0:06:e7:cc:37:e7:ef:19:90:51:bf:5f:3e:0c:
         d2:43:f6:42:8e:20:38:fc:47:f6:90:5f:e4:47:9f:e8:14:d5:
         f3:5b:b3:b9:6f:06:f8:62:37:d9:8e:25:95:31:5b:90:1f:9f:
         d0:0b:f1:ff:82:f6:85:0f:7d:f5:ad:46:b0:bc:24:b4:a6:2c:
         b3:37:f6:ff:0d:f7:d5:b1:9f:0c:a7:c4:1d:bb:51:59:fd:08:
         94:c1:bb:28:df:6f:1a:c7:ee:f8:1b:d8:d0:1c:59:bd:be:3c:
         93:ed:35:5f:8f:f7:d9:dd:ea:6e:21:0d:9c:2a:9d:ac:fd:b9:
         8b:1e:62:1e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdTfaMla+Z+rbFqASOgGVX9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0MDBkOTQ5MDk4M2U3ZGYzMmM3Y2YxN2NhMWVhZDRmMDVm
Nzk2NDYwHhcNMjUwNjA5MDcwMDMxWhcNMjUwNjEwMDcwMDMxWjAzMTEwLwYDVQQD
Eyg5MjlkZGM1MjI2YjM5ZmU5ZjEyOTgyYjljNTZhMGFiZDY2NmYwM2QwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtHrV9KALR6JuHuQONBhePFcP5KAK
Hnkt3a1khTe70OuVlmHteFWuubKutXpJwj8K7diHbIr/+PUmzwx5IbB3wqOo3BmG
cxkYlrI+KSkpKwfNEVwynuaB87gcYMjbUwpEHqWX8LjeTHpqOTTw+p5EaSLEFT85
+Dt3s/zboXiK+JjAuH/ARsphWdBiho75nMxy43Bkt9xEb2dl+iJhmblFG3TccPMc
wOg6wVZDlrnyos2B6jxEu5lYwZKrV8tg6E5Q/60kwF/T0soBtC5RwyRRvFWbWIFh
lbpG6VvsCEYFP/rMnVanOdN+OYeq/wrBncvqtRz1kAn/o4KeTqbvktRWNwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJKd3FIms5/p8SmCucVqCr1mbwPQMB8GA1UdIwQY
MBaAFDQA2UkJg+ffMsfPF8oerU8F95ZGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkFEWlNRbUQ1OTh5eDg4WHloNnRUd1gzbGtZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy9mZWZjMTItMmZjMi00MzBkLTk2MDYt
ZjQ5NDZmMDNmNTQyLzEvTkFEWlNRbUQ1OTh5eDg4WHloNnRUd1gzbGtZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy9mZWZjMTItMmZjMi00MzBkLTk2MDYtZjQ5NDZmMDNmNTQy
LzEvTkFEWlNRbUQ1OTh5eDg4WHloNnRUd1gzbGtZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZqMTMPZ6
vyQzqD/GVtYk6c70k/skSF6WoLlZMNfa3sEGlg8vRUkL/k8oGSuJbcMxlGUnlI5T
EvY2vzAZwviC7XaIx9ZCo824NCNFcqz3+S/LGPRLm4TFxYv5JGUf9F63UdTHW1XW
QqB2osIkNTGVx9yxuSIbNVP8gpUp62eUdNkHqMAG58w35+8ZkFG/Xz4M0kP2Qo4g
OPxH9pBf5Eef6BTV81uzuW8G+GI32Y4llTFbkB+f0Avx/4L2hQ999a1GsLwktKYs
szf2/w331bGfDKfEHbtRWf0IlMG7KN9vGsfu+BvY0BxZvb48k+01X4/32d3qbiEN
nCqdrP25ix5iHg==
-----END CERTIFICATE-----
Generated at Mon Jun 9 14:37:00 2025 by rpki-client