Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/0a4564-a525-4615-9a3a-8930ebb83e31/1/niX4djqjUWiba6M2JpqyHE4BILM.mft
File:                     niX4djqjUWiba6M2JpqyHE4BILM.mft (raw, json)
Hash identifier:          brbnOYM2e96Rv3nboEf5dU/QisTe95xROp4XG4uj03k=
Subject key identifier:   CA:52:72:12:AB:A6:E4:8A:82:13:50:75:90:C8:46:53:BC:82:33:2F
Authority key identifier: 9E:25:F8:76:3A:A3:51:68:9B:6B:A3:36:26:9A:B2:1C:4E:01:20:B3
Certificate issuer:       /CN=9e25f8763aa351689b6ba336269ab21c4e0120b3
Certificate serial:       0195797DAAA93459F7451C1BEA097E699DD2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/niX4djqjUWiba6M2JpqyHE4BILM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/81/0a4564-a525-4615-9a3a-8930ebb83e31/1/niX4djqjUWiba6M2JpqyHE4BILM.mft
Manifest number:          02B0
Signing time:             Sun 09 Mar 2025 06:00:33 +0000
Manifest this update:     Sun 09 Mar 2025 06:00:33 +0000
Manifest next update:     Mon 10 Mar 2025 06:00:33 +0000
Files and hashes:         1: 3lv0MS0KMvs2NqTlqtd3HvxtHfA.roa (hash: Jn8Yd6x4goPshXFFHZFFSl5WpHb8SXFgvxZ7Lsgfvu4=)
                          2: niX4djqjUWiba6M2JpqyHE4BILM.crl (hash: SpzGOayeTEpFXwllXEITOsiBEO1514+6FS8TfUQaLN4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/81/0a4564-a525-4615-9a3a-8930ebb83e31/1/niX4djqjUWiba6M2JpqyHE4BILM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/81/0a4564-a525-4615-9a3a-8930ebb83e31/1/niX4djqjUWiba6M2JpqyHE4BILM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/niX4djqjUWiba6M2JpqyHE4BILM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 10 Mar 2025 02:00:19 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:95:79:7d:aa:a9:34:59:f7:45:1c:1b:ea:09:7e:69:9d:d2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9e25f8763aa351689b6ba336269ab21c4e0120b3
        Validity
            Not Before: Mar  9 06:00:33 2025 GMT
            Not After : Mar 10 06:00:33 2025 GMT
        Subject: CN=ca527212aba6e48a8213507590c84653bc82332f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c4:e3:3b:72:cd:39:65:59:2e:f5:9b:94:25:ea:
                    36:63:8f:1c:40:db:51:e5:c9:bc:b2:24:27:0a:e6:
                    47:29:09:61:67:f5:34:04:e4:07:15:41:d1:a4:67:
                    d4:46:b0:16:4b:ff:e7:c6:8f:eb:ac:c9:16:f4:da:
                    76:fa:94:b9:7e:b3:ef:06:cc:76:07:9f:fc:e1:61:
                    e5:f8:29:55:6b:5a:5a:83:5f:26:2b:6b:cb:28:f9:
                    a6:04:9a:c6:2a:2a:4e:66:6d:f6:09:8b:85:cf:d9:
                    fa:ff:65:84:08:e0:60:8c:f9:5b:fd:b1:67:c7:d2:
                    87:cb:fb:8b:a3:db:b0:07:9f:38:f9:1f:1f:dd:e6:
                    86:8c:3d:7b:12:dd:7c:05:23:7e:0b:f8:6c:3e:d4:
                    9e:1e:5c:9d:21:b5:11:b7:dd:3a:f1:9a:69:9c:3e:
                    76:ef:e6:16:71:77:50:5e:cb:d4:c1:ae:bd:f1:2e:
                    20:c0:d2:2f:33:31:c6:5d:bb:8c:9b:b8:cd:7c:3a:
                    4c:2f:c9:44:b1:e0:62:29:44:48:74:42:89:f1:65:
                    3d:da:28:b4:18:39:e2:bf:db:09:18:ba:75:70:dc:
                    28:0a:2d:4a:e6:cb:15:d4:85:11:7b:fe:53:67:ea:
                    20:d4:c7:55:04:1d:67:5a:cb:03:05:97:38:84:3e:
                    81:1f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CA:52:72:12:AB:A6:E4:8A:82:13:50:75:90:C8:46:53:BC:82:33:2F
            X509v3 Authority Key Identifier:
                keyid:9E:25:F8:76:3A:A3:51:68:9B:6B:A3:36:26:9A:B2:1C:4E:01:20:B3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/niX4djqjUWiba6M2JpqyHE4BILM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/0a4564-a525-4615-9a3a-8930ebb83e31/1/niX4djqjUWiba6M2JpqyHE4BILM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/81/0a4564-a525-4615-9a3a-8930ebb83e31/1/niX4djqjUWiba6M2JpqyHE4BILM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         85:7d:b5:50:8a:52:40:3d:91:d0:4d:57:b9:48:01:ca:52:72:
         30:fc:ee:4c:e0:a9:a3:c5:01:76:97:3d:7f:94:3a:ac:43:0a:
         e5:3a:b3:db:04:5e:f8:b3:a8:de:23:59:fb:64:0d:3d:ab:55:
         43:3b:84:7d:a4:a5:06:fa:d2:f1:7a:78:d9:1f:da:51:22:45:
         dc:ec:67:c5:1a:f3:b9:72:0a:be:ed:35:e9:32:1e:bf:c5:97:
         09:e1:4d:78:17:00:12:d4:53:ad:30:85:3b:84:5c:fc:b2:4f:
         a0:bf:52:7f:87:13:fd:dd:75:54:d1:aa:8b:76:2f:8d:55:e9:
         41:9f:59:62:bf:7b:cf:5b:f0:5a:b0:92:70:28:84:74:99:78:
         3a:48:10:8d:f3:da:87:cb:27:56:fc:82:6f:68:27:27:e9:28:
         8d:69:ae:cf:8e:df:71:63:32:91:ac:e5:9e:cf:e8:30:af:c7:
         25:a6:61:37:2a:9e:d4:38:5b:83:90:de:a7:fb:c7:a4:9a:2b:
         02:6b:a3:ea:38:86:4e:ac:92:b0:6f:8f:a2:cc:49:8b:6d:73:
         f6:b4:b2:5f:5f:3c:7a:54:f4:36:cd:82:fd:bc:16:d6:f5:36:
         a3:f1:a5:42:70:39:cc:14:be:cc:ce:80:b1:82:dc:a6:db:b6:
         6a:61:bc:f7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZV5faqpNFn3RRwb6gl+aZ3SMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllMjVmODc2M2FhMzUxNjg5YjZiYTMzNjI2OWFiMjFjNGUw
MTIwYjMwHhcNMjUwMzA5MDYwMDMzWhcNMjUwMzEwMDYwMDMzWjAzMTEwLwYDVQQD
EyhjYTUyNzIxMmFiYTZlNDhhODIxMzUwNzU5MGM4NDY1M2JjODIzMzJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxOM7cs05ZVku9ZuUJeo2Y48cQNtR
5cm8siQnCuZHKQlhZ/U0BOQHFUHRpGfURrAWS//nxo/rrMkW9Np2+pS5frPvBsx2
B5/84WHl+ClVa1pag18mK2vLKPmmBJrGKipOZm32CYuFz9n6/2WECOBgjPlb/bFn
x9KHy/uLo9uwB584+R8f3eaGjD17Et18BSN+C/hsPtSeHlydIbURt9068ZppnD52
7+YWcXdQXsvUwa698S4gwNIvMzHGXbuMm7jNfDpML8lEseBiKURIdEKJ8WU92ii0
GDniv9sJGLp1cNwoCi1K5ssV1IURe/5TZ+og1MdVBB1nWssDBZc4hD6BHwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMpSchKrpuSKghNQdZDIRlO8gjMvMB8GA1UdIwQY
MBaAFJ4l+HY6o1Fom2ujNiaashxOASCzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbmlYNGRqcWpVV2liYTZNMkpwcXlIRTRCSUxNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MS8wYTQ1NjQtYTUyNS00NjE1LTlhM2Et
ODkzMGViYjgzZTMxLzEvbmlYNGRqcWpVV2liYTZNMkpwcXlIRTRCSUxNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MS8wYTQ1NjQtYTUyNS00NjE1LTlhM2EtODkzMGViYjgzZTMx
LzEvbmlYNGRqcWpVV2liYTZNMkpwcXlIRTRCSUxNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhX21UIpS
QD2R0E1XuUgBylJyMPzuTOCpo8UBdpc9f5Q6rEMK5Tqz2wRe+LOo3iNZ+2QNPatV
QzuEfaSlBvrS8Xp42R/aUSJF3OxnxRrzuXIKvu016TIev8WXCeFNeBcAEtRTrTCF
O4Rc/LJPoL9Sf4cT/d11VNGqi3YvjVXpQZ9ZYr97z1vwWrCScCiEdJl4OkgQjfPa
h8snVvyCb2gnJ+kojWmuz47fcWMykazlns/oMK/HJaZhNyqe1Dhbg5Dep/vHpJor
Amuj6jiGTqySsG+PosxJi21z9rSyX188elT0Ns2C/bwW1vU2o/GlQnA5zBS+zM6A
sYLcptu2amG89w==
-----END CERTIFICATE-----
Generated at Sun Mar 9 10:16:43 2025 by rpki-client