Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/89/01dbbc-2fba-4d97-85f6-641edda06cce/1/zkn8E0twZULK8aHvvgNPcBG0lDY.mft
File:                     zkn8E0twZULK8aHvvgNPcBG0lDY.mft (raw, json)
Hash identifier:          Ej0RZ73I7bl5ECX3x2cb2NysyOl5gDze6Lv1FRgqEMY=
Subject key identifier:   A0:EF:0E:A3:19:69:97:8E:6E:53:B9:2C:1A:88:D8:3D:3A:60:8C:15
Authority key identifier: CE:49:FC:13:4B:70:65:42:CA:F1:A1:EF:BE:03:4F:70:11:B4:94:36
Certificate issuer:       /CN=ce49fc134b706542caf1a1efbe034f7011b49436
Certificate serial:       019760CBCC6DF70F6E01A3FE2A54A1717D47
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/zkn8E0twZULK8aHvvgNPcBG0lDY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/89/01dbbc-2fba-4d97-85f6-641edda06cce/1/zkn8E0twZULK8aHvvgNPcBG0lDY.mft
Manifest number:          04B0
Signing time:             Wed 11 Jun 2025 21:00:58 +0000
Manifest this update:     Wed 11 Jun 2025 21:00:58 +0000
Manifest next update:     Thu 12 Jun 2025 21:00:58 +0000
Files and hashes:         1: SGAPHhpCJa9JFOb_Zf20G8kvkhI.roa (hash: 27D8nmxY/4y8rMryghx5LNMAGS+7aTblTkGND6PBRy0=)
                          2: zkn8E0twZULK8aHvvgNPcBG0lDY.crl (hash: /UOhA8slORsbCWIya6ZcqH9/uoNULw4l14zGgznmKjY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/89/01dbbc-2fba-4d97-85f6-641edda06cce/1/zkn8E0twZULK8aHvvgNPcBG0lDY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/89/01dbbc-2fba-4d97-85f6-641edda06cce/1/zkn8E0twZULK8aHvvgNPcBG0lDY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/zkn8E0twZULK8aHvvgNPcBG0lDY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 12 Jun 2025 15:40:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:60:cb:cc:6d:f7:0f:6e:01:a3:fe:2a:54:a1:71:7d:47
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ce49fc134b706542caf1a1efbe034f7011b49436
        Validity
            Not Before: Jun 11 21:00:58 2025 GMT
            Not After : Jun 12 21:00:58 2025 GMT
        Subject: CN=a0ef0ea31969978e6e53b92c1a88d83d3a608c15
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:92:dc:8d:56:df:96:2a:26:26:64:a3:ea:0b:
                    ca:84:f2:2e:be:af:24:60:4b:71:98:f0:c0:3f:ef:
                    1e:54:da:d8:43:61:1f:1d:1b:4f:08:1c:69:5c:51:
                    9b:88:40:13:4b:9f:6d:d6:d4:50:6b:a0:08:9c:9b:
                    4c:dd:63:06:dc:48:1a:75:60:87:ce:a9:dd:f4:51:
                    e8:3c:10:f2:2a:78:fe:d1:25:e8:10:b0:b6:0d:07:
                    83:a4:5b:d4:0d:9b:0e:d1:5e:82:88:5e:34:ff:9f:
                    80:cb:7d:a2:60:d7:c7:54:f7:bc:33:85:55:4d:f7:
                    95:fe:a4:b8:ac:51:62:8a:a7:6d:b2:c1:f9:e3:16:
                    a4:16:99:b9:1f:64:0d:7d:a2:01:f9:3b:50:37:a7:
                    b0:82:4a:9c:17:fc:f4:79:c8:ed:fd:4a:86:c6:6f:
                    63:8d:83:f0:49:2a:5f:cf:1e:d2:e2:2d:d8:4a:7a:
                    c9:66:8a:04:87:01:26:eb:20:07:6e:cb:48:32:18:
                    bc:3f:2c:a3:59:ac:0e:81:d3:e8:2d:8c:2c:25:94:
                    65:ca:89:10:99:36:18:72:b2:a2:2f:67:d0:4c:8c:
                    09:d8:5f:ec:f6:29:de:a4:b8:89:08:64:ad:09:ae:
                    78:ce:1f:78:50:96:12:6c:0b:fe:01:21:8c:ef:00:
                    d5:3f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A0:EF:0E:A3:19:69:97:8E:6E:53:B9:2C:1A:88:D8:3D:3A:60:8C:15
            X509v3 Authority Key Identifier:
                keyid:CE:49:FC:13:4B:70:65:42:CA:F1:A1:EF:BE:03:4F:70:11:B4:94:36

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zkn8E0twZULK8aHvvgNPcBG0lDY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/89/01dbbc-2fba-4d97-85f6-641edda06cce/1/zkn8E0twZULK8aHvvgNPcBG0lDY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/89/01dbbc-2fba-4d97-85f6-641edda06cce/1/zkn8E0twZULK8aHvvgNPcBG0lDY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         f3:3b:05:44:e7:1b:b0:5f:0f:e0:47:fe:87:81:6f:5f:ed:41:
         c5:2b:2c:a4:81:20:5e:ba:e0:42:b9:63:3b:a7:69:09:fa:27:
         7e:ca:85:e1:57:75:b5:7d:ce:4d:86:c9:25:5a:7f:f4:e7:f9:
         29:bb:e3:46:47:f1:fe:5c:fe:f3:9d:b2:88:d9:8b:64:c2:ee:
         e4:fd:2d:58:7d:db:44:a0:25:53:e3:0a:d6:ed:74:27:7d:c0:
         4c:42:e5:88:b1:c6:3a:34:5b:01:e9:c1:22:45:50:79:4a:f3:
         0c:61:c6:87:ec:4e:a6:65:63:b1:12:00:32:28:13:3b:59:18:
         5d:93:9c:2f:82:b7:42:9e:31:ae:85:6a:bb:94:26:2e:ac:ce:
         ee:fc:99:8b:cd:a9:8d:81:9a:0e:a5:8c:b7:da:6c:bd:af:4f:
         a6:1a:d7:e8:db:54:ae:13:0f:d0:d5:9f:96:2b:20:22:8a:0f:
         5c:bb:47:a6:29:10:92:5c:55:af:b2:c5:e7:63:48:ec:71:5b:
         40:31:05:7d:f2:ec:68:d5:89:87:4c:19:89:2e:b4:96:7b:a1:
         de:82:80:05:18:9b:93:c3:cd:9c:8d:2b:9f:72:ab:b3:55:6d:
         0a:48:94:4a:4e:da:f8:26:3d:cc:7b:c9:e7:25:64:75:55:9f:
         a6:5d:ed:95
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdgy8xt9w9uAaP+KlShcX1HMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNlNDlmYzEzNGI3MDY1NDJjYWYxYTFlZmJlMDM0ZjcwMTFi
NDk0MzYwHhcNMjUwNjExMjEwMDU4WhcNMjUwNjEyMjEwMDU4WjAzMTEwLwYDVQQD
EyhhMGVmMGVhMzE5Njk5NzhlNmU1M2I5MmMxYTg4ZDgzZDNhNjA4YzE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyJLcjVbfliomJmSj6gvKhPIuvq8k
YEtxmPDAP+8eVNrYQ2EfHRtPCBxpXFGbiEATS59t1tRQa6AInJtM3WMG3EgadWCH
zqnd9FHoPBDyKnj+0SXoELC2DQeDpFvUDZsO0V6CiF40/5+Ay32iYNfHVPe8M4VV
TfeV/qS4rFFiiqdtssH54xakFpm5H2QNfaIB+TtQN6ewgkqcF/z0ecjt/UqGxm9j
jYPwSSpfzx7S4i3YSnrJZooEhwEm6yAHbstIMhi8PyyjWawOgdPoLYwsJZRlyokQ
mTYYcrKiL2fQTIwJ2F/s9inepLiJCGStCa54zh94UJYSbAv+ASGM7wDVPwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKDvDqMZaZeOblO5LBqI2D06YIwVMB8GA1UdIwQY
MBaAFM5J/BNLcGVCyvGh774DT3ARtJQ2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemtuOEUwdHdaVUxLOGFIdnZnTlBjQkcwbERZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OS8wMWRiYmMtMmZiYS00ZDk3LTg1ZjYt
NjQxZWRkYTA2Y2NlLzEvemtuOEUwdHdaVUxLOGFIdnZnTlBjQkcwbERZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OS8wMWRiYmMtMmZiYS00ZDk3LTg1ZjYtNjQxZWRkYTA2Y2Nl
LzEvemtuOEUwdHdaVUxLOGFIdnZnTlBjQkcwbERZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEA8zsFROcb
sF8P4Ef+h4FvX+1BxSsspIEgXrrgQrljO6dpCfonfsqF4Vd1tX3OTYbJJVp/9Of5
KbvjRkfx/lz+852yiNmLZMLu5P0tWH3bRKAlU+MK1u10J33ATELliLHGOjRbAenB
IkVQeUrzDGHGh+xOpmVjsRIAMigTO1kYXZOcL4K3Qp4xroVqu5QmLqzO7vyZi82p
jYGaDqWMt9psva9PphrX6NtUrhMP0NWflisgIooPXLtHpikQklxVr7LF52NI7HFb
QDEFffLsaNWJh0wZiS60lnuh3oKABRibk8PNnI0rn3Krs1VtCkiUSk7a+CY9zHvJ
5yVkdVWfpl3tlQ==
-----END CERTIFICATE-----
Generated at Thu Jun 12 01:29:40 2025 by rpki-client