Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/89/01dbbc-2fba-4d97-85f6-641edda06cce/1/zkn8E0twZULK8aHvvgNPcBG0lDY.mft
File:                     zkn8E0twZULK8aHvvgNPcBG0lDY.mft (raw, json)
Hash identifier:          cimhNYgGCiZF8Gkw0F5d7s3OJ3qixCMq54BJt67278c=
Subject key identifier:   98:65:1F:85:E6:8B:88:7F:32:BB:D5:51:8A:DB:DD:8E:A3:5E:83:55
Authority key identifier: CE:49:FC:13:4B:70:65:42:CA:F1:A1:EF:BE:03:4F:70:11:B4:94:36
Certificate issuer:       /CN=ce49fc134b706542caf1a1efbe034f7011b49436
Certificate serial:       0197722CBB0D1C5E0F833523DEC32196687D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/zkn8E0twZULK8aHvvgNPcBG0lDY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/89/01dbbc-2fba-4d97-85f6-641edda06cce/1/zkn8E0twZULK8aHvvgNPcBG0lDY.mft
Manifest number:          04B9
Signing time:             Sun 15 Jun 2025 06:00:23 +0000
Manifest this update:     Sun 15 Jun 2025 06:00:23 +0000
Manifest next update:     Mon 16 Jun 2025 06:00:23 +0000
Files and hashes:         1: SGAPHhpCJa9JFOb_Zf20G8kvkhI.roa (hash: 27D8nmxY/4y8rMryghx5LNMAGS+7aTblTkGND6PBRy0=)
                          2: zkn8E0twZULK8aHvvgNPcBG0lDY.crl (hash: b5r8MBaF7fYGl+TASdP1MqdNZY86gGucKeydbveDGWc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/89/01dbbc-2fba-4d97-85f6-641edda06cce/1/zkn8E0twZULK8aHvvgNPcBG0lDY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/89/01dbbc-2fba-4d97-85f6-641edda06cce/1/zkn8E0twZULK8aHvvgNPcBG0lDY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/zkn8E0twZULK8aHvvgNPcBG0lDY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 16 Jun 2025 04:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:72:2c:bb:0d:1c:5e:0f:83:35:23:de:c3:21:96:68:7d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ce49fc134b706542caf1a1efbe034f7011b49436
        Validity
            Not Before: Jun 15 06:00:23 2025 GMT
            Not After : Jun 16 06:00:23 2025 GMT
        Subject: CN=98651f85e68b887f32bbd5518adbdd8ea35e8355
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ce:5c:12:5c:97:d0:04:88:43:98:df:fb:70:82:
                    b9:3a:d6:b4:c6:c1:82:cd:04:11:4d:08:af:9e:11:
                    22:8a:73:a8:0d:dc:a6:4d:69:03:8c:cb:af:f0:50:
                    27:40:e8:e2:20:b1:1b:a6:50:42:8a:b1:b8:04:80:
                    f9:3c:cc:65:10:db:e8:6b:b4:3a:b3:ee:f2:c2:3d:
                    1b:e2:8c:08:10:15:f5:88:0c:9a:8c:2f:44:2f:23:
                    5f:f7:37:e9:65:9e:ab:29:e4:39:ef:16:5a:64:48:
                    ad:7b:fe:c6:3f:9e:d1:d5:4c:3d:41:26:24:9a:67:
                    93:06:16:22:84:7e:f0:e3:96:fc:9f:ec:a2:b3:01:
                    b8:da:27:88:3a:3c:bb:42:41:b9:6a:72:77:ca:95:
                    16:48:67:8f:69:85:1f:e9:d3:6b:44:06:e2:d6:5d:
                    40:cd:b1:51:75:db:da:bf:46:ae:f6:7f:0a:2f:bc:
                    d3:d7:a6:68:4f:ee:a5:56:ec:c2:bf:e6:06:2e:61:
                    cb:ef:81:96:4e:35:1d:59:c7:d8:a7:f7:1e:01:5b:
                    b7:df:83:67:a3:dc:d4:bb:e1:d2:ee:66:8e:78:58:
                    57:f4:8f:54:15:79:cd:88:62:4c:2a:7e:76:20:12:
                    3e:91:e1:b1:70:64:7a:a7:4d:2f:ca:8b:de:b8:31:
                    6c:11
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                98:65:1F:85:E6:8B:88:7F:32:BB:D5:51:8A:DB:DD:8E:A3:5E:83:55
            X509v3 Authority Key Identifier:
                keyid:CE:49:FC:13:4B:70:65:42:CA:F1:A1:EF:BE:03:4F:70:11:B4:94:36

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zkn8E0twZULK8aHvvgNPcBG0lDY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/89/01dbbc-2fba-4d97-85f6-641edda06cce/1/zkn8E0twZULK8aHvvgNPcBG0lDY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/89/01dbbc-2fba-4d97-85f6-641edda06cce/1/zkn8E0twZULK8aHvvgNPcBG0lDY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2b:62:05:28:b0:b8:10:5d:29:67:00:1f:bc:e6:c9:f2:98:82:
         82:69:b8:b9:8c:ef:85:86:44:a5:81:29:f7:3e:89:19:b7:e2:
         6c:1c:bc:75:59:92:3f:91:8f:aa:e3:89:db:dc:64:bc:7e:fe:
         d1:55:bd:24:4b:38:5c:c3:f6:56:d9:99:a9:1f:bf:d5:0f:f1:
         67:ca:1f:1d:38:5b:c9:97:04:69:df:e1:ea:32:57:d4:e0:70:
         17:d5:5f:26:ac:5f:43:71:88:21:d6:5d:41:35:cb:f8:a3:95:
         78:7c:cc:07:06:ef:fd:57:6c:8a:bb:c0:d8:be:de:64:72:92:
         ea:2b:5c:3a:e4:0c:81:5d:ad:04:a2:c8:34:87:24:ea:53:7f:
         d1:13:b0:7f:44:0b:41:ca:c0:cd:0e:10:8b:e3:cd:12:ee:c8:
         6e:da:f8:14:c0:cf:ee:f8:8a:f2:b5:96:d4:12:6c:68:75:19:
         cc:3c:da:0a:69:48:b2:91:80:a9:c4:f2:42:a2:b2:06:a4:41:
         be:7b:c0:a3:25:2d:3c:04:57:f6:f1:e2:b8:2b:ef:58:cd:f8:
         99:a5:d1:98:20:8d:d8:32:b1:d3:0d:7c:4e:00:7f:a1:73:cd:
         28:4d:68:30:46:c5:b2:25:1e:83:af:96:d6:c5:60:7b:65:69:
         3b:46:a1:7d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdyLLsNHF4PgzUj3sMhlmh9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNlNDlmYzEzNGI3MDY1NDJjYWYxYTFlZmJlMDM0ZjcwMTFi
NDk0MzYwHhcNMjUwNjE1MDYwMDIzWhcNMjUwNjE2MDYwMDIzWjAzMTEwLwYDVQQD
Eyg5ODY1MWY4NWU2OGI4ODdmMzJiYmQ1NTE4YWRiZGQ4ZWEzNWU4MzU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzlwSXJfQBIhDmN/7cIK5Ota0xsGC
zQQRTQivnhEiinOoDdymTWkDjMuv8FAnQOjiILEbplBCirG4BID5PMxlENvoa7Q6
s+7ywj0b4owIEBX1iAyajC9ELyNf9zfpZZ6rKeQ57xZaZEite/7GP57R1Uw9QSYk
mmeTBhYihH7w45b8n+yiswG42ieIOjy7QkG5anJ3ypUWSGePaYUf6dNrRAbi1l1A
zbFRddvav0au9n8KL7zT16ZoT+6lVuzCv+YGLmHL74GWTjUdWcfYp/ceAVu334Nn
o9zUu+HS7maOeFhX9I9UFXnNiGJMKn52IBI+keGxcGR6p00vyoveuDFsEQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJhlH4Xmi4h/MrvVUYrb3Y6jXoNVMB8GA1UdIwQY
MBaAFM5J/BNLcGVCyvGh774DT3ARtJQ2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemtuOEUwdHdaVUxLOGFIdnZnTlBjQkcwbERZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OS8wMWRiYmMtMmZiYS00ZDk3LTg1ZjYt
NjQxZWRkYTA2Y2NlLzEvemtuOEUwdHdaVUxLOGFIdnZnTlBjQkcwbERZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OS8wMWRiYmMtMmZiYS00ZDk3LTg1ZjYtNjQxZWRkYTA2Y2Nl
LzEvemtuOEUwdHdaVUxLOGFIdnZnTlBjQkcwbERZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAK2IFKLC4
EF0pZwAfvObJ8piCgmm4uYzvhYZEpYEp9z6JGbfibBy8dVmSP5GPquOJ29xkvH7+
0VW9JEs4XMP2VtmZqR+/1Q/xZ8ofHThbyZcEad/h6jJX1OBwF9VfJqxfQ3GIIdZd
QTXL+KOVeHzMBwbv/VdsirvA2L7eZHKS6itcOuQMgV2tBKLINIck6lN/0ROwf0QL
QcrAzQ4Qi+PNEu7Ibtr4FMDP7viK8rWW1BJsaHUZzDzaCmlIspGAqcTyQqKyBqRB
vnvAoyUtPARX9vHiuCvvWM34maXRmCCN2DKx0w18TgB/oXPNKE1oMEbFsiUeg6+W
1sVge2VpO0ahfQ==
-----END CERTIFICATE-----
Generated at Sun Jun 15 12:08:17 2025 by rpki-client