Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/89/01dbbc-2fba-4d97-85f6-641edda06cce/1/zkn8E0twZULK8aHvvgNPcBG0lDY.mft
File:                     zkn8E0twZULK8aHvvgNPcBG0lDY.mft (raw, json)
Hash identifier:          1NFZlq5SdepKP1B7/Z3Poa5l5PVimXlV2yzxXui/Z2E=
Subject key identifier:   D0:DB:7E:73:9F:89:1D:E5:0D:24:85:88:CD:6B:47:A2:1D:21:A8:E4
Authority key identifier: CE:49:FC:13:4B:70:65:42:CA:F1:A1:EF:BE:03:4F:70:11:B4:94:36
Certificate issuer:       /CN=ce49fc134b706542caf1a1efbe034f7011b49436
Certificate serial:       019766970CCAE5DD5421EA94812396D628A5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/zkn8E0twZULK8aHvvgNPcBG0lDY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/89/01dbbc-2fba-4d97-85f6-641edda06cce/1/zkn8E0twZULK8aHvvgNPcBG0lDY.mft
Manifest number:          04B3
Signing time:             Fri 13 Jun 2025 00:01:04 +0000
Manifest this update:     Fri 13 Jun 2025 00:01:04 +0000
Manifest next update:     Sat 14 Jun 2025 00:01:04 +0000
Files and hashes:         1: SGAPHhpCJa9JFOb_Zf20G8kvkhI.roa (hash: 27D8nmxY/4y8rMryghx5LNMAGS+7aTblTkGND6PBRy0=)
                          2: zkn8E0twZULK8aHvvgNPcBG0lDY.crl (hash: /m/FJbRyfERIaicqqAN1dmvBz9j3o1KPjVxRMCPe4ag=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/89/01dbbc-2fba-4d97-85f6-641edda06cce/1/zkn8E0twZULK8aHvvgNPcBG0lDY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/89/01dbbc-2fba-4d97-85f6-641edda06cce/1/zkn8E0twZULK8aHvvgNPcBG0lDY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/zkn8E0twZULK8aHvvgNPcBG0lDY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 13 Jun 2025 22:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:66:97:0c:ca:e5:dd:54:21:ea:94:81:23:96:d6:28:a5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ce49fc134b706542caf1a1efbe034f7011b49436
        Validity
            Not Before: Jun 13 00:01:04 2025 GMT
            Not After : Jun 14 00:01:04 2025 GMT
        Subject: CN=d0db7e739f891de50d248588cd6b47a21d21a8e4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c6:67:74:fa:73:d5:ca:86:88:4a:db:65:ac:10:
                    cf:73:53:d6:85:b2:34:e3:43:da:ae:4c:07:2d:ca:
                    f1:ef:83:32:9e:68:90:e1:34:a5:54:a6:64:31:50:
                    3f:69:de:b7:ef:56:d0:3b:91:f9:5b:28:89:4f:27:
                    7d:72:f6:ad:0b:84:ef:6a:5f:ce:e8:a7:e7:ad:b2:
                    8a:40:37:be:ee:06:32:6b:78:25:e9:e9:28:e4:30:
                    9a:7d:de:07:2e:38:9c:29:e8:23:e4:e7:8b:b5:f9:
                    c1:b1:f0:39:07:af:19:bb:20:15:c1:ba:8c:73:fe:
                    23:b0:4f:e6:bd:1b:b4:e6:18:75:a8:b7:78:24:9f:
                    68:f5:52:0c:89:31:60:82:78:af:6b:2a:ee:c1:af:
                    dc:b6:b2:8e:a9:c6:67:9a:e5:a6:a6:34:05:a6:ff:
                    da:ea:e3:57:48:3a:4f:07:01:15:55:00:f8:87:29:
                    0f:47:80:d7:6c:e3:fa:17:5c:e6:df:7b:9c:55:cc:
                    0d:c3:cf:36:dc:38:cb:57:19:c3:ed:c9:75:31:86:
                    73:8f:f3:b5:a5:74:3b:a0:0b:98:09:d6:f0:84:d4:
                    f1:ea:57:7f:d3:89:e3:1d:a5:82:fb:98:bd:7a:d9:
                    89:2e:30:77:d1:61:8f:76:0e:0c:d5:cd:f4:e0:28:
                    aa:49
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D0:DB:7E:73:9F:89:1D:E5:0D:24:85:88:CD:6B:47:A2:1D:21:A8:E4
            X509v3 Authority Key Identifier:
                keyid:CE:49:FC:13:4B:70:65:42:CA:F1:A1:EF:BE:03:4F:70:11:B4:94:36

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zkn8E0twZULK8aHvvgNPcBG0lDY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/89/01dbbc-2fba-4d97-85f6-641edda06cce/1/zkn8E0twZULK8aHvvgNPcBG0lDY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/89/01dbbc-2fba-4d97-85f6-641edda06cce/1/zkn8E0twZULK8aHvvgNPcBG0lDY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         d5:8b:da:57:42:8e:26:60:48:ea:b2:8c:b9:a7:de:d5:f9:2a:
         af:c6:c6:ed:83:f9:9a:2e:68:2a:cf:68:f2:fd:e9:16:11:f3:
         35:08:8d:3b:9a:75:c5:5c:2a:25:d2:1b:0d:15:5a:5d:fe:9a:
         e2:b5:03:b9:9e:4d:48:ed:ac:23:b5:aa:4d:ac:2f:fe:50:ef:
         78:15:ec:4e:af:f2:e5:9e:94:11:a1:01:d1:46:aa:74:fb:9c:
         74:36:77:a3:5e:90:96:7a:1e:8f:ea:2e:4d:d2:f9:e4:c8:f7:
         bf:72:16:e1:24:35:22:be:81:17:b4:89:61:34:8b:0e:cb:71:
         46:f3:20:39:8c:8d:b5:2a:9e:b9:c1:c8:d5:98:03:f2:c5:ff:
         c9:ef:53:cf:44:c4:11:f4:b6:2b:81:68:dd:14:d4:43:c6:27:
         fb:ed:cd:84:e5:61:ff:c0:ac:5b:2b:7e:ee:9f:3c:ba:97:12:
         af:58:f8:90:1a:93:cf:f5:78:3a:60:45:f9:de:05:1b:8f:cc:
         aa:9a:d6:be:eb:cf:06:26:b7:72:55:9a:4c:e1:87:61:63:51:
         b6:9d:cf:c9:cd:9f:0d:24:7d:3d:c6:7d:ef:26:5b:0e:bd:6c:
         1d:2e:83:60:1e:57:15:59:e7:25:ed:00:d1:dd:fc:91:1e:51:
         1d:3d:e5:58
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdmlwzK5d1UIeqUgSOW1iilMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNlNDlmYzEzNGI3MDY1NDJjYWYxYTFlZmJlMDM0ZjcwMTFi
NDk0MzYwHhcNMjUwNjEzMDAwMTA0WhcNMjUwNjE0MDAwMTA0WjAzMTEwLwYDVQQD
EyhkMGRiN2U3MzlmODkxZGU1MGQyNDg1ODhjZDZiNDdhMjFkMjFhOGU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxmd0+nPVyoaISttlrBDPc1PWhbI0
40ParkwHLcrx74MynmiQ4TSlVKZkMVA/ad6371bQO5H5WyiJTyd9cvatC4Tval/O
6KfnrbKKQDe+7gYya3gl6eko5DCafd4HLjicKegj5OeLtfnBsfA5B68ZuyAVwbqM
c/4jsE/mvRu05hh1qLd4JJ9o9VIMiTFggnivayruwa/ctrKOqcZnmuWmpjQFpv/a
6uNXSDpPBwEVVQD4hykPR4DXbOP6F1zm33ucVcwNw8823DjLVxnD7cl1MYZzj/O1
pXQ7oAuYCdbwhNTx6ld/04njHaWC+5i9etmJLjB30WGPdg4M1c304CiqSQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNDbfnOfiR3lDSSFiM1rR6IdIajkMB8GA1UdIwQY
MBaAFM5J/BNLcGVCyvGh774DT3ARtJQ2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemtuOEUwdHdaVUxLOGFIdnZnTlBjQkcwbERZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OS8wMWRiYmMtMmZiYS00ZDk3LTg1ZjYt
NjQxZWRkYTA2Y2NlLzEvemtuOEUwdHdaVUxLOGFIdnZnTlBjQkcwbERZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OS8wMWRiYmMtMmZiYS00ZDk3LTg1ZjYtNjQxZWRkYTA2Y2Nl
LzEvemtuOEUwdHdaVUxLOGFIdnZnTlBjQkcwbERZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEA1YvaV0KO
JmBI6rKMuafe1fkqr8bG7YP5mi5oKs9o8v3pFhHzNQiNO5p1xVwqJdIbDRVaXf6a
4rUDuZ5NSO2sI7WqTawv/lDveBXsTq/y5Z6UEaEB0UaqdPucdDZ3o16Qlnoej+ou
TdL55Mj3v3IW4SQ1Ir6BF7SJYTSLDstxRvMgOYyNtSqeucHI1ZgD8sX/ye9Tz0TE
EfS2K4Fo3RTUQ8Yn++3NhOVh/8CsWyt+7p88upcSr1j4kBqTz/V4OmBF+d4FG4/M
qprWvuvPBia3clWaTOGHYWNRtp3Pyc2fDSR9PcZ97yZbDr1sHS6DYB5XFVnnJe0A
0d38kR5RHT3lWA==
-----END CERTIFICATE-----
Generated at Fri Jun 13 08:16:19 2025 by rpki-client