Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/89/01dbbc-2fba-4d97-85f6-641edda06cce/1/zkn8E0twZULK8aHvvgNPcBG0lDY.mft
File:                     zkn8E0twZULK8aHvvgNPcBG0lDY.mft (raw, json)
Hash identifier:          y7Y3sqW0B1HGCVN2WO1V4LVAHtEJ5hRrmx0NG+KypGE=
Subject key identifier:   5A:F1:B9:67:D9:82:DD:65:DE:E7:02:A9:F2:FA:FF:68:0D:98:7F:5E
Authority key identifier: CE:49:FC:13:4B:70:65:42:CA:F1:A1:EF:BE:03:4F:70:11:B4:94:36
Certificate issuer:       /CN=ce49fc134b706542caf1a1efbe034f7011b49436
Certificate serial:       01976884CCE7245E20A748EFB606127DBF8B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/zkn8E0twZULK8aHvvgNPcBG0lDY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/89/01dbbc-2fba-4d97-85f6-641edda06cce/1/zkn8E0twZULK8aHvvgNPcBG0lDY.mft
Manifest number:          04B4
Signing time:             Fri 13 Jun 2025 09:00:22 +0000
Manifest this update:     Fri 13 Jun 2025 09:00:22 +0000
Manifest next update:     Sat 14 Jun 2025 09:00:22 +0000
Files and hashes:         1: SGAPHhpCJa9JFOb_Zf20G8kvkhI.roa (hash: 27D8nmxY/4y8rMryghx5LNMAGS+7aTblTkGND6PBRy0=)
                          2: zkn8E0twZULK8aHvvgNPcBG0lDY.crl (hash: lpsl6Ew1YrA11L3freLFyBhZFdpGxJ+pz8AYaJinVYc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/89/01dbbc-2fba-4d97-85f6-641edda06cce/1/zkn8E0twZULK8aHvvgNPcBG0lDY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/89/01dbbc-2fba-4d97-85f6-641edda06cce/1/zkn8E0twZULK8aHvvgNPcBG0lDY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/zkn8E0twZULK8aHvvgNPcBG0lDY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 14 Jun 2025 07:00:18 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:68:84:cc:e7:24:5e:20:a7:48:ef:b6:06:12:7d:bf:8b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ce49fc134b706542caf1a1efbe034f7011b49436
        Validity
            Not Before: Jun 13 09:00:22 2025 GMT
            Not After : Jun 14 09:00:22 2025 GMT
        Subject: CN=5af1b967d982dd65dee702a9f2faff680d987f5e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c4:b5:58:31:cc:3c:0a:9e:f4:82:35:c4:58:c2:
                    60:a1:44:7b:b3:9c:8a:42:61:10:cd:63:b3:00:e2:
                    a7:ee:e0:65:1a:fc:8a:ae:70:cf:d0:7f:13:e1:65:
                    66:e1:df:6c:74:21:9a:0d:47:48:6e:b5:c8:d5:c2:
                    bd:67:3f:df:b1:0e:14:92:5a:72:77:e1:6f:fb:2b:
                    e6:c0:07:2a:fe:d2:b5:73:33:ce:a8:db:d8:a1:d9:
                    99:e9:40:48:b4:22:fe:c9:6f:d9:7c:d2:c8:27:fb:
                    9f:01:32:b8:13:3d:d0:88:eb:a0:05:35:09:6b:ba:
                    eb:86:97:d7:c7:03:89:f0:d0:9a:2d:13:48:72:3e:
                    a4:a4:7d:45:d7:47:f2:9a:3d:45:39:91:5a:c8:ea:
                    d7:30:b0:fd:ca:db:6d:48:42:4f:86:a4:4d:74:ba:
                    bb:d4:c2:44:d8:ca:dd:10:14:46:22:63:7a:e3:29:
                    5d:87:ba:21:75:73:66:02:8d:c8:de:9f:18:43:ee:
                    cf:fe:5f:a8:82:d4:ea:87:39:ba:4f:c7:f9:2c:d3:
                    0b:c1:7b:95:f5:82:8d:75:aa:54:b4:ca:b8:a7:04:
                    4c:f8:3c:d9:ca:d4:cf:bb:c1:0d:2b:26:37:fd:76:
                    e4:36:db:3b:20:d7:8d:11:84:6d:9b:b2:2e:64:d8:
                    eb:bf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5A:F1:B9:67:D9:82:DD:65:DE:E7:02:A9:F2:FA:FF:68:0D:98:7F:5E
            X509v3 Authority Key Identifier:
                keyid:CE:49:FC:13:4B:70:65:42:CA:F1:A1:EF:BE:03:4F:70:11:B4:94:36

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zkn8E0twZULK8aHvvgNPcBG0lDY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/89/01dbbc-2fba-4d97-85f6-641edda06cce/1/zkn8E0twZULK8aHvvgNPcBG0lDY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/89/01dbbc-2fba-4d97-85f6-641edda06cce/1/zkn8E0twZULK8aHvvgNPcBG0lDY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         c4:9e:8a:dd:10:b5:ce:c4:6f:fc:72:c3:3e:72:6a:1d:5d:d7:
         87:89:c8:28:5b:77:88:30:17:7a:fc:2d:b5:63:e4:9b:4c:bf:
         d8:80:aa:ee:8b:4e:dc:c7:41:a7:e3:69:27:b8:b6:46:77:13:
         98:8d:6d:fe:c8:be:ac:d5:5b:f2:9a:b6:4f:24:11:13:0c:03:
         01:a7:08:5a:13:62:59:32:d5:2c:a1:e8:48:46:a4:2b:03:11:
         7b:bf:18:a6:a2:39:05:d5:8d:20:7f:f5:0a:6b:d2:9d:59:31:
         38:a7:76:cd:96:f4:8d:48:ed:c9:e3:73:00:df:80:34:a8:53:
         08:0f:d1:61:8b:7a:00:ed:d1:df:c6:3e:c9:a6:12:fd:c7:57:
         a3:62:4d:2f:3c:12:0c:5e:52:20:3f:bc:91:9e:68:12:41:2f:
         a9:b6:10:16:6e:6c:1c:25:c2:68:2f:56:a3:f8:be:ba:05:90:
         09:7c:42:46:a2:f9:53:8a:a3:7a:82:6d:75:63:28:99:9f:e5:
         28:a5:b2:bf:a1:dd:7c:ee:a4:ec:80:d4:16:48:e0:fd:3f:e5:
         63:4a:bc:19:99:63:10:0a:c1:52:2a:22:dc:08:32:78:54:f6:
         69:8a:75:d8:59:2e:70:4e:c2:27:03:ef:04:a7:cf:51:96:16:
         81:f8:40:c2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdohMznJF4gp0jvtgYSfb+LMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNlNDlmYzEzNGI3MDY1NDJjYWYxYTFlZmJlMDM0ZjcwMTFi
NDk0MzYwHhcNMjUwNjEzMDkwMDIyWhcNMjUwNjE0MDkwMDIyWjAzMTEwLwYDVQQD
Eyg1YWYxYjk2N2Q5ODJkZDY1ZGVlNzAyYTlmMmZhZmY2ODBkOTg3ZjVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxLVYMcw8Cp70gjXEWMJgoUR7s5yK
QmEQzWOzAOKn7uBlGvyKrnDP0H8T4WVm4d9sdCGaDUdIbrXI1cK9Zz/fsQ4Uklpy
d+Fv+yvmwAcq/tK1czPOqNvYodmZ6UBItCL+yW/ZfNLIJ/ufATK4Ez3QiOugBTUJ
a7rrhpfXxwOJ8NCaLRNIcj6kpH1F10fymj1FOZFayOrXMLD9ytttSEJPhqRNdLq7
1MJE2MrdEBRGImN64yldh7ohdXNmAo3I3p8YQ+7P/l+ogtTqhzm6T8f5LNMLwXuV
9YKNdapUtMq4pwRM+DzZytTPu8ENKyY3/XbkNts7INeNEYRtm7IuZNjrvwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFrxuWfZgt1l3ucCqfL6/2gNmH9eMB8GA1UdIwQY
MBaAFM5J/BNLcGVCyvGh774DT3ARtJQ2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemtuOEUwdHdaVUxLOGFIdnZnTlBjQkcwbERZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OS8wMWRiYmMtMmZiYS00ZDk3LTg1ZjYt
NjQxZWRkYTA2Y2NlLzEvemtuOEUwdHdaVUxLOGFIdnZnTlBjQkcwbERZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OS8wMWRiYmMtMmZiYS00ZDk3LTg1ZjYtNjQxZWRkYTA2Y2Nl
LzEvemtuOEUwdHdaVUxLOGFIdnZnTlBjQkcwbERZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAxJ6K3RC1
zsRv/HLDPnJqHV3Xh4nIKFt3iDAXevwttWPkm0y/2ICq7otO3MdBp+NpJ7i2RncT
mI1t/si+rNVb8pq2TyQREwwDAacIWhNiWTLVLKHoSEakKwMRe78YpqI5BdWNIH/1
CmvSnVkxOKd2zZb0jUjtyeNzAN+ANKhTCA/RYYt6AO3R38Y+yaYS/cdXo2JNLzwS
DF5SID+8kZ5oEkEvqbYQFm5sHCXCaC9Wo/i+ugWQCXxCRqL5U4qjeoJtdWMomZ/l
KKWyv6HdfO6k7IDUFkjg/T/lY0q8GZljEArBUioi3AgyeFT2aYp12FkucE7CJwPv
BKfPUZYWgfhAwg==
-----END CERTIFICATE-----
Generated at Fri Jun 13 13:45:16 2025 by rpki-client