Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/91/aa7e53-490f-4177-8b11-0b3e7ebe4ac2/1/ZrqNZOkBs5tQHtNpPsJ0MHE4huM.mft
File:                     ZrqNZOkBs5tQHtNpPsJ0MHE4huM.mft (raw, json)
Hash identifier:          NZSNwnzX4kMgKFteUzoO28kNDIKlrJ4NRQ2hwRXRKPo=
Subject key identifier:   22:6C:4A:C8:0F:E6:65:CE:15:49:E0:F9:B5:14:A7:FF:DF:68:DB:E7
Authority key identifier: 66:BA:8D:64:E9:01:B3:9B:50:1E:D3:69:3E:C2:74:30:71:38:86:E3
Certificate issuer:       /CN=66ba8d64e901b39b501ed3693ec27430713886e3
Certificate serial:       0197591218A3678BE537F6DF406C8B0C3FF9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ZrqNZOkBs5tQHtNpPsJ0MHE4huM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/91/aa7e53-490f-4177-8b11-0b3e7ebe4ac2/1/ZrqNZOkBs5tQHtNpPsJ0MHE4huM.mft
Manifest number:          0EF2
Signing time:             Tue 10 Jun 2025 09:00:47 +0000
Manifest this update:     Tue 10 Jun 2025 09:00:47 +0000
Manifest next update:     Wed 11 Jun 2025 09:00:47 +0000
Files and hashes:         1: Fg0QsDS_oIn0AHFloFbOWLXLPYw.roa (hash: PCZ0sNE5BS8dEXbU+ksvDG3w1iOi7xIBrn9yDW7TZ/U=)
                          2: ZrqNZOkBs5tQHtNpPsJ0MHE4huM.crl (hash: EHjbO04Lg3fjAOwuAdf5tycb1jSUgR6B9sXR2Dvz/Tw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/91/aa7e53-490f-4177-8b11-0b3e7ebe4ac2/1/ZrqNZOkBs5tQHtNpPsJ0MHE4huM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/91/aa7e53-490f-4177-8b11-0b3e7ebe4ac2/1/ZrqNZOkBs5tQHtNpPsJ0MHE4huM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ZrqNZOkBs5tQHtNpPsJ0MHE4huM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 11 Jun 2025 09:00:47 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:59:12:18:a3:67:8b:e5:37:f6:df:40:6c:8b:0c:3f:f9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=66ba8d64e901b39b501ed3693ec27430713886e3
        Validity
            Not Before: Jun 10 09:00:47 2025 GMT
            Not After : Jun 11 09:00:47 2025 GMT
        Subject: CN=226c4ac80fe665ce1549e0f9b514a7ffdf68dbe7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a9:1f:b5:dc:6f:d4:11:0e:92:ed:01:9e:c5:05:
                    e1:8a:60:36:dd:ed:e0:83:05:85:52:3e:db:7b:8b:
                    bb:89:ca:43:3f:e0:57:3a:e0:6f:49:7b:a0:0b:12:
                    69:39:bb:17:e2:28:11:09:6e:12:f1:ed:52:67:38:
                    3c:b5:af:76:be:c3:4d:78:7d:52:a5:8c:c3:87:84:
                    19:05:fd:47:4a:ce:37:ca:d8:e6:d0:5f:d3:14:da:
                    93:db:c2:52:53:d1:b4:87:22:32:5b:b8:7e:6d:0b:
                    84:6f:27:9c:60:a2:16:38:4f:e9:ae:80:b5:5b:64:
                    32:e8:b8:9e:98:1e:66:1b:35:32:10:15:3c:57:8d:
                    67:40:d1:78:21:69:63:45:fd:f2:05:e5:63:8c:79:
                    6d:8b:7d:d6:8d:e7:e9:a4:e2:e7:61:a8:3e:18:0d:
                    d2:db:ea:af:01:71:6e:cd:96:5a:de:e3:90:f3:45:
                    b8:44:d4:9d:19:a6:01:b8:d0:54:3a:7d:b0:68:ba:
                    c3:b6:74:b2:f5:c5:9a:ff:18:3f:0f:db:9f:aa:dc:
                    ca:db:15:84:3d:9e:c5:79:e4:fe:20:94:b4:9f:36:
                    92:fd:e2:28:4a:16:60:52:19:0a:b4:db:85:d8:17:
                    68:09:2e:fc:cd:f9:0b:ca:3e:b4:b0:41:f2:aa:29:
                    b3:49
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                22:6C:4A:C8:0F:E6:65:CE:15:49:E0:F9:B5:14:A7:FF:DF:68:DB:E7
            X509v3 Authority Key Identifier:
                keyid:66:BA:8D:64:E9:01:B3:9B:50:1E:D3:69:3E:C2:74:30:71:38:86:E3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZrqNZOkBs5tQHtNpPsJ0MHE4huM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/91/aa7e53-490f-4177-8b11-0b3e7ebe4ac2/1/ZrqNZOkBs5tQHtNpPsJ0MHE4huM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/91/aa7e53-490f-4177-8b11-0b3e7ebe4ac2/1/ZrqNZOkBs5tQHtNpPsJ0MHE4huM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         29:57:36:51:df:bf:22:ee:6c:24:72:53:ab:a9:0a:59:12:84:
         ec:2d:35:ab:c7:aa:41:a9:2f:9c:16:ee:8e:73:6e:1a:d4:2a:
         f3:52:00:4f:19:39:ba:2d:7a:f2:bd:2a:06:06:51:6e:be:0a:
         dc:22:43:68:07:f1:3e:24:97:aa:52:55:32:8b:0c:4f:45:3a:
         08:3a:ed:1d:d1:0a:cc:60:60:3b:21:a5:69:ad:5d:b1:4e:b9:
         e2:ad:eb:15:f1:74:6b:fc:f9:d4:e1:63:8f:41:48:1c:58:c5:
         36:93:2c:3e:ab:ef:04:78:a1:bc:54:b0:a4:cd:6e:a0:c1:33:
         c7:c0:57:a5:f1:34:8f:b9:28:93:9c:e8:c0:0a:26:9c:e6:02:
         fd:d1:42:a6:61:da:7a:34:2b:71:d6:92:5a:83:95:31:b6:06:
         33:58:c7:41:12:35:85:69:8e:26:db:3d:4c:05:a3:28:cc:e4:
         b6:cb:83:46:20:eb:3f:78:a8:db:ba:37:61:48:03:55:38:b5:
         bf:f7:42:a1:7c:ed:41:bd:7c:0a:79:42:f2:2a:68:3b:b3:e2:
         73:da:06:b1:d1:0a:7d:db:c7:d3:65:f5:ea:76:3e:bb:fc:b4:
         10:23:24:ac:3c:34:60:b8:5b:41:d8:14:ab:f7:3e:61:18:3c:
         43:53:e4:57
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdZEhijZ4vlN/bfQGyLDD/5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY2YmE4ZDY0ZTkwMWIzOWI1MDFlZDM2OTNlYzI3NDMwNzEz
ODg2ZTMwHhcNMjUwNjEwMDkwMDQ3WhcNMjUwNjExMDkwMDQ3WjAzMTEwLwYDVQQD
EygyMjZjNGFjODBmZTY2NWNlMTU0OWUwZjliNTE0YTdmZmRmNjhkYmU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqR+13G/UEQ6S7QGexQXhimA23e3g
gwWFUj7be4u7icpDP+BXOuBvSXugCxJpObsX4igRCW4S8e1SZzg8ta92vsNNeH1S
pYzDh4QZBf1HSs43ytjm0F/TFNqT28JSU9G0hyIyW7h+bQuEbyecYKIWOE/proC1
W2Qy6LiemB5mGzUyEBU8V41nQNF4IWljRf3yBeVjjHlti33WjefppOLnYag+GA3S
2+qvAXFuzZZa3uOQ80W4RNSdGaYBuNBUOn2waLrDtnSy9cWa/xg/D9ufqtzK2xWE
PZ7FeeT+IJS0nzaS/eIoShZgUhkKtNuF2BdoCS78zfkLyj60sEHyqimzSQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCJsSsgP5mXOFUng+bUUp//faNvnMB8GA1UdIwQY
MBaAFGa6jWTpAbObUB7TaT7CdDBxOIbjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWnJxTlpPa0JzNXRRSHROcFBzSjBNSEU0aHVNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MS9hYTdlNTMtNDkwZi00MTc3LThiMTEt
MGIzZTdlYmU0YWMyLzEvWnJxTlpPa0JzNXRRSHROcFBzSjBNSEU0aHVNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MS9hYTdlNTMtNDkwZi00MTc3LThiMTEtMGIzZTdlYmU0YWMy
LzEvWnJxTlpPa0JzNXRRSHROcFBzSjBNSEU0aHVNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKVc2Ud+/
Iu5sJHJTq6kKWRKE7C01q8eqQakvnBbujnNuGtQq81IATxk5ui168r0qBgZRbr4K
3CJDaAfxPiSXqlJVMosMT0U6CDrtHdEKzGBgOyGlaa1dsU654q3rFfF0a/z51OFj
j0FIHFjFNpMsPqvvBHihvFSwpM1uoMEzx8BXpfE0j7kok5zowAomnOYC/dFCpmHa
ejQrcdaSWoOVMbYGM1jHQRI1hWmOJts9TAWjKMzktsuDRiDrP3io27o3YUgDVTi1
v/dCoXztQb18CnlC8ipoO7Pic9oGsdEKfdvH02X16nY+u/y0ECMkrDw0YLhbQdgU
q/c+YRg8Q1PkVw==
-----END CERTIFICATE-----
Generated at Tue Jun 10 16:20:22 2025 by rpki-client