Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/91/aa7e53-490f-4177-8b11-0b3e7ebe4ac2/1/ZrqNZOkBs5tQHtNpPsJ0MHE4huM.mft
File:                     ZrqNZOkBs5tQHtNpPsJ0MHE4huM.mft (raw, json)
Hash identifier:          2KfqTA08kXgIH3gWCXnWtmTZeKmjNrcEVY68SPyR7S4=
Subject key identifier:   A5:27:36:A0:94:63:67:3A:4A:AB:DC:D8:65:41:B2:BB:79:9F:F7:49
Authority key identifier: 66:BA:8D:64:E9:01:B3:9B:50:1E:D3:69:3E:C2:74:30:71:38:86:E3
Certificate issuer:       /CN=66ba8d64e901b39b501ed3693ec27430713886e3
Certificate serial:       019753476057005D919895B1F34BDC622BAC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ZrqNZOkBs5tQHtNpPsJ0MHE4huM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/91/aa7e53-490f-4177-8b11-0b3e7ebe4ac2/1/ZrqNZOkBs5tQHtNpPsJ0MHE4huM.mft
Manifest number:          0EEF
Signing time:             Mon 09 Jun 2025 06:01:15 +0000
Manifest this update:     Mon 09 Jun 2025 06:01:15 +0000
Manifest next update:     Tue 10 Jun 2025 06:01:15 +0000
Files and hashes:         1: Fg0QsDS_oIn0AHFloFbOWLXLPYw.roa (hash: PCZ0sNE5BS8dEXbU+ksvDG3w1iOi7xIBrn9yDW7TZ/U=)
                          2: ZrqNZOkBs5tQHtNpPsJ0MHE4huM.crl (hash: Z8nPJj1OtqRR0qrDcn7wqT2oUTtuGFRiH7AF6yuefBU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/91/aa7e53-490f-4177-8b11-0b3e7ebe4ac2/1/ZrqNZOkBs5tQHtNpPsJ0MHE4huM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/91/aa7e53-490f-4177-8b11-0b3e7ebe4ac2/1/ZrqNZOkBs5tQHtNpPsJ0MHE4huM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ZrqNZOkBs5tQHtNpPsJ0MHE4huM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 10 Jun 2025 06:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:53:47:60:57:00:5d:91:98:95:b1:f3:4b:dc:62:2b:ac
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=66ba8d64e901b39b501ed3693ec27430713886e3
        Validity
            Not Before: Jun  9 06:01:15 2025 GMT
            Not After : Jun 10 06:01:15 2025 GMT
        Subject: CN=a52736a09463673a4aabdcd86541b2bb799ff749
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:06:04:5d:a4:df:18:90:93:59:e2:b3:ed:6a:
                    fd:f0:52:67:40:05:03:fa:23:03:a9:70:91:3f:1e:
                    b2:96:d0:ab:48:1b:1a:5b:2c:82:24:cc:bc:52:f2:
                    4a:5f:3b:a1:3c:af:d0:b5:c2:7b:46:c9:3c:21:87:
                    d2:1b:97:9e:64:a9:43:97:aa:d2:42:2b:2a:ac:e0:
                    36:8a:13:00:65:84:bd:79:56:8c:73:69:c4:32:36:
                    cf:65:25:ba:4d:d4:71:2a:7f:7e:89:2a:b5:e4:7b:
                    20:22:9c:06:ab:cd:61:d5:06:ff:c9:a1:26:a1:a3:
                    09:a8:a8:93:e9:43:e2:6e:4c:dd:b1:94:b6:38:78:
                    24:3f:cb:90:21:3a:09:34:a4:2e:ef:66:e7:cb:40:
                    5d:cb:5c:31:32:a2:d6:5a:bc:59:fd:b9:bd:68:1d:
                    6a:fd:70:b6:46:50:a1:df:f1:17:cf:f9:2e:0e:32:
                    c7:c3:b7:ad:e0:04:b5:fa:05:09:aa:73:5a:7d:d8:
                    ff:70:04:86:ab:19:64:87:0f:f6:9f:9d:d5:f3:26:
                    95:49:21:76:6d:ea:a6:99:1a:d5:c7:61:03:9e:e7:
                    83:ba:e3:5c:5c:73:c4:70:64:e9:c4:3a:51:04:29:
                    3c:2f:11:be:5f:ed:ca:12:32:1f:f6:b3:14:dc:7d:
                    2e:ef
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A5:27:36:A0:94:63:67:3A:4A:AB:DC:D8:65:41:B2:BB:79:9F:F7:49
            X509v3 Authority Key Identifier:
                keyid:66:BA:8D:64:E9:01:B3:9B:50:1E:D3:69:3E:C2:74:30:71:38:86:E3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZrqNZOkBs5tQHtNpPsJ0MHE4huM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/91/aa7e53-490f-4177-8b11-0b3e7ebe4ac2/1/ZrqNZOkBs5tQHtNpPsJ0MHE4huM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/91/aa7e53-490f-4177-8b11-0b3e7ebe4ac2/1/ZrqNZOkBs5tQHtNpPsJ0MHE4huM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         33:a6:93:51:65:e9:f1:69:7b:cd:3f:8e:5d:8d:d9:b6:bc:5a:
         9a:0a:04:60:2e:f0:6f:27:24:f3:9e:d8:a7:f2:48:51:8a:4d:
         b1:76:51:89:88:6c:a4:23:5a:8f:9a:4b:df:64:60:f5:d8:66:
         b4:9c:6e:1d:71:2c:b4:84:10:4c:76:52:2c:82:93:7d:a7:cc:
         ed:b0:a7:2d:e8:3a:db:46:3c:bc:60:81:5a:f0:76:19:44:91:
         5f:29:f4:22:23:cc:55:e4:89:3a:de:c1:6d:5c:7b:b9:67:67:
         ef:f8:9b:26:15:d4:6a:2e:a9:62:57:b8:21:60:42:75:38:3f:
         54:9a:0d:6e:49:5d:c7:d5:aa:10:22:37:3f:07:61:7f:b4:9c:
         ec:fc:ab:77:e9:59:4d:86:38:d6:fa:b2:9d:e1:82:25:d7:1d:
         a5:80:e0:6c:3b:72:a5:ca:4c:58:94:54:4f:4c:d9:26:8a:a6:
         1a:0a:dc:c0:65:82:70:ea:f3:ea:a5:16:14:90:02:68:4b:70:
         79:99:b2:70:da:77:2a:c2:d9:9a:20:b1:1e:f0:88:54:cc:f4:
         92:5f:7f:8e:a9:c9:77:25:14:06:7b:bf:2e:01:22:a7:9d:c7:
         52:3e:3f:6a:77:9e:da:8e:87:c8:0c:0c:b8:12:ac:05:2a:ed:
         89:fa:53:43
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdTR2BXAF2RmJWx80vcYiusMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY2YmE4ZDY0ZTkwMWIzOWI1MDFlZDM2OTNlYzI3NDMwNzEz
ODg2ZTMwHhcNMjUwNjA5MDYwMTE1WhcNMjUwNjEwMDYwMTE1WjAzMTEwLwYDVQQD
EyhhNTI3MzZhMDk0NjM2NzNhNGFhYmRjZDg2NTQxYjJiYjc5OWZmNzQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsAYEXaTfGJCTWeKz7Wr98FJnQAUD
+iMDqXCRPx6yltCrSBsaWyyCJMy8UvJKXzuhPK/QtcJ7Rsk8IYfSG5eeZKlDl6rS
QisqrOA2ihMAZYS9eVaMc2nEMjbPZSW6TdRxKn9+iSq15HsgIpwGq81h1Qb/yaEm
oaMJqKiT6UPibkzdsZS2OHgkP8uQIToJNKQu72bny0Bdy1wxMqLWWrxZ/bm9aB1q
/XC2RlCh3/EXz/kuDjLHw7et4AS1+gUJqnNafdj/cASGqxlkhw/2n53V8yaVSSF2
beqmmRrVx2EDnueDuuNcXHPEcGTpxDpRBCk8LxG+X+3KEjIf9rMU3H0u7wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKUnNqCUY2c6Sqvc2GVBsrt5n/dJMB8GA1UdIwQY
MBaAFGa6jWTpAbObUB7TaT7CdDBxOIbjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWnJxTlpPa0JzNXRRSHROcFBzSjBNSEU0aHVNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MS9hYTdlNTMtNDkwZi00MTc3LThiMTEt
MGIzZTdlYmU0YWMyLzEvWnJxTlpPa0JzNXRRSHROcFBzSjBNSEU0aHVNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MS9hYTdlNTMtNDkwZi00MTc3LThiMTEtMGIzZTdlYmU0YWMy
LzEvWnJxTlpPa0JzNXRRSHROcFBzSjBNSEU0aHVNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAM6aTUWXp
8Wl7zT+OXY3ZtrxamgoEYC7wbyck857Yp/JIUYpNsXZRiYhspCNaj5pL32Rg9dhm
tJxuHXEstIQQTHZSLIKTfafM7bCnLeg620Y8vGCBWvB2GUSRXyn0IiPMVeSJOt7B
bVx7uWdn7/ibJhXUai6pYle4IWBCdTg/VJoNbkldx9WqECI3Pwdhf7Sc7Pyrd+lZ
TYY41vqyneGCJdcdpYDgbDtypcpMWJRUT0zZJoqmGgrcwGWCcOrz6qUWFJACaEtw
eZmycNp3KsLZmiCxHvCIVMz0kl9/jqnJdyUUBnu/LgEip53HUj4/anee2o6HyAwM
uBKsBSrtifpTQw==
-----END CERTIFICATE-----
Generated at Mon Jun 9 14:30:04 2025 by rpki-client