Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bb/bb97d9-7b81-449f-9060-bd465ce711bb/1/nB7k05z6obOseZwX94grjOTigSA.mft
File:                     nB7k05z6obOseZwX94grjOTigSA.mft (raw, json)
Hash identifier:          Ixua8AFWcfZTeKkvffeTOOgzI1ukIDgcQaUMncFX15M=
Subject key identifier:   9C:BC:3C:29:74:B6:D2:13:88:44:50:33:56:B7:CE:D6:01:BB:01:DD
Authority key identifier: 9C:1E:E4:D3:9C:FA:A1:B3:AC:79:9C:17:F7:88:2B:8C:E4:E2:81:20
Certificate issuer:       /CN=9c1ee4d39cfaa1b3ac799c17f7882b8ce4e28120
Certificate serial:       01975E38465976988393C681812C07C98AB2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/nB7k05z6obOseZwX94grjOTigSA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bb/bb97d9-7b81-449f-9060-bd465ce711bb/1/nB7k05z6obOseZwX94grjOTigSA.mft
Manifest number:          083A
Signing time:             Wed 11 Jun 2025 09:00:35 +0000
Manifest this update:     Wed 11 Jun 2025 09:00:35 +0000
Manifest next update:     Thu 12 Jun 2025 09:00:35 +0000
Files and hashes:         1: egM_lo5hkg5KA7_uP-5h7pmD4BM.roa (hash: LWEk9cOjEXdGtew0n3bgwHhe3Zn8McfotK81AHI+3M0=)
                          2: nB7k05z6obOseZwX94grjOTigSA.crl (hash: XCWGVAoFnZ+YMMJ2X7K2Wa97u5WK169sDtTZkvhwiSk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/bb/bb97d9-7b81-449f-9060-bd465ce711bb/1/nB7k05z6obOseZwX94grjOTigSA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/bb/bb97d9-7b81-449f-9060-bd465ce711bb/1/nB7k05z6obOseZwX94grjOTigSA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/nB7k05z6obOseZwX94grjOTigSA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 12 Jun 2025 08:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:5e:38:46:59:76:98:83:93:c6:81:81:2c:07:c9:8a:b2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9c1ee4d39cfaa1b3ac799c17f7882b8ce4e28120
        Validity
            Not Before: Jun 11 09:00:35 2025 GMT
            Not After : Jun 12 09:00:35 2025 GMT
        Subject: CN=9cbc3c2974b6d2138844503356b7ced601bb01dd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ea:78:07:cb:a4:b8:a1:3f:cf:56:87:73:5a:8b:
                    af:70:86:7f:87:96:61:8b:ca:f0:52:55:78:4c:33:
                    19:24:2f:94:b2:c9:66:c7:fc:a7:a8:cc:19:da:d1:
                    73:66:d9:e8:ca:69:02:7e:0c:15:db:39:84:ac:7f:
                    03:0b:d6:1a:36:e8:93:a9:fa:77:17:25:ae:11:e8:
                    e9:f9:99:2b:0c:87:54:f4:9f:51:42:ef:f8:a4:07:
                    41:5f:99:bf:45:a2:94:d8:85:e9:81:de:1e:94:a2:
                    b5:d5:91:50:c7:da:53:8d:2b:3e:73:1c:6a:97:a9:
                    d4:76:10:cc:e5:40:f2:a5:e3:92:8a:d3:7c:39:4e:
                    b9:a4:d5:c9:ec:9e:c5:80:4c:d5:f1:95:1b:54:18:
                    49:fb:7c:36:0b:42:fb:fc:24:9f:6a:c3:63:da:a4:
                    87:0c:ea:0c:42:5e:c6:24:62:c1:ac:a2:bf:17:89:
                    fc:da:00:76:30:ac:a6:db:41:c7:fe:9e:3d:91:92:
                    ca:8f:31:22:ec:50:bb:4d:e4:c8:3a:39:27:93:69:
                    48:54:8a:45:a5:12:05:8b:82:48:37:95:cd:18:2f:
                    09:7c:a4:81:09:60:5b:3c:42:df:f1:4a:4f:9e:11:
                    11:30:43:30:15:da:ab:16:6d:cb:0b:25:d9:6b:28:
                    12:c1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9C:BC:3C:29:74:B6:D2:13:88:44:50:33:56:B7:CE:D6:01:BB:01:DD
            X509v3 Authority Key Identifier:
                keyid:9C:1E:E4:D3:9C:FA:A1:B3:AC:79:9C:17:F7:88:2B:8C:E4:E2:81:20

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nB7k05z6obOseZwX94grjOTigSA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/bb97d9-7b81-449f-9060-bd465ce711bb/1/nB7k05z6obOseZwX94grjOTigSA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/bb97d9-7b81-449f-9060-bd465ce711bb/1/nB7k05z6obOseZwX94grjOTigSA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4c:7b:4e:31:ff:af:ea:00:67:49:41:ce:a0:e2:cb:1b:3b:df:
         b2:93:d7:c3:72:86:c1:9f:f7:69:d9:dd:38:0b:09:a6:98:b7:
         db:09:51:0d:52:42:e7:26:8f:83:fd:59:d2:1e:e4:b9:48:64:
         41:cd:63:b8:7e:f6:41:d5:12:bc:72:6a:02:b9:eb:1c:50:01:
         07:28:8a:d8:fd:b5:44:1a:f4:7f:f5:a0:9d:22:4e:a6:32:67:
         0e:16:f3:d5:48:93:7f:ce:3c:ea:15:c9:c6:90:75:c2:14:47:
         93:24:72:82:77:7b:d9:c6:57:a9:0d:0a:f3:5d:51:a0:9f:32:
         dd:79:11:b5:d2:ff:13:43:69:8b:ac:18:b2:91:89:b3:82:3e:
         1a:0d:b3:79:39:27:90:db:22:48:7f:09:8c:83:45:f2:e7:a6:
         53:0d:10:23:93:82:a9:cb:f4:ab:5d:9a:ab:a7:34:42:ea:aa:
         b9:1f:bc:00:77:b3:04:76:05:42:23:97:3f:02:aa:3a:2f:2a:
         8a:ab:8b:68:8b:15:49:33:52:ed:0f:7a:96:1d:a4:b0:0b:17:
         37:6e:1d:9b:ee:e6:aa:cc:37:79:3c:eb:70:d1:3b:99:af:64:
         c4:bb:40:df:7d:19:40:2e:e2:55:47:1b:db:c5:f3:0e:21:b0:
         10:ae:17:8e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdeOEZZdpiDk8aBgSwHyYqyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDljMWVlNGQzOWNmYWExYjNhYzc5OWMxN2Y3ODgyYjhjZTRl
MjgxMjAwHhcNMjUwNjExMDkwMDM1WhcNMjUwNjEyMDkwMDM1WjAzMTEwLwYDVQQD
Eyg5Y2JjM2MyOTc0YjZkMjEzODg0NDUwMzM1NmI3Y2VkNjAxYmIwMWRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6ngHy6S4oT/PVodzWouvcIZ/h5Zh
i8rwUlV4TDMZJC+Usslmx/ynqMwZ2tFzZtnoymkCfgwV2zmErH8DC9YaNuiTqfp3
FyWuEejp+ZkrDIdU9J9RQu/4pAdBX5m/RaKU2IXpgd4elKK11ZFQx9pTjSs+cxxq
l6nUdhDM5UDypeOSitN8OU65pNXJ7J7FgEzV8ZUbVBhJ+3w2C0L7/CSfasNj2qSH
DOoMQl7GJGLBrKK/F4n82gB2MKym20HH/p49kZLKjzEi7FC7TeTIOjknk2lIVIpF
pRIFi4JIN5XNGC8JfKSBCWBbPELf8UpPnhERMEMwFdqrFm3LCyXZaygSwQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJy8PCl0ttITiERQM1a3ztYBuwHdMB8GA1UdIwQY
MBaAFJwe5NOc+qGzrHmcF/eIK4zk4oEgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbkI3azA1ejZvYk9zZVp3WDk0Z3JqT1RpZ1NBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYi9iYjk3ZDktN2I4MS00NDlmLTkwNjAt
YmQ0NjVjZTcxMWJiLzEvbkI3azA1ejZvYk9zZVp3WDk0Z3JqT1RpZ1NBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYi9iYjk3ZDktN2I4MS00NDlmLTkwNjAtYmQ0NjVjZTcxMWJi
LzEvbkI3azA1ejZvYk9zZVp3WDk0Z3JqT1RpZ1NBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATHtOMf+v
6gBnSUHOoOLLGzvfspPXw3KGwZ/3adndOAsJppi32wlRDVJC5yaPg/1Z0h7kuUhk
Qc1juH72QdUSvHJqArnrHFABByiK2P21RBr0f/WgnSJOpjJnDhbz1UiTf8486hXJ
xpB1whRHkyRygnd72cZXqQ0K811RoJ8y3XkRtdL/E0Npi6wYspGJs4I+Gg2zeTkn
kNsiSH8JjINF8uemUw0QI5OCqcv0q12aq6c0QuqquR+8AHezBHYFQiOXPwKqOi8q
iquLaIsVSTNS7Q96lh2ksAsXN24dm+7mqsw3eTzrcNE7ma9kxLtA330ZQC7iVUcb
28XzDiGwEK4Xjg==
-----END CERTIFICATE-----
Generated at Wed Jun 11 13:36:22 2025 by rpki-client