Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bb/bb97d9-7b81-449f-9060-bd465ce711bb/1/nB7k05z6obOseZwX94grjOTigSA.mft
File:                     nB7k05z6obOseZwX94grjOTigSA.mft (raw, json)
Hash identifier:          FeaCO6cLc3yEjUL39Jx0RmImwYtWAvb2RAtZ1uHqoQ8=
Subject key identifier:   7D:1A:3C:9C:60:0B:85:1B:4E:DE:04:DC:CC:3B:AA:8C:64:F8:71:D9
Authority key identifier: 9C:1E:E4:D3:9C:FA:A1:B3:AC:79:9C:17:F7:88:2B:8C:E4:E2:81:20
Certificate issuer:       /CN=9c1ee4d39cfaa1b3ac799c17f7882b8ce4e28120
Certificate serial:       019769CF4642DE8D8FA05B14AF00E3CA94F4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/nB7k05z6obOseZwX94grjOTigSA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bb/bb97d9-7b81-449f-9060-bd465ce711bb/1/nB7k05z6obOseZwX94grjOTigSA.mft
Manifest number:          0840
Signing time:             Fri 13 Jun 2025 15:01:20 +0000
Manifest this update:     Fri 13 Jun 2025 15:01:20 +0000
Manifest next update:     Sat 14 Jun 2025 15:01:20 +0000
Files and hashes:         1: egM_lo5hkg5KA7_uP-5h7pmD4BM.roa (hash: LWEk9cOjEXdGtew0n3bgwHhe3Zn8McfotK81AHI+3M0=)
                          2: nB7k05z6obOseZwX94grjOTigSA.crl (hash: kWevqeOFSJqMG4HvUhrDLqISbiGfkBI8SvpNPE96+Ak=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/bb/bb97d9-7b81-449f-9060-bd465ce711bb/1/nB7k05z6obOseZwX94grjOTigSA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/bb/bb97d9-7b81-449f-9060-bd465ce711bb/1/nB7k05z6obOseZwX94grjOTigSA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/nB7k05z6obOseZwX94grjOTigSA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 14 Jun 2025 15:01:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:69:cf:46:42:de:8d:8f:a0:5b:14:af:00:e3:ca:94:f4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9c1ee4d39cfaa1b3ac799c17f7882b8ce4e28120
        Validity
            Not Before: Jun 13 15:01:20 2025 GMT
            Not After : Jun 14 15:01:20 2025 GMT
        Subject: CN=7d1a3c9c600b851b4ede04dccc3baa8c64f871d9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:9c:57:2b:05:6d:1a:85:1a:ad:5f:41:2c:d1:
                    3d:15:4e:97:44:aa:48:25:e2:d1:9f:96:09:ac:30:
                    93:29:44:dc:eb:3f:8d:0a:fd:c5:b2:b8:5d:44:15:
                    63:3c:cd:f5:50:77:de:df:f7:46:5a:b2:ef:f3:dd:
                    e1:82:44:f4:f5:ef:ba:50:44:ef:b0:f2:ab:eb:26:
                    9d:c3:e4:8a:87:e2:30:f3:63:83:2c:77:b9:58:3d:
                    26:07:79:ec:02:b2:86:fc:8b:4c:b1:cf:8e:5a:11:
                    f1:fd:b4:f0:af:d0:49:86:3a:0a:ed:98:68:43:e9:
                    f1:e8:83:c9:88:ae:08:1a:e9:8f:c0:ea:8c:95:a1:
                    19:88:ea:7c:43:a7:c9:de:9a:8f:70:c5:b5:43:14:
                    64:0f:b0:38:b4:4a:83:74:65:12:1a:02:66:b6:ef:
                    6a:ca:ea:ea:45:57:dc:00:3d:71:61:4f:6b:36:e6:
                    53:8b:3f:ca:c4:a1:55:34:f8:f5:08:93:1d:ba:7a:
                    34:bb:1d:8b:d2:5b:3b:65:a1:fa:d2:f3:65:51:ab:
                    57:e6:d8:58:7f:61:71:12:57:28:a0:72:8a:40:5b:
                    e9:f7:b9:6a:41:65:19:cc:92:b3:f3:24:1f:ff:c5:
                    77:da:c4:0e:04:80:39:f4:4f:c1:b8:61:b8:14:a1:
                    02:51
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7D:1A:3C:9C:60:0B:85:1B:4E:DE:04:DC:CC:3B:AA:8C:64:F8:71:D9
            X509v3 Authority Key Identifier:
                keyid:9C:1E:E4:D3:9C:FA:A1:B3:AC:79:9C:17:F7:88:2B:8C:E4:E2:81:20

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nB7k05z6obOseZwX94grjOTigSA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/bb97d9-7b81-449f-9060-bd465ce711bb/1/nB7k05z6obOseZwX94grjOTigSA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/bb97d9-7b81-449f-9060-bd465ce711bb/1/nB7k05z6obOseZwX94grjOTigSA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         c7:f3:d0:a5:02:41:63:65:8a:1e:4e:df:c1:6b:88:0f:ee:ad:
         37:b8:cc:c0:06:fa:b8:1a:b9:90:2f:7e:15:d4:c9:b3:95:e9:
         3e:06:6e:3e:00:2c:8f:64:ba:4e:d8:f5:2a:29:a4:18:8b:79:
         9b:f2:4a:d0:f6:9a:b9:0d:83:16:4c:cc:5f:a8:ed:05:29:ab:
         d6:94:bf:6b:2d:74:b4:4f:2e:fb:3c:06:62:a1:08:fd:52:48:
         55:2e:ac:08:ad:cc:63:e8:f2:d6:ad:05:30:fc:e1:fd:7e:9a:
         1f:b1:02:10:e7:82:81:69:03:65:94:98:71:f2:f1:5b:27:9e:
         48:7d:8c:60:6a:56:8c:61:0a:d8:fa:4c:2e:c3:09:11:cf:2a:
         fa:90:46:82:0b:9c:10:2f:7c:aa:b5:ad:71:52:34:9d:44:ec:
         c8:44:5e:24:be:93:4b:b8:3a:77:b4:83:18:fd:49:ad:4a:b4:
         0f:c3:99:58:fe:77:a1:82:ee:d6:c5:72:1b:6e:b7:ad:cf:4e:
         2f:d9:4d:ab:4b:20:0b:cb:72:9b:13:91:80:cb:af:89:6b:e8:
         a7:1e:d1:ba:a6:da:7f:82:bb:54:e1:2a:f5:96:ba:52:d3:fc:
         2a:d1:db:3b:a9:2f:87:1b:58:4f:f8:55:43:10:c3:80:72:19:
         92:a1:dd:d8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdpz0ZC3o2PoFsUrwDjypT0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDljMWVlNGQzOWNmYWExYjNhYzc5OWMxN2Y3ODgyYjhjZTRl
MjgxMjAwHhcNMjUwNjEzMTUwMTIwWhcNMjUwNjE0MTUwMTIwWjAzMTEwLwYDVQQD
Eyg3ZDFhM2M5YzYwMGI4NTFiNGVkZTA0ZGNjYzNiYWE4YzY0Zjg3MWQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq5xXKwVtGoUarV9BLNE9FU6XRKpI
JeLRn5YJrDCTKUTc6z+NCv3FsrhdRBVjPM31UHfe3/dGWrLv893hgkT09e+6UETv
sPKr6yadw+SKh+Iw82ODLHe5WD0mB3nsArKG/ItMsc+OWhHx/bTwr9BJhjoK7Zho
Q+nx6IPJiK4IGumPwOqMlaEZiOp8Q6fJ3pqPcMW1QxRkD7A4tEqDdGUSGgJmtu9q
yurqRVfcAD1xYU9rNuZTiz/KxKFVNPj1CJMduno0ux2L0ls7ZaH60vNlUatX5thY
f2FxElcooHKKQFvp97lqQWUZzJKz8yQf/8V32sQOBIA59E/BuGG4FKECUQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFH0aPJxgC4UbTt4E3Mw7qoxk+HHZMB8GA1UdIwQY
MBaAFJwe5NOc+qGzrHmcF/eIK4zk4oEgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbkI3azA1ejZvYk9zZVp3WDk0Z3JqT1RpZ1NBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYi9iYjk3ZDktN2I4MS00NDlmLTkwNjAt
YmQ0NjVjZTcxMWJiLzEvbkI3azA1ejZvYk9zZVp3WDk0Z3JqT1RpZ1NBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYi9iYjk3ZDktN2I4MS00NDlmLTkwNjAtYmQ0NjVjZTcxMWJi
LzEvbkI3azA1ejZvYk9zZVp3WDk0Z3JqT1RpZ1NBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAx/PQpQJB
Y2WKHk7fwWuID+6tN7jMwAb6uBq5kC9+FdTJs5XpPgZuPgAsj2S6Ttj1KimkGIt5
m/JK0PaauQ2DFkzMX6jtBSmr1pS/ay10tE8u+zwGYqEI/VJIVS6sCK3MY+jy1q0F
MPzh/X6aH7ECEOeCgWkDZZSYcfLxWyeeSH2MYGpWjGEK2PpMLsMJEc8q+pBGgguc
EC98qrWtcVI0nUTsyEReJL6TS7g6d7SDGP1JrUq0D8OZWP53oYLu1sVyG263rc9O
L9lNq0sgC8tymxORgMuviWvopx7Ruqbaf4K7VOEq9Za6UtP8KtHbO6kvhxtYT/hV
QxDDgHIZkqHd2A==
-----END CERTIFICATE-----
Generated at Sat Jun 14 00:54:33 2025 by rpki-client