Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/5a2ed9-8f8e-4c1d-aaf3-30c65ad83291/1/NIMjF9JURDS2WeVpIHHY5MSTiwY.mft
File:                     NIMjF9JURDS2WeVpIHHY5MSTiwY.mft (raw, json)
Hash identifier:          e56cIxdQkUVE25MoPfAYT/fOnuwjpouprzs6SU41fRo=
Subject key identifier:   E4:26:F4:24:49:19:DA:C8:92:64:F8:61:FA:54:97:FE:80:12:D0:9B
Authority key identifier: 34:83:23:17:D2:54:44:34:B6:59:E5:69:20:71:D8:E4:C4:93:8B:06
Certificate issuer:       /CN=34832317d2544434b659e5692071d8e4c4938b06
Certificate serial:       0198D4E081B0086C5211EFC29A8A7B9D86A0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NIMjF9JURDS2WeVpIHHY5MSTiwY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/11/5a2ed9-8f8e-4c1d-aaf3-30c65ad83291/1/NIMjF9JURDS2WeVpIHHY5MSTiwY.mft
Manifest number:          03BB
Signing time:             Sat 23 Aug 2025 03:02:19 +0000
Manifest this update:     Sat 23 Aug 2025 03:02:19 +0000
Manifest next update:     Sun 24 Aug 2025 03:02:19 +0000
Files and hashes:         1: NIMjF9JURDS2WeVpIHHY5MSTiwY.crl (hash: 5lnv8qZ8DYBrDepipqZ9cxnmlMFJCwDcLbninzBHOFY=)
                          2: x2Xaez7Ra9vjvF4FG3Er4hO4ovk.roa (hash: T67Ch/iuLueDDibfJIFSKnLQW9UiEIt+71JVmL/jUzg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/11/5a2ed9-8f8e-4c1d-aaf3-30c65ad83291/1/NIMjF9JURDS2WeVpIHHY5MSTiwY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/11/5a2ed9-8f8e-4c1d-aaf3-30c65ad83291/1/NIMjF9JURDS2WeVpIHHY5MSTiwY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/NIMjF9JURDS2WeVpIHHY5MSTiwY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 03:02:19 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d4:e0:81:b0:08:6c:52:11:ef:c2:9a:8a:7b:9d:86:a0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=34832317d2544434b659e5692071d8e4c4938b06
        Validity
            Not Before: Aug 23 03:02:19 2025 GMT
            Not After : Aug 24 03:02:19 2025 GMT
        Subject: CN=e426f4244919dac89264f861fa5497fe8012d09b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:62:cc:27:c7:96:52:fc:cc:8f:b5:dc:b5:13:
                    eb:d0:cf:58:b8:fa:64:23:2a:68:4c:2f:31:5a:ea:
                    34:ec:0c:cd:67:b2:b9:ca:81:46:c3:f2:b6:f5:2a:
                    63:e9:1c:cf:1a:d1:09:a2:24:a4:41:9b:77:41:e3:
                    2f:76:12:b5:73:ac:02:40:f4:fc:cf:7a:d0:8c:0d:
                    46:b5:84:bc:13:a1:1c:6f:5b:dc:83:b6:16:90:1c:
                    35:b3:83:39:3d:79:b5:12:85:cb:da:b3:d4:05:db:
                    70:c3:2e:18:de:fb:59:ce:04:b8:b5:9d:e1:a3:ac:
                    b1:b0:c1:b3:b5:82:f0:9a:16:15:a7:2e:98:9c:3d:
                    38:f1:d9:04:17:9d:1b:9c:32:56:f7:0f:fe:1e:a7:
                    6c:d4:50:40:04:19:a3:31:27:9e:31:75:b6:89:e6:
                    8b:7d:c5:db:66:d8:59:b8:8e:c0:b0:de:db:d9:db:
                    4a:bb:f5:61:b5:6e:60:88:bc:f0:95:77:99:d0:43:
                    6b:bf:6e:c6:2e:cd:99:9d:e2:5c:4f:e6:5e:c3:22:
                    47:68:18:d0:23:49:a5:38:68:92:a2:aa:6a:94:b6:
                    87:af:b8:85:a1:4a:b0:27:d7:ca:fb:29:2e:29:67:
                    01:8d:a8:f4:5d:a0:2f:1e:6c:4f:9e:61:36:b9:2e:
                    ac:29
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E4:26:F4:24:49:19:DA:C8:92:64:F8:61:FA:54:97:FE:80:12:D0:9B
            X509v3 Authority Key Identifier:
                keyid:34:83:23:17:D2:54:44:34:B6:59:E5:69:20:71:D8:E4:C4:93:8B:06

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NIMjF9JURDS2WeVpIHHY5MSTiwY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/5a2ed9-8f8e-4c1d-aaf3-30c65ad83291/1/NIMjF9JURDS2WeVpIHHY5MSTiwY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/11/5a2ed9-8f8e-4c1d-aaf3-30c65ad83291/1/NIMjF9JURDS2WeVpIHHY5MSTiwY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4f:a7:88:76:48:aa:72:49:27:bc:67:97:af:8c:b0:92:3e:61:
         fc:0a:55:ad:f5:50:6c:bb:15:43:43:4d:38:bf:67:79:5c:4b:
         29:35:c1:44:93:6d:aa:96:1d:1f:5c:ca:da:08:63:63:0a:8d:
         e6:7c:72:0b:07:4b:12:3d:28:7a:d3:53:69:f5:78:20:e1:be:
         d9:5e:c2:44:84:39:9e:44:06:21:6b:15:10:fd:ad:5e:63:45:
         1c:bf:a8:dc:ba:b3:6f:33:09:61:44:2c:99:d4:a9:12:d3:d1:
         4b:cf:f0:4c:50:9a:61:61:5d:ed:e1:ed:65:b3:36:67:bf:e8:
         04:78:d2:f0:83:7f:1b:3b:3e:12:d8:ab:1b:ae:81:72:03:44:
         5e:33:ac:16:e8:1d:8a:0e:c0:20:22:6f:09:50:9c:e4:46:55:
         c9:c5:86:f6:a1:35:45:e6:44:74:93:5f:97:fa:8f:ee:7f:2a:
         5f:21:75:7a:42:a1:96:83:e9:cf:8d:b8:85:e2:3e:8d:5b:9b:
         d6:54:42:09:59:4c:61:f9:b4:5e:b0:f0:81:bb:2c:65:08:87:
         c2:86:fc:de:9c:03:2a:cc:35:0c:39:3a:8b:3f:87:1e:2a:95:
         51:5a:a2:6a:23:37:99:7f:89:8b:d7:ff:02:4d:5f:3a:36:94:
         72:b2:e2:e1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjU4IGwCGxSEe/Cmop7nYagMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0ODMyMzE3ZDI1NDQ0MzRiNjU5ZTU2OTIwNzFkOGU0YzQ5
MzhiMDYwHhcNMjUwODIzMDMwMjE5WhcNMjUwODI0MDMwMjE5WjAzMTEwLwYDVQQD
EyhlNDI2ZjQyNDQ5MTlkYWM4OTI2NGY4NjFmYTU0OTdmZTgwMTJkMDliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAumLMJ8eWUvzMj7XctRPr0M9YuPpk
IypoTC8xWuo07AzNZ7K5yoFGw/K29Spj6RzPGtEJoiSkQZt3QeMvdhK1c6wCQPT8
z3rQjA1GtYS8E6Ecb1vcg7YWkBw1s4M5PXm1EoXL2rPUBdtwwy4Y3vtZzgS4tZ3h
o6yxsMGztYLwmhYVpy6YnD048dkEF50bnDJW9w/+Hqds1FBABBmjMSeeMXW2ieaL
fcXbZthZuI7AsN7b2dtKu/VhtW5giLzwlXeZ0ENrv27GLs2ZneJcT+ZewyJHaBjQ
I0mlOGiSoqpqlLaHr7iFoUqwJ9fK+ykuKWcBjaj0XaAvHmxPnmE2uS6sKQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOQm9CRJGdrIkmT4YfpUl/6AEtCbMB8GA1UdIwQY
MBaAFDSDIxfSVEQ0tlnlaSBx2OTEk4sGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTklNakY5SlVSRFMyV2VWcElISFk1TVNUaXdZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS81YTJlZDktOGY4ZS00YzFkLWFhZjMt
MzBjNjVhZDgzMjkxLzEvTklNakY5SlVSRFMyV2VWcElISFk1TVNUaXdZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMS81YTJlZDktOGY4ZS00YzFkLWFhZjMtMzBjNjVhZDgzMjkx
LzEvTklNakY5SlVSRFMyV2VWcElISFk1TVNUaXdZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAT6eIdkiq
ckknvGeXr4ywkj5h/ApVrfVQbLsVQ0NNOL9neVxLKTXBRJNtqpYdH1zK2ghjYwqN
5nxyCwdLEj0oetNTafV4IOG+2V7CRIQ5nkQGIWsVEP2tXmNFHL+o3LqzbzMJYUQs
mdSpEtPRS8/wTFCaYWFd7eHtZbM2Z7/oBHjS8IN/Gzs+EtirG66BcgNEXjOsFugd
ig7AICJvCVCc5EZVycWG9qE1ReZEdJNfl/qP7n8qXyF1ekKhloPpz424heI+jVub
1lRCCVlMYfm0XrDwgbssZQiHwob83pwDKsw1DDk6iz+HHiqVUVqiaiM3mX+Ji9f/
Ak1fOjaUcrLi4Q==
-----END CERTIFICATE-----
Generated at Sat Aug 23 14:00:52 2025 by rpki-client