Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/31/2d4818-f182-4b46-9e8c-0827961c05e0/1/rKbwaDzHS63SOoFAw4XxyBziTfc.mft
File:                     rKbwaDzHS63SOoFAw4XxyBziTfc.mft (raw, json)
Hash identifier:          oxJfbfvpaIWF9ul0Y2AFTcpKdRpcMggcVOu4OCaSbow=
Subject key identifier:   E1:10:D5:94:37:C7:75:10:F0:0C:64:12:34:66:3B:4E:BD:30:4B:1C
Authority key identifier: AC:A6:F0:68:3C:C7:4B:AD:D2:3A:81:40:C3:85:F1:C8:1C:E2:4D:F7
Certificate issuer:       /CN=aca6f0683cc74badd23a8140c385f1c81ce24df7
Certificate serial:       0197C6814466FFA8954C0C2DAAF0F9FD50D4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/rKbwaDzHS63SOoFAw4XxyBziTfc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/31/2d4818-f182-4b46-9e8c-0827961c05e0/1/rKbwaDzHS63SOoFAw4XxyBziTfc.mft
Manifest number:          0C66
Signing time:             Tue 01 Jul 2025 15:00:49 +0000
Manifest this update:     Tue 01 Jul 2025 15:00:49 +0000
Manifest next update:     Wed 02 Jul 2025 15:00:49 +0000
Files and hashes:         1: 0vFnPnyD0rk0NBq-vHcuUjmsih4.roa (hash: 8C+9WOepMdgxD+Xcj7Wjy9LCISmYrp2hucRDb6Vj6WM=)
                          2: rKbwaDzHS63SOoFAw4XxyBziTfc.crl (hash: 6oLK9KyICNtxW9qB1YxGw5bnQ5FxwQScEeLKonR8hlw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/31/2d4818-f182-4b46-9e8c-0827961c05e0/1/rKbwaDzHS63SOoFAw4XxyBziTfc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/31/2d4818-f182-4b46-9e8c-0827961c05e0/1/rKbwaDzHS63SOoFAw4XxyBziTfc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/rKbwaDzHS63SOoFAw4XxyBziTfc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 02 Jul 2025 08:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:c6:81:44:66:ff:a8:95:4c:0c:2d:aa:f0:f9:fd:50:d4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=aca6f0683cc74badd23a8140c385f1c81ce24df7
        Validity
            Not Before: Jul  1 15:00:49 2025 GMT
            Not After : Jul  2 15:00:49 2025 GMT
        Subject: CN=e110d59437c77510f00c641234663b4ebd304b1c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:fb:ac:b4:aa:4c:06:f8:f4:b7:95:b2:e5:20:f9:
                    a1:cf:ce:65:d0:00:f1:e0:54:29:6b:86:5e:4a:7f:
                    06:6a:8a:cb:55:bd:f1:19:a3:ec:56:12:44:4c:7c:
                    37:79:5a:44:c6:4a:f2:80:3e:29:a7:12:4f:2a:e5:
                    fc:c6:c1:25:7e:e6:fb:af:8f:e0:84:d4:8e:5f:4a:
                    35:2f:ea:78:c8:7d:8f:d9:02:e8:e6:00:7d:4b:cd:
                    64:bc:eb:68:81:01:37:58:4f:34:2a:d7:59:dd:e6:
                    42:f2:22:f8:fb:d8:24:17:17:12:58:61:85:04:a5:
                    41:89:67:41:4e:8d:ad:f4:43:3d:bd:ba:b3:a7:38:
                    b0:d0:a9:60:12:bc:82:31:78:92:8a:55:69:b8:da:
                    20:00:cb:05:2f:9a:82:a7:9d:95:69:9a:41:91:b7:
                    2b:94:24:17:2f:a8:41:65:95:d4:f5:28:0c:22:72:
                    1f:f5:91:e6:18:bf:22:15:e7:8f:64:b2:68:6f:04:
                    0b:f8:f0:7c:2e:0c:6c:44:ce:dd:9b:c9:41:06:f3:
                    c4:2a:6e:05:db:d2:4a:d7:36:47:da:f3:25:af:07:
                    67:48:24:90:e7:0d:34:3a:a4:93:c1:a1:be:65:cb:
                    f4:dc:58:13:b0:da:5d:3e:a5:59:68:84:ef:fb:1c:
                    ca:57
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E1:10:D5:94:37:C7:75:10:F0:0C:64:12:34:66:3B:4E:BD:30:4B:1C
            X509v3 Authority Key Identifier:
                keyid:AC:A6:F0:68:3C:C7:4B:AD:D2:3A:81:40:C3:85:F1:C8:1C:E2:4D:F7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rKbwaDzHS63SOoFAw4XxyBziTfc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/31/2d4818-f182-4b46-9e8c-0827961c05e0/1/rKbwaDzHS63SOoFAw4XxyBziTfc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/31/2d4818-f182-4b46-9e8c-0827961c05e0/1/rKbwaDzHS63SOoFAw4XxyBziTfc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         09:72:a3:b4:61:c7:e3:8f:e4:24:7d:77:7d:5a:42:9f:1c:31:
         8c:87:fb:ad:12:dd:16:3d:86:dd:7e:eb:cf:10:80:df:29:6b:
         a4:7c:4b:55:c7:cf:6d:66:5d:50:4d:89:6b:3d:c2:30:14:89:
         2c:a4:a6:d1:81:6d:b2:d0:72:37:3d:ff:62:c0:bc:2d:00:72:
         67:fc:8c:da:a8:87:ad:c3:41:e5:50:22:b0:26:c7:90:d0:a1:
         de:b1:9d:dd:aa:eb:28:d0:4d:bd:22:60:be:08:8d:ac:44:d0:
         9b:fb:c2:50:7d:b5:66:12:a9:41:ca:ea:69:ad:40:4a:0c:db:
         cd:5c:5e:71:b3:57:68:fc:57:d0:3e:30:b5:f7:71:aa:0d:2a:
         2a:f5:a4:c0:9f:67:4c:51:10:4f:78:7a:99:7a:3c:b9:61:f7:
         ff:50:e5:07:e1:66:ce:9e:a4:05:3b:38:e5:d2:81:12:29:a6:
         a9:66:61:b6:1e:05:c7:03:8d:0c:b2:ae:33:04:52:43:cf:15:
         2d:90:41:60:2c:d3:4b:60:82:48:c8:11:c4:cb:23:37:9f:d5:
         4b:1d:be:ec:81:4f:18:04:30:9b:39:2f:ea:2a:b4:f5:ac:3b:
         63:cb:41:f5:4a:8f:ca:2a:c2:2d:5e:98:5a:dd:a3:71:ab:f3:
         f5:00:d4:36
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZfGgURm/6iVTAwtqvD5/VDUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFjYTZmMDY4M2NjNzRiYWRkMjNhODE0MGMzODVmMWM4MWNl
MjRkZjcwHhcNMjUwNzAxMTUwMDQ5WhcNMjUwNzAyMTUwMDQ5WjAzMTEwLwYDVQQD
EyhlMTEwZDU5NDM3Yzc3NTEwZjAwYzY0MTIzNDY2M2I0ZWJkMzA0YjFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+6y0qkwG+PS3lbLlIPmhz85l0ADx
4FQpa4ZeSn8GaorLVb3xGaPsVhJETHw3eVpExkrygD4ppxJPKuX8xsElfub7r4/g
hNSOX0o1L+p4yH2P2QLo5gB9S81kvOtogQE3WE80KtdZ3eZC8iL4+9gkFxcSWGGF
BKVBiWdBTo2t9EM9vbqzpziw0KlgEryCMXiSilVpuNogAMsFL5qCp52VaZpBkbcr
lCQXL6hBZZXU9SgMInIf9ZHmGL8iFeePZLJobwQL+PB8LgxsRM7dm8lBBvPEKm4F
29JK1zZH2vMlrwdnSCSQ5w00OqSTwaG+Zcv03FgTsNpdPqVZaITv+xzKVwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOEQ1ZQ3x3UQ8AxkEjRmO069MEscMB8GA1UdIwQY
MBaAFKym8Gg8x0ut0jqBQMOF8cgc4k33MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcktid2FEekhTNjNTT29GQXc0WHh5QnppVGZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMS8yZDQ4MTgtZjE4Mi00YjQ2LTllOGMt
MDgyNzk2MWMwNWUwLzEvcktid2FEekhTNjNTT29GQXc0WHh5QnppVGZjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMS8yZDQ4MTgtZjE4Mi00YjQ2LTllOGMtMDgyNzk2MWMwNWUw
LzEvcktid2FEekhTNjNTT29GQXc0WHh5QnppVGZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACXKjtGHH
44/kJH13fVpCnxwxjIf7rRLdFj2G3X7rzxCA3ylrpHxLVcfPbWZdUE2Jaz3CMBSJ
LKSm0YFtstByNz3/YsC8LQByZ/yM2qiHrcNB5VAisCbHkNCh3rGd3arrKNBNvSJg
vgiNrETQm/vCUH21ZhKpQcrqaa1ASgzbzVxecbNXaPxX0D4wtfdxqg0qKvWkwJ9n
TFEQT3h6mXo8uWH3/1DlB+Fmzp6kBTs45dKBEimmqWZhth4FxwONDLKuMwRSQ88V
LZBBYCzTS2CCSMgRxMsjN5/VSx2+7IFPGAQwmzkv6iq09aw7Y8tB9UqPyirCLV6Y
Wt2jcavz9QDUNg==
-----END CERTIFICATE-----
Generated at Tue Jul 1 16:45:57 2025 by rpki-client