Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/f433c3-132f-4d66-bd30-c62cf20a5ec9/1/CKNNqqiH2YpTSMOkYKIfyE4RpOY.mft
File:                     CKNNqqiH2YpTSMOkYKIfyE4RpOY.mft (raw, json)
Hash identifier:          YgKidV8O3tWveWTWurhPb4z6HHLcXvwEIZJHGnZH6s8=
Subject key identifier:   D9:D1:48:92:72:7A:67:E2:74:97:CB:C8:FB:80:C2:3B:5C:76:51:4E
Authority key identifier: 08:A3:4D:AA:A8:87:D9:8A:53:48:C3:A4:60:A2:1F:C8:4E:11:A4:E6
Certificate issuer:       /CN=08a34daaa887d98a5348c3a460a21fc84e11a4e6
Certificate serial:       0198D4DFD299B3D674C88AF43300D41BDA1A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/CKNNqqiH2YpTSMOkYKIfyE4RpOY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/33/f433c3-132f-4d66-bd30-c62cf20a5ec9/1/CKNNqqiH2YpTSMOkYKIfyE4RpOY.mft
Manifest number:          12B0
Signing time:             Sat 23 Aug 2025 03:01:34 +0000
Manifest this update:     Sat 23 Aug 2025 03:01:34 +0000
Manifest next update:     Sun 24 Aug 2025 03:01:34 +0000
Files and hashes:         1: CKNNqqiH2YpTSMOkYKIfyE4RpOY.crl (hash: zWcfol3iCtFhfoigvljj0axBVI+qhMvNX9mPT51afyE=)
                          2: DQ47vKDjcl-2XGhWvGpEltnbLx0.roa (hash: xO7ywYo6rKZE+1UGlrRMauCBtFM1TiMUXrJWYhc9zkg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/33/f433c3-132f-4d66-bd30-c62cf20a5ec9/1/CKNNqqiH2YpTSMOkYKIfyE4RpOY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/33/f433c3-132f-4d66-bd30-c62cf20a5ec9/1/CKNNqqiH2YpTSMOkYKIfyE4RpOY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/CKNNqqiH2YpTSMOkYKIfyE4RpOY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 03:01:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d4:df:d2:99:b3:d6:74:c8:8a:f4:33:00:d4:1b:da:1a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=08a34daaa887d98a5348c3a460a21fc84e11a4e6
        Validity
            Not Before: Aug 23 03:01:34 2025 GMT
            Not After : Aug 24 03:01:34 2025 GMT
        Subject: CN=d9d14892727a67e27497cbc8fb80c23b5c76514e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8f:ef:b1:cb:8c:66:1d:a6:92:f4:f7:ee:6f:9d:
                    9c:7a:39:62:f8:32:32:d6:bd:71:74:82:8b:0e:b7:
                    8c:45:1f:12:70:e7:d2:1d:db:db:62:1b:87:77:7a:
                    e9:46:92:c0:5c:64:8d:08:25:70:4a:c6:cd:69:ba:
                    3e:0e:a6:91:5d:d8:a7:8f:d3:7d:e1:42:e8:df:3e:
                    1a:71:f6:b4:3a:2c:e0:60:22:08:c5:dd:ba:71:e9:
                    cc:e0:87:48:84:f0:e4:fe:ca:46:48:ab:86:07:a3:
                    3f:0e:5a:0c:a2:cd:fb:0b:be:f3:82:ed:e5:52:28:
                    7a:46:86:d7:51:14:cb:2c:2d:36:f7:d1:2b:a5:16:
                    32:59:28:3e:65:5f:e5:7b:a0:47:15:83:de:b0:d3:
                    d6:3a:9a:7e:ad:73:b2:d2:c3:87:5f:42:78:96:3b:
                    71:84:89:4a:87:3e:26:58:a5:da:e2:74:ac:60:b5:
                    83:fc:c4:7e:a3:a6:d8:92:dd:ef:c9:b7:f9:2d:7e:
                    e0:c9:d6:f3:57:fd:d6:54:07:c1:dc:de:68:01:90:
                    4a:f5:ae:0d:a0:1d:73:61:53:96:87:39:65:a9:1c:
                    a9:c8:62:72:d0:59:fb:5b:1e:5d:f7:47:d4:25:c9:
                    25:52:9c:dd:ec:89:f7:df:58:2b:97:72:71:e4:55:
                    34:25
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D9:D1:48:92:72:7A:67:E2:74:97:CB:C8:FB:80:C2:3B:5C:76:51:4E
            X509v3 Authority Key Identifier:
                keyid:08:A3:4D:AA:A8:87:D9:8A:53:48:C3:A4:60:A2:1F:C8:4E:11:A4:E6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CKNNqqiH2YpTSMOkYKIfyE4RpOY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/f433c3-132f-4d66-bd30-c62cf20a5ec9/1/CKNNqqiH2YpTSMOkYKIfyE4RpOY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/33/f433c3-132f-4d66-bd30-c62cf20a5ec9/1/CKNNqqiH2YpTSMOkYKIfyE4RpOY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3c:2a:7b:12:02:d9:d9:01:7f:63:ad:90:a0:f5:b3:fa:77:8d:
         47:d9:b4:5c:5c:3d:e3:9b:b3:f4:22:df:a4:e0:a9:15:c7:e7:
         8d:0c:bd:1d:a6:2f:e0:27:d4:f2:42:c9:12:6e:22:32:44:58:
         53:81:c0:76:90:90:9b:d8:b6:3a:c5:72:f3:94:22:9c:1f:b3:
         d8:17:d9:92:47:ca:bf:94:f4:db:c0:4b:45:2a:de:06:33:ad:
         c5:61:f8:aa:29:df:dd:eb:e5:06:73:35:1c:ae:79:87:99:c9:
         f2:9f:22:37:98:fa:ce:76:d7:fa:65:fd:d1:07:89:27:16:fa:
         84:27:49:8b:5b:f7:a5:8f:97:1c:db:f1:ed:bf:8b:a3:a5:56:
         31:8a:11:d7:5e:2b:3d:0e:52:9a:34:55:10:f3:2a:b7:ef:f7:
         54:7f:52:60:5f:07:c2:71:fa:83:98:c5:c3:4f:54:5c:63:45:
         ff:71:a8:05:73:30:c6:51:57:7f:48:22:ca:ce:85:00:0b:ba:
         de:24:be:80:cb:7f:69:2f:38:3b:43:2b:ef:b5:19:ea:7c:39:
         69:73:c4:96:84:d4:96:6f:a8:20:9e:26:81:4e:8e:c5:91:b0:
         1c:40:5e:85:fb:31:47:fb:1a:d9:f6:02:6e:ca:65:8c:d6:87:
         dc:f3:c5:a4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjU39KZs9Z0yIr0MwDUG9oaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA4YTM0ZGFhYTg4N2Q5OGE1MzQ4YzNhNDYwYTIxZmM4NGUx
MWE0ZTYwHhcNMjUwODIzMDMwMTM0WhcNMjUwODI0MDMwMTM0WjAzMTEwLwYDVQQD
EyhkOWQxNDg5MjcyN2E2N2UyNzQ5N2NiYzhmYjgwYzIzYjVjNzY1MTRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj++xy4xmHaaS9Pfub52cejli+DIy
1r1xdIKLDreMRR8ScOfSHdvbYhuHd3rpRpLAXGSNCCVwSsbNabo+DqaRXdinj9N9
4ULo3z4acfa0OizgYCIIxd26cenM4IdIhPDk/spGSKuGB6M/DloMos37C77zgu3l
Uih6RobXURTLLC0299ErpRYyWSg+ZV/le6BHFYPesNPWOpp+rXOy0sOHX0J4ljtx
hIlKhz4mWKXa4nSsYLWD/MR+o6bYkt3vybf5LX7gydbzV/3WVAfB3N5oAZBK9a4N
oB1zYVOWhzllqRypyGJy0Fn7Wx5d90fUJcklUpzd7In331grl3Jx5FU0JQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNnRSJJyemfidJfLyPuAwjtcdlFOMB8GA1UdIwQY
MBaAFAijTaqoh9mKU0jDpGCiH8hOEaTmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ0tOTnFxaUgyWXBUU01Pa1lLSWZ5RTRScE9ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy9mNDMzYzMtMTMyZi00ZDY2LWJkMzAt
YzYyY2YyMGE1ZWM5LzEvQ0tOTnFxaUgyWXBUU01Pa1lLSWZ5RTRScE9ZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMy9mNDMzYzMtMTMyZi00ZDY2LWJkMzAtYzYyY2YyMGE1ZWM5
LzEvQ0tOTnFxaUgyWXBUU01Pa1lLSWZ5RTRScE9ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAPCp7EgLZ
2QF/Y62QoPWz+neNR9m0XFw945uz9CLfpOCpFcfnjQy9HaYv4CfU8kLJEm4iMkRY
U4HAdpCQm9i2OsVy85QinB+z2BfZkkfKv5T028BLRSreBjOtxWH4qinf3evlBnM1
HK55h5nJ8p8iN5j6znbX+mX90QeJJxb6hCdJi1v3pY+XHNvx7b+Lo6VWMYoR114r
PQ5SmjRVEPMqt+/3VH9SYF8HwnH6g5jFw09UXGNF/3GoBXMwxlFXf0giys6FAAu6
3iS+gMt/aS84O0Mr77UZ6nw5aXPEloTUlm+oIJ4mgU6OxZGwHEBehfsxR/sa2fYC
bspljNaH3PPFpA==
-----END CERTIFICATE-----
Generated at Sat Aug 23 14:02:45 2025 by rpki-client