Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/04e8b2-c76f-4629-95ad-a7d945af14e5/1/U-Ou3ZG-gkUTQtzRyYKDRdtmGl8.mft
File:                     U-Ou3ZG-gkUTQtzRyYKDRdtmGl8.mft (raw, json)
Hash identifier:          Vs91prvzlIlVupflyZAVFffh8J2B99ST2qiZEp1Ly1I=
Subject key identifier:   C6:FD:C7:3E:9F:A4:78:8E:A1:17:9B:8C:F5:84:88:80:8F:11:CA:47
Authority key identifier: 53:E3:AE:DD:91:BE:82:45:13:42:DC:D1:C9:82:83:45:DB:66:1A:5F
Certificate issuer:       /CN=53e3aedd91be82451342dcd1c9828345db661a5f
Certificate serial:       0198D5F1469A0CDE8244F3445E5828E0005E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/U-Ou3ZG-gkUTQtzRyYKDRdtmGl8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/35/04e8b2-c76f-4629-95ad-a7d945af14e5/1/U-Ou3ZG-gkUTQtzRyYKDRdtmGl8.mft
Manifest number:          08D5
Signing time:             Sat 23 Aug 2025 08:00:15 +0000
Manifest this update:     Sat 23 Aug 2025 08:00:15 +0000
Manifest next update:     Sun 24 Aug 2025 08:00:15 +0000
Files and hashes:         1: If5j4KjsWFg3kwDUxrHpbFCCjpg.roa (hash: iGbVOgQjxfoZ4tZTHfIMlZvCv27war8Yd/ywUcGl39o=)
                          2: U-Ou3ZG-gkUTQtzRyYKDRdtmGl8.crl (hash: ZsrrPF5EjrDxNZSgmZJTDhMBqJdX60xZuNNUrxQwZiw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/35/04e8b2-c76f-4629-95ad-a7d945af14e5/1/U-Ou3ZG-gkUTQtzRyYKDRdtmGl8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/35/04e8b2-c76f-4629-95ad-a7d945af14e5/1/U-Ou3ZG-gkUTQtzRyYKDRdtmGl8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/U-Ou3ZG-gkUTQtzRyYKDRdtmGl8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 05:01:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d5:f1:46:9a:0c:de:82:44:f3:44:5e:58:28:e0:00:5e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=53e3aedd91be82451342dcd1c9828345db661a5f
        Validity
            Not Before: Aug 23 08:00:15 2025 GMT
            Not After : Aug 24 08:00:15 2025 GMT
        Subject: CN=c6fdc73e9fa4788ea1179b8cf58488808f11ca47
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d9:b7:0b:4a:5b:fd:8a:62:77:4b:67:81:45:71:
                    b6:04:9a:1e:33:fb:13:28:e2:dd:1b:99:a3:2f:d4:
                    2c:35:f1:e4:bf:01:35:54:84:4c:dc:25:3a:27:89:
                    bb:da:f4:f1:9c:16:c4:f6:4a:13:8f:5d:95:31:9a:
                    6e:d1:b9:78:f2:1d:b2:b3:c3:fc:b5:8c:e1:e3:7b:
                    13:ca:63:ad:31:cf:a1:47:9c:86:89:49:8a:d1:7d:
                    d7:cb:00:fb:e2:ae:45:77:c9:0b:bf:2e:10:ec:4b:
                    5d:87:12:d0:32:79:9b:5f:6e:14:3d:30:b9:09:a2:
                    2d:a5:ba:08:8b:01:ad:7b:d4:01:4e:0f:23:33:eb:
                    14:a7:d7:cc:5a:de:4e:e9:0b:fc:03:67:af:32:9f:
                    3c:c9:bd:d6:c6:b9:38:af:92:88:6c:bb:9c:a0:6e:
                    64:3e:34:c5:eb:16:ff:ed:f5:aa:7f:20:19:1e:2d:
                    ec:2a:5a:df:26:45:61:b4:58:a5:ad:10:06:b6:a9:
                    9d:68:40:cf:fa:e8:0b:69:d5:fa:7b:72:52:39:c8:
                    11:10:e7:b1:de:d9:fd:ab:6e:22:8d:db:71:73:52:
                    11:97:a7:79:61:1d:87:26:86:1d:08:fe:97:52:5c:
                    c4:35:0e:ba:eb:1c:cf:f2:a9:98:74:63:17:65:6c:
                    17:bb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C6:FD:C7:3E:9F:A4:78:8E:A1:17:9B:8C:F5:84:88:80:8F:11:CA:47
            X509v3 Authority Key Identifier:
                keyid:53:E3:AE:DD:91:BE:82:45:13:42:DC:D1:C9:82:83:45:DB:66:1A:5F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/U-Ou3ZG-gkUTQtzRyYKDRdtmGl8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/04e8b2-c76f-4629-95ad-a7d945af14e5/1/U-Ou3ZG-gkUTQtzRyYKDRdtmGl8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/35/04e8b2-c76f-4629-95ad-a7d945af14e5/1/U-Ou3ZG-gkUTQtzRyYKDRdtmGl8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         95:18:2b:c5:70:8b:da:69:dd:70:1c:ee:ce:33:f1:ee:2e:4b:
         17:de:e4:9e:b2:b4:9a:f0:ce:f8:ef:9b:7d:4c:b4:63:1c:19:
         bf:16:8f:aa:2e:ae:76:27:80:81:b7:01:7a:4f:04:5b:b3:5a:
         7c:7d:0c:2e:93:a7:41:72:7e:ea:a7:e6:85:41:ef:b4:e8:f9:
         11:cb:ce:d6:3d:a4:26:f4:d1:f0:ea:44:20:6c:6e:1c:d5:ae:
         b2:c6:29:a5:c1:46:88:af:f9:e4:50:43:dd:9e:ec:0e:bb:4a:
         f8:95:ff:b7:5b:1d:94:b7:85:b1:42:bd:fa:59:dd:53:85:a1:
         e6:5b:49:06:a8:85:bd:80:2d:27:84:f5:de:38:45:18:01:49:
         e2:12:eb:c6:ae:33:74:54:4f:62:56:05:a2:e1:8f:b6:88:8b:
         37:21:42:cc:9d:99:df:05:b5:bd:80:04:9f:98:ba:96:ee:39:
         c8:a7:bd:17:8b:b5:30:b0:35:9b:fc:a0:04:df:b2:19:01:e7:
         93:97:4c:b4:69:30:3f:68:3b:75:ac:e7:ff:5d:93:b2:0d:bb:
         b6:f4:9e:64:56:43:f0:b9:07:17:68:6f:b7:ff:e7:81:13:07:
         28:85:ff:1b:b2:d0:ec:44:1d:6e:1e:61:71:a1:9e:dd:54:45:
         9c:c3:81:86
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjV8UaaDN6CRPNEXlgo4ABeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUzZTNhZWRkOTFiZTgyNDUxMzQyZGNkMWM5ODI4MzQ1ZGI2
NjFhNWYwHhcNMjUwODIzMDgwMDE1WhcNMjUwODI0MDgwMDE1WjAzMTEwLwYDVQQD
EyhjNmZkYzczZTlmYTQ3ODhlYTExNzliOGNmNTg0ODg4MDhmMTFjYTQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2bcLSlv9imJ3S2eBRXG2BJoeM/sT
KOLdG5mjL9QsNfHkvwE1VIRM3CU6J4m72vTxnBbE9koTj12VMZpu0bl48h2ys8P8
tYzh43sTymOtMc+hR5yGiUmK0X3XywD74q5Fd8kLvy4Q7EtdhxLQMnmbX24UPTC5
CaItpboIiwGte9QBTg8jM+sUp9fMWt5O6Qv8A2evMp88yb3Wxrk4r5KIbLucoG5k
PjTF6xb/7fWqfyAZHi3sKlrfJkVhtFilrRAGtqmdaEDP+ugLadX6e3JSOcgREOex
3tn9q24ijdtxc1IRl6d5YR2HJoYdCP6XUlzENQ666xzP8qmYdGMXZWwXuwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMb9xz6fpHiOoRebjPWEiICPEcpHMB8GA1UdIwQY
MBaAFFPjrt2RvoJFE0Lc0cmCg0XbZhpfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVS1PdTNaRy1na1VUUXR6UnlZS0RSZHRtR2w4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS8wNGU4YjItYzc2Zi00NjI5LTk1YWQt
YTdkOTQ1YWYxNGU1LzEvVS1PdTNaRy1na1VUUXR6UnlZS0RSZHRtR2w4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS8wNGU4YjItYzc2Zi00NjI5LTk1YWQtYTdkOTQ1YWYxNGU1
LzEvVS1PdTNaRy1na1VUUXR6UnlZS0RSZHRtR2w4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAlRgrxXCL
2mndcBzuzjPx7i5LF97knrK0mvDO+O+bfUy0YxwZvxaPqi6udieAgbcBek8EW7Na
fH0MLpOnQXJ+6qfmhUHvtOj5EcvO1j2kJvTR8OpEIGxuHNWussYppcFGiK/55FBD
3Z7sDrtK+JX/t1sdlLeFsUK9+lndU4Wh5ltJBqiFvYAtJ4T13jhFGAFJ4hLrxq4z
dFRPYlYFouGPtoiLNyFCzJ2Z3wW1vYAEn5i6lu45yKe9F4u1MLA1m/ygBN+yGQHn
k5dMtGkwP2g7dazn/12Tsg27tvSeZFZD8LkHF2hvt//ngRMHKIX/G7LQ7EQdbh5h
caGe3VRFnMOBhg==
-----END CERTIFICATE-----
Generated at Sat Aug 23 14:02:19 2025 by rpki-client