Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ad/f54c57-deca-4685-8106-9fa78075330b/1/aDCZAOZItlowenhgECv3ixb1XXU.mft
File:                     aDCZAOZItlowenhgECv3ixb1XXU.mft (raw, json)
Hash identifier:          DpggVKCkNvegSJ8TIxNsvl/v73YNj6cr/QDIM3RJahI=
Subject key identifier:   20:87:41:B9:A3:16:82:6F:2B:2A:28:FD:2F:EC:FE:B6:8D:D0:DB:F5
Authority key identifier: 68:30:99:00:E6:48:B6:5A:30:7A:78:60:10:2B:F7:8B:16:F5:5D:75
Certificate issuer:       /CN=68309900e648b65a307a7860102bf78b16f55d75
Certificate serial:       0198D6CD2B383A9EC6295FD80E3645CE129A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/aDCZAOZItlowenhgECv3ixb1XXU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ad/f54c57-deca-4685-8106-9fa78075330b/1/aDCZAOZItlowenhgECv3ixb1XXU.mft
Manifest number:          02A8
Signing time:             Sat 23 Aug 2025 12:00:26 +0000
Manifest this update:     Sat 23 Aug 2025 12:00:26 +0000
Manifest next update:     Sun 24 Aug 2025 12:00:26 +0000
Files and hashes:         1: MyHgwE9JQ37sKu_CcRwNe642FMI.roa (hash: UWTUq6zuuwDHpYw/C8xNP37TF6tAxhLymuOUDHs6DJk=)
                          2: aDCZAOZItlowenhgECv3ixb1XXU.crl (hash: 6475H4fWny9NCl2IZ1rBkjDTyrdnjwBfPRvn/jkyUJA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ad/f54c57-deca-4685-8106-9fa78075330b/1/aDCZAOZItlowenhgECv3ixb1XXU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ad/f54c57-deca-4685-8106-9fa78075330b/1/aDCZAOZItlowenhgECv3ixb1XXU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/aDCZAOZItlowenhgECv3ixb1XXU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 05:01:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d6:cd:2b:38:3a:9e:c6:29:5f:d8:0e:36:45:ce:12:9a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=68309900e648b65a307a7860102bf78b16f55d75
        Validity
            Not Before: Aug 23 12:00:26 2025 GMT
            Not After : Aug 24 12:00:26 2025 GMT
        Subject: CN=208741b9a316826f2b2a28fd2fecfeb68dd0dbf5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:5d:c2:5e:a3:16:d7:6f:62:82:14:27:db:ac:
                    6d:db:b1:b0:5d:54:2b:3e:26:d0:b3:e5:fd:d0:d5:
                    65:a2:84:3a:3d:f7:b4:cb:2e:8d:fe:f9:61:45:56:
                    77:9b:d7:43:80:c8:93:39:4f:d1:ee:86:41:ec:50:
                    14:67:0a:ce:c9:74:5c:aa:ca:36:c1:3d:25:6f:7d:
                    ce:9f:e4:e2:34:f8:d7:37:e4:11:8a:4c:5b:56:cd:
                    78:f1:0a:43:9d:0a:29:0a:6f:95:c1:54:a8:d3:1b:
                    99:83:4f:d0:e8:3c:e7:7e:0d:9e:6a:98:45:e6:65:
                    cd:71:4c:8b:47:2a:95:46:30:2d:92:c8:ae:5f:59:
                    d6:84:28:3c:37:2a:69:05:4b:51:38:9e:2a:6b:fd:
                    a1:35:69:3e:b7:76:53:f9:21:88:f1:97:c0:22:4f:
                    b2:34:fc:a9:4f:f3:08:df:dc:4f:99:02:98:03:bc:
                    9c:69:09:ab:a5:ff:83:ec:d7:21:5b:6a:99:d8:34:
                    58:c1:08:59:29:d5:fe:f1:6c:4b:5e:d9:e2:b5:7e:
                    85:46:0b:6a:8e:ee:fe:61:b3:11:d9:f6:3b:8b:1e:
                    80:7f:6c:b2:10:da:d7:51:71:9d:f6:08:8a:c9:95:
                    c9:97:df:e1:82:fd:3b:a4:00:4a:77:d2:15:02:bb:
                    24:7b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                20:87:41:B9:A3:16:82:6F:2B:2A:28:FD:2F:EC:FE:B6:8D:D0:DB:F5
            X509v3 Authority Key Identifier:
                keyid:68:30:99:00:E6:48:B6:5A:30:7A:78:60:10:2B:F7:8B:16:F5:5D:75

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aDCZAOZItlowenhgECv3ixb1XXU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/f54c57-deca-4685-8106-9fa78075330b/1/aDCZAOZItlowenhgECv3ixb1XXU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/f54c57-deca-4685-8106-9fa78075330b/1/aDCZAOZItlowenhgECv3ixb1XXU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         9e:49:65:13:66:e0:0e:35:5e:a5:da:97:d5:03:84:f2:db:b8:
         ac:11:f6:70:75:1a:b6:fb:36:38:bd:5e:e8:35:72:5d:d8:5c:
         58:cd:1e:ab:8f:d8:3b:b3:f3:2f:a5:9b:ed:0c:da:0c:29:0f:
         22:31:ef:ba:c4:35:39:73:a3:dd:47:64:aa:bf:a8:55:e2:2b:
         c9:a1:10:b9:cb:fb:9c:06:47:a7:a0:00:a6:1e:2d:3a:f4:ed:
         4b:f0:a8:7d:7a:88:c3:27:a7:83:2e:1e:53:ac:27:24:a5:af:
         af:b5:2b:38:33:f0:81:26:a9:38:2a:70:69:ab:95:de:d1:3e:
         66:98:20:71:c1:cd:db:c5:30:6c:8f:fd:d8:4e:08:d7:4e:b4:
         fa:f7:da:8e:58:c2:1c:77:91:2a:6c:48:0a:76:fe:f8:12:60:
         30:d5:28:df:c0:db:f2:c0:7f:72:93:8e:36:56:85:26:67:aa:
         7d:7f:a4:fd:2b:f6:5b:f2:b5:5f:c7:71:f2:63:47:07:a0:ea:
         39:c7:a6:2a:26:c9:8b:b8:ba:7c:8f:3b:cb:d4:14:d1:de:3e:
         f7:fd:52:10:eb:3a:e1:7e:29:92:59:48:7f:e1:2d:3a:14:49:
         c7:9f:8b:97:21:b0:9a:b2:40:66:eb:1c:48:9f:b6:b1:ed:00:
         a1:be:77:a1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjWzSs4Op7GKV/YDjZFzhKaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4MzA5OTAwZTY0OGI2NWEzMDdhNzg2MDEwMmJmNzhiMTZm
NTVkNzUwHhcNMjUwODIzMTIwMDI2WhcNMjUwODI0MTIwMDI2WjAzMTEwLwYDVQQD
EygyMDg3NDFiOWEzMTY4MjZmMmIyYTI4ZmQyZmVjZmViNjhkZDBkYmY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtV3CXqMW129ighQn26xt27GwXVQr
PibQs+X90NVlooQ6Pfe0yy6N/vlhRVZ3m9dDgMiTOU/R7oZB7FAUZwrOyXRcqso2
wT0lb33On+TiNPjXN+QRikxbVs148QpDnQopCm+VwVSo0xuZg0/Q6Dznfg2eaphF
5mXNcUyLRyqVRjAtksiuX1nWhCg8NyppBUtROJ4qa/2hNWk+t3ZT+SGI8ZfAIk+y
NPypT/MI39xPmQKYA7ycaQmrpf+D7NchW2qZ2DRYwQhZKdX+8WxLXtnitX6FRgtq
ju7+YbMR2fY7ix6Af2yyENrXUXGd9giKyZXJl9/hgv07pABKd9IVArskewIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCCHQbmjFoJvKyoo/S/s/raN0Nv1MB8GA1UdIwQY
MBaAFGgwmQDmSLZaMHp4YBAr94sW9V11MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYURDWkFPWkl0bG93ZW5oZ0VDdjNpeGIxWFhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZC9mNTRjNTctZGVjYS00Njg1LTgxMDYt
OWZhNzgwNzUzMzBiLzEvYURDWkFPWkl0bG93ZW5oZ0VDdjNpeGIxWFhVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZC9mNTRjNTctZGVjYS00Njg1LTgxMDYtOWZhNzgwNzUzMzBi
LzEvYURDWkFPWkl0bG93ZW5oZ0VDdjNpeGIxWFhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAnkllE2bg
DjVepdqX1QOE8tu4rBH2cHUatvs2OL1e6DVyXdhcWM0eq4/YO7PzL6Wb7QzaDCkP
IjHvusQ1OXOj3Udkqr+oVeIryaEQucv7nAZHp6AAph4tOvTtS/CofXqIwyengy4e
U6wnJKWvr7UrODPwgSapOCpwaauV3tE+ZpggccHN28UwbI/92E4I1060+vfajljC
HHeRKmxICnb++BJgMNUo38Db8sB/cpOONlaFJmeqfX+k/Sv2W/K1X8dx8mNHB6Dq
OcemKibJi7i6fI87y9QU0d4+9/1SEOs64X4pkllIf+EtOhRJx5+LlyGwmrJAZusc
SJ+2se0Aob53oQ==
-----END CERTIFICATE-----
Generated at Sat Aug 23 15:57:51 2025 by rpki-client