Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e4/608114-a97a-4877-94c7-dc2d557503ee/1/zYa4ziIkgqFPmxNGjOV-mZJoSWE.mft
File:                     zYa4ziIkgqFPmxNGjOV-mZJoSWE.mft (raw, json)
Hash identifier:          O5IDFg55Y8K/ZA87hoEKYfjonS8jaggDLIumZrnRq00=
Subject key identifier:   0E:E4:8B:CD:42:5F:03:07:5B:E2:E3:8F:B9:71:BF:50:CB:46:EB:0F
Authority key identifier: CD:86:B8:CE:22:24:82:A1:4F:9B:13:46:8C:E5:7E:99:92:68:49:61
Certificate issuer:       /CN=cd86b8ce222482a14f9b13468ce57e9992684961
Certificate serial:       0197CA95464DD67863AC4DD980EB5BA9D10B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/zYa4ziIkgqFPmxNGjOV-mZJoSWE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e4/608114-a97a-4877-94c7-dc2d557503ee/1/zYa4ziIkgqFPmxNGjOV-mZJoSWE.mft
Manifest number:          0594
Signing time:             Wed 02 Jul 2025 10:01:09 +0000
Manifest this update:     Wed 02 Jul 2025 10:01:09 +0000
Manifest next update:     Thu 03 Jul 2025 10:01:09 +0000
Files and hashes:         1: DQHOKV8IKLhzD_DKbK2yKJLy3qI.roa (hash: PB4sy0lCqmdf8gfZUrxsVqDoVfWeVXqM8PmI2EwyuMw=)
                          2: zYa4ziIkgqFPmxNGjOV-mZJoSWE.crl (hash: fvjmsL3erAScI82jE2Rm+yptijX5nKu9PCKlSgHeam0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e4/608114-a97a-4877-94c7-dc2d557503ee/1/zYa4ziIkgqFPmxNGjOV-mZJoSWE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e4/608114-a97a-4877-94c7-dc2d557503ee/1/zYa4ziIkgqFPmxNGjOV-mZJoSWE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/zYa4ziIkgqFPmxNGjOV-mZJoSWE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 03 Jul 2025 10:01:09 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:ca:95:46:4d:d6:78:63:ac:4d:d9:80:eb:5b:a9:d1:0b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cd86b8ce222482a14f9b13468ce57e9992684961
        Validity
            Not Before: Jul  2 10:01:09 2025 GMT
            Not After : Jul  3 10:01:09 2025 GMT
        Subject: CN=0ee48bcd425f03075be2e38fb971bf50cb46eb0f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:99:0b:07:cf:6a:eb:3e:4b:54:e3:d3:34:e4:d0:
                    4b:b4:69:a3:1d:2e:62:96:dc:1a:99:df:71:e4:1d:
                    a7:05:fa:4b:3d:05:92:8f:7f:2f:11:0b:c6:94:e9:
                    25:fb:33:71:bc:05:b6:fb:64:2c:5f:ff:a3:a0:ce:
                    65:02:0c:8c:10:20:f3:74:7f:fc:da:d3:ea:61:09:
                    d6:a0:c1:9a:56:b0:99:10:a5:63:4a:65:4a:e9:c8:
                    1f:66:7b:2b:15:88:4d:b8:d2:4f:e5:e0:df:31:46:
                    25:52:73:2a:b2:25:5e:44:10:4c:f9:be:b2:c4:68:
                    35:c4:7e:b1:f5:1d:5f:cb:81:f4:7a:59:bf:1e:c8:
                    e4:26:30:50:d1:f0:fb:24:0e:7c:35:59:0f:86:fd:
                    3f:0e:2a:1f:70:f3:ab:5b:3c:87:a6:46:fa:f9:5a:
                    8c:08:28:0e:bc:cb:fc:74:16:4a:4b:e7:44:91:9c:
                    88:eb:aa:bf:fa:db:c5:b3:d2:41:46:57:44:29:05:
                    b9:d1:00:88:4d:a7:1f:a8:67:b5:04:67:3f:8b:a4:
                    8b:27:4c:82:e6:0d:24:9c:3f:84:a8:7b:a8:60:b1:
                    83:ab:0e:f5:5e:87:9b:cb:db:33:b6:34:19:5d:b6:
                    19:31:c4:c3:c5:de:3b:1c:23:40:8a:80:64:21:81:
                    b5:7d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0E:E4:8B:CD:42:5F:03:07:5B:E2:E3:8F:B9:71:BF:50:CB:46:EB:0F
            X509v3 Authority Key Identifier:
                keyid:CD:86:B8:CE:22:24:82:A1:4F:9B:13:46:8C:E5:7E:99:92:68:49:61

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zYa4ziIkgqFPmxNGjOV-mZJoSWE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/608114-a97a-4877-94c7-dc2d557503ee/1/zYa4ziIkgqFPmxNGjOV-mZJoSWE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/608114-a97a-4877-94c7-dc2d557503ee/1/zYa4ziIkgqFPmxNGjOV-mZJoSWE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         04:ee:b6:4f:32:41:f3:f0:1f:e7:45:a9:cb:a2:58:95:69:e3:
         51:1c:f6:ef:31:fc:5b:f0:22:62:0b:02:8c:b1:e9:ab:8d:ce:
         8f:f5:9e:ce:e7:37:57:b9:75:4d:a8:d1:7f:6c:f9:32:d9:db:
         88:a0:b6:20:4a:6c:ea:fe:dd:52:37:03:3f:33:fe:0a:8c:d7:
         ed:d5:30:fa:51:91:b9:46:f1:4f:6e:23:d1:b0:af:e4:61:41:
         2e:32:32:02:d2:49:23:45:21:77:9f:e1:cb:f6:a6:7f:ff:2d:
         3d:8e:7a:99:9e:f2:05:4e:68:51:6a:d3:70:bc:94:d9:75:3e:
         30:8c:d9:21:84:c1:da:a9:2c:33:ed:56:15:17:c1:0f:76:24:
         40:2b:75:45:ab:52:61:df:00:e8:df:68:67:54:12:e7:18:ef:
         bd:0c:0d:b6:21:aa:9c:33:b5:4c:86:0d:49:bf:ef:4c:18:86:
         fd:f0:2c:cd:41:0f:76:95:f9:2f:ce:62:08:0b:f8:b5:dd:1e:
         a7:2a:23:b0:e0:ae:7e:68:16:3b:5e:3a:c1:b1:f5:5c:70:a9:
         b2:a2:84:f8:99:c3:4d:82:55:11:07:0d:66:9d:78:ec:01:af:
         2f:73:3b:4d:0a:2a:e9:c3:0e:be:cc:6b:30:e7:9a:7b:43:85:
         65:4a:96:11
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZfKlUZN1nhjrE3ZgOtbqdELMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkODZiOGNlMjIyNDgyYTE0ZjliMTM0NjhjZTU3ZTk5OTI2
ODQ5NjEwHhcNMjUwNzAyMTAwMTA5WhcNMjUwNzAzMTAwMTA5WjAzMTEwLwYDVQQD
EygwZWU0OGJjZDQyNWYwMzA3NWJlMmUzOGZiOTcxYmY1MGNiNDZlYjBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmQsHz2rrPktU49M05NBLtGmjHS5i
ltwamd9x5B2nBfpLPQWSj38vEQvGlOkl+zNxvAW2+2QsX/+joM5lAgyMECDzdH/8
2tPqYQnWoMGaVrCZEKVjSmVK6cgfZnsrFYhNuNJP5eDfMUYlUnMqsiVeRBBM+b6y
xGg1xH6x9R1fy4H0elm/HsjkJjBQ0fD7JA58NVkPhv0/DiofcPOrWzyHpkb6+VqM
CCgOvMv8dBZKS+dEkZyI66q/+tvFs9JBRldEKQW50QCITacfqGe1BGc/i6SLJ0yC
5g0knD+EqHuoYLGDqw71Xoeby9sztjQZXbYZMcTDxd47HCNAioBkIYG1fQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFA7ki81CXwMHW+Ljj7lxv1DLRusPMB8GA1UdIwQY
MBaAFM2GuM4iJIKhT5sTRozlfpmSaElhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvellhNHppSWtncUZQbXhOR2pPVi1tWkpvU1dFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNC82MDgxMTQtYTk3YS00ODc3LTk0Yzct
ZGMyZDU1NzUwM2VlLzEvellhNHppSWtncUZQbXhOR2pPVi1tWkpvU1dFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNC82MDgxMTQtYTk3YS00ODc3LTk0YzctZGMyZDU1NzUwM2Vl
LzEvellhNHppSWtncUZQbXhOR2pPVi1tWkpvU1dFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEABO62TzJB
8/Af50Wpy6JYlWnjURz27zH8W/AiYgsCjLHpq43Oj/Wezuc3V7l1TajRf2z5Mtnb
iKC2IEps6v7dUjcDPzP+CozX7dUw+lGRuUbxT24j0bCv5GFBLjIyAtJJI0Uhd5/h
y/amf/8tPY56mZ7yBU5oUWrTcLyU2XU+MIzZIYTB2qksM+1WFRfBD3YkQCt1RatS
Yd8A6N9oZ1QS5xjvvQwNtiGqnDO1TIYNSb/vTBiG/fAszUEPdpX5L85iCAv4td0e
pyojsOCufmgWO146wbH1XHCpsqKE+JnDTYJVEQcNZp147AGvL3M7TQoq6cMOvsxr
MOeae0OFZUqWEQ==
-----END CERTIFICATE-----
Generated at Wed Jul 2 15:55:29 2025 by rpki-client