Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/04/80c4c0-c729-418e-80af-2299a67e6001/1/iW81xeAyGs0CFn3viAfwu29xwo0.mft
File:                     iW81xeAyGs0CFn3viAfwu29xwo0.mft (raw, json)
Hash identifier:          ZIVKHgLPi6gcsm7ucWvUCp9KSJa4cgwf7tatppdDaog=
Subject key identifier:   12:BF:FA:D0:17:85:EB:1F:4C:99:B7:D2:8D:1C:1C:88:9F:60:AF:C3
Authority key identifier: 89:6F:35:C5:E0:32:1A:CD:02:16:7D:EF:88:07:F0:BB:6F:71:C2:8D
Certificate issuer:       /CN=896f35c5e0321acd02167def8807f0bb6f71c28d
Certificate serial:       019896A6D447493E3FA363834157ED3B7107
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/iW81xeAyGs0CFn3viAfwu29xwo0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/04/80c4c0-c729-418e-80af-2299a67e6001/1/iW81xeAyGs0CFn3viAfwu29xwo0.mft
Manifest number:          11EB
Signing time:             Mon 11 Aug 2025 01:02:52 +0000
Manifest this update:     Mon 11 Aug 2025 01:02:52 +0000
Manifest next update:     Tue 12 Aug 2025 01:02:52 +0000
Files and hashes:         1: KzxZqybvsz4qWRvLNMoGl_b-dg0.roa (hash: waO3ZFTQ9Kiow9t+yCx6WlAToF1IQKM9UgVqX7Ju9ms=)
                          2: iW81xeAyGs0CFn3viAfwu29xwo0.crl (hash: TT962UvDrDjZoSoJTj8j+el7LhuyLNJY0ZOuj21elPw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/04/80c4c0-c729-418e-80af-2299a67e6001/1/iW81xeAyGs0CFn3viAfwu29xwo0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/04/80c4c0-c729-418e-80af-2299a67e6001/1/iW81xeAyGs0CFn3viAfwu29xwo0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/iW81xeAyGs0CFn3viAfwu29xwo0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 12 Aug 2025 01:02:52 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:96:a6:d4:47:49:3e:3f:a3:63:83:41:57:ed:3b:71:07
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=896f35c5e0321acd02167def8807f0bb6f71c28d
        Validity
            Not Before: Aug 11 01:02:52 2025 GMT
            Not After : Aug 12 01:02:52 2025 GMT
        Subject: CN=12bffad01785eb1f4c99b7d28d1c1c889f60afc3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:93:95:f5:e5:da:5a:4e:5d:7a:fa:51:b7:b2:
                    3b:8b:b4:2f:6a:23:54:59:8e:e7:0a:99:11:1d:f3:
                    9f:d0:56:14:da:60:c7:0d:fc:fb:06:94:35:23:87:
                    02:54:b8:db:55:f6:11:cd:d1:7e:ce:38:29:dc:8a:
                    a7:9c:f0:2f:f6:7b:95:11:ff:fd:21:dd:12:8e:53:
                    a1:a5:20:58:65:58:cf:3a:b6:d9:0a:b7:8b:50:50:
                    db:c1:29:0c:17:b5:80:15:a9:f4:e3:53:bd:1f:72:
                    84:a2:50:cd:1c:02:f2:76:08:81:23:89:2c:2e:20:
                    c1:41:f4:a8:d5:b7:61:ff:29:82:06:42:10:97:6c:
                    94:ad:4d:3c:f2:66:9f:a4:5e:c8:7b:dc:d2:5c:bb:
                    e2:37:80:4c:62:64:43:5d:ab:c2:ad:89:e4:87:5b:
                    c1:1a:76:17:3f:ce:9f:a4:31:64:3c:60:33:4b:2f:
                    dc:23:83:dc:51:7c:dd:64:c4:7c:28:65:b3:4b:03:
                    60:bb:ae:e4:5d:79:36:e6:b6:3a:a8:60:9a:5f:73:
                    80:fe:65:af:3c:47:84:c1:b2:11:5b:1e:61:aa:08:
                    75:18:5a:cf:f3:95:8c:68:40:d7:9c:c7:c2:6f:ab:
                    79:8c:8b:69:43:1d:83:18:7c:fe:89:9c:e4:50:98:
                    33:6b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                12:BF:FA:D0:17:85:EB:1F:4C:99:B7:D2:8D:1C:1C:88:9F:60:AF:C3
            X509v3 Authority Key Identifier:
                keyid:89:6F:35:C5:E0:32:1A:CD:02:16:7D:EF:88:07:F0:BB:6F:71:C2:8D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iW81xeAyGs0CFn3viAfwu29xwo0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/04/80c4c0-c729-418e-80af-2299a67e6001/1/iW81xeAyGs0CFn3viAfwu29xwo0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/04/80c4c0-c729-418e-80af-2299a67e6001/1/iW81xeAyGs0CFn3viAfwu29xwo0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         8a:79:6c:03:3c:fa:22:53:d3:86:d1:83:1a:45:13:08:3e:b9:
         82:df:e4:0d:98:fd:dd:77:5f:e1:a6:ce:95:ec:5a:1e:db:e7:
         34:68:06:6c:6f:38:ef:04:32:38:f4:fb:ef:ec:6e:95:3e:0e:
         e2:3c:d2:a0:15:bd:00:35:56:0a:74:b4:a7:3a:7d:7b:54:8a:
         8b:a8:71:34:7a:35:c2:31:52:ae:cd:37:e6:3c:cc:37:cb:25:
         21:dd:94:03:59:86:ee:ad:bf:10:8d:61:46:0d:2d:61:75:f4:
         83:1e:e6:cd:4f:3f:ec:e5:2e:f5:5d:77:10:44:c7:4f:b3:cd:
         7f:e0:6d:6e:3b:45:b8:52:37:4c:d1:86:d6:6b:67:2d:70:1b:
         c8:4b:6d:a1:08:34:40:c4:f2:39:ee:c4:fc:72:db:85:a8:da:
         27:9e:63:43:21:1f:55:e1:2f:c0:a3:51:d2:9a:4d:fb:39:47:
         32:73:c0:05:15:a6:62:25:50:d0:cf:e2:92:06:e2:3a:5c:91:
         65:40:ba:0c:d5:2b:f2:dc:34:e3:67:65:81:26:28:1e:16:69:
         7e:7f:f9:b4:10:7f:9c:a6:bd:a0:0c:a7:84:5f:d6:09:54:a8:
         e5:d8:eb:56:e3:1b:45:0e:78:3d:03:fc:4c:f3:78:9c:76:3e:
         b7:f0:f2:3f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZiWptRHST4/o2ODQVftO3EHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg5NmYzNWM1ZTAzMjFhY2QwMjE2N2RlZjg4MDdmMGJiNmY3
MWMyOGQwHhcNMjUwODExMDEwMjUyWhcNMjUwODEyMDEwMjUyWjAzMTEwLwYDVQQD
EygxMmJmZmFkMDE3ODVlYjFmNGM5OWI3ZDI4ZDFjMWM4ODlmNjBhZmMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo5OV9eXaWk5devpRt7I7i7QvaiNU
WY7nCpkRHfOf0FYU2mDHDfz7BpQ1I4cCVLjbVfYRzdF+zjgp3IqnnPAv9nuVEf/9
Id0SjlOhpSBYZVjPOrbZCreLUFDbwSkMF7WAFan041O9H3KEolDNHALydgiBI4ks
LiDBQfSo1bdh/ymCBkIQl2yUrU088mafpF7Ie9zSXLviN4BMYmRDXavCrYnkh1vB
GnYXP86fpDFkPGAzSy/cI4PcUXzdZMR8KGWzSwNgu67kXXk25rY6qGCaX3OA/mWv
PEeEwbIRWx5hqgh1GFrP85WMaEDXnMfCb6t5jItpQx2DGHz+iZzkUJgzawIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBK/+tAXhesfTJm30o0cHIifYK/DMB8GA1UdIwQY
MBaAFIlvNcXgMhrNAhZ974gH8LtvccKNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaVc4MXhlQXlHczBDRm4zdmlBZnd1Mjl4d28wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNC84MGM0YzAtYzcyOS00MThlLTgwYWYt
MjI5OWE2N2U2MDAxLzEvaVc4MXhlQXlHczBDRm4zdmlBZnd1Mjl4d28wLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNC84MGM0YzAtYzcyOS00MThlLTgwYWYtMjI5OWE2N2U2MDAx
LzEvaVc4MXhlQXlHczBDRm4zdmlBZnd1Mjl4d28wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAinlsAzz6
IlPThtGDGkUTCD65gt/kDZj93Xdf4abOlexaHtvnNGgGbG847wQyOPT77+xulT4O
4jzSoBW9ADVWCnS0pzp9e1SKi6hxNHo1wjFSrs035jzMN8slId2UA1mG7q2/EI1h
Rg0tYXX0gx7mzU8/7OUu9V13EETHT7PNf+BtbjtFuFI3TNGG1mtnLXAbyEttoQg0
QMTyOe7E/HLbhajaJ55jQyEfVeEvwKNR0ppN+zlHMnPABRWmYiVQ0M/ikgbiOlyR
ZUC6DNUr8tw042dlgSYoHhZpfn/5tBB/nKa9oAynhF/WCVSo5djrVuMbRQ54PQP8
TPN4nHY+t/DyPw==
-----END CERTIFICATE-----
Generated at Mon Aug 11 04:08:06 2025 by rpki-client