Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/183298-fb99-4e8f-8264-eb03bba65a96/1/ZaB9SSRoIoqjBqZrBWoCKMVS7Fw.mft
File:                     ZaB9SSRoIoqjBqZrBWoCKMVS7Fw.mft (raw, json)
Hash identifier:          PoSFe8RJrpFBBYQzr5InOkWqwSwJIgca2fhXbseEJvs=
Subject key identifier:   CA:48:BC:34:51:36:3C:F8:65:F5:C1:9D:B4:31:AB:91:54:13:C5:DA
Authority key identifier: 65:A0:7D:49:24:68:22:8A:A3:06:A6:6B:05:6A:02:28:C5:52:EC:5C
Certificate issuer:       /CN=65a07d492468228aa306a66b056a0228c552ec5c
Certificate serial:       01987D8A866200D2F8BE0916C5AADD1856E9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ZaB9SSRoIoqjBqZrBWoCKMVS7Fw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/07/183298-fb99-4e8f-8264-eb03bba65a96/1/ZaB9SSRoIoqjBqZrBWoCKMVS7Fw.mft
Manifest number:          0D31
Signing time:             Wed 06 Aug 2025 04:01:27 +0000
Manifest this update:     Wed 06 Aug 2025 04:01:27 +0000
Manifest next update:     Thu 07 Aug 2025 04:01:27 +0000
Files and hashes:         1: ZaB9SSRoIoqjBqZrBWoCKMVS7Fw.crl (hash: LKZVMlmSOAngKcus/pm/RBUjZc4gZmRaoSNJSl6kLdA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/07/183298-fb99-4e8f-8264-eb03bba65a96/1/ZaB9SSRoIoqjBqZrBWoCKMVS7Fw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/07/183298-fb99-4e8f-8264-eb03bba65a96/1/ZaB9SSRoIoqjBqZrBWoCKMVS7Fw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ZaB9SSRoIoqjBqZrBWoCKMVS7Fw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 07 Aug 2025 04:01:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:7d:8a:86:62:00:d2:f8:be:09:16:c5:aa:dd:18:56:e9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=65a07d492468228aa306a66b056a0228c552ec5c
        Validity
            Not Before: Aug  6 04:01:27 2025 GMT
            Not After : Aug  7 04:01:27 2025 GMT
        Subject: CN=ca48bc3451363cf865f5c19db431ab915413c5da
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c6:93:9e:58:d9:88:8b:08:e0:4e:41:6d:69:e0:
                    e6:d3:72:38:08:28:bb:bf:60:60:bd:95:08:b9:ee:
                    8f:20:20:c8:4f:72:c8:a0:a4:e5:e2:1e:48:e4:ea:
                    0c:36:f6:38:c3:6b:cd:18:11:c3:a1:93:65:56:49:
                    a3:17:83:44:0b:0c:e0:36:3a:14:da:1c:b4:66:52:
                    8a:26:f5:28:64:21:37:3d:68:9b:e4:8d:00:34:ed:
                    ca:a7:f5:55:fb:d1:77:ca:86:ad:13:6f:45:1c:7d:
                    21:57:e5:3d:9e:00:70:b6:79:a8:4b:ae:8e:11:44:
                    ce:ec:5e:f6:b8:c0:dd:1e:3c:78:9d:3e:eb:78:98:
                    0c:b4:e2:20:1b:a7:08:1a:26:c7:8f:fa:dd:64:ec:
                    b9:3b:88:be:8c:20:16:b6:cf:0a:5c:1f:bc:f7:24:
                    2f:8c:b7:46:b3:16:88:be:ef:01:be:27:df:b0:9d:
                    20:8e:f8:63:53:39:a6:0c:20:7a:bc:04:49:6f:ea:
                    f2:22:3d:51:64:0e:0e:e5:3a:ed:fb:44:58:64:8b:
                    de:50:86:b7:53:07:2e:40:02:c3:4f:b3:d4:e4:7c:
                    e8:1f:bf:a4:de:d1:7f:fc:86:b5:3a:d2:af:e9:92:
                    c0:3d:cb:75:b3:b4:d8:78:ec:6e:7e:04:39:21:6b:
                    22:7f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CA:48:BC:34:51:36:3C:F8:65:F5:C1:9D:B4:31:AB:91:54:13:C5:DA
            X509v3 Authority Key Identifier:
                keyid:65:A0:7D:49:24:68:22:8A:A3:06:A6:6B:05:6A:02:28:C5:52:EC:5C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZaB9SSRoIoqjBqZrBWoCKMVS7Fw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/183298-fb99-4e8f-8264-eb03bba65a96/1/ZaB9SSRoIoqjBqZrBWoCKMVS7Fw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/07/183298-fb99-4e8f-8264-eb03bba65a96/1/ZaB9SSRoIoqjBqZrBWoCKMVS7Fw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         b8:e0:79:c1:2d:77:75:d1:aa:d4:51:78:c5:9e:17:ab:05:11:
         e5:ef:26:33:87:36:68:ea:b9:42:3f:5f:af:bc:6e:3c:8b:ee:
         cd:5e:34:26:76:86:ad:bf:97:73:5f:a7:da:48:70:bf:a9:23:
         5c:09:2e:5b:a9:37:17:4a:7e:e1:46:72:54:79:e8:ab:86:7d:
         4f:d2:92:15:8c:bd:0d:e2:a6:19:00:81:e2:e7:14:e3:65:2c:
         a2:18:9a:a2:90:e8:05:69:67:97:a5:a0:a6:04:c1:e9:6f:72:
         10:dc:81:96:2f:ad:3b:68:86:29:58:51:04:9d:6f:b4:26:60:
         4e:d8:bc:1f:42:74:29:20:95:10:04:8d:c9:25:12:7a:dd:02:
         f4:2d:78:9d:34:73:7c:04:c0:20:5f:c1:63:54:7b:ce:d3:3f:
         b9:d8:76:b4:74:14:67:fa:62:c7:13:34:34:f0:e0:30:21:f1:
         4d:a7:47:87:94:92:19:9e:d1:a2:79:55:ab:13:fd:3a:e9:a6:
         6f:33:5c:de:99:0d:17:c7:66:55:cf:de:d3:9e:39:a7:4c:9f:
         a9:8f:d8:c6:4e:19:35:58:9b:6e:dc:5d:f3:c5:86:7e:e2:0e:
         de:88:19:6c:d8:e1:24:21:7c:bf:9d:5a:0a:ed:72:5b:00:9a:
         ac:4a:f7:11
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZh9ioZiANL4vgkWxardGFbpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY1YTA3ZDQ5MjQ2ODIyOGFhMzA2YTY2YjA1NmEwMjI4YzU1
MmVjNWMwHhcNMjUwODA2MDQwMTI3WhcNMjUwODA3MDQwMTI3WjAzMTEwLwYDVQQD
EyhjYTQ4YmMzNDUxMzYzY2Y4NjVmNWMxOWRiNDMxYWI5MTU0MTNjNWRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxpOeWNmIiwjgTkFtaeDm03I4CCi7
v2BgvZUIue6PICDIT3LIoKTl4h5I5OoMNvY4w2vNGBHDoZNlVkmjF4NECwzgNjoU
2hy0ZlKKJvUoZCE3PWib5I0ANO3Kp/VV+9F3yoatE29FHH0hV+U9ngBwtnmoS66O
EUTO7F72uMDdHjx4nT7reJgMtOIgG6cIGibHj/rdZOy5O4i+jCAWts8KXB+89yQv
jLdGsxaIvu8BviffsJ0gjvhjUzmmDCB6vARJb+ryIj1RZA4O5Trt+0RYZIveUIa3
UwcuQALDT7PU5HzoH7+k3tF//Ia1OtKv6ZLAPct1s7TYeOxufgQ5IWsifwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMpIvDRRNjz4ZfXBnbQxq5FUE8XaMB8GA1UdIwQY
MBaAFGWgfUkkaCKKowamawVqAijFUuxcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWmFCOVNTUm9Jb3FqQnFackJXb0NLTVZTN0Z3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNy8xODMyOTgtZmI5OS00ZThmLTgyNjQt
ZWIwM2JiYTY1YTk2LzEvWmFCOVNTUm9Jb3FqQnFackJXb0NLTVZTN0Z3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNy8xODMyOTgtZmI5OS00ZThmLTgyNjQtZWIwM2JiYTY1YTk2
LzEvWmFCOVNTUm9Jb3FqQnFackJXb0NLTVZTN0Z3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAuOB5wS13
ddGq1FF4xZ4XqwUR5e8mM4c2aOq5Qj9fr7xuPIvuzV40JnaGrb+Xc1+n2khwv6kj
XAkuW6k3F0p+4UZyVHnoq4Z9T9KSFYy9DeKmGQCB4ucU42UsohiaopDoBWlnl6Wg
pgTB6W9yENyBli+tO2iGKVhRBJ1vtCZgTti8H0J0KSCVEASNySUSet0C9C14nTRz
fATAIF/BY1R7ztM/udh2tHQUZ/pixxM0NPDgMCHxTadHh5SSGZ7RonlVqxP9Oumm
bzNc3pkNF8dmVc/e0545p0yfqY/Yxk4ZNVibbtxd88WGfuIO3ogZbNjhJCF8v51a
Cu1yWwCarEr3EQ==
-----END CERTIFICATE-----
Generated at Wed Aug 6 14:11:56 2025 by rpki-client