Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1b/3dedf6-3ec7-4b40-adaa-c0e278736c88/1/8PsNC-KW3BtxnSRA-2rZx10I4uI.mft
File:                     8PsNC-KW3BtxnSRA-2rZx10I4uI.mft (raw, json)
Hash identifier:          ilQL1mC9YhPZL8Y0hI0wbnHJISdqjgIGg7URV6P5Ri4=
Subject key identifier:   CB:5D:24:4B:D1:17:16:CC:1F:7F:73:C8:10:34:3D:10:43:33:FC:23
Authority key identifier: F0:FB:0D:0B:E2:96:DC:1B:71:9D:24:40:FB:6A:D9:C7:5D:08:E2:E2
Certificate issuer:       /CN=f0fb0d0be296dc1b719d2440fb6ad9c75d08e2e2
Certificate serial:       01988168237F16233DFFFD0AF4E0F44E1443
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/8PsNC-KW3BtxnSRA-2rZx10I4uI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1b/3dedf6-3ec7-4b40-adaa-c0e278736c88/1/8PsNC-KW3BtxnSRA-2rZx10I4uI.mft
Manifest number:          15AF
Signing time:             Wed 06 Aug 2025 22:02:22 +0000
Manifest this update:     Wed 06 Aug 2025 22:02:22 +0000
Manifest next update:     Thu 07 Aug 2025 22:02:22 +0000
Files and hashes:         1: 0TX6bG3AW3Ort-Rt8qCc1TR12hM.roa (hash: XGv/DCUiOeegPa2KE+7yV2/GQEE1zmTFiu2PMDuWufY=)
                          2: 8PsNC-KW3BtxnSRA-2rZx10I4uI.crl (hash: etxJLPhLjxjqmX+d3jzZ+wKfVhtonRgYnd51LCtqk/U=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/1b/3dedf6-3ec7-4b40-adaa-c0e278736c88/1/8PsNC-KW3BtxnSRA-2rZx10I4uI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/1b/3dedf6-3ec7-4b40-adaa-c0e278736c88/1/8PsNC-KW3BtxnSRA-2rZx10I4uI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/8PsNC-KW3BtxnSRA-2rZx10I4uI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 07 Aug 2025 22:02:22 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:81:68:23:7f:16:23:3d:ff:fd:0a:f4:e0:f4:4e:14:43
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f0fb0d0be296dc1b719d2440fb6ad9c75d08e2e2
        Validity
            Not Before: Aug  6 22:02:22 2025 GMT
            Not After : Aug  7 22:02:22 2025 GMT
        Subject: CN=cb5d244bd11716cc1f7f73c810343d104333fc23
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:54:5c:b1:53:44:bd:d2:27:de:1f:f3:77:9f:
                    01:07:09:31:e8:3f:c2:e0:f7:86:8c:1e:40:4d:28:
                    e7:ca:a7:a8:a3:0b:11:cf:95:00:8e:23:d0:21:9c:
                    cd:f4:e2:b0:44:30:30:17:55:15:f1:53:8d:a8:2d:
                    43:23:be:7f:26:ec:8f:4c:cb:34:a4:da:c3:de:50:
                    af:66:80:de:54:11:ce:1c:5e:59:65:7f:b0:56:f7:
                    fd:f9:ba:b1:df:a1:2a:48:5b:3c:d8:82:12:0e:cf:
                    6b:76:b2:7a:b2:f0:de:3b:4f:d1:2b:c1:89:e2:a9:
                    75:b1:78:42:c5:9a:9c:88:b3:ed:1a:73:7b:b1:d3:
                    4c:e9:1f:bc:7d:cc:3d:56:e8:86:5a:c5:ce:76:23:
                    f4:c9:c1:76:d3:9a:cd:1d:e7:d8:9e:d0:ec:b8:4e:
                    2c:ce:1f:a4:20:8a:b2:f3:72:54:9a:26:b5:3e:b7:
                    e7:47:d1:0d:a5:2e:a9:e6:bd:d4:e2:18:77:d5:98:
                    80:00:19:e4:9e:bc:5f:c5:0a:66:c0:1b:12:c0:5a:
                    0c:ee:a5:a6:aa:99:48:cc:44:7a:0e:43:05:ae:3f:
                    1c:e7:16:69:b1:29:42:fd:0f:10:df:ec:e7:08:95:
                    c1:fd:f5:8e:85:67:78:d7:d6:96:4a:57:1a:3b:df:
                    95:b3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CB:5D:24:4B:D1:17:16:CC:1F:7F:73:C8:10:34:3D:10:43:33:FC:23
            X509v3 Authority Key Identifier:
                keyid:F0:FB:0D:0B:E2:96:DC:1B:71:9D:24:40:FB:6A:D9:C7:5D:08:E2:E2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8PsNC-KW3BtxnSRA-2rZx10I4uI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/3dedf6-3ec7-4b40-adaa-c0e278736c88/1/8PsNC-KW3BtxnSRA-2rZx10I4uI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/3dedf6-3ec7-4b40-adaa-c0e278736c88/1/8PsNC-KW3BtxnSRA-2rZx10I4uI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         51:73:f5:5d:55:d8:9d:a2:9f:35:a0:73:d6:60:d4:0a:4b:ef:
         47:ef:27:1a:03:6d:87:ed:a1:f5:8e:37:83:f2:3f:bc:a1:e8:
         2b:ed:ea:52:68:08:09:26:1a:cc:06:fa:9b:a0:9c:97:c8:6a:
         4d:a5:3c:e2:8d:8b:c1:10:df:de:00:2e:2e:0e:51:20:9e:c8:
         66:8a:01:97:a5:30:d8:5f:42:8a:6e:60:ad:2b:f7:47:9c:5c:
         bd:6c:c0:06:f8:95:7f:d6:9b:31:72:68:bc:07:e2:b5:e3:e0:
         9a:6b:1a:ce:24:c4:54:87:89:32:f4:d1:5b:a5:68:56:c3:ef:
         2d:43:8c:e3:1b:72:07:6c:57:ad:a4:4f:f5:f4:26:3b:05:6a:
         8f:4d:e8:6d:6b:24:6a:52:fa:54:41:53:65:a0:7e:93:24:51:
         cd:e6:fd:cb:b6:10:d1:1a:79:94:2c:ec:07:db:65:b7:a0:96:
         28:9a:dd:23:15:6e:93:de:80:85:14:ab:a3:e0:81:2a:1e:89:
         5c:bd:65:7f:f3:6b:3d:b1:ba:ee:40:9b:38:5b:b9:4d:05:be:
         dc:8c:3b:aa:07:bf:22:d5:7a:18:1a:20:47:46:9e:a1:99:3b:
         8c:a8:a2:54:57:4d:09:6d:f3:ee:01:85:e4:ba:26:75:46:44:
         f9:4a:36:1d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZiBaCN/FiM9//0K9OD0ThRDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwZmIwZDBiZTI5NmRjMWI3MTlkMjQ0MGZiNmFkOWM3NWQw
OGUyZTIwHhcNMjUwODA2MjIwMjIyWhcNMjUwODA3MjIwMjIyWjAzMTEwLwYDVQQD
EyhjYjVkMjQ0YmQxMTcxNmNjMWY3ZjczYzgxMDM0M2QxMDQzMzNmYzIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArVRcsVNEvdIn3h/zd58BBwkx6D/C
4PeGjB5ATSjnyqeoowsRz5UAjiPQIZzN9OKwRDAwF1UV8VONqC1DI75/JuyPTMs0
pNrD3lCvZoDeVBHOHF5ZZX+wVvf9+bqx36EqSFs82IISDs9rdrJ6svDeO0/RK8GJ
4ql1sXhCxZqciLPtGnN7sdNM6R+8fcw9VuiGWsXOdiP0ycF205rNHefYntDsuE4s
zh+kIIqy83JUmia1PrfnR9ENpS6p5r3U4hh31ZiAABnknrxfxQpmwBsSwFoM7qWm
qplIzER6DkMFrj8c5xZpsSlC/Q8Q3+znCJXB/fWOhWd419aWSlcaO9+VswIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMtdJEvRFxbMH39zyBA0PRBDM/wjMB8GA1UdIwQY
MBaAFPD7DQviltwbcZ0kQPtq2cddCOLiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOFBzTkMtS1czQnR4blNSQS0yclp4MTBJNHVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYi8zZGVkZjYtM2VjNy00YjQwLWFkYWEt
YzBlMjc4NzM2Yzg4LzEvOFBzTkMtS1czQnR4blNSQS0yclp4MTBJNHVJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYi8zZGVkZjYtM2VjNy00YjQwLWFkYWEtYzBlMjc4NzM2Yzg4
LzEvOFBzTkMtS1czQnR4blNSQS0yclp4MTBJNHVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAUXP1XVXY
naKfNaBz1mDUCkvvR+8nGgNth+2h9Y43g/I/vKHoK+3qUmgICSYazAb6m6Ccl8hq
TaU84o2LwRDf3gAuLg5RIJ7IZooBl6Uw2F9Cim5grSv3R5xcvWzABviVf9abMXJo
vAfitePgmmsaziTEVIeJMvTRW6VoVsPvLUOM4xtyB2xXraRP9fQmOwVqj03obWsk
alL6VEFTZaB+kyRRzeb9y7YQ0Rp5lCzsB9tlt6CWKJrdIxVuk96AhRSro+CBKh6J
XL1lf/NrPbG67kCbOFu5TQW+3Iw7qge/ItV6GBogR0aeoZk7jKiiVFdNCW3z7gGF
5LomdUZE+Uo2HQ==
-----END CERTIFICATE-----
Generated at Thu Aug 7 07:37:01 2025 by rpki-client