Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/1042dd-e67b-402a-81dc-c13b1f977d57/1/zNHiiTDXen65iRtvq7spFe44hao.mft
File:                     zNHiiTDXen65iRtvq7spFe44hao.mft (raw, json)
Hash identifier:          x4kjHKRjQOSesYt9E1nQmyNUl6CpGrKbq5lDlJV16Nk=
Subject key identifier:   CA:3B:F8:8F:CB:90:B1:4D:54:AC:EA:DB:4C:D8:F4:FE:25:A1:A5:89
Authority key identifier: CC:D1:E2:89:30:D7:7A:7E:B9:89:1B:6F:AB:BB:29:15:EE:38:85:AA
Certificate issuer:       /CN=ccd1e28930d77a7eb9891b6fabbb2915ee3885aa
Certificate serial:       01987F795485F4ED416E364A2407A00CF0D4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/zNHiiTDXen65iRtvq7spFe44hao.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2f/1042dd-e67b-402a-81dc-c13b1f977d57/1/zNHiiTDXen65iRtvq7spFe44hao.mft
Manifest number:          161E
Signing time:             Wed 06 Aug 2025 13:01:54 +0000
Manifest this update:     Wed 06 Aug 2025 13:01:54 +0000
Manifest next update:     Thu 07 Aug 2025 13:01:54 +0000
Files and hashes:         1: zNHiiTDXen65iRtvq7spFe44hao.crl (hash: SaF8e009dWwKNw261sz7zwTWJUXmO5wrFB4sFH+NBwo=)
                          2: zwMZXsX6Z6y_GtPEpsaBS7FPtIU.roa (hash: bi378rHsH1o9Uq16RD7qe5x44q14EkwJzXLivtK1Naw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/2f/1042dd-e67b-402a-81dc-c13b1f977d57/1/zNHiiTDXen65iRtvq7spFe44hao.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/2f/1042dd-e67b-402a-81dc-c13b1f977d57/1/zNHiiTDXen65iRtvq7spFe44hao.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/zNHiiTDXen65iRtvq7spFe44hao.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 07 Aug 2025 13:01:54 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:7f:79:54:85:f4:ed:41:6e:36:4a:24:07:a0:0c:f0:d4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ccd1e28930d77a7eb9891b6fabbb2915ee3885aa
        Validity
            Not Before: Aug  6 13:01:54 2025 GMT
            Not After : Aug  7 13:01:54 2025 GMT
        Subject: CN=ca3bf88fcb90b14d54aceadb4cd8f4fe25a1a589
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:90:62:cc:91:39:fe:91:26:04:c2:21:21:2e:69:
                    cf:cd:82:97:b8:33:d6:94:eb:39:0c:ac:a8:5c:bb:
                    cf:ed:01:b4:eb:a0:8b:59:4a:f3:2f:b5:13:a0:94:
                    cb:e8:0c:59:7f:a8:d0:e1:41:92:12:02:c2:00:28:
                    24:f0:5c:5f:1c:07:cf:5e:61:88:bf:92:7e:5b:b9:
                    9d:85:ee:d7:fc:fc:70:b7:ff:59:56:11:ca:3f:74:
                    54:3a:fb:84:68:48:a4:6d:2a:cc:e7:19:85:45:74:
                    83:af:ac:59:49:fe:bb:fa:92:3d:47:e1:f3:d6:bd:
                    12:56:fb:53:32:e2:60:26:99:0f:60:ec:7a:23:06:
                    6a:47:54:a0:ae:c0:2e:02:f6:8b:a8:17:cb:c5:40:
                    e3:97:d0:14:30:ee:0e:b5:a4:7c:58:22:eb:be:50:
                    41:d0:56:ca:17:44:15:ac:e8:44:c4:70:2a:7e:4a:
                    29:eb:c4:17:a5:a1:28:b0:00:9d:02:a7:86:2c:a2:
                    00:a4:e4:88:43:0c:6b:1f:08:cf:2c:02:25:9d:15:
                    bb:27:a8:dc:e5:20:58:3e:1a:c4:85:f5:9a:b6:e7:
                    33:7a:8c:a0:4b:01:74:9c:6b:0d:68:08:31:4f:72:
                    55:2c:45:d7:f0:17:ed:09:dd:60:32:fa:93:3e:e9:
                    95:4b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CA:3B:F8:8F:CB:90:B1:4D:54:AC:EA:DB:4C:D8:F4:FE:25:A1:A5:89
            X509v3 Authority Key Identifier:
                keyid:CC:D1:E2:89:30:D7:7A:7E:B9:89:1B:6F:AB:BB:29:15:EE:38:85:AA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zNHiiTDXen65iRtvq7spFe44hao.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/1042dd-e67b-402a-81dc-c13b1f977d57/1/zNHiiTDXen65iRtvq7spFe44hao.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/1042dd-e67b-402a-81dc-c13b1f977d57/1/zNHiiTDXen65iRtvq7spFe44hao.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         cc:2a:61:33:71:7c:82:89:b3:88:97:20:ed:ef:26:f9:c7:91:
         4a:f9:4c:e1:75:e3:93:49:66:7a:dc:79:35:df:a4:d9:d6:5b:
         58:7c:f1:74:71:ad:43:96:82:75:95:26:34:29:43:27:16:a0:
         95:6b:34:2c:46:87:3d:4b:1b:97:b6:33:4c:ae:9f:79:1f:56:
         dc:b9:ef:51:f0:fa:75:cf:a4:0a:d7:a2:79:d8:49:50:41:ba:
         1c:40:6c:7c:2c:80:15:4c:9e:c4:4f:15:de:63:09:70:f5:25:
         4e:15:cb:09:8a:3c:4a:ee:2a:1e:3b:b8:c4:10:a2:cc:da:be:
         38:9c:b5:b8:65:ec:86:c9:ca:b3:58:50:a7:d2:06:f3:6b:63:
         56:da:fc:d9:9e:cc:32:de:74:ce:52:be:9e:a8:e0:6d:71:c3:
         62:55:e4:f6:ad:e4:5c:78:fe:f6:24:75:0f:fa:f2:da:2d:c4:
         be:8d:8e:21:9c:6f:d9:c4:75:0f:63:5b:8f:6d:9a:96:66:c6:
         d1:51:80:89:5a:a8:35:14:7c:1d:c5:b3:5f:fb:87:6e:32:06:
         83:bb:bf:a8:e7:72:47:32:64:81:02:06:e1:51:3e:f8:1f:ee:
         f1:2c:0b:a2:ed:59:f9:5e:84:ae:1d:d4:af:ff:d8:a8:79:a2:
         91:d6:34:a5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZh/eVSF9O1BbjZKJAegDPDUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNjZDFlMjg5MzBkNzdhN2ViOTg5MWI2ZmFiYmIyOTE1ZWUz
ODg1YWEwHhcNMjUwODA2MTMwMTU0WhcNMjUwODA3MTMwMTU0WjAzMTEwLwYDVQQD
EyhjYTNiZjg4ZmNiOTBiMTRkNTRhY2VhZGI0Y2Q4ZjRmZTI1YTFhNTg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkGLMkTn+kSYEwiEhLmnPzYKXuDPW
lOs5DKyoXLvP7QG066CLWUrzL7UToJTL6AxZf6jQ4UGSEgLCACgk8FxfHAfPXmGI
v5J+W7mdhe7X/Pxwt/9ZVhHKP3RUOvuEaEikbSrM5xmFRXSDr6xZSf67+pI9R+Hz
1r0SVvtTMuJgJpkPYOx6IwZqR1SgrsAuAvaLqBfLxUDjl9AUMO4OtaR8WCLrvlBB
0FbKF0QVrOhExHAqfkop68QXpaEosACdAqeGLKIApOSIQwxrHwjPLAIlnRW7J6jc
5SBYPhrEhfWatuczeoygSwF0nGsNaAgxT3JVLEXX8BftCd1gMvqTPumVSwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMo7+I/LkLFNVKzq20zY9P4loaWJMB8GA1UdIwQY
MBaAFMzR4okw13p+uYkbb6u7KRXuOIWqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvek5IaWlURFhlbjY1aVJ0dnE3c3BGZTQ0aGFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi8xMDQyZGQtZTY3Yi00MDJhLTgxZGMt
YzEzYjFmOTc3ZDU3LzEvek5IaWlURFhlbjY1aVJ0dnE3c3BGZTQ0aGFvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZi8xMDQyZGQtZTY3Yi00MDJhLTgxZGMtYzEzYjFmOTc3ZDU3
LzEvek5IaWlURFhlbjY1aVJ0dnE3c3BGZTQ0aGFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAzCphM3F8
gomziJcg7e8m+ceRSvlM4XXjk0lmetx5Nd+k2dZbWHzxdHGtQ5aCdZUmNClDJxag
lWs0LEaHPUsbl7YzTK6feR9W3LnvUfD6dc+kCteiedhJUEG6HEBsfCyAFUyexE8V
3mMJcPUlThXLCYo8Su4qHju4xBCizNq+OJy1uGXshsnKs1hQp9IG82tjVtr82Z7M
Mt50zlK+nqjgbXHDYlXk9q3kXHj+9iR1D/ry2i3Evo2OIZxv2cR1D2Nbj22almbG
0VGAiVqoNRR8HcWzX/uHbjIGg7u/qOdyRzJkgQIG4VE++B/u8SwLou1Z+V6Erh3U
r//YqHmikdY0pQ==
-----END CERTIFICATE-----
Generated at Wed Aug 6 18:25:19 2025 by rpki-client