Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/cb373f-764d-4532-8333-62d94af801b5/1/Z3emKEbfTtvlZmuJ6EIOkZqwhic.mft
File:                     Z3emKEbfTtvlZmuJ6EIOkZqwhic.mft (raw, json)
Hash identifier:          D1jWyraZwz1lbV75nvY0fVG1LsY3uVK7w5DU9TwQmvw=
Subject key identifier:   16:06:23:4F:66:EB:CD:53:63:86:83:59:22:86:8A:38:A7:4C:97:CD
Authority key identifier: 67:77:A6:28:46:DF:4E:DB:E5:66:6B:89:E8:42:0E:91:9A:B0:86:27
Certificate issuer:       /CN=6777a62846df4edbe5666b89e8420e919ab08627
Certificate serial:       01988B7D2299550C38DB5A25E4E963446DB8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Z3emKEbfTtvlZmuJ6EIOkZqwhic.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2f/cb373f-764d-4532-8333-62d94af801b5/1/Z3emKEbfTtvlZmuJ6EIOkZqwhic.mft
Manifest number:          157E
Signing time:             Fri 08 Aug 2025 21:01:30 +0000
Manifest this update:     Fri 08 Aug 2025 21:01:30 +0000
Manifest next update:     Sat 09 Aug 2025 21:01:30 +0000
Files and hashes:         1: Z3emKEbfTtvlZmuJ6EIOkZqwhic.crl (hash: Sd7zwBTaYsfZjrquqRp7OAODvzAx2HOsrgmWz89zO2I=)
                          2: ZBPuASXAJcjpb4z2Gk47z8Bokws.roa (hash: xXQRbhIxvcjZLo2Nk1OZPyhXjwNTzt2gl2oGbinvPSA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/2f/cb373f-764d-4532-8333-62d94af801b5/1/Z3emKEbfTtvlZmuJ6EIOkZqwhic.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/2f/cb373f-764d-4532-8333-62d94af801b5/1/Z3emKEbfTtvlZmuJ6EIOkZqwhic.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Z3emKEbfTtvlZmuJ6EIOkZqwhic.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 09 Aug 2025 20:00:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:8b:7d:22:99:55:0c:38:db:5a:25:e4:e9:63:44:6d:b8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6777a62846df4edbe5666b89e8420e919ab08627
        Validity
            Not Before: Aug  8 21:01:30 2025 GMT
            Not After : Aug  9 21:01:30 2025 GMT
        Subject: CN=1606234f66ebcd536386835922868a38a74c97cd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:68:9c:8b:b0:ff:72:a9:ca:ca:0b:2c:ab:18:
                    6f:fb:9e:38:62:6e:f2:d7:d5:e1:55:e8:b4:d8:a0:
                    a3:c5:47:33:c1:de:ff:45:9f:3c:c8:92:a4:33:6d:
                    7d:50:b3:77:1a:fa:90:dd:1d:e5:52:12:a2:a4:92:
                    95:b7:14:71:96:73:43:92:c6:02:73:8c:9b:18:1c:
                    72:bd:ca:fb:4e:52:b5:09:c4:ee:1d:4a:01:26:f5:
                    86:fa:89:01:23:23:b1:d5:2f:e2:db:e8:40:14:d5:
                    7c:76:dd:cf:e6:e3:1c:b0:83:72:f9:30:2f:5e:19:
                    d0:4c:55:9a:cb:35:3d:c0:11:a2:cc:1a:ca:de:91:
                    ea:75:af:bd:ec:57:f3:88:ad:66:65:97:5f:f4:34:
                    6e:eb:55:cc:df:b6:41:95:87:92:ba:56:23:9c:09:
                    16:b7:88:70:4e:1e:42:6a:dc:ab:27:fa:d5:db:c3:
                    c0:0e:a4:ed:2a:b1:0e:40:6d:c5:71:6f:1c:e3:6c:
                    93:b6:2c:05:f0:57:7c:d7:37:b7:4e:d2:bb:88:15:
                    48:f2:e5:65:0d:9b:cc:3c:28:c9:7d:db:2f:69:ba:
                    d0:13:33:0a:71:1c:13:76:eb:84:f9:e9:f4:06:49:
                    16:d6:b6:f8:ed:a7:7a:74:66:2b:af:ba:8d:94:84:
                    9e:81
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                16:06:23:4F:66:EB:CD:53:63:86:83:59:22:86:8A:38:A7:4C:97:CD
            X509v3 Authority Key Identifier:
                keyid:67:77:A6:28:46:DF:4E:DB:E5:66:6B:89:E8:42:0E:91:9A:B0:86:27

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z3emKEbfTtvlZmuJ6EIOkZqwhic.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/cb373f-764d-4532-8333-62d94af801b5/1/Z3emKEbfTtvlZmuJ6EIOkZqwhic.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/cb373f-764d-4532-8333-62d94af801b5/1/Z3emKEbfTtvlZmuJ6EIOkZqwhic.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7e:fe:bd:ad:ec:68:10:89:2a:ee:25:a7:ff:c2:cb:f3:f0:c9:
         af:28:33:4c:6a:08:36:64:9a:c5:e9:26:f3:10:31:03:bf:a8:
         08:2f:bd:d2:94:71:63:18:4b:b7:5f:a0:07:aa:57:93:43:6e:
         fd:b7:62:70:1c:de:26:c0:b1:b4:54:60:4f:a9:14:7d:16:67:
         2e:4a:61:7d:d0:e0:77:c5:07:27:c4:ee:e2:9f:4f:b6:83:db:
         dc:2d:de:0a:cc:02:c4:33:f0:69:e7:0a:a6:ca:76:65:b5:ce:
         c9:b6:d3:05:00:a2:c3:fb:5a:95:fe:c6:88:7a:35:c9:3f:56:
         f4:c0:c1:e2:0e:d9:68:3c:91:29:0f:d6:ed:61:2f:34:99:4a:
         5a:97:8a:8a:9b:1b:71:a9:02:0d:77:d7:00:df:95:5f:2d:28:
         97:bb:d8:8c:fd:f8:25:2d:b6:fb:44:46:85:5d:1d:64:14:bf:
         c8:63:65:8b:7b:c6:ed:1f:38:21:ad:4d:35:3b:6d:a0:8f:87:
         f9:1f:02:d6:42:56:fc:04:59:2e:df:71:7c:ed:5e:f6:99:68:
         ff:99:3d:f4:9b:ff:80:51:7a:e2:64:66:a5:3d:ae:20:3c:c5:
         3b:86:48:cd:96:2a:d4:5a:d6:3b:71:bd:b4:28:ce:de:16:e0:
         de:c0:5d:dc
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZiLfSKZVQw421ol5OljRG24MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY3NzdhNjI4NDZkZjRlZGJlNTY2NmI4OWU4NDIwZTkxOWFi
MDg2MjcwHhcNMjUwODA4MjEwMTMwWhcNMjUwODA5MjEwMTMwWjAzMTEwLwYDVQQD
EygxNjA2MjM0ZjY2ZWJjZDUzNjM4NjgzNTkyMjg2OGEzOGE3NGM5N2NkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuGici7D/cqnKygssqxhv+544Ym7y
19XhVei02KCjxUczwd7/RZ88yJKkM219ULN3GvqQ3R3lUhKipJKVtxRxlnNDksYC
c4ybGBxyvcr7TlK1CcTuHUoBJvWG+okBIyOx1S/i2+hAFNV8dt3P5uMcsINy+TAv
XhnQTFWayzU9wBGizBrK3pHqda+97FfziK1mZZdf9DRu61XM37ZBlYeSulYjnAkW
t4hwTh5CatyrJ/rV28PADqTtKrEOQG3FcW8c42yTtiwF8Fd81ze3TtK7iBVI8uVl
DZvMPCjJfdsvabrQEzMKcRwTduuE+en0BkkW1rb47ad6dGYrr7qNlISegQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBYGI09m681TY4aDWSKGijinTJfNMB8GA1UdIwQY
MBaAFGd3pihG307b5WZriehCDpGasIYnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWjNlbUtFYmZUdHZsWm11SjZFSU9rWnF3aGljLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi9jYjM3M2YtNzY0ZC00NTMyLTgzMzMt
NjJkOTRhZjgwMWI1LzEvWjNlbUtFYmZUdHZsWm11SjZFSU9rWnF3aGljLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZi9jYjM3M2YtNzY0ZC00NTMyLTgzMzMtNjJkOTRhZjgwMWI1
LzEvWjNlbUtFYmZUdHZsWm11SjZFSU9rWnF3aGljLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAfv69rexo
EIkq7iWn/8LL8/DJrygzTGoINmSaxekm8xAxA7+oCC+90pRxYxhLt1+gB6pXk0Nu
/bdicBzeJsCxtFRgT6kUfRZnLkphfdDgd8UHJ8Tu4p9PtoPb3C3eCswCxDPwaecK
psp2ZbXOybbTBQCiw/talf7GiHo1yT9W9MDB4g7ZaDyRKQ/W7WEvNJlKWpeKipsb
cakCDXfXAN+VXy0ol7vYjP34JS22+0RGhV0dZBS/yGNli3vG7R84Ia1NNTttoI+H
+R8C1kJW/ARZLt9xfO1e9plo/5k99Jv/gFF64mRmpT2uIDzFO4ZIzZYq1FrWO3G9
tCjO3hbg3sBd3A==
-----END CERTIFICATE-----
Generated at Sat Aug 9 05:50:56 2025 by rpki-client