Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/04e8b2-c76f-4629-95ad-a7d945af14e5/1/U-Ou3ZG-gkUTQtzRyYKDRdtmGl8.mft
File:                     U-Ou3ZG-gkUTQtzRyYKDRdtmGl8.mft (raw, json)
Hash identifier:          ihjCyLa+ew4PxazkPmxw/wIRFK6SEKdBk1zuq43ZGY4=
Subject key identifier:   41:E0:0E:F4:78:1C:FA:9C:90:C3:F2:C0:A1:55:C4:BC:4F:B6:33:23
Authority key identifier: 53:E3:AE:DD:91:BE:82:45:13:42:DC:D1:C9:82:83:45:DB:66:1A:5F
Certificate issuer:       /CN=53e3aedd91be82451342dcd1c9828345db661a5f
Certificate serial:       0198906BB48AE2D7AA88D689B868D771F861
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/U-Ou3ZG-gkUTQtzRyYKDRdtmGl8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/35/04e8b2-c76f-4629-95ad-a7d945af14e5/1/U-Ou3ZG-gkUTQtzRyYKDRdtmGl8.mft
Manifest number:          08B1
Signing time:             Sat 09 Aug 2025 20:00:34 +0000
Manifest this update:     Sat 09 Aug 2025 20:00:34 +0000
Manifest next update:     Sun 10 Aug 2025 20:00:34 +0000
Files and hashes:         1: If5j4KjsWFg3kwDUxrHpbFCCjpg.roa (hash: iGbVOgQjxfoZ4tZTHfIMlZvCv27war8Yd/ywUcGl39o=)
                          2: U-Ou3ZG-gkUTQtzRyYKDRdtmGl8.crl (hash: RiRQcdEhaD26EEnVy31Jms5/ku/TJQMBT5GLl1S9lvg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/35/04e8b2-c76f-4629-95ad-a7d945af14e5/1/U-Ou3ZG-gkUTQtzRyYKDRdtmGl8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/35/04e8b2-c76f-4629-95ad-a7d945af14e5/1/U-Ou3ZG-gkUTQtzRyYKDRdtmGl8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/U-Ou3ZG-gkUTQtzRyYKDRdtmGl8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 10 Aug 2025 14:00:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:90:6b:b4:8a:e2:d7:aa:88:d6:89:b8:68:d7:71:f8:61
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=53e3aedd91be82451342dcd1c9828345db661a5f
        Validity
            Not Before: Aug  9 20:00:34 2025 GMT
            Not After : Aug 10 20:00:34 2025 GMT
        Subject: CN=41e00ef4781cfa9c90c3f2c0a155c4bc4fb63323
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:44:cf:eb:0d:a2:25:76:41:17:3e:de:3f:c6:
                    b5:18:4b:80:7e:ad:75:97:b2:ce:9e:b6:25:70:1b:
                    b0:34:6d:9a:8a:4d:18:b2:a4:f6:c2:fb:e3:2a:13:
                    b4:62:38:70:a4:77:4d:38:e1:0c:73:bb:30:32:c1:
                    c7:29:ce:c2:73:51:ab:6c:7e:8b:ee:b3:54:e6:1f:
                    65:45:bf:9a:b0:f3:93:ac:73:8f:4d:fc:ce:80:95:
                    1e:0f:22:7a:6f:1b:81:96:b4:c5:b3:8b:d2:87:72:
                    e3:98:b9:34:1b:50:6c:01:84:dc:a6:22:02:95:ab:
                    91:3a:12:98:79:ca:ea:bc:6b:8e:23:15:e0:de:81:
                    8d:ac:41:70:40:a6:cd:9c:58:49:5e:ba:35:49:1d:
                    31:98:e2:fa:0f:ad:e0:9e:74:55:e7:bb:a5:b3:56:
                    6c:eb:70:6d:e2:02:0f:f8:b1:39:59:f5:55:01:e4:
                    d1:7b:9b:a7:0d:b9:5a:d1:79:fe:04:86:87:f4:9e:
                    cc:c5:c2:b7:3c:4e:50:ee:dc:f9:58:68:bb:32:e6:
                    20:7e:8c:f6:ab:66:d6:db:ff:ab:3d:39:ca:76:97:
                    0e:4e:8e:7b:30:99:55:d3:fc:2f:60:04:4e:97:db:
                    c3:c0:17:d5:fd:20:82:a0:b4:db:25:5b:21:72:19:
                    8a:a3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                41:E0:0E:F4:78:1C:FA:9C:90:C3:F2:C0:A1:55:C4:BC:4F:B6:33:23
            X509v3 Authority Key Identifier:
                keyid:53:E3:AE:DD:91:BE:82:45:13:42:DC:D1:C9:82:83:45:DB:66:1A:5F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/U-Ou3ZG-gkUTQtzRyYKDRdtmGl8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/04e8b2-c76f-4629-95ad-a7d945af14e5/1/U-Ou3ZG-gkUTQtzRyYKDRdtmGl8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/35/04e8b2-c76f-4629-95ad-a7d945af14e5/1/U-Ou3ZG-gkUTQtzRyYKDRdtmGl8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         77:e5:c4:3c:9d:41:87:97:a5:77:e8:67:64:26:ac:7f:10:8e:
         9c:17:94:64:8d:18:f5:e7:fd:62:a8:28:01:e6:9a:02:db:7f:
         fa:17:6d:8f:81:7a:24:a8:b8:62:e9:48:f5:d7:1a:91:5f:31:
         64:04:ec:8e:49:3a:f0:73:2e:2d:af:a5:b7:24:54:b4:f2:be:
         11:f0:30:56:be:45:ad:27:8d:b7:47:78:89:0f:5f:2a:ef:83:
         d3:e9:65:f7:8e:0f:37:f9:00:c2:48:58:c8:67:fb:60:78:bb:
         30:01:6a:f0:2c:42:68:10:ed:84:b6:03:fc:ed:3f:10:5a:73:
         c3:85:40:a6:97:fe:a0:1f:fa:7b:fe:fa:4c:0a:6d:c5:92:c2:
         42:84:1b:51:78:b7:f2:99:81:ec:3f:9c:87:8e:ff:1e:26:c2:
         27:75:a9:ca:0c:9f:48:ff:fa:cd:8c:cd:33:0b:c8:cb:5f:56:
         4c:1b:2c:73:19:e6:db:ee:70:d3:c6:ce:90:23:64:aa:8b:24:
         b7:ee:8c:3b:f6:a7:2a:54:4d:b4:8a:82:dd:b4:00:f4:e8:2e:
         18:c0:4c:a2:b2:6b:98:b2:49:e3:47:5d:19:dc:59:0a:58:6c:
         de:2c:8b:c9:bd:79:cc:03:90:c0:1d:d9:52:7d:c4:2b:84:7a:
         d0:06:6b:8f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZiQa7SK4teqiNaJuGjXcfhhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUzZTNhZWRkOTFiZTgyNDUxMzQyZGNkMWM5ODI4MzQ1ZGI2
NjFhNWYwHhcNMjUwODA5MjAwMDM0WhcNMjUwODEwMjAwMDM0WjAzMTEwLwYDVQQD
Eyg0MWUwMGVmNDc4MWNmYTljOTBjM2YyYzBhMTU1YzRiYzRmYjYzMzIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvkTP6w2iJXZBFz7eP8a1GEuAfq11
l7LOnrYlcBuwNG2aik0YsqT2wvvjKhO0YjhwpHdNOOEMc7swMsHHKc7Cc1GrbH6L
7rNU5h9lRb+asPOTrHOPTfzOgJUeDyJ6bxuBlrTFs4vSh3LjmLk0G1BsAYTcpiIC
lauROhKYecrqvGuOIxXg3oGNrEFwQKbNnFhJXro1SR0xmOL6D63gnnRV57uls1Zs
63Bt4gIP+LE5WfVVAeTRe5unDbla0Xn+BIaH9J7MxcK3PE5Q7tz5WGi7MuYgfoz2
q2bW2/+rPTnKdpcOTo57MJlV0/wvYAROl9vDwBfV/SCCoLTbJVshchmKowIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEHgDvR4HPqckMPywKFVxLxPtjMjMB8GA1UdIwQY
MBaAFFPjrt2RvoJFE0Lc0cmCg0XbZhpfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVS1PdTNaRy1na1VUUXR6UnlZS0RSZHRtR2w4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS8wNGU4YjItYzc2Zi00NjI5LTk1YWQt
YTdkOTQ1YWYxNGU1LzEvVS1PdTNaRy1na1VUUXR6UnlZS0RSZHRtR2w4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS8wNGU4YjItYzc2Zi00NjI5LTk1YWQtYTdkOTQ1YWYxNGU1
LzEvVS1PdTNaRy1na1VUUXR6UnlZS0RSZHRtR2w4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAd+XEPJ1B
h5eld+hnZCasfxCOnBeUZI0Y9ef9YqgoAeaaAtt/+hdtj4F6JKi4YulI9dcakV8x
ZATsjkk68HMuLa+ltyRUtPK+EfAwVr5FrSeNt0d4iQ9fKu+D0+ll944PN/kAwkhY
yGf7YHi7MAFq8CxCaBDthLYD/O0/EFpzw4VAppf+oB/6e/76TAptxZLCQoQbUXi3
8pmB7D+ch47/HibCJ3WpygyfSP/6zYzNMwvIy19WTBsscxnm2+5w08bOkCNkqosk
t+6MO/anKlRNtIqC3bQA9OguGMBMorJrmLJJ40ddGdxZClhs3iyLyb15zAOQwB3Z
Un3EK4R60AZrjw==
-----END CERTIFICATE-----
Generated at Sat Aug 9 22:38:30 2025 by rpki-client