Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/9a08b0-cfec-4c91-b8eb-4abadb5aea9a/1/TQiJTKQFMefSApQJEojnetEsKXk.mft
File:                     TQiJTKQFMefSApQJEojnetEsKXk.mft (raw, json)
Hash identifier:          ZgDrHUlC0nzKqMBlH+8ADAl7oMvGHtwlLrhrwR+2YXk=
Subject key identifier:   FE:EF:3F:4E:91:5D:DC:AB:C6:2C:8F:8C:BF:28:47:A0:8B:03:EB:97
Authority key identifier: 4D:08:89:4C:A4:05:31:E7:D2:02:94:09:12:88:E7:7A:D1:2C:29:79
Certificate issuer:       /CN=4d08894ca40531e7d20294091288e77ad12c2979
Certificate serial:       01988F59987A1AE95FD827816D266B1F067A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/TQiJTKQFMefSApQJEojnetEsKXk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/35/9a08b0-cfec-4c91-b8eb-4abadb5aea9a/1/TQiJTKQFMefSApQJEojnetEsKXk.mft
Manifest number:          06EC
Signing time:             Sat 09 Aug 2025 15:01:10 +0000
Manifest this update:     Sat 09 Aug 2025 15:01:10 +0000
Manifest next update:     Sun 10 Aug 2025 15:01:10 +0000
Files and hashes:         1: 9vSYuCdAG_e0E6RGGzb6agTE0BM.roa (hash: QacZLKOpB/Eo9Q8tjYWI0KN++SKGpTz/tW+UR9tDqD0=)
                          2: TQiJTKQFMefSApQJEojnetEsKXk.crl (hash: gJbCn+X01JeFejIIhChx2AIok5RJ5OFBet/xjwNT4xA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/35/9a08b0-cfec-4c91-b8eb-4abadb5aea9a/1/TQiJTKQFMefSApQJEojnetEsKXk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/35/9a08b0-cfec-4c91-b8eb-4abadb5aea9a/1/TQiJTKQFMefSApQJEojnetEsKXk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/TQiJTKQFMefSApQJEojnetEsKXk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 10 Aug 2025 14:00:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:8f:59:98:7a:1a:e9:5f:d8:27:81:6d:26:6b:1f:06:7a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4d08894ca40531e7d20294091288e77ad12c2979
        Validity
            Not Before: Aug  9 15:01:10 2025 GMT
            Not After : Aug 10 15:01:10 2025 GMT
        Subject: CN=feef3f4e915ddcabc62c8f8cbf2847a08b03eb97
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cf:40:bf:06:54:f2:3d:21:6a:69:9a:63:3f:69:
                    c8:1a:80:52:d9:34:6f:2a:41:bb:b4:fd:ba:69:0c:
                    3d:95:11:44:c4:e6:8b:d5:0a:d9:ec:80:64:f6:fe:
                    01:0a:f4:b8:29:d2:a0:53:71:d8:be:ea:90:a2:23:
                    8c:2f:d1:79:b8:08:e5:b5:c3:3b:5a:ac:da:b4:1e:
                    ae:ec:8a:74:9c:f9:79:ec:1d:5a:f9:17:ad:c0:bc:
                    9f:67:22:56:5a:e3:95:8d:b3:c6:ac:20:48:3e:ec:
                    e8:e8:5e:19:0b:f4:d1:7a:83:4b:45:8e:53:14:84:
                    c1:30:72:82:d6:68:54:79:93:50:11:fc:02:6d:43:
                    71:15:ba:7e:86:e1:0e:7e:a0:a7:c0:c0:22:91:21:
                    c8:cf:a1:1a:8d:ef:0f:48:8c:6c:50:69:d0:e1:29:
                    fb:65:00:10:af:40:5a:53:59:c8:eb:ff:b7:97:f7:
                    70:9d:81:8a:b4:57:68:10:0a:87:41:f8:ee:7a:4c:
                    ac:c6:51:ef:7a:5f:ed:3f:ac:4a:b2:23:41:84:c9:
                    fc:0e:e1:88:fa:bb:df:78:4c:48:ae:90:22:3e:cf:
                    ec:84:30:5b:fd:cf:a7:0e:d4:54:f0:78:90:e4:23:
                    02:44:b2:7a:18:a3:2c:2d:98:26:3b:3a:5b:a5:ea:
                    cb:5b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FE:EF:3F:4E:91:5D:DC:AB:C6:2C:8F:8C:BF:28:47:A0:8B:03:EB:97
            X509v3 Authority Key Identifier:
                keyid:4D:08:89:4C:A4:05:31:E7:D2:02:94:09:12:88:E7:7A:D1:2C:29:79

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TQiJTKQFMefSApQJEojnetEsKXk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/9a08b0-cfec-4c91-b8eb-4abadb5aea9a/1/TQiJTKQFMefSApQJEojnetEsKXk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/35/9a08b0-cfec-4c91-b8eb-4abadb5aea9a/1/TQiJTKQFMefSApQJEojnetEsKXk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         ac:ba:9b:2f:6c:0f:d2:cb:83:92:18:57:f7:d3:1a:d4:e5:75:
         3d:e4:af:ea:6d:a0:2e:f7:46:ed:ee:b3:e4:65:b6:84:87:3f:
         6c:00:7d:12:52:b3:7d:b6:24:db:ff:9f:9a:d2:3f:69:dc:20:
         60:48:7c:ad:11:5d:b4:7e:e7:19:74:9f:80:b3:80:f3:13:9f:
         1c:3d:b2:a2:24:b4:61:a2:e2:ef:01:19:52:a5:27:16:99:0d:
         dd:73:37:f2:56:27:24:78:4d:85:46:e7:85:56:4e:f3:70:55:
         98:67:2d:7f:87:c1:72:f4:d9:54:44:9a:be:c1:eb:a6:df:ee:
         64:1c:ea:94:b9:9b:9c:b8:a5:08:1f:a6:f8:7b:9b:a0:f3:14:
         a4:e2:78:0e:db:a0:0f:97:0b:05:b7:1b:9e:26:f5:ad:75:44:
         07:af:d2:87:81:f2:a7:88:a9:75:17:f5:fa:51:23:05:70:e7:
         5f:d2:2f:3d:ca:99:06:89:30:04:80:cb:78:51:1b:c0:75:4f:
         67:25:a3:1a:4b:83:60:5e:83:7f:d8:e0:57:52:58:a5:a0:f0:
         ea:b1:39:1d:e5:fb:f6:5b:91:57:d3:90:a5:c8:9c:66:3d:2a:
         fd:84:ec:61:f1:98:1f:ef:ae:2c:88:9f:33:b1:6b:a9:cb:5e:
         61:e6:5c:45
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZiPWZh6Gulf2CeBbSZrHwZ6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRkMDg4OTRjYTQwNTMxZTdkMjAyOTQwOTEyODhlNzdhZDEy
YzI5NzkwHhcNMjUwODA5MTUwMTEwWhcNMjUwODEwMTUwMTEwWjAzMTEwLwYDVQQD
EyhmZWVmM2Y0ZTkxNWRkY2FiYzYyYzhmOGNiZjI4NDdhMDhiMDNlYjk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz0C/BlTyPSFqaZpjP2nIGoBS2TRv
KkG7tP26aQw9lRFExOaL1QrZ7IBk9v4BCvS4KdKgU3HYvuqQoiOML9F5uAjltcM7
WqzatB6u7Ip0nPl57B1a+RetwLyfZyJWWuOVjbPGrCBIPuzo6F4ZC/TReoNLRY5T
FITBMHKC1mhUeZNQEfwCbUNxFbp+huEOfqCnwMAikSHIz6Eaje8PSIxsUGnQ4Sn7
ZQAQr0BaU1nI6/+3l/dwnYGKtFdoEAqHQfjuekysxlHvel/tP6xKsiNBhMn8DuGI
+rvfeExIrpAiPs/shDBb/c+nDtRU8HiQ5CMCRLJ6GKMsLZgmOzpbperLWwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFP7vP06RXdyrxiyPjL8oR6CLA+uXMB8GA1UdIwQY
MBaAFE0IiUykBTHn0gKUCRKI53rRLCl5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVFFpSlRLUUZNZWZTQXBRSkVvam5ldEVzS1hrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS85YTA4YjAtY2ZlYy00YzkxLWI4ZWIt
NGFiYWRiNWFlYTlhLzEvVFFpSlRLUUZNZWZTQXBRSkVvam5ldEVzS1hrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS85YTA4YjAtY2ZlYy00YzkxLWI4ZWItNGFiYWRiNWFlYTlh
LzEvVFFpSlRLUUZNZWZTQXBRSkVvam5ldEVzS1hrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEArLqbL2wP
0suDkhhX99Ma1OV1PeSv6m2gLvdG7e6z5GW2hIc/bAB9ElKzfbYk2/+fmtI/adwg
YEh8rRFdtH7nGXSfgLOA8xOfHD2yoiS0YaLi7wEZUqUnFpkN3XM38lYnJHhNhUbn
hVZO83BVmGctf4fBcvTZVESavsHrpt/uZBzqlLmbnLilCB+m+HuboPMUpOJ4Dtug
D5cLBbcbnib1rXVEB6/Sh4Hyp4ipdRf1+lEjBXDnX9IvPcqZBokwBIDLeFEbwHVP
ZyWjGkuDYF6Df9jgV1JYpaDw6rE5HeX79luRV9OQpcicZj0q/YTsYfGYH++uLIif
M7FrqcteYeZcRQ==
-----END CERTIFICATE-----
Generated at Sat Aug 9 22:37:26 2025 by rpki-client