Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/37/06ca5d-d0c4-4215-8968-b6d4c4fc0c21/1/kMuqazbmzWh0x47UWk-N1xcwMdk.mft
File:                     kMuqazbmzWh0x47UWk-N1xcwMdk.mft (raw, json)
Hash identifier:          nc/22sQ75mgwh2NAWi505YBx/AC436y1MXCxqCzj94E=
Subject key identifier:   BA:B7:77:F1:7E:B7:CD:52:D8:1F:FB:3F:41:1B:43:24:82:13:46:6F
Authority key identifier: 90:CB:AA:6B:36:E6:CD:68:74:C7:8E:D4:5A:4F:8D:D7:17:30:31:D9
Certificate issuer:       /CN=90cbaa6b36e6cd6874c78ed45a4f8dd7173031d9
Certificate serial:       019885B130EB2FA20193B2934176BDA19341
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/kMuqazbmzWh0x47UWk-N1xcwMdk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/37/06ca5d-d0c4-4215-8968-b6d4c4fc0c21/1/kMuqazbmzWh0x47UWk-N1xcwMdk.mft
Manifest number:          0B91
Signing time:             Thu 07 Aug 2025 18:00:38 +0000
Manifest this update:     Thu 07 Aug 2025 18:00:38 +0000
Manifest next update:     Fri 08 Aug 2025 18:00:38 +0000
Files and hashes:         1: c4U2evb93678CsrZ2ZQQemAPoFw.roa (hash: 5ZLOIZ+BzX8i3ipSMR9csvqZ6+nojKYy3y5RkNukgEE=)
                          2: kMuqazbmzWh0x47UWk-N1xcwMdk.crl (hash: Vv0GUNXDAs+mJDqebsgB9fQfpM3qQmyr2zfv1FQ2eDQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/37/06ca5d-d0c4-4215-8968-b6d4c4fc0c21/1/kMuqazbmzWh0x47UWk-N1xcwMdk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/37/06ca5d-d0c4-4215-8968-b6d4c4fc0c21/1/kMuqazbmzWh0x47UWk-N1xcwMdk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/kMuqazbmzWh0x47UWk-N1xcwMdk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 08 Aug 2025 16:13:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:85:b1:30:eb:2f:a2:01:93:b2:93:41:76:bd:a1:93:41
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=90cbaa6b36e6cd6874c78ed45a4f8dd7173031d9
        Validity
            Not Before: Aug  7 18:00:38 2025 GMT
            Not After : Aug  8 18:00:38 2025 GMT
        Subject: CN=bab777f17eb7cd52d81ffb3f411b43248213466f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:f1:9b:be:95:74:4b:8e:18:89:8f:84:e9:b4:
                    7c:7c:24:f1:40:8a:85:7b:c5:67:4d:bb:7c:8f:b2:
                    7b:8e:a9:55:a3:ba:cd:1a:0c:84:61:0c:30:f4:33:
                    68:e5:7e:22:d2:bc:1d:f0:16:27:8a:d0:4e:a1:db:
                    5f:3c:e5:97:ff:86:1b:e4:cb:1b:4f:05:3a:60:86:
                    4e:15:1b:62:42:f8:d5:a8:20:6b:53:28:2a:75:bf:
                    df:c9:ed:f6:80:9e:19:0c:d1:94:4c:86:25:f9:c7:
                    78:38:60:82:e7:06:e0:e7:23:3c:1f:ce:b1:a6:35:
                    a3:ba:7d:24:39:de:37:69:bf:8b:5e:c2:74:3f:fa:
                    47:11:89:e3:2d:72:a0:b1:8f:b1:d8:75:b3:91:f5:
                    23:de:da:6f:83:c4:f8:1d:01:4f:31:65:df:18:12:
                    9f:78:ef:9a:cd:e9:4f:d2:e0:7d:c9:f9:77:a5:ac:
                    54:0e:80:88:56:1b:ce:c3:41:c8:21:53:d0:a0:ba:
                    e6:45:5f:f2:e6:8c:bc:1d:ea:38:f0:94:70:7e:98:
                    a9:9c:60:82:d3:cc:65:c7:5e:2e:b9:0e:8a:e2:22:
                    95:44:63:c0:05:23:17:b7:39:d5:10:dd:06:d6:db:
                    d7:a0:41:55:86:b3:4d:f2:36:44:5d:83:47:20:3a:
                    2a:3f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BA:B7:77:F1:7E:B7:CD:52:D8:1F:FB:3F:41:1B:43:24:82:13:46:6F
            X509v3 Authority Key Identifier:
                keyid:90:CB:AA:6B:36:E6:CD:68:74:C7:8E:D4:5A:4F:8D:D7:17:30:31:D9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kMuqazbmzWh0x47UWk-N1xcwMdk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/37/06ca5d-d0c4-4215-8968-b6d4c4fc0c21/1/kMuqazbmzWh0x47UWk-N1xcwMdk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/37/06ca5d-d0c4-4215-8968-b6d4c4fc0c21/1/kMuqazbmzWh0x47UWk-N1xcwMdk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1e:a4:7d:2a:74:05:ea:01:c4:99:f0:53:64:64:62:4a:b1:b0:
         9f:e9:1c:9a:7f:24:c5:31:20:07:16:b7:55:f4:7f:5b:9f:f4:
         bb:11:2c:cb:9c:34:f2:06:dc:d1:c4:96:85:13:99:18:e7:57:
         cc:4b:00:ad:bd:71:30:d3:01:74:74:f8:75:e2:35:96:57:db:
         25:3f:be:d0:7c:73:d5:67:86:e3:05:24:81:36:f7:cb:38:cc:
         54:a5:5d:f3:0f:22:5b:56:ac:ae:89:a3:26:ed:1f:da:65:b5:
         af:72:f7:e5:79:61:51:4d:ca:d8:1b:a8:ef:97:8f:2d:3d:e5:
         64:6d:90:e2:81:f1:4b:85:96:11:0f:78:ef:fc:24:6f:ab:a9:
         ba:a3:16:04:e7:fa:e2:cc:b4:c0:ee:41:3e:54:a3:0a:4f:7b:
         b1:ac:ba:20:b6:e9:65:e7:ea:17:21:de:92:df:81:0d:9b:02:
         35:ec:f6:8e:78:9e:b3:f9:89:84:c2:a6:03:9f:50:26:b8:23:
         55:52:75:48:06:fe:29:6b:74:44:a4:a4:79:31:b3:c1:de:b5:
         33:33:75:63:ca:38:9c:5a:9a:3e:fc:45:b6:c5:c3:79:32:58:
         7b:2d:5c:3c:84:c5:e9:a8:cc:0e:92:c0:af:10:a3:a3:df:22:
         64:7a:be:91
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZiFsTDrL6IBk7KTQXa9oZNBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkwY2JhYTZiMzZlNmNkNjg3NGM3OGVkNDVhNGY4ZGQ3MTcz
MDMxZDkwHhcNMjUwODA3MTgwMDM4WhcNMjUwODA4MTgwMDM4WjAzMTEwLwYDVQQD
EyhiYWI3NzdmMTdlYjdjZDUyZDgxZmZiM2Y0MTFiNDMyNDgyMTM0NjZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsfGbvpV0S44YiY+E6bR8fCTxQIqF
e8VnTbt8j7J7jqlVo7rNGgyEYQww9DNo5X4i0rwd8BYnitBOodtfPOWX/4Yb5Msb
TwU6YIZOFRtiQvjVqCBrUygqdb/fye32gJ4ZDNGUTIYl+cd4OGCC5wbg5yM8H86x
pjWjun0kOd43ab+LXsJ0P/pHEYnjLXKgsY+x2HWzkfUj3tpvg8T4HQFPMWXfGBKf
eO+azelP0uB9yfl3paxUDoCIVhvOw0HIIVPQoLrmRV/y5oy8Heo48JRwfpipnGCC
08xlx14uuQ6K4iKVRGPABSMXtznVEN0G1tvXoEFVhrNN8jZEXYNHIDoqPwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLq3d/F+t81S2B/7P0EbQySCE0ZvMB8GA1UdIwQY
MBaAFJDLqms25s1odMeO1FpPjdcXMDHZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva011cWF6Ym16V2gweDQ3VVdrLU4xeGN3TWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNy8wNmNhNWQtZDBjNC00MjE1LTg5Njgt
YjZkNGM0ZmMwYzIxLzEva011cWF6Ym16V2gweDQ3VVdrLU4xeGN3TWRrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNy8wNmNhNWQtZDBjNC00MjE1LTg5NjgtYjZkNGM0ZmMwYzIx
LzEva011cWF6Ym16V2gweDQ3VVdrLU4xeGN3TWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHqR9KnQF
6gHEmfBTZGRiSrGwn+kcmn8kxTEgBxa3VfR/W5/0uxEsy5w08gbc0cSWhROZGOdX
zEsArb1xMNMBdHT4deI1llfbJT++0Hxz1WeG4wUkgTb3yzjMVKVd8w8iW1asromj
Ju0f2mW1r3L35XlhUU3K2Buo75ePLT3lZG2Q4oHxS4WWEQ947/wkb6upuqMWBOf6
4sy0wO5BPlSjCk97say6ILbpZefqFyHekt+BDZsCNez2jnies/mJhMKmA59QJrgj
VVJ1SAb+KWt0RKSkeTGzwd61MzN1Y8o4nFqaPvxFtsXDeTJYey1cPITF6ajMDpLA
rxCjo98iZHq+kQ==
-----END CERTIFICATE-----
Generated at Thu Aug 7 20:15:14 2025 by rpki-client