Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3c/b2e528-f1f5-4c05-93ee-ca15ebf37ec7/1/zkK0OF5XcvUdWI4rtyGaEiOZWHo.mft
File:                     zkK0OF5XcvUdWI4rtyGaEiOZWHo.mft (raw, json)
Hash identifier:          gR9yo7pla2i1YpWkVYwxqyeSItevVF5ax9+QXUD17fI=
Subject key identifier:   2C:05:5A:D0:F1:B6:00:74:25:7D:5C:4D:CB:03:90:61:6D:18:11:28
Authority key identifier: CE:42:B4:38:5E:57:72:F5:1D:58:8E:2B:B7:21:9A:12:23:99:58:7A
Certificate issuer:       /CN=ce42b4385e5772f51d588e2bb7219a122399587a
Certificate serial:       0198744FED7E7E2F60B493C34B130903D974
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/zkK0OF5XcvUdWI4rtyGaEiOZWHo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3c/b2e528-f1f5-4c05-93ee-ca15ebf37ec7/1/zkK0OF5XcvUdWI4rtyGaEiOZWHo.mft
Manifest number:          0A3B
Signing time:             Mon 04 Aug 2025 09:00:51 +0000
Manifest this update:     Mon 04 Aug 2025 09:00:51 +0000
Manifest next update:     Tue 05 Aug 2025 09:00:51 +0000
Files and hashes:         1: zkK0OF5XcvUdWI4rtyGaEiOZWHo.crl (hash: 60SGW+Jg2AuAP4BPdBHUh4lulvxWRIBFg3GjlyuHBmU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3c/b2e528-f1f5-4c05-93ee-ca15ebf37ec7/1/zkK0OF5XcvUdWI4rtyGaEiOZWHo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3c/b2e528-f1f5-4c05-93ee-ca15ebf37ec7/1/zkK0OF5XcvUdWI4rtyGaEiOZWHo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/zkK0OF5XcvUdWI4rtyGaEiOZWHo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 05 Aug 2025 03:00:28 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:74:4f:ed:7e:7e:2f:60:b4:93:c3:4b:13:09:03:d9:74
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ce42b4385e5772f51d588e2bb7219a122399587a
        Validity
            Not Before: Aug  4 09:00:51 2025 GMT
            Not After : Aug  5 09:00:51 2025 GMT
        Subject: CN=2c055ad0f1b60074257d5c4dcb0390616d181128
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9e:3f:e3:c1:10:47:3c:a7:e6:e7:64:33:60:1e:
                    6b:04:93:48:40:d0:53:c9:66:c8:df:5c:c4:bc:14:
                    8e:d1:bc:9c:65:74:f8:42:d3:dd:ea:fb:83:f4:43:
                    9a:bf:b1:b2:5a:82:0d:9d:58:eb:32:fb:ca:2c:64:
                    e2:9d:08:03:a6:9d:c2:c4:22:97:2a:3d:1b:1b:4e:
                    c2:d7:64:df:bb:2a:86:30:33:e4:a5:7e:25:ff:59:
                    7c:09:7f:fa:03:ba:c7:26:e9:41:aa:25:fc:02:d2:
                    53:4e:cd:3a:6d:84:4e:de:2d:82:85:da:8a:11:b9:
                    b3:04:78:91:38:03:b7:08:f8:d7:9e:d2:d0:06:d7:
                    81:ee:81:3a:9c:eb:b5:41:40:d4:67:6f:e1:7c:51:
                    75:c1:5f:c3:89:f0:e1:37:24:ae:d3:46:ae:1a:dd:
                    ed:fd:f6:4a:7e:df:8a:b1:d7:89:1f:03:b6:0f:ae:
                    32:a4:a1:57:7e:e6:91:fe:7e:27:96:34:3d:6f:4f:
                    ce:f6:97:da:45:b6:ce:74:53:8c:9d:73:3c:f9:76:
                    e6:39:06:4e:05:07:71:47:b6:98:11:e4:54:92:4b:
                    1c:fe:6c:1b:55:fa:25:57:6f:fd:4c:33:0f:72:a8:
                    af:e6:6a:4e:e5:df:e5:6b:a0:dd:4b:22:c0:2b:32:
                    ec:45
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2C:05:5A:D0:F1:B6:00:74:25:7D:5C:4D:CB:03:90:61:6D:18:11:28
            X509v3 Authority Key Identifier:
                keyid:CE:42:B4:38:5E:57:72:F5:1D:58:8E:2B:B7:21:9A:12:23:99:58:7A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zkK0OF5XcvUdWI4rtyGaEiOZWHo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/b2e528-f1f5-4c05-93ee-ca15ebf37ec7/1/zkK0OF5XcvUdWI4rtyGaEiOZWHo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/b2e528-f1f5-4c05-93ee-ca15ebf37ec7/1/zkK0OF5XcvUdWI4rtyGaEiOZWHo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         65:56:35:44:db:58:fe:75:62:2d:4b:2e:bb:10:02:c7:cc:8f:
         46:1e:f8:88:ee:77:71:1e:ad:ab:fa:18:6f:c3:80:e6:f8:b0:
         b3:6d:cb:d4:ee:c6:32:ca:f5:f3:d2:92:c1:2d:21:e4:e4:a2:
         50:9d:b3:01:a4:26:28:a2:d1:02:c3:65:3f:5e:55:47:dd:91:
         d2:7d:11:9d:05:94:d7:49:07:03:96:06:49:72:87:c7:e5:3c:
         c1:91:d0:e0:77:10:4c:7e:e0:5a:c7:4f:94:e9:e2:5c:e3:7c:
         ea:41:80:81:86:cf:66:7b:2f:86:58:44:65:14:60:4e:1a:7f:
         30:07:89:be:2e:64:fd:69:0f:0a:56:e3:a3:fd:c0:95:9d:ac:
         80:79:a7:37:6f:37:77:c3:10:71:80:d9:30:d6:84:8d:0e:9c:
         cb:de:cc:cf:14:1e:11:9d:00:63:dc:73:63:cf:2b:c9:5e:7f:
         c7:02:ac:6c:a7:06:df:71:ee:bc:5d:ab:db:85:f5:f6:dd:a0:
         a9:0c:4d:c4:61:00:1c:92:f3:16:14:aa:ac:8a:d1:a3:61:43:
         9e:09:d1:bb:4b:5b:dc:c1:6b:c2:2d:8e:a5:74:ba:33:52:9b:
         9f:39:4b:fc:08:01:a1:db:15:35:63:7e:9a:01:f3:53:3b:fa:
         a3:d8:e4:d6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZh0T+1+fi9gtJPDSxMJA9l0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNlNDJiNDM4NWU1NzcyZjUxZDU4OGUyYmI3MjE5YTEyMjM5
OTU4N2EwHhcNMjUwODA0MDkwMDUxWhcNMjUwODA1MDkwMDUxWjAzMTEwLwYDVQQD
EygyYzA1NWFkMGYxYjYwMDc0MjU3ZDVjNGRjYjAzOTA2MTZkMTgxMTI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnj/jwRBHPKfm52QzYB5rBJNIQNBT
yWbI31zEvBSO0bycZXT4QtPd6vuD9EOav7GyWoINnVjrMvvKLGTinQgDpp3CxCKX
Kj0bG07C12TfuyqGMDPkpX4l/1l8CX/6A7rHJulBqiX8AtJTTs06bYRO3i2ChdqK
EbmzBHiROAO3CPjXntLQBteB7oE6nOu1QUDUZ2/hfFF1wV/DifDhNySu00auGt3t
/fZKft+KsdeJHwO2D64ypKFXfuaR/n4nljQ9b0/O9pfaRbbOdFOMnXM8+XbmOQZO
BQdxR7aYEeRUkksc/mwbVfolV2/9TDMPcqiv5mpO5d/la6DdSyLAKzLsRQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCwFWtDxtgB0JX1cTcsDkGFtGBEoMB8GA1UdIwQY
MBaAFM5CtDheV3L1HViOK7chmhIjmVh6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemtLME9GNVhjdlVkV0k0cnR5R2FFaU9aV0hvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYy9iMmU1MjgtZjFmNS00YzA1LTkzZWUt
Y2ExNWViZjM3ZWM3LzEvemtLME9GNVhjdlVkV0k0cnR5R2FFaU9aV0hvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYy9iMmU1MjgtZjFmNS00YzA1LTkzZWUtY2ExNWViZjM3ZWM3
LzEvemtLME9GNVhjdlVkV0k0cnR5R2FFaU9aV0hvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZVY1RNtY
/nViLUsuuxACx8yPRh74iO53cR6tq/oYb8OA5viws23L1O7GMsr189KSwS0h5OSi
UJ2zAaQmKKLRAsNlP15VR92R0n0RnQWU10kHA5YGSXKHx+U8wZHQ4HcQTH7gWsdP
lOniXON86kGAgYbPZnsvhlhEZRRgThp/MAeJvi5k/WkPClbjo/3AlZ2sgHmnN283
d8MQcYDZMNaEjQ6cy97MzxQeEZ0AY9xzY88ryV5/xwKsbKcG33HuvF2r24X19t2g
qQxNxGEAHJLzFhSqrIrRo2FDngnRu0tb3MFrwi2OpXS6M1KbnzlL/AgBodsVNWN+
mgHzUzv6o9jk1g==
-----END CERTIFICATE-----
Generated at Mon Aug 4 11:06:06 2025 by rpki-client