Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/48/affaa1-0e7b-401e-a7c5-06270ea82154/1/NIVmBh42jK_xiBviusZzff08Hbo.mft
File:                     NIVmBh42jK_xiBviusZzff08Hbo.mft (raw, json)
Hash identifier:          ndlCR0RNuYPXMpPvbgSZPlW7En/m0cWwyYqOPQJZW3g=
Subject key identifier:   9E:22:4A:EE:3D:F6:AC:E1:3D:E2:A5:23:02:A1:4D:75:2F:4E:D3:4E
Authority key identifier: 34:85:66:06:1E:36:8C:AF:F1:88:1B:E2:BA:C6:73:7D:FD:3C:1D:BA
Certificate issuer:       /CN=348566061e368caff1881be2bac6737dfd3c1dba
Certificate serial:       01987B2DF16F19026C48CE3C62395F9E0594
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NIVmBh42jK_xiBviusZzff08Hbo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/48/affaa1-0e7b-401e-a7c5-06270ea82154/1/NIVmBh42jK_xiBviusZzff08Hbo.mft
Manifest number:          1619
Signing time:             Tue 05 Aug 2025 17:01:05 +0000
Manifest this update:     Tue 05 Aug 2025 17:01:05 +0000
Manifest next update:     Wed 06 Aug 2025 17:01:05 +0000
Files and hashes:         1: 0_2q2dp_nihFIcTaoAnETvnQKo4.roa (hash: bKtto0Xp3QOWNDaUxe4CkFxL1b1NtMArjGe69yHE/5w=)
                          2: NIVmBh42jK_xiBviusZzff08Hbo.crl (hash: yaXqahgTFLFenDLanhyG+3d7F3J3yleOezSd3Ow5C54=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/48/affaa1-0e7b-401e-a7c5-06270ea82154/1/NIVmBh42jK_xiBviusZzff08Hbo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/48/affaa1-0e7b-401e-a7c5-06270ea82154/1/NIVmBh42jK_xiBviusZzff08Hbo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/NIVmBh42jK_xiBviusZzff08Hbo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 06 Aug 2025 17:01:05 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:7b:2d:f1:6f:19:02:6c:48:ce:3c:62:39:5f:9e:05:94
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=348566061e368caff1881be2bac6737dfd3c1dba
        Validity
            Not Before: Aug  5 17:01:05 2025 GMT
            Not After : Aug  6 17:01:05 2025 GMT
        Subject: CN=9e224aee3df6ace13de2a52302a14d752f4ed34e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:a5:97:42:d4:b0:b8:69:71:e5:f8:c8:30:a5:
                    66:e3:c5:7e:b9:94:77:6c:50:a2:0d:44:5f:09:35:
                    57:97:a5:98:7b:e5:9d:90:64:7d:b6:81:2f:90:d8:
                    5c:22:c1:11:2b:1e:7e:14:d0:f5:db:f6:35:aa:8d:
                    a4:2e:f8:fa:ab:14:2a:e9:54:77:9d:fa:5d:3b:97:
                    56:59:1f:72:bc:79:01:93:d6:45:a0:f6:67:b6:8e:
                    cb:80:42:3d:34:f4:06:83:c7:3c:d2:76:41:93:d5:
                    60:2a:5e:88:4b:02:92:23:9f:85:c3:3d:23:17:60:
                    6d:eb:7d:8e:63:30:e0:c3:7a:6c:3d:9c:b9:b1:38:
                    69:75:c8:b6:7d:85:7c:1b:5b:bd:a4:1f:df:c5:5a:
                    0c:12:cd:ba:9f:b9:64:94:ed:d3:f6:20:7c:f4:09:
                    57:f1:46:59:bd:f7:e9:25:19:a5:a1:59:7f:1d:76:
                    32:bf:9f:0a:9e:48:94:8d:80:02:6c:b6:62:2f:c2:
                    18:de:bb:1d:aa:d9:13:7e:47:b4:61:95:6c:76:f0:
                    4e:bc:3d:44:d5:3a:a2:6a:2b:28:e7:60:0d:f4:12:
                    43:fd:84:a6:f7:54:49:62:4e:d9:9e:47:8e:1b:bd:
                    3a:2d:58:30:7c:42:bf:fe:e9:63:23:8e:23:95:95:
                    f0:61
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9E:22:4A:EE:3D:F6:AC:E1:3D:E2:A5:23:02:A1:4D:75:2F:4E:D3:4E
            X509v3 Authority Key Identifier:
                keyid:34:85:66:06:1E:36:8C:AF:F1:88:1B:E2:BA:C6:73:7D:FD:3C:1D:BA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NIVmBh42jK_xiBviusZzff08Hbo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/48/affaa1-0e7b-401e-a7c5-06270ea82154/1/NIVmBh42jK_xiBviusZzff08Hbo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/48/affaa1-0e7b-401e-a7c5-06270ea82154/1/NIVmBh42jK_xiBviusZzff08Hbo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         ac:6c:47:b3:0f:c8:e4:66:ac:45:3d:6b:66:70:42:a9:7f:7f:
         aa:bb:f3:a7:2f:e0:f8:9f:da:28:2d:c2:ab:57:16:2f:1c:3a:
         2a:d0:54:9f:4e:04:54:c7:4c:ec:2a:a2:13:08:ee:aa:f5:8f:
         2f:80:e7:2a:93:e3:a5:36:ae:2f:39:da:20:b2:8c:da:09:df:
         38:2d:59:00:e4:c0:44:92:c5:59:89:53:d2:9a:44:b7:fb:70:
         e6:34:ab:94:5e:41:c1:7a:a1:38:f8:2c:8e:b8:2b:44:ae:bc:
         16:52:69:4e:de:d0:a5:98:4c:ac:a3:b4:49:3b:c6:05:c3:3c:
         ce:b3:e0:38:f2:42:00:e9:9e:94:50:6c:2a:78:30:a5:36:41:
         1e:00:cf:84:97:1d:c2:52:0a:ba:aa:b4:b6:d8:bf:06:8e:32:
         f9:33:a7:51:ba:91:fc:11:66:61:03:91:16:ff:73:87:31:16:
         d0:43:2a:3f:af:c1:79:8e:92:69:45:83:ae:74:80:0a:a6:19:
         8e:53:f4:c9:9e:26:ba:db:72:f8:8d:c6:da:91:22:37:01:0d:
         20:c3:7e:4f:80:45:9b:8a:15:ca:dc:3a:f0:c2:b6:58:b9:00:
         92:da:96:0c:50:9c:a9:d0:2e:40:7c:e8:59:80:9c:c7:b3:df:
         ff:40:91:4c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZh7LfFvGQJsSM48YjlfngWUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0ODU2NjA2MWUzNjhjYWZmMTg4MWJlMmJhYzY3MzdkZmQz
YzFkYmEwHhcNMjUwODA1MTcwMTA1WhcNMjUwODA2MTcwMTA1WjAzMTEwLwYDVQQD
Eyg5ZTIyNGFlZTNkZjZhY2UxM2RlMmE1MjMwMmExNGQ3NTJmNGVkMzRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwaWXQtSwuGlx5fjIMKVm48V+uZR3
bFCiDURfCTVXl6WYe+WdkGR9toEvkNhcIsERKx5+FND12/Y1qo2kLvj6qxQq6VR3
nfpdO5dWWR9yvHkBk9ZFoPZnto7LgEI9NPQGg8c80nZBk9VgKl6ISwKSI5+Fwz0j
F2Bt632OYzDgw3psPZy5sThpdci2fYV8G1u9pB/fxVoMEs26n7lklO3T9iB89AlX
8UZZvffpJRmloVl/HXYyv58KnkiUjYACbLZiL8IY3rsdqtkTfke0YZVsdvBOvD1E
1Tqiaiso52AN9BJD/YSm91RJYk7ZnkeOG706LVgwfEK//uljI44jlZXwYQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJ4iSu499qzhPeKlIwKhTXUvTtNOMB8GA1UdIwQY
MBaAFDSFZgYeNoyv8Ygb4rrGc339PB26MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTklWbUJoNDJqS194aUJ2aXVzWnpmZjA4SGJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OC9hZmZhYTEtMGU3Yi00MDFlLWE3YzUt
MDYyNzBlYTgyMTU0LzEvTklWbUJoNDJqS194aUJ2aXVzWnpmZjA4SGJvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OC9hZmZhYTEtMGU3Yi00MDFlLWE3YzUtMDYyNzBlYTgyMTU0
LzEvTklWbUJoNDJqS194aUJ2aXVzWnpmZjA4SGJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEArGxHsw/I
5GasRT1rZnBCqX9/qrvzpy/g+J/aKC3Cq1cWLxw6KtBUn04EVMdM7CqiEwjuqvWP
L4DnKpPjpTauLznaILKM2gnfOC1ZAOTARJLFWYlT0ppEt/tw5jSrlF5BwXqhOPgs
jrgrRK68FlJpTt7QpZhMrKO0STvGBcM8zrPgOPJCAOmelFBsKngwpTZBHgDPhJcd
wlIKuqq0tti/Bo4y+TOnUbqR/BFmYQORFv9zhzEW0EMqP6/BeY6SaUWDrnSACqYZ
jlP0yZ4mutty+I3G2pEiNwENIMN+T4BFm4oVytw68MK2WLkAktqWDFCcqdAuQHzo
WYCcx7Pf/0CRTA==
-----END CERTIFICATE-----
Generated at Wed Aug 6 00:51:16 2025 by rpki-client