Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4a/ea2b41-7dc6-45a4-aa08-3151a1794b97/1/NYx3zUAYPEEVsr8NznFuC8XQv9U.mft
File:                     NYx3zUAYPEEVsr8NznFuC8XQv9U.mft (raw, json)
Hash identifier:          gQMdFvBwLceSv9+xCv7dqZJUpNDDEp9leZJMuNG+KiI=
Subject key identifier:   AB:D6:50:54:38:9F:01:F6:18:D1:01:65:93:AE:E3:AF:5D:74:BD:38
Authority key identifier: 35:8C:77:CD:40:18:3C:41:15:B2:BF:0D:CE:71:6E:0B:C5:D0:BF:D5
Certificate issuer:       /CN=358c77cd40183c4115b2bf0dce716e0bc5d0bfd5
Certificate serial:       01987ABFCD4D73061CFF3AF5E0899A9F0F38
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NYx3zUAYPEEVsr8NznFuC8XQv9U.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4a/ea2b41-7dc6-45a4-aa08-3151a1794b97/1/NYx3zUAYPEEVsr8NznFuC8XQv9U.mft
Manifest number:          0385
Signing time:             Tue 05 Aug 2025 15:00:46 +0000
Manifest this update:     Tue 05 Aug 2025 15:00:46 +0000
Manifest next update:     Wed 06 Aug 2025 15:00:46 +0000
Files and hashes:         1: NYx3zUAYPEEVsr8NznFuC8XQv9U.crl (hash: LMrNXNgveTvTNmyssFgWXXkqPJYFRVloAxdaSviMLTE=)
                          2: zdd_itkr61DwlSbiF7xORGma-Mg.roa (hash: s7+y8n33Kdf5OFXebrrUAhH6tASSitV8ofo7STn/T1o=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/4a/ea2b41-7dc6-45a4-aa08-3151a1794b97/1/NYx3zUAYPEEVsr8NznFuC8XQv9U.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/4a/ea2b41-7dc6-45a4-aa08-3151a1794b97/1/NYx3zUAYPEEVsr8NznFuC8XQv9U.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/NYx3zUAYPEEVsr8NznFuC8XQv9U.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 06 Aug 2025 15:00:46 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:7a:bf:cd:4d:73:06:1c:ff:3a:f5:e0:89:9a:9f:0f:38
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=358c77cd40183c4115b2bf0dce716e0bc5d0bfd5
        Validity
            Not Before: Aug  5 15:00:46 2025 GMT
            Not After : Aug  6 15:00:46 2025 GMT
        Subject: CN=abd65054389f01f618d1016593aee3af5d74bd38
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:12:ca:42:13:5e:29:cd:37:a2:11:fd:d5:7e:
                    d1:0b:70:1a:8f:73:e0:d9:10:02:49:e0:15:5a:74:
                    09:22:97:e5:8e:ee:03:ba:48:43:48:af:f5:e0:41:
                    ba:b2:2f:16:07:4e:08:b1:ee:83:70:08:b3:b7:2c:
                    41:41:da:d2:27:d7:e5:55:bb:4b:8f:f0:81:f5:c0:
                    7e:08:a6:fc:a8:91:1e:b8:c9:60:ad:7d:80:6f:6d:
                    52:bc:3b:bc:d4:b3:c3:74:80:84:03:85:0d:7d:bf:
                    5f:d1:6e:1f:54:9e:37:4f:c5:26:46:34:71:8b:fb:
                    85:57:04:39:4f:b4:ec:96:e6:24:20:7d:42:63:05:
                    46:1a:f1:a9:74:33:05:a0:8d:2e:af:df:19:a9:19:
                    3e:4f:59:8f:78:68:95:3f:ae:58:a4:e9:12:4d:8e:
                    11:7c:78:3f:60:16:cb:df:65:2c:5c:70:41:48:51:
                    75:7f:cd:55:a4:82:93:0e:f9:dc:7b:ba:e3:a1:6d:
                    ba:a1:62:65:8a:22:c3:bb:08:ad:3b:89:c6:8d:f1:
                    0a:82:97:18:4c:65:be:47:7d:2b:ba:85:61:61:e3:
                    b5:84:95:fa:11:ad:d6:fc:1e:11:70:7c:18:2b:d4:
                    07:47:f1:8f:0b:64:dd:c4:51:6e:69:c8:cf:a9:a3:
                    53:95
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AB:D6:50:54:38:9F:01:F6:18:D1:01:65:93:AE:E3:AF:5D:74:BD:38
            X509v3 Authority Key Identifier:
                keyid:35:8C:77:CD:40:18:3C:41:15:B2:BF:0D:CE:71:6E:0B:C5:D0:BF:D5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NYx3zUAYPEEVsr8NznFuC8XQv9U.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/ea2b41-7dc6-45a4-aa08-3151a1794b97/1/NYx3zUAYPEEVsr8NznFuC8XQv9U.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/ea2b41-7dc6-45a4-aa08-3151a1794b97/1/NYx3zUAYPEEVsr8NznFuC8XQv9U.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         61:39:e8:4e:40:11:0a:78:59:10:06:ea:ff:6a:89:17:ba:02:
         c1:a9:d5:3c:7e:79:09:a2:5f:1a:8b:7d:d2:77:73:61:05:bb:
         65:86:da:5d:67:f3:c6:e1:ec:29:8c:b5:0c:c9:ee:35:96:78:
         07:e4:bb:83:14:f8:00:d1:b4:4f:ca:4d:16:c6:68:fe:3b:3a:
         0d:04:f4:15:a2:c8:b6:38:38:43:1c:44:6e:d3:45:15:fe:53:
         ed:7c:fd:fd:0f:ba:a9:91:9e:d7:20:6b:03:6a:ed:d8:5c:13:
         59:73:98:d2:5f:a4:e4:f8:7d:59:79:2c:53:ef:1f:f2:b0:ee:
         dd:6d:85:69:45:45:2b:66:9f:13:13:28:a3:00:37:89:20:7a:
         72:28:a4:6e:d6:06:0a:11:f2:89:29:17:7d:15:d9:96:ad:d4:
         a5:50:95:73:17:45:c9:bb:5d:3f:33:0c:3e:c4:c7:72:9e:7c:
         49:62:1f:18:26:ed:a4:5e:f9:c1:e3:4f:dc:f2:cb:0b:4b:5d:
         ee:02:55:cc:89:4b:f7:b8:36:99:98:70:05:a5:76:44:df:49:
         4a:32:d7:46:ab:2d:dc:44:94:ef:ee:6c:78:1e:57:e0:c1:49:
         07:2e:db:a4:3e:75:7d:f1:ea:c5:80:7d:29:e3:85:3f:a4:73:
         43:44:33:80
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZh6v81NcwYc/zr14Imanw84MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1OGM3N2NkNDAxODNjNDExNWIyYmYwZGNlNzE2ZTBiYzVk
MGJmZDUwHhcNMjUwODA1MTUwMDQ2WhcNMjUwODA2MTUwMDQ2WjAzMTEwLwYDVQQD
EyhhYmQ2NTA1NDM4OWYwMWY2MThkMTAxNjU5M2FlZTNhZjVkNzRiZDM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsRLKQhNeKc03ohH91X7RC3Aaj3Pg
2RACSeAVWnQJIpflju4DukhDSK/14EG6si8WB04Ise6DcAiztyxBQdrSJ9flVbtL
j/CB9cB+CKb8qJEeuMlgrX2Ab21SvDu81LPDdICEA4UNfb9f0W4fVJ43T8UmRjRx
i/uFVwQ5T7TsluYkIH1CYwVGGvGpdDMFoI0ur98ZqRk+T1mPeGiVP65YpOkSTY4R
fHg/YBbL32UsXHBBSFF1f81VpIKTDvnce7rjoW26oWJliiLDuwitO4nGjfEKgpcY
TGW+R30ruoVhYeO1hJX6Ea3W/B4RcHwYK9QHR/GPC2TdxFFuacjPqaNTlQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKvWUFQ4nwH2GNEBZZOu469ddL04MB8GA1UdIwQY
MBaAFDWMd81AGDxBFbK/Dc5xbgvF0L/VMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTll4M3pVQVlQRUVWc3I4TnpuRnVDOFhRdjlVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80YS9lYTJiNDEtN2RjNi00NWE0LWFhMDgt
MzE1MWExNzk0Yjk3LzEvTll4M3pVQVlQRUVWc3I4TnpuRnVDOFhRdjlVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80YS9lYTJiNDEtN2RjNi00NWE0LWFhMDgtMzE1MWExNzk0Yjk3
LzEvTll4M3pVQVlQRUVWc3I4TnpuRnVDOFhRdjlVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYTnoTkAR
CnhZEAbq/2qJF7oCwanVPH55CaJfGot90ndzYQW7ZYbaXWfzxuHsKYy1DMnuNZZ4
B+S7gxT4ANG0T8pNFsZo/js6DQT0FaLItjg4QxxEbtNFFf5T7Xz9/Q+6qZGe1yBr
A2rt2FwTWXOY0l+k5Ph9WXksU+8f8rDu3W2FaUVFK2afExMoowA3iSB6ciikbtYG
ChHyiSkXfRXZlq3UpVCVcxdFybtdPzMMPsTHcp58SWIfGCbtpF75weNP3PLLC0td
7gJVzIlL97g2mZhwBaV2RN9JSjLXRqst3ESU7+5seB5X4MFJBy7bpD51ffHqxYB9
KeOFP6RzQ0QzgA==
-----END CERTIFICATE-----
Generated at Wed Aug 6 00:51:51 2025 by rpki-client