Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5c/4ee734-efe8-41a1-80df-16afba987b06/1/lkSOhA0nKj4xWRktHfEfEA5Qb2o.mft
File:                     lkSOhA0nKj4xWRktHfEfEA5Qb2o.mft (raw, json)
Hash identifier:          fUh7WO4t99I2fnd4lIs/y4fpwbWbExlIjoK0Ow4Jqq8=
Subject key identifier:   4E:FA:3A:B2:99:0D:72:2B:7A:C0:B3:16:5F:30:E0:8F:41:DC:1D:C0
Authority key identifier: 96:44:8E:84:0D:27:2A:3E:31:59:19:2D:1D:F1:1F:10:0E:50:6F:6A
Certificate issuer:       /CN=96448e840d272a3e3159192d1df11f100e506f6a
Certificate serial:       0198733D49609D041867D192A6ED8FC1AD8E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/lkSOhA0nKj4xWRktHfEfEA5Qb2o.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5c/4ee734-efe8-41a1-80df-16afba987b06/1/lkSOhA0nKj4xWRktHfEfEA5Qb2o.mft
Manifest number:          0840
Signing time:             Mon 04 Aug 2025 04:00:52 +0000
Manifest this update:     Mon 04 Aug 2025 04:00:52 +0000
Manifest next update:     Tue 05 Aug 2025 04:00:52 +0000
Files and hashes:         1: HRJaIehlqdUQOZwaPo6dI6mb5MQ.roa (hash: NAZLCo/vu2u7I92Xt0rJZZjC+drQdPYyxSFtuqS2OpE=)
                          2: lkSOhA0nKj4xWRktHfEfEA5Qb2o.crl (hash: CZ+ob/kZThXmuvBS9AYrJItWwYw/4T91qE94o3tUFdA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5c/4ee734-efe8-41a1-80df-16afba987b06/1/lkSOhA0nKj4xWRktHfEfEA5Qb2o.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5c/4ee734-efe8-41a1-80df-16afba987b06/1/lkSOhA0nKj4xWRktHfEfEA5Qb2o.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/lkSOhA0nKj4xWRktHfEfEA5Qb2o.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 05 Aug 2025 03:00:28 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:73:3d:49:60:9d:04:18:67:d1:92:a6:ed:8f:c1:ad:8e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=96448e840d272a3e3159192d1df11f100e506f6a
        Validity
            Not Before: Aug  4 04:00:52 2025 GMT
            Not After : Aug  5 04:00:52 2025 GMT
        Subject: CN=4efa3ab2990d722b7ac0b3165f30e08f41dc1dc0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:72:10:6a:9a:c2:8a:f1:b9:16:92:bc:33:c2:
                    a3:f2:23:f1:37:d4:bf:76:cd:ab:09:e0:2d:df:39:
                    61:2e:42:56:cb:fc:61:41:01:86:da:b9:db:a5:f1:
                    13:ec:a7:dc:50:28:79:86:2e:4d:b1:6f:ec:34:94:
                    b6:c3:92:12:68:5f:b4:65:e5:e2:5e:e1:25:d5:04:
                    e7:d7:70:08:26:a0:f1:ff:98:4f:66:e9:87:40:f4:
                    8f:42:7c:19:55:d3:f2:07:9a:a4:86:e2:46:ea:a5:
                    b1:a7:23:cc:12:e0:f9:32:3e:11:d9:c4:88:cf:40:
                    91:fe:8b:88:0b:d0:1a:ac:e8:22:84:b4:45:e5:a4:
                    8f:3c:da:1d:0d:2b:b5:23:a4:86:28:80:72:fe:da:
                    db:55:de:d0:e2:f9:39:0a:4a:10:0f:58:80:0a:50:
                    cd:17:9b:79:f2:ae:85:dd:1f:b5:a4:f0:5e:58:6a:
                    75:3d:b3:5a:3f:d9:ee:60:05:7c:9d:f7:e7:40:0d:
                    4b:68:52:78:d0:72:99:e7:45:4e:60:b5:0b:ae:3b:
                    ce:d1:82:1c:cb:2f:1e:94:bd:3e:d9:93:36:cf:19:
                    57:38:60:20:23:46:d1:61:a8:9e:cd:52:1f:8f:5b:
                    2e:84:03:c5:8e:08:34:87:de:05:0c:a0:b6:ae:f3:
                    e5:db
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4E:FA:3A:B2:99:0D:72:2B:7A:C0:B3:16:5F:30:E0:8F:41:DC:1D:C0
            X509v3 Authority Key Identifier:
                keyid:96:44:8E:84:0D:27:2A:3E:31:59:19:2D:1D:F1:1F:10:0E:50:6F:6A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lkSOhA0nKj4xWRktHfEfEA5Qb2o.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/4ee734-efe8-41a1-80df-16afba987b06/1/lkSOhA0nKj4xWRktHfEfEA5Qb2o.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/4ee734-efe8-41a1-80df-16afba987b06/1/lkSOhA0nKj4xWRktHfEfEA5Qb2o.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         57:30:9c:9f:c5:ec:2c:88:91:00:b6:14:c8:20:8f:30:2f:1d:
         f5:a3:6b:e8:d1:69:41:f7:ad:d8:98:db:f3:a7:94:0e:34:e6:
         be:40:a6:55:b8:e0:5a:96:07:7b:db:96:89:65:00:51:53:82:
         05:e1:fa:10:22:eb:91:7d:f4:bf:cd:74:fd:e7:27:9d:4f:14:
         65:4e:4c:dd:4c:02:83:90:a2:a7:f1:b7:81:5d:de:0a:a3:96:
         cb:e0:48:0a:98:93:e1:e4:14:a7:03:64:81:67:3f:b4:2c:58:
         f6:d6:ed:8f:d1:10:f5:fc:8d:62:fd:6c:17:48:0a:a7:c7:e4:
         1f:ba:1d:9e:e8:de:72:57:86:26:c9:53:7c:fa:da:ec:26:5b:
         3a:6c:da:9e:51:f3:21:10:43:5d:fb:52:8b:3e:74:e6:aa:39:
         9d:c7:c2:d0:73:dc:57:b3:9d:4b:b6:28:d5:b6:0b:a7:82:98:
         46:7b:d0:21:37:6d:df:50:57:6c:0f:09:fb:3b:56:10:60:ee:
         76:0e:e8:f7:c7:b0:47:f5:a2:62:0e:26:80:da:7c:2f:a8:c5:
         6a:1e:25:7e:2d:4e:72:64:f7:53:39:7c:6d:43:e2:8c:06:39:
         6c:b4:0b:b7:08:4c:09:11:ba:25:73:f7:cf:be:5c:b0:9f:a1:
         01:a1:78:00
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZhzPUlgnQQYZ9GSpu2Pwa2OMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk2NDQ4ZTg0MGQyNzJhM2UzMTU5MTkyZDFkZjExZjEwMGU1
MDZmNmEwHhcNMjUwODA0MDQwMDUyWhcNMjUwODA1MDQwMDUyWjAzMTEwLwYDVQQD
Eyg0ZWZhM2FiMjk5MGQ3MjJiN2FjMGIzMTY1ZjMwZTA4ZjQxZGMxZGMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsXIQaprCivG5FpK8M8Kj8iPxN9S/
ds2rCeAt3zlhLkJWy/xhQQGG2rnbpfET7KfcUCh5hi5NsW/sNJS2w5ISaF+0ZeXi
XuEl1QTn13AIJqDx/5hPZumHQPSPQnwZVdPyB5qkhuJG6qWxpyPMEuD5Mj4R2cSI
z0CR/ouIC9AarOgihLRF5aSPPNodDSu1I6SGKIBy/trbVd7Q4vk5CkoQD1iAClDN
F5t58q6F3R+1pPBeWGp1PbNaP9nuYAV8nffnQA1LaFJ40HKZ50VOYLULrjvO0YIc
yy8elL0+2ZM2zxlXOGAgI0bRYaiezVIfj1suhAPFjgg0h94FDKC2rvPl2wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFE76OrKZDXIresCzFl8w4I9B3B3AMB8GA1UdIwQY
MBaAFJZEjoQNJyo+MVkZLR3xHxAOUG9qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbGtTT2hBMG5LajR4V1JrdEhmRWZFQTVRYjJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yy80ZWU3MzQtZWZlOC00MWExLTgwZGYt
MTZhZmJhOTg3YjA2LzEvbGtTT2hBMG5LajR4V1JrdEhmRWZFQTVRYjJvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yy80ZWU3MzQtZWZlOC00MWExLTgwZGYtMTZhZmJhOTg3YjA2
LzEvbGtTT2hBMG5LajR4V1JrdEhmRWZFQTVRYjJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVzCcn8Xs
LIiRALYUyCCPMC8d9aNr6NFpQfet2Jjb86eUDjTmvkCmVbjgWpYHe9uWiWUAUVOC
BeH6ECLrkX30v810/ecnnU8UZU5M3UwCg5Cip/G3gV3eCqOWy+BICpiT4eQUpwNk
gWc/tCxY9tbtj9EQ9fyNYv1sF0gKp8fkH7odnujecleGJslTfPra7CZbOmzanlHz
IRBDXftSiz505qo5ncfC0HPcV7OdS7Yo1bYLp4KYRnvQITdt31BXbA8J+ztWEGDu
dg7o98ewR/WiYg4mgNp8L6jFah4lfi1OcmT3Uzl8bUPijAY5bLQLtwhMCRG6JXP3
z75csJ+hAaF4AA==
-----END CERTIFICATE-----
Generated at Mon Aug 4 11:04:08 2025 by rpki-client