Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/71/3f426f-79ee-4cb2-ab17-30d64ff70b90/1/NVyaW8uDQBCKQchiduHLlKYefak.mft
File:                     NVyaW8uDQBCKQchiduHLlKYefak.mft (raw, json)
Hash identifier:          o5nLZRsq62nhBVOG1mWPHsOWOWuPUV9Dm7vkcAeqpV4=
Subject key identifier:   94:1F:53:23:C1:79:46:17:C3:56:95:27:95:6C:C0:76:D6:C6:0D:BE
Authority key identifier: 35:5C:9A:5B:CB:83:40:10:8A:41:C8:62:76:E1:CB:94:A6:1E:7D:A9
Certificate issuer:       /CN=355c9a5bcb8340108a41c86276e1cb94a61e7da9
Certificate serial:       01987E2E91E26E76A3FEB3729F9416FB24D5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NVyaW8uDQBCKQchiduHLlKYefak.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/71/3f426f-79ee-4cb2-ab17-30d64ff70b90/1/NVyaW8uDQBCKQchiduHLlKYefak.mft
Manifest number:          0EB5
Signing time:             Wed 06 Aug 2025 07:00:37 +0000
Manifest this update:     Wed 06 Aug 2025 07:00:37 +0000
Manifest next update:     Thu 07 Aug 2025 07:00:37 +0000
Files and hashes:         1: 5KKpk9qEveM_ucLAOYR8lDjQsvs.roa (hash: FsEABHDgSk6DaTySsepeca9yMLpdy1J0E11YMBOaZ9k=)
                          2: NVyaW8uDQBCKQchiduHLlKYefak.crl (hash: pk2ihQsJyBs76U8G0Kl6UntYm2mOgB0cfSDGwRbHm0g=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/71/3f426f-79ee-4cb2-ab17-30d64ff70b90/1/NVyaW8uDQBCKQchiduHLlKYefak.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/71/3f426f-79ee-4cb2-ab17-30d64ff70b90/1/NVyaW8uDQBCKQchiduHLlKYefak.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/NVyaW8uDQBCKQchiduHLlKYefak.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 07 Aug 2025 07:00:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:7e:2e:91:e2:6e:76:a3:fe:b3:72:9f:94:16:fb:24:d5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=355c9a5bcb8340108a41c86276e1cb94a61e7da9
        Validity
            Not Before: Aug  6 07:00:37 2025 GMT
            Not After : Aug  7 07:00:37 2025 GMT
        Subject: CN=941f5323c1794617c3569527956cc076d6c60dbe
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:95:b7:67:ff:ad:12:95:90:f6:e0:75:ae:44:d9:
                    f4:89:44:af:17:87:3c:2f:d7:11:40:30:da:95:52:
                    9e:df:ec:34:53:f9:d9:35:c7:8d:a1:50:2f:1e:17:
                    4c:ed:fd:91:cb:50:ef:30:63:71:9b:20:ea:ca:c4:
                    2d:ca:e4:ab:39:15:a2:46:2f:54:2e:de:ba:34:53:
                    2d:ce:13:ca:79:f1:ed:1b:a7:f6:e5:3c:0e:5b:14:
                    65:6e:57:1e:4d:e6:60:78:42:2b:fa:85:c8:5a:76:
                    ea:e5:8f:36:9e:d9:27:f8:65:84:38:a8:42:d2:df:
                    9d:4c:15:75:3a:79:e7:8c:4f:cc:b4:34:9b:b2:3b:
                    c2:03:03:be:56:db:de:ec:ed:ca:f0:a6:70:74:c8:
                    ba:11:42:d2:86:c3:f9:84:5c:ee:84:cd:65:64:ff:
                    2a:46:be:ec:e5:d4:7d:90:45:ac:60:2b:51:e7:5e:
                    22:aa:f0:2d:bd:18:bd:5e:f0:ca:8b:9f:c6:03:e4:
                    7d:ed:65:5c:03:1e:e0:00:6e:06:15:53:80:ff:59:
                    c5:c9:11:31:04:6f:0c:dd:f1:08:e3:04:1b:34:f1:
                    0b:6c:84:a1:e7:70:cb:a5:bd:fa:f6:2f:ff:12:5f:
                    1e:f8:4e:81:29:55:45:00:1f:63:d3:7d:b8:b7:70:
                    e9:29
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                94:1F:53:23:C1:79:46:17:C3:56:95:27:95:6C:C0:76:D6:C6:0D:BE
            X509v3 Authority Key Identifier:
                keyid:35:5C:9A:5B:CB:83:40:10:8A:41:C8:62:76:E1:CB:94:A6:1E:7D:A9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NVyaW8uDQBCKQchiduHLlKYefak.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/71/3f426f-79ee-4cb2-ab17-30d64ff70b90/1/NVyaW8uDQBCKQchiduHLlKYefak.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/71/3f426f-79ee-4cb2-ab17-30d64ff70b90/1/NVyaW8uDQBCKQchiduHLlKYefak.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         10:d1:69:ea:bb:22:b3:31:2c:d2:d6:63:5a:14:d4:f7:60:c9:
         7a:56:ee:ce:81:9d:78:0c:82:a6:6b:a2:52:cf:ce:cd:7a:11:
         bf:3c:b7:94:f6:c1:07:87:68:f2:b2:25:d9:f8:7a:65:78:65:
         ce:2f:b8:9f:2c:95:0c:3f:ca:0d:11:e2:91:45:e2:c6:09:19:
         b5:7d:39:bf:e7:55:a4:fe:da:82:7e:35:06:ea:5b:df:78:86:
         c3:67:42:b0:6c:73:a1:94:aa:69:0f:77:90:14:62:ef:81:e4:
         cc:3f:cb:b0:58:bc:e8:f3:c1:76:fb:68:52:2e:08:25:d2:06:
         08:f5:38:3b:2c:69:7e:fe:ef:97:5c:6f:b7:10:b7:73:14:f4:
         79:ea:97:df:05:4c:ac:e6:67:88:58:55:24:f2:0c:e7:36:5d:
         85:03:6d:39:8d:4f:84:9c:33:93:48:23:23:17:fb:e3:16:6b:
         62:50:d1:37:9b:6d:32:4d:48:85:b7:e6:6f:61:a3:55:90:69:
         30:27:41:9d:04:80:8b:26:95:69:ab:8c:3c:d2:f1:8c:c2:6d:
         94:07:88:86:6e:6c:38:ac:67:72:b5:ca:7f:2e:9d:39:6d:a4:
         5b:73:7c:a3:39:b8:f6:8e:ca:c5:bb:4d:56:da:9a:d6:59:ca:
         1c:38:b8:96
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZh+LpHibnaj/rNyn5QW+yTVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NWM5YTViY2I4MzQwMTA4YTQxYzg2Mjc2ZTFjYjk0YTYx
ZTdkYTkwHhcNMjUwODA2MDcwMDM3WhcNMjUwODA3MDcwMDM3WjAzMTEwLwYDVQQD
Eyg5NDFmNTMyM2MxNzk0NjE3YzM1Njk1Mjc5NTZjYzA3NmQ2YzYwZGJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlbdn/60SlZD24HWuRNn0iUSvF4c8
L9cRQDDalVKe3+w0U/nZNceNoVAvHhdM7f2Ry1DvMGNxmyDqysQtyuSrORWiRi9U
Lt66NFMtzhPKefHtG6f25TwOWxRlblceTeZgeEIr+oXIWnbq5Y82ntkn+GWEOKhC
0t+dTBV1OnnnjE/MtDSbsjvCAwO+Vtve7O3K8KZwdMi6EULShsP5hFzuhM1lZP8q
Rr7s5dR9kEWsYCtR514iqvAtvRi9XvDKi5/GA+R97WVcAx7gAG4GFVOA/1nFyREx
BG8M3fEI4wQbNPELbISh53DLpb369i//El8e+E6BKVVFAB9j0324t3DpKQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJQfUyPBeUYXw1aVJ5VswHbWxg2+MB8GA1UdIwQY
MBaAFDVcmlvLg0AQikHIYnbhy5SmHn2pMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTlZ5YVc4dURRQkNLUWNoaWR1SExsS1llZmFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MS8zZjQyNmYtNzllZS00Y2IyLWFiMTct
MzBkNjRmZjcwYjkwLzEvTlZ5YVc4dURRQkNLUWNoaWR1SExsS1llZmFrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MS8zZjQyNmYtNzllZS00Y2IyLWFiMTctMzBkNjRmZjcwYjkw
LzEvTlZ5YVc4dURRQkNLUWNoaWR1SExsS1llZmFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAENFp6rsi
szEs0tZjWhTU92DJelbuzoGdeAyCpmuiUs/OzXoRvzy3lPbBB4do8rIl2fh6ZXhl
zi+4nyyVDD/KDRHikUXixgkZtX05v+dVpP7agn41Bupb33iGw2dCsGxzoZSqaQ93
kBRi74HkzD/LsFi86PPBdvtoUi4IJdIGCPU4Oyxpfv7vl1xvtxC3cxT0eeqX3wVM
rOZniFhVJPIM5zZdhQNtOY1PhJwzk0gjIxf74xZrYlDRN5ttMk1Ihbfmb2GjVZBp
MCdBnQSAiyaVaauMPNLxjMJtlAeIhm5sOKxncrXKfy6dOW2kW3N8ozm49o7KxbtN
Vtqa1lnKHDi4lg==
-----END CERTIFICATE-----
Generated at Wed Aug 6 14:12:09 2025 by rpki-client