Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/84/8e23e5-db28-45ed-b67f-2add5e797c75/1/zdpbTOlfoL32BUFp53rvyCZd28Q.mft
File:                     zdpbTOlfoL32BUFp53rvyCZd28Q.mft (raw, json)
Hash identifier:          zRRNMRSMYxMCzgylP/nnO1bfn+x3JCha7lG4WUXZ9QQ=
Subject key identifier:   74:58:CE:07:CB:A3:F7:D0:51:A6:68:F0:4B:06:71:A0:CD:87:35:AD
Authority key identifier: CD:DA:5B:4C:E9:5F:A0:BD:F6:05:41:69:E7:7A:EF:C8:26:5D:DB:C4
Certificate issuer:       /CN=cdda5b4ce95fa0bdf6054169e77aefc8265ddbc4
Certificate serial:       01967CEA37C2F4DA7A4C1BFE400C97312FEC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/zdpbTOlfoL32BUFp53rvyCZd28Q.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/84/8e23e5-db28-45ed-b67f-2add5e797c75/1/zdpbTOlfoL32BUFp53rvyCZd28Q.mft
Manifest number:          14A5
Signing time:             Mon 28 Apr 2025 15:00:46 +0000
Manifest this update:     Mon 28 Apr 2025 15:00:46 +0000
Manifest next update:     Tue 29 Apr 2025 15:00:46 +0000
Files and hashes:         1: 40_j8EnMOslOGeaUGeLQNCGHg64.roa (hash: BOU6u1kQjKsVBkJf+h9lI/7YbpbYLn1ZXJQhHit/Gyg=)
                          2: zdpbTOlfoL32BUFp53rvyCZd28Q.crl (hash: zvILaTaQEHEZRHmzSsMFZqraNG/oAyAhlr7BsP1IlaU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/84/8e23e5-db28-45ed-b67f-2add5e797c75/1/zdpbTOlfoL32BUFp53rvyCZd28Q.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/84/8e23e5-db28-45ed-b67f-2add5e797c75/1/zdpbTOlfoL32BUFp53rvyCZd28Q.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/zdpbTOlfoL32BUFp53rvyCZd28Q.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 29 Apr 2025 15:00:46 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:7c:ea:37:c2:f4:da:7a:4c:1b:fe:40:0c:97:31:2f:ec
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cdda5b4ce95fa0bdf6054169e77aefc8265ddbc4
        Validity
            Not Before: Apr 28 15:00:46 2025 GMT
            Not After : Apr 29 15:00:46 2025 GMT
        Subject: CN=7458ce07cba3f7d051a668f04b0671a0cd8735ad
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:f9:73:d8:92:aa:31:47:d5:f9:eb:82:c6:39:
                    86:a8:82:4d:1a:c2:c9:ed:ac:22:99:b3:70:a0:5b:
                    ee:17:99:1c:2b:17:3e:96:43:ac:89:38:13:12:92:
                    98:06:3c:10:82:b9:7d:e4:a2:e9:df:8c:d2:88:ed:
                    31:81:ea:75:7d:6c:03:07:e8:1f:89:10:87:b6:56:
                    93:fa:dd:03:4d:74:f3:3d:d5:59:e4:de:a6:58:34:
                    09:5a:da:66:d5:f9:5e:02:a4:45:ab:63:35:b7:c8:
                    bf:27:02:7a:af:ba:d9:a9:76:b8:2d:f5:19:a2:11:
                    a9:b0:da:e3:22:33:b6:f4:f7:10:96:e9:c2:cb:69:
                    67:1f:dc:02:d7:ca:f1:c7:c9:48:9a:52:e5:fa:4c:
                    db:1d:b8:69:69:f8:06:a0:fb:71:13:15:fb:81:82:
                    1d:33:fd:5a:28:dd:f5:02:27:85:69:94:07:73:4d:
                    91:ad:96:f9:e8:93:60:f1:ee:23:b9:7b:f0:ff:ae:
                    d8:0c:b5:81:8b:a0:bb:84:c7:52:70:83:ad:e8:03:
                    a9:7b:a5:dd:de:08:ee:30:c9:41:3b:11:d6:78:fb:
                    24:81:90:51:89:42:93:02:02:ba:26:4b:47:42:9d:
                    c8:f8:ac:c9:09:11:7a:80:a7:90:73:12:6e:08:b4:
                    02:9f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                74:58:CE:07:CB:A3:F7:D0:51:A6:68:F0:4B:06:71:A0:CD:87:35:AD
            X509v3 Authority Key Identifier:
                keyid:CD:DA:5B:4C:E9:5F:A0:BD:F6:05:41:69:E7:7A:EF:C8:26:5D:DB:C4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zdpbTOlfoL32BUFp53rvyCZd28Q.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/84/8e23e5-db28-45ed-b67f-2add5e797c75/1/zdpbTOlfoL32BUFp53rvyCZd28Q.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/84/8e23e5-db28-45ed-b67f-2add5e797c75/1/zdpbTOlfoL32BUFp53rvyCZd28Q.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         18:3b:8a:7e:c1:46:18:5d:17:5e:f5:f2:1f:ca:07:3f:25:08:
         83:11:e2:73:70:37:15:33:3f:52:a5:b1:30:32:e5:7b:3c:d3:
         d5:41:99:90:1c:95:0b:28:f2:92:2c:b9:1e:9b:4d:64:6c:65:
         c9:0e:d9:94:97:73:eb:41:12:d1:0f:c9:a0:a5:b9:56:9a:49:
         8f:69:ca:c0:4e:a2:9c:bc:87:c3:e9:93:6e:64:46:cf:3b:ee:
         fe:b0:4c:44:52:4b:77:6a:1e:59:88:6b:85:60:40:a8:8a:3e:
         e2:58:0b:e2:ff:01:6c:31:a5:73:97:a7:7d:d2:56:33:0d:9d:
         eb:92:53:1e:ad:0d:85:64:f6:9f:ec:d0:4a:a1:97:ab:6e:7a:
         fb:48:e0:c8:88:ea:12:01:0b:22:9e:e0:a5:66:e8:73:6a:0c:
         40:2e:5d:55:d6:b8:b1:c4:d7:00:0d:94:4f:65:27:4c:78:f5:
         7a:6e:0a:43:5c:18:6c:8a:0c:d2:b0:08:a5:32:80:93:ae:76:
         0a:7e:83:15:c6:e4:87:dc:87:c7:6b:12:94:60:53:1d:01:6b:
         63:ec:85:18:c0:0e:fc:dd:89:68:d2:2d:48:2b:e6:95:c0:ab:
         de:d8:90:5d:fd:5b:85:1d:2b:09:37:a0:a3:b7:bd:03:3f:b7:
         03:30:63:dc
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZ86jfC9Np6TBv+QAyXMS/sMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkZGE1YjRjZTk1ZmEwYmRmNjA1NDE2OWU3N2FlZmM4MjY1
ZGRiYzQwHhcNMjUwNDI4MTUwMDQ2WhcNMjUwNDI5MTUwMDQ2WjAzMTEwLwYDVQQD
Eyg3NDU4Y2UwN2NiYTNmN2QwNTFhNjY4ZjA0YjA2NzFhMGNkODczNWFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArPlz2JKqMUfV+euCxjmGqIJNGsLJ
7awimbNwoFvuF5kcKxc+lkOsiTgTEpKYBjwQgrl95KLp34zSiO0xgep1fWwDB+gf
iRCHtlaT+t0DTXTzPdVZ5N6mWDQJWtpm1fleAqRFq2M1t8i/JwJ6r7rZqXa4LfUZ
ohGpsNrjIjO29PcQlunCy2lnH9wC18rxx8lImlLl+kzbHbhpafgGoPtxExX7gYId
M/1aKN31AieFaZQHc02RrZb56JNg8e4juXvw/67YDLWBi6C7hMdScIOt6AOpe6Xd
3gjuMMlBOxHWePskgZBRiUKTAgK6JktHQp3I+KzJCRF6gKeQcxJuCLQCnwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHRYzgfLo/fQUaZo8EsGcaDNhzWtMB8GA1UdIwQY
MBaAFM3aW0zpX6C99gVBaed678gmXdvEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemRwYlRPbGZvTDMyQlVGcDUzcnZ5Q1pkMjhRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NC84ZTIzZTUtZGIyOC00NWVkLWI2N2Yt
MmFkZDVlNzk3Yzc1LzEvemRwYlRPbGZvTDMyQlVGcDUzcnZ5Q1pkMjhRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NC84ZTIzZTUtZGIyOC00NWVkLWI2N2YtMmFkZDVlNzk3Yzc1
LzEvemRwYlRPbGZvTDMyQlVGcDUzcnZ5Q1pkMjhRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGDuKfsFG
GF0XXvXyH8oHPyUIgxHic3A3FTM/UqWxMDLlezzT1UGZkByVCyjykiy5HptNZGxl
yQ7ZlJdz60ES0Q/JoKW5VppJj2nKwE6inLyHw+mTbmRGzzvu/rBMRFJLd2oeWYhr
hWBAqIo+4lgL4v8BbDGlc5enfdJWMw2d65JTHq0NhWT2n+zQSqGXq256+0jgyIjq
EgELIp7gpWboc2oMQC5dVda4scTXAA2UT2UnTHj1em4KQ1wYbIoM0rAIpTKAk652
Cn6DFcbkh9yHx2sSlGBTHQFrY+yFGMAO/N2JaNItSCvmlcCr3tiQXf1bhR0rCTeg
o7e9Az+3AzBj3A==
-----END CERTIFICATE-----
Generated at Mon Apr 28 19:02:05 2025 by rpki-client