Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8f/51fdbb-8ba2-4b7e-980f-ee60b0ddbdaa/1/kNzOkQAEUUlMQ8FdFy2i651beVY.mft
File:                     kNzOkQAEUUlMQ8FdFy2i651beVY.mft (raw, json)
Hash identifier:          G5fdchNBIRxzOeIMjC7KmtN47ow0Bkwoq5fq/sJNMbc=
Subject key identifier:   AF:27:3C:20:16:BE:40:C4:E7:2F:DD:F1:91:AE:31:6F:C4:64:01:39
Authority key identifier: 90:DC:CE:91:00:04:51:49:4C:43:C1:5D:17:2D:A2:EB:9D:5B:79:56
Certificate issuer:       /CN=90dcce91000451494c43c15d172da2eb9d5b7956
Certificate serial:       01987ABFBF6598BEF66617E6839FF3CBC5E8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/kNzOkQAEUUlMQ8FdFy2i651beVY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8f/51fdbb-8ba2-4b7e-980f-ee60b0ddbdaa/1/kNzOkQAEUUlMQ8FdFy2i651beVY.mft
Manifest number:          161C
Signing time:             Tue 05 Aug 2025 15:00:43 +0000
Manifest this update:     Tue 05 Aug 2025 15:00:43 +0000
Manifest next update:     Wed 06 Aug 2025 15:00:43 +0000
Files and hashes:         1: 4COA7EoK---RVhokcyyZ55j8IXE.roa (hash: 7qjze9UZTxm2x0zZOdskcsGbC7b8KEyBHHGZAVSSicA=)
                          2: kNzOkQAEUUlMQ8FdFy2i651beVY.crl (hash: /Ynzw/Li48rs3u7Y5xkdyNteCWbLl/LPsQjFIVVHAtY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/8f/51fdbb-8ba2-4b7e-980f-ee60b0ddbdaa/1/kNzOkQAEUUlMQ8FdFy2i651beVY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/8f/51fdbb-8ba2-4b7e-980f-ee60b0ddbdaa/1/kNzOkQAEUUlMQ8FdFy2i651beVY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/kNzOkQAEUUlMQ8FdFy2i651beVY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 06 Aug 2025 14:37:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:7a:bf:bf:65:98:be:f6:66:17:e6:83:9f:f3:cb:c5:e8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=90dcce91000451494c43c15d172da2eb9d5b7956
        Validity
            Not Before: Aug  5 15:00:43 2025 GMT
            Not After : Aug  6 15:00:43 2025 GMT
        Subject: CN=af273c2016be40c4e72fddf191ae316fc4640139
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d8:b3:d3:d3:03:78:61:b4:eb:2e:26:bb:e3:ee:
                    14:64:4b:bf:7f:3c:fc:67:71:84:82:26:43:be:c5:
                    fb:4a:1e:55:a5:d9:26:de:e9:dd:0d:87:e4:15:c4:
                    15:ac:70:2e:06:0b:ba:08:24:be:0b:1f:12:55:52:
                    71:1b:79:4b:d8:6c:b8:49:3a:06:f8:2e:6c:3f:4e:
                    7c:ae:00:01:16:28:84:a4:66:73:39:fa:a7:63:cc:
                    86:22:32:6b:c5:bb:c1:ac:64:4a:61:01:b5:a7:01:
                    32:6d:2d:8b:7b:7b:2d:2a:dc:24:eb:df:68:59:01:
                    62:3d:ad:a1:19:8d:e9:37:b7:77:e3:88:33:33:ad:
                    0e:6a:ee:5d:07:1c:42:db:6f:bc:9d:a4:a7:32:f1:
                    27:96:45:1b:71:20:54:a5:97:d9:3d:77:e9:fe:92:
                    28:3e:d8:12:83:2f:41:76:6c:ac:1b:12:bb:be:a6:
                    e5:8a:8e:1b:34:50:79:2f:fa:a2:c1:c4:5e:5f:1e:
                    2a:94:ff:38:c1:81:4d:c8:63:10:8b:a6:36:c9:5e:
                    b0:1d:47:69:fa:c8:2d:05:54:c3:b7:ca:23:99:eb:
                    c6:01:a1:cc:a5:4a:e8:c2:db:80:be:df:e5:fe:66:
                    01:5b:95:15:91:be:cd:c6:dd:0e:71:11:8e:2c:84:
                    96:cf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AF:27:3C:20:16:BE:40:C4:E7:2F:DD:F1:91:AE:31:6F:C4:64:01:39
            X509v3 Authority Key Identifier:
                keyid:90:DC:CE:91:00:04:51:49:4C:43:C1:5D:17:2D:A2:EB:9D:5B:79:56

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kNzOkQAEUUlMQ8FdFy2i651beVY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/51fdbb-8ba2-4b7e-980f-ee60b0ddbdaa/1/kNzOkQAEUUlMQ8FdFy2i651beVY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/51fdbb-8ba2-4b7e-980f-ee60b0ddbdaa/1/kNzOkQAEUUlMQ8FdFy2i651beVY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5a:80:ae:d8:97:4b:13:af:b7:72:b5:6e:84:e2:51:b6:09:37:
         d9:2a:e7:92:ec:0b:0c:a6:98:d7:42:19:09:2b:72:6e:42:65:
         01:68:97:38:9a:7e:34:54:b6:42:0c:f7:0f:53:09:54:20:cd:
         b2:46:d1:b5:64:3d:c5:12:0a:9c:21:84:f0:05:c1:6b:f9:92:
         ee:44:63:cc:4f:2f:c1:57:3d:0a:ac:d6:a6:d6:83:73:8d:08:
         43:c3:4a:11:d4:1c:4d:50:1a:92:e4:38:63:14:12:f3:4c:66:
         c6:af:d6:87:4b:d5:0e:02:ba:86:a6:6a:c0:9f:a9:2a:5d:c8:
         49:c5:6c:94:46:5b:88:82:bb:a8:22:f9:c1:90:55:f5:ff:d9:
         7a:df:b0:4b:45:6f:3a:40:57:70:eb:0e:2f:3f:af:1a:bd:3b:
         1c:b5:ea:47:73:a3:d1:b7:12:d5:e4:ad:a5:8e:dd:39:27:c0:
         92:39:01:1f:f1:50:2f:38:cd:58:3c:f2:34:f1:32:e4:f7:ed:
         7e:52:35:06:79:7d:df:ee:5d:ee:85:f6:1f:e4:8a:8b:5f:4b:
         99:64:45:6b:22:f9:0b:54:b5:1b:ea:a1:e3:f4:f2:99:96:58:
         45:ff:d1:3d:c4:27:09:ff:77:c8:1a:4f:a9:f9:bc:47:cc:e4:
         61:77:fd:0f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZh6v79lmL72Zhfmg5/zy8XoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkwZGNjZTkxMDAwNDUxNDk0YzQzYzE1ZDE3MmRhMmViOWQ1
Yjc5NTYwHhcNMjUwODA1MTUwMDQzWhcNMjUwODA2MTUwMDQzWjAzMTEwLwYDVQQD
EyhhZjI3M2MyMDE2YmU0MGM0ZTcyZmRkZjE5MWFlMzE2ZmM0NjQwMTM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2LPT0wN4YbTrLia74+4UZEu/fzz8
Z3GEgiZDvsX7Sh5Vpdkm3undDYfkFcQVrHAuBgu6CCS+Cx8SVVJxG3lL2Gy4SToG
+C5sP058rgABFiiEpGZzOfqnY8yGIjJrxbvBrGRKYQG1pwEybS2Le3stKtwk699o
WQFiPa2hGY3pN7d344gzM60Oau5dBxxC22+8naSnMvEnlkUbcSBUpZfZPXfp/pIo
PtgSgy9BdmysGxK7vqblio4bNFB5L/qiwcReXx4qlP84wYFNyGMQi6Y2yV6wHUdp
+sgtBVTDt8ojmevGAaHMpUrowtuAvt/l/mYBW5UVkb7Nxt0OcRGOLISWzwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFK8nPCAWvkDE5y/d8ZGuMW/EZAE5MB8GA1UdIwQY
MBaAFJDczpEABFFJTEPBXRctouudW3lWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva056T2tRQUVVVWxNUThGZEZ5Mmk2NTFiZVZZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Zi81MWZkYmItOGJhMi00YjdlLTk4MGYt
ZWU2MGIwZGRiZGFhLzEva056T2tRQUVVVWxNUThGZEZ5Mmk2NTFiZVZZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Zi81MWZkYmItOGJhMi00YjdlLTk4MGYtZWU2MGIwZGRiZGFh
LzEva056T2tRQUVVVWxNUThGZEZ5Mmk2NTFiZVZZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWoCu2JdL
E6+3crVuhOJRtgk32SrnkuwLDKaY10IZCStybkJlAWiXOJp+NFS2Qgz3D1MJVCDN
skbRtWQ9xRIKnCGE8AXBa/mS7kRjzE8vwVc9CqzWptaDc40IQ8NKEdQcTVAakuQ4
YxQS80xmxq/Wh0vVDgK6hqZqwJ+pKl3IScVslEZbiIK7qCL5wZBV9f/Zet+wS0Vv
OkBXcOsOLz+vGr07HLXqR3Oj0bcS1eStpY7dOSfAkjkBH/FQLzjNWDzyNPEy5Pft
flI1Bnl93+5d7oX2H+SKi19LmWRFayL5C1S1G+qh4/TymZZYRf/RPcQnCf93yBpP
qfm8R8zkYXf9Dw==
-----END CERTIFICATE-----
Generated at Tue Aug 5 20:06:31 2025 by rpki-client