Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/03a52d-f9b5-4f71-b428-2d90001570e1/1/zkyVbVLdh2NjwhME-cAl8H1fJjE.mft
File:                     zkyVbVLdh2NjwhME-cAl8H1fJjE.mft (raw, json)
Hash identifier:          eKVoPBiWim/MJAe3DBiVl2aXgAqVVhSJk/1eTZmjJJk=
Subject key identifier:   93:65:51:85:F9:1B:F7:E8:4F:34:3B:AF:7E:BB:E7:26:B2:9C:E9:4E
Authority key identifier: CE:4C:95:6D:52:DD:87:63:63:C2:13:04:F9:C0:25:F0:7D:5F:26:31
Certificate issuer:       /CN=ce4c956d52dd876363c21304f9c025f07d5f2631
Certificate serial:       019873E33C28299E3C9D76235FE1A8DC127D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/zkyVbVLdh2NjwhME-cAl8H1fJjE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/aa/03a52d-f9b5-4f71-b428-2d90001570e1/1/zkyVbVLdh2NjwhME-cAl8H1fJjE.mft
Manifest number:          0590
Signing time:             Mon 04 Aug 2025 07:02:08 +0000
Manifest this update:     Mon 04 Aug 2025 07:02:08 +0000
Manifest next update:     Tue 05 Aug 2025 07:02:08 +0000
Files and hashes:         1: zkyVbVLdh2NjwhME-cAl8H1fJjE.crl (hash: YV2B5gQqwycQeya0evZvpgstssC08QRmXAvoa4kt/LA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/aa/03a52d-f9b5-4f71-b428-2d90001570e1/1/zkyVbVLdh2NjwhME-cAl8H1fJjE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/aa/03a52d-f9b5-4f71-b428-2d90001570e1/1/zkyVbVLdh2NjwhME-cAl8H1fJjE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/zkyVbVLdh2NjwhME-cAl8H1fJjE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 05 Aug 2025 03:00:28 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:73:e3:3c:28:29:9e:3c:9d:76:23:5f:e1:a8:dc:12:7d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ce4c956d52dd876363c21304f9c025f07d5f2631
        Validity
            Not Before: Aug  4 07:02:08 2025 GMT
            Not After : Aug  5 07:02:08 2025 GMT
        Subject: CN=93655185f91bf7e84f343baf7ebbe726b29ce94e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e2:a8:b2:31:97:73:73:c2:9d:83:35:25:27:53:
                    a2:44:b9:81:94:c1:7b:06:80:2f:e1:d1:e9:d3:17:
                    72:63:f0:76:4d:74:a0:93:fd:b2:0d:82:d2:0d:5b:
                    74:1a:53:ae:ef:f3:1c:a9:ad:22:c0:4f:fc:03:3a:
                    00:0c:a1:e2:17:d7:f8:46:0d:64:01:f4:0e:5a:41:
                    f2:0b:a2:16:ef:9f:38:e6:ef:27:63:50:ae:95:af:
                    74:27:04:ee:09:5f:33:a0:b4:7f:2a:57:7d:86:6c:
                    76:68:b8:44:29:74:de:d5:02:c2:08:3d:05:c8:23:
                    a8:3d:98:5f:eb:ad:5a:16:18:6c:35:d6:77:c5:8d:
                    e4:1b:21:bc:45:d0:93:89:93:a0:9f:52:dd:35:f8:
                    31:01:07:6c:ee:91:cb:dd:14:17:34:92:0c:c5:79:
                    51:77:c2:95:a7:ed:99:8e:05:37:2e:50:4e:c0:49:
                    52:56:d6:7a:3f:2e:af:53:16:8a:c8:1e:31:f7:9f:
                    ae:a3:d2:6d:3f:8b:d2:84:3b:20:af:2b:d1:bb:ae:
                    cf:65:87:7f:48:e8:e6:f9:d4:98:43:3b:c7:54:eb:
                    1b:70:9c:40:bc:db:0d:f0:9f:36:33:30:38:d1:c4:
                    ef:53:66:35:22:e4:be:19:60:85:8b:4d:0f:5c:79:
                    d6:07
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                93:65:51:85:F9:1B:F7:E8:4F:34:3B:AF:7E:BB:E7:26:B2:9C:E9:4E
            X509v3 Authority Key Identifier:
                keyid:CE:4C:95:6D:52:DD:87:63:63:C2:13:04:F9:C0:25:F0:7D:5F:26:31

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zkyVbVLdh2NjwhME-cAl8H1fJjE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/03a52d-f9b5-4f71-b428-2d90001570e1/1/zkyVbVLdh2NjwhME-cAl8H1fJjE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/03a52d-f9b5-4f71-b428-2d90001570e1/1/zkyVbVLdh2NjwhME-cAl8H1fJjE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         29:16:0c:d7:c5:2e:0f:3f:b2:ee:9a:fb:ab:73:f6:32:59:92:
         ac:52:d8:32:99:6e:2e:c6:78:8b:3f:7c:22:b8:cc:7a:ae:05:
         be:a9:43:75:39:27:dc:e2:9d:dd:fe:b6:88:99:5d:01:14:32:
         5f:42:77:c8:47:61:20:73:d3:09:a5:41:41:91:19:eb:b6:71:
         91:68:76:58:08:1d:78:43:4a:c8:9e:d3:95:c7:29:19:b1:8b:
         1b:b9:47:69:d1:1d:d6:2e:d6:c7:06:d6:8f:17:a7:19:91:9c:
         c1:40:37:31:44:25:d3:f6:e6:d0:14:e3:e3:21:6a:c1:21:95:
         10:03:70:c6:bd:21:5d:22:22:35:49:bb:b8:df:d5:88:bc:68:
         96:c2:91:80:62:58:a5:47:2a:fe:12:14:c9:80:3b:c2:2e:8f:
         48:6d:20:2f:4e:56:38:bc:9f:fc:96:1d:18:9c:ff:fe:b2:86:
         8e:69:51:6c:d8:b9:90:d6:cc:9f:b3:71:56:f5:bd:de:af:3e:
         8b:43:01:20:05:b2:42:46:25:f1:14:21:92:ed:e2:c9:84:ce:
         b9:c3:93:01:2a:dd:63:93:c6:21:b0:de:6b:06:e2:0a:0b:60:
         16:33:6c:e1:8a:66:ff:be:ed:41:db:83:11:2c:28:cc:c3:fc:
         c9:f4:1b:65
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZhz4zwoKZ48nXYjX+Go3BJ9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNlNGM5NTZkNTJkZDg3NjM2M2MyMTMwNGY5YzAyNWYwN2Q1
ZjI2MzEwHhcNMjUwODA0MDcwMjA4WhcNMjUwODA1MDcwMjA4WjAzMTEwLwYDVQQD
Eyg5MzY1NTE4NWY5MWJmN2U4NGYzNDNiYWY3ZWJiZTcyNmIyOWNlOTRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4qiyMZdzc8KdgzUlJ1OiRLmBlMF7
BoAv4dHp0xdyY/B2TXSgk/2yDYLSDVt0GlOu7/Mcqa0iwE/8AzoADKHiF9f4Rg1k
AfQOWkHyC6IW75845u8nY1Cula90JwTuCV8zoLR/Kld9hmx2aLhEKXTe1QLCCD0F
yCOoPZhf661aFhhsNdZ3xY3kGyG8RdCTiZOgn1LdNfgxAQds7pHL3RQXNJIMxXlR
d8KVp+2ZjgU3LlBOwElSVtZ6Py6vUxaKyB4x95+uo9JtP4vShDsgryvRu67PZYd/
SOjm+dSYQzvHVOsbcJxAvNsN8J82MzA40cTvU2Y1IuS+GWCFi00PXHnWBwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJNlUYX5G/foTzQ7r3675yaynOlOMB8GA1UdIwQY
MBaAFM5MlW1S3YdjY8ITBPnAJfB9XyYxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemt5VmJWTGRoMk5qd2hNRS1jQWw4SDFmSmpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS8wM2E1MmQtZjliNS00ZjcxLWI0Mjgt
MmQ5MDAwMTU3MGUxLzEvemt5VmJWTGRoMk5qd2hNRS1jQWw4SDFmSmpFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYS8wM2E1MmQtZjliNS00ZjcxLWI0MjgtMmQ5MDAwMTU3MGUx
LzEvemt5VmJWTGRoMk5qd2hNRS1jQWw4SDFmSmpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKRYM18Uu
Dz+y7pr7q3P2MlmSrFLYMpluLsZ4iz98IrjMeq4FvqlDdTkn3OKd3f62iJldARQy
X0J3yEdhIHPTCaVBQZEZ67ZxkWh2WAgdeENKyJ7TlccpGbGLG7lHadEd1i7WxwbW
jxenGZGcwUA3MUQl0/bm0BTj4yFqwSGVEANwxr0hXSIiNUm7uN/ViLxolsKRgGJY
pUcq/hIUyYA7wi6PSG0gL05WOLyf/JYdGJz//rKGjmlRbNi5kNbMn7NxVvW93q8+
i0MBIAWyQkYl8RQhku3iyYTOucOTASrdY5PGIbDeawbiCgtgFjNs4Ypm/77tQduD
ESwozMP8yfQbZQ==
-----END CERTIFICATE-----
Generated at Mon Aug 4 11:05:22 2025 by rpki-client