Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ba/f3cca4-f6bf-4734-abbd-0964464c1751/1/XNN5ztzcIPCHXEsIuUtBFhs-jAM.mft
File:                     XNN5ztzcIPCHXEsIuUtBFhs-jAM.mft (raw, json)
Hash identifier:          p4RH55oF//tql0+FNZVeL1XO8WCuKkjfw9CV5J3oa4A=
Subject key identifier:   21:27:B9:EA:0F:88:0B:8B:69:0A:28:46:44:7A:10:BA:DB:2D:2B:71
Authority key identifier: 5C:D3:79:CE:DC:DC:20:F0:87:5C:4B:08:B9:4B:41:16:1B:3E:8C:03
Certificate issuer:       /CN=5cd379cedcdc20f0875c4b08b94b41161b3e8c03
Certificate serial:       01987E661940A586044FF9980F986337C54D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/XNN5ztzcIPCHXEsIuUtBFhs-jAM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ba/f3cca4-f6bf-4734-abbd-0964464c1751/1/XNN5ztzcIPCHXEsIuUtBFhs-jAM.mft
Manifest number:          0D99
Signing time:             Wed 06 Aug 2025 08:01:16 +0000
Manifest this update:     Wed 06 Aug 2025 08:01:16 +0000
Manifest next update:     Thu 07 Aug 2025 08:01:16 +0000
Files and hashes:         1: 1-EeSCCOFCUoz0VplGP1Lo0h-9As.roa (hash: ZLnUsrTQcRzljBuufN+eacOU/oxAjJXf2wRzESRepgg=)
                          2: XNN5ztzcIPCHXEsIuUtBFhs-jAM.crl (hash: cbg2Qh+3rTf1qP19mRU7n4ivBiF1AeaBbwGjBqrPcGU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ba/f3cca4-f6bf-4734-abbd-0964464c1751/1/XNN5ztzcIPCHXEsIuUtBFhs-jAM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ba/f3cca4-f6bf-4734-abbd-0964464c1751/1/XNN5ztzcIPCHXEsIuUtBFhs-jAM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/XNN5ztzcIPCHXEsIuUtBFhs-jAM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 07 Aug 2025 08:00:28 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:7e:66:19:40:a5:86:04:4f:f9:98:0f:98:63:37:c5:4d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5cd379cedcdc20f0875c4b08b94b41161b3e8c03
        Validity
            Not Before: Aug  6 08:01:16 2025 GMT
            Not After : Aug  7 08:01:16 2025 GMT
        Subject: CN=2127b9ea0f880b8b690a2846447a10badb2d2b71
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:db:4c:3a:9d:95:00:5b:76:95:a2:2e:f5:9e:
                    55:17:7d:d8:d8:ec:b2:5f:55:a6:db:6e:52:3a:0a:
                    bc:26:57:c2:70:0b:3f:f4:56:cc:80:9e:f7:01:7a:
                    ea:2d:53:34:c1:e2:8f:e2:51:df:18:74:92:a6:d4:
                    95:eb:42:f6:43:2a:74:e4:73:81:6f:18:57:92:0d:
                    7a:fb:42:ae:7f:4f:76:51:2a:d7:b2:1b:b6:b3:9b:
                    66:23:2b:d9:89:a1:72:e0:a9:87:5b:ee:80:9b:87:
                    a4:af:b4:4e:42:51:d2:2d:ff:2a:54:3c:49:bf:f6:
                    32:44:da:92:25:ff:b0:47:5d:a0:40:ea:50:35:88:
                    ea:8e:99:98:32:fe:e5:5a:63:8a:d2:23:1f:74:a3:
                    ac:27:1e:17:e9:bc:d2:bd:32:c5:3b:e7:89:b6:67:
                    e3:05:90:00:16:d0:91:8b:5a:02:fa:2c:a8:c7:47:
                    a7:f1:07:62:96:45:29:0d:98:eb:b0:7d:52:01:56:
                    3f:cb:08:ec:88:ff:0f:1d:7c:6b:f3:99:91:4c:a9:
                    32:0a:67:85:ff:18:4f:3c:0f:da:fa:eb:3a:5d:7c:
                    8e:de:5d:04:e6:94:d3:d6:4a:c9:ee:3b:f0:30:ac:
                    15:78:8a:e4:96:dc:3f:fa:21:84:f5:0c:fd:e3:7f:
                    1b:43
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                21:27:B9:EA:0F:88:0B:8B:69:0A:28:46:44:7A:10:BA:DB:2D:2B:71
            X509v3 Authority Key Identifier:
                keyid:5C:D3:79:CE:DC:DC:20:F0:87:5C:4B:08:B9:4B:41:16:1B:3E:8C:03

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XNN5ztzcIPCHXEsIuUtBFhs-jAM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/f3cca4-f6bf-4734-abbd-0964464c1751/1/XNN5ztzcIPCHXEsIuUtBFhs-jAM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/f3cca4-f6bf-4734-abbd-0964464c1751/1/XNN5ztzcIPCHXEsIuUtBFhs-jAM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4c:9f:22:fd:08:43:8b:cc:23:dd:82:fb:96:6c:a1:e7:88:79:
         69:f6:87:b5:05:5e:c5:0c:27:cd:c2:1f:2d:c3:ff:90:a5:59:
         9d:69:b0:cd:ad:15:25:04:1c:3e:b6:3d:9f:1b:af:7c:11:aa:
         40:b0:cd:64:7d:7e:4c:b4:66:b7:7c:df:31:4b:d9:9c:17:7e:
         83:78:3f:0f:19:a6:9f:90:75:33:a1:ee:55:f6:3c:32:b5:fb:
         f7:d8:5f:b5:90:20:18:c9:27:a1:51:e8:f5:15:7e:96:e1:6e:
         34:17:cc:65:00:91:76:bd:d7:63:4e:78:ec:90:f0:44:ab:b4:
         66:7e:f5:4f:c5:3c:6e:5f:17:f1:1a:2a:c9:d3:c5:95:eb:34:
         09:21:fc:b9:0c:ec:83:8d:2f:16:0c:ea:a4:4e:95:84:2c:2b:
         65:e9:11:84:0f:79:ed:18:e3:3a:01:2e:3b:23:83:51:69:af:
         1d:38:f6:c5:89:4a:90:98:2e:2e:83:3b:61:a3:b6:54:ed:0d:
         1e:52:4b:68:3c:41:d8:03:eb:4c:e7:9f:04:b5:ba:58:39:7f:
         fd:bf:eb:06:21:e0:14:de:8e:11:1c:82:8f:91:86:3e:a8:3b:
         e4:f9:94:e6:96:13:af:b7:41:f4:e6:2f:04:09:66:74:8b:99:
         8c:8a:46:68
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZh+ZhlApYYET/mYD5hjN8VNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVjZDM3OWNlZGNkYzIwZjA4NzVjNGIwOGI5NGI0MTE2MWIz
ZThjMDMwHhcNMjUwODA2MDgwMTE2WhcNMjUwODA3MDgwMTE2WjAzMTEwLwYDVQQD
EygyMTI3YjllYTBmODgwYjhiNjkwYTI4NDY0NDdhMTBiYWRiMmQyYjcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt9tMOp2VAFt2laIu9Z5VF33Y2Oyy
X1Wm225SOgq8JlfCcAs/9FbMgJ73AXrqLVM0weKP4lHfGHSSptSV60L2Qyp05HOB
bxhXkg16+0Kuf092USrXshu2s5tmIyvZiaFy4KmHW+6Am4ekr7ROQlHSLf8qVDxJ
v/YyRNqSJf+wR12gQOpQNYjqjpmYMv7lWmOK0iMfdKOsJx4X6bzSvTLFO+eJtmfj
BZAAFtCRi1oC+iyox0en8QdilkUpDZjrsH1SAVY/ywjsiP8PHXxr85mRTKkyCmeF
/xhPPA/a+us6XXyO3l0E5pTT1krJ7jvwMKwVeIrkltw/+iGE9Qz9438bQwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCEnueoPiAuLaQooRkR6ELrbLStxMB8GA1UdIwQY
MBaAFFzTec7c3CDwh1xLCLlLQRYbPowDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWE5ONXp0emNJUENIWEVzSXVVdEJGaHMtakFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYS9mM2NjYTQtZjZiZi00NzM0LWFiYmQt
MDk2NDQ2NGMxNzUxLzEvWE5ONXp0emNJUENIWEVzSXVVdEJGaHMtakFNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYS9mM2NjYTQtZjZiZi00NzM0LWFiYmQtMDk2NDQ2NGMxNzUx
LzEvWE5ONXp0emNJUENIWEVzSXVVdEJGaHMtakFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATJ8i/QhD
i8wj3YL7lmyh54h5afaHtQVexQwnzcIfLcP/kKVZnWmwza0VJQQcPrY9nxuvfBGq
QLDNZH1+TLRmt3zfMUvZnBd+g3g/Dxmmn5B1M6HuVfY8MrX799hftZAgGMknoVHo
9RV+luFuNBfMZQCRdr3XY0547JDwRKu0Zn71T8U8bl8X8RoqydPFles0CSH8uQzs
g40vFgzqpE6VhCwrZekRhA957RjjOgEuOyODUWmvHTj2xYlKkJguLoM7YaO2VO0N
HlJLaDxB2APrTOefBLW6WDl//b/rBiHgFN6OERyCj5GGPqg75PmU5pYTr7dB9OYv
BAlmdIuZjIpGaA==
-----END CERTIFICATE-----
Generated at Wed Aug 6 14:11:41 2025 by rpki-client