Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/b66125-6844-4a87-9bb5-af42623ea431/1/un1KwTROw43OmXaNeKEU6_fxfYU.mft
File:                     un1KwTROw43OmXaNeKEU6_fxfYU.mft (raw, json)
Hash identifier:          iZKnumQLqoCzuu14GBwo/9vPvAyawueg3O/2byWXauQ=
Subject key identifier:   99:5A:DB:E9:3F:E5:70:F9:19:E2:67:21:0D:4F:5C:5C:23:E0:2B:7F
Authority key identifier: BA:7D:4A:C1:34:4E:C3:8D:CE:99:76:8D:78:A1:14:EB:F7:F1:7D:85
Certificate issuer:       /CN=ba7d4ac1344ec38dce99768d78a114ebf7f17d85
Certificate serial:       01988B456A82E90893EF889D9A8DB5109FCA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/un1KwTROw43OmXaNeKEU6_fxfYU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/eb/b66125-6844-4a87-9bb5-af42623ea431/1/un1KwTROw43OmXaNeKEU6_fxfYU.mft
Manifest number:          0CDC
Signing time:             Fri 08 Aug 2025 20:00:38 +0000
Manifest this update:     Fri 08 Aug 2025 20:00:38 +0000
Manifest next update:     Sat 09 Aug 2025 20:00:38 +0000
Files and hashes:         1: eJvxqWQVuJlIAcOu0zuhq-FEIwc.roa (hash: T9Btt+1WHrBsFsD5c6tC5d0RHMAv0qfav0ae3k59Hwg=)
                          2: un1KwTROw43OmXaNeKEU6_fxfYU.crl (hash: TGApeQAqDj1bpemCSGsAaeiaNyJ97ALjIqWhyd4dwfE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/eb/b66125-6844-4a87-9bb5-af42623ea431/1/un1KwTROw43OmXaNeKEU6_fxfYU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/eb/b66125-6844-4a87-9bb5-af42623ea431/1/un1KwTROw43OmXaNeKEU6_fxfYU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/un1KwTROw43OmXaNeKEU6_fxfYU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 09 Aug 2025 20:00:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:8b:45:6a:82:e9:08:93:ef:88:9d:9a:8d:b5:10:9f:ca
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ba7d4ac1344ec38dce99768d78a114ebf7f17d85
        Validity
            Not Before: Aug  8 20:00:38 2025 GMT
            Not After : Aug  9 20:00:38 2025 GMT
        Subject: CN=995adbe93fe570f919e267210d4f5c5c23e02b7f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c6:d3:cf:3c:42:3c:fd:a6:03:2e:40:aa:c4:7e:
                    dd:0f:61:e8:fc:16:68:4d:c0:f2:b3:06:40:71:48:
                    08:bb:f5:09:d4:1a:da:c0:f1:a2:f3:08:1f:c6:b3:
                    ec:81:a5:ec:79:35:ad:11:bd:72:b5:83:f6:66:58:
                    85:ff:b9:cf:f4:d0:f1:7e:b2:cd:8e:00:b6:d1:74:
                    b4:d1:84:45:8d:21:1c:66:12:5d:ab:90:6f:ca:7c:
                    a6:22:4e:e7:e9:0f:20:33:86:88:d5:fe:e8:60:e8:
                    39:de:53:4a:6f:bd:b2:3d:8a:51:66:88:dc:4a:0e:
                    95:a5:4f:04:f6:e0:f9:3b:09:fb:eb:61:a6:94:ff:
                    9d:47:e1:d9:80:3d:13:98:14:29:39:6e:08:fc:ba:
                    80:22:29:82:70:f3:a8:39:7f:7a:fd:17:5c:2b:fc:
                    ef:f2:55:2c:9a:45:01:9c:e0:c8:b8:e7:32:85:42:
                    9a:83:9a:fe:7f:06:fa:b9:e7:42:97:37:8d:e6:98:
                    a3:c0:c8:91:94:57:6a:54:d6:91:08:2a:9b:90:ac:
                    f2:0e:89:f0:f8:39:7c:16:65:cc:68:d2:4f:20:d1:
                    9e:fc:5e:12:ba:06:df:86:f4:59:f3:be:81:f6:9b:
                    aa:b7:c7:fa:df:3a:f2:fa:9d:c8:cc:62:0c:6c:ec:
                    0f:bd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                99:5A:DB:E9:3F:E5:70:F9:19:E2:67:21:0D:4F:5C:5C:23:E0:2B:7F
            X509v3 Authority Key Identifier:
                keyid:BA:7D:4A:C1:34:4E:C3:8D:CE:99:76:8D:78:A1:14:EB:F7:F1:7D:85

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/un1KwTROw43OmXaNeKEU6_fxfYU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/b66125-6844-4a87-9bb5-af42623ea431/1/un1KwTROw43OmXaNeKEU6_fxfYU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/b66125-6844-4a87-9bb5-af42623ea431/1/un1KwTROw43OmXaNeKEU6_fxfYU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         73:ff:80:91:72:0d:b9:86:4f:85:c1:87:2b:fc:5b:15:da:c1:
         f7:8a:4f:47:63:6d:ab:cd:b9:ef:80:c4:81:4b:34:c3:bd:26:
         d3:a7:f3:5f:48:bf:3b:37:11:5a:2f:fa:41:53:4b:35:6b:9c:
         a0:20:58:36:cf:5f:27:74:cf:0b:8a:45:a5:2f:aa:a8:06:e0:
         09:39:0c:80:99:60:bb:64:cc:ba:1f:d5:b8:46:50:8f:8a:e6:
         4f:b5:0c:b6:60:9a:c4:2a:0d:e0:75:84:e7:bf:9c:3b:f9:11:
         a3:75:eb:6d:1d:5d:a6:82:e5:a3:45:56:b6:d1:9c:cf:c5:d4:
         42:cd:98:7c:12:c6:31:84:44:c9:39:2a:ee:27:83:16:f6:98:
         64:89:f5:33:a7:47:e0:00:ff:f4:f9:1e:e1:07:10:a5:17:36:
         1e:20:3c:03:ee:c1:cb:ad:29:32:a4:03:3c:35:0f:d8:4f:52:
         1e:f3:f3:45:8d:07:3b:9f:1a:f6:7a:73:c4:4f:f9:89:77:df:
         12:0f:9f:f8:0a:68:f3:5e:77:39:5f:c7:02:a7:3b:86:21:9a:
         4a:93:42:af:18:0b:99:cc:10:6b:d6:50:56:cd:28:bc:f3:a6:
         1b:32:81:45:6f:82:f3:91:e4:f9:0e:d7:7c:87:7c:6f:e1:19:
         e0:ff:bf:48
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZiLRWqC6QiT74idmo21EJ/KMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJhN2Q0YWMxMzQ0ZWMzOGRjZTk5NzY4ZDc4YTExNGViZjdm
MTdkODUwHhcNMjUwODA4MjAwMDM4WhcNMjUwODA5MjAwMDM4WjAzMTEwLwYDVQQD
Eyg5OTVhZGJlOTNmZTU3MGY5MTllMjY3MjEwZDRmNWM1YzIzZTAyYjdmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxtPPPEI8/aYDLkCqxH7dD2Ho/BZo
TcDyswZAcUgIu/UJ1BrawPGi8wgfxrPsgaXseTWtEb1ytYP2ZliF/7nP9NDxfrLN
jgC20XS00YRFjSEcZhJdq5BvynymIk7n6Q8gM4aI1f7oYOg53lNKb72yPYpRZojc
Sg6VpU8E9uD5Own762GmlP+dR+HZgD0TmBQpOW4I/LqAIimCcPOoOX96/RdcK/zv
8lUsmkUBnODIuOcyhUKag5r+fwb6uedClzeN5pijwMiRlFdqVNaRCCqbkKzyDonw
+Dl8FmXMaNJPINGe/F4SugbfhvRZ876B9puqt8f63zry+p3IzGIMbOwPvQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJla2+k/5XD5GeJnIQ1PXFwj4Ct/MB8GA1UdIwQY
MBaAFLp9SsE0TsONzpl2jXihFOv38X2FMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdW4xS3dUUk93NDNPbVhhTmVLRVU2X2Z4ZllVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi9iNjYxMjUtNjg0NC00YTg3LTliYjUt
YWY0MjYyM2VhNDMxLzEvdW4xS3dUUk93NDNPbVhhTmVLRVU2X2Z4ZllVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi9iNjYxMjUtNjg0NC00YTg3LTliYjUtYWY0MjYyM2VhNDMx
LzEvdW4xS3dUUk93NDNPbVhhTmVLRVU2X2Z4ZllVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAc/+AkXIN
uYZPhcGHK/xbFdrB94pPR2Ntq82574DEgUs0w70m06fzX0i/OzcRWi/6QVNLNWuc
oCBYNs9fJ3TPC4pFpS+qqAbgCTkMgJlgu2TMuh/VuEZQj4rmT7UMtmCaxCoN4HWE
57+cO/kRo3XrbR1dpoLlo0VWttGcz8XUQs2YfBLGMYREyTkq7ieDFvaYZIn1M6dH
4AD/9Pke4QcQpRc2HiA8A+7By60pMqQDPDUP2E9SHvPzRY0HO58a9npzxE/5iXff
Eg+f+Apo8153OV/HAqc7hiGaSpNCrxgLmcwQa9ZQVs0ovPOmGzKBRW+C85Hk+Q7X
fId8b+EZ4P+/SA==
-----END CERTIFICATE-----
Generated at Sat Aug 9 01:05:31 2025 by rpki-client