Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/04c239-8869-46e2-95b7-93b392525175/1/mRyTTgj1egPvTro2taTaeYolIgc.mft
File:                     mRyTTgj1egPvTro2taTaeYolIgc.mft (raw, json)
Hash identifier:          JRsDNwqZZl33P2XIHbzmMrewE9xwGqZzbjG6EjwMWRk=
Subject key identifier:   21:0B:70:8D:D3:10:C9:67:AC:B6:87:3B:B7:20:D9:E6:FE:DF:FE:95
Authority key identifier: 99:1C:93:4E:08:F5:7A:03:EF:4E:BA:36:B5:A4:DA:79:8A:25:22:07
Certificate issuer:       /CN=991c934e08f57a03ef4eba36b5a4da798a252207
Certificate serial:       01989525352E21BB355CD509B1A904D07084
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/mRyTTgj1egPvTro2taTaeYolIgc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/00/04c239-8869-46e2-95b7-93b392525175/1/mRyTTgj1egPvTro2taTaeYolIgc.mft
Manifest number:          1625
Signing time:             Sun 10 Aug 2025 18:01:40 +0000
Manifest this update:     Sun 10 Aug 2025 18:01:40 +0000
Manifest next update:     Mon 11 Aug 2025 18:01:40 +0000
Files and hashes:         1: db9OeH46tzqgA4Lx9Y7WIwYTuDM.roa (hash: FuLyiACFaT6BITOZPeoXwp9XiYIYBsR3kP7HfHr2tYI=)
                          2: mRyTTgj1egPvTro2taTaeYolIgc.crl (hash: RSpCskFjCRI74gyg8pStwE0dSdgqwO73QCOk5fiH5ps=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/00/04c239-8869-46e2-95b7-93b392525175/1/mRyTTgj1egPvTro2taTaeYolIgc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/00/04c239-8869-46e2-95b7-93b392525175/1/mRyTTgj1egPvTro2taTaeYolIgc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/mRyTTgj1egPvTro2taTaeYolIgc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 11 Aug 2025 18:01:40 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:95:25:35:2e:21:bb:35:5c:d5:09:b1:a9:04:d0:70:84
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=991c934e08f57a03ef4eba36b5a4da798a252207
        Validity
            Not Before: Aug 10 18:01:40 2025 GMT
            Not After : Aug 11 18:01:40 2025 GMT
        Subject: CN=210b708dd310c967acb6873bb720d9e6fedffe95
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:19:13:9d:40:6d:19:34:8e:da:51:00:cd:23:
                    2c:97:43:78:f9:f9:67:6b:a0:32:38:a0:ae:c9:5b:
                    7b:63:10:4b:bc:48:7b:35:fe:4e:57:05:78:a1:a0:
                    8f:32:e5:d1:19:5e:e8:0b:fc:e9:ab:f7:de:16:77:
                    c5:35:53:23:b8:dd:e7:26:70:a5:7e:db:28:6c:44:
                    3b:9b:2a:d6:3f:96:34:65:df:1a:00:2b:69:2b:87:
                    90:d7:43:bb:49:c8:a5:63:7e:23:cb:d0:79:ab:fc:
                    3a:cc:9b:d0:23:66:da:49:b6:4d:18:9e:aa:98:ab:
                    52:61:19:3b:72:57:7b:c6:ec:66:f8:96:54:6e:da:
                    dd:f3:0a:d5:e8:ba:9a:24:45:89:95:bc:de:ff:c7:
                    f1:22:6e:aa:d1:92:dd:6a:66:fc:52:55:e8:7f:d7:
                    b0:e4:23:43:2d:94:79:27:e1:97:ae:0f:30:02:de:
                    74:b4:2e:2c:74:4f:49:d7:c1:8a:6d:c0:17:07:cc:
                    1e:20:6a:19:47:0d:62:89:ee:42:80:b5:33:bc:17:
                    ec:ae:1f:0e:6c:00:bb:8f:b1:73:a6:e6:a8:e4:a7:
                    64:74:0c:bf:77:8e:06:af:0b:68:58:9d:10:0a:9c:
                    80:2c:e7:b0:be:27:b1:6b:cc:a6:24:98:2d:f2:62:
                    b2:5f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                21:0B:70:8D:D3:10:C9:67:AC:B6:87:3B:B7:20:D9:E6:FE:DF:FE:95
            X509v3 Authority Key Identifier:
                keyid:99:1C:93:4E:08:F5:7A:03:EF:4E:BA:36:B5:A4:DA:79:8A:25:22:07

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mRyTTgj1egPvTro2taTaeYolIgc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/04c239-8869-46e2-95b7-93b392525175/1/mRyTTgj1egPvTro2taTaeYolIgc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/00/04c239-8869-46e2-95b7-93b392525175/1/mRyTTgj1egPvTro2taTaeYolIgc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4d:31:d7:e8:f8:32:96:53:a9:e1:a0:e3:d9:90:68:fa:ae:a7:
         97:cb:d9:15:47:83:ad:a9:e5:89:aa:52:d7:21:1f:2c:e3:7f:
         25:5b:6e:68:97:75:9c:b9:f7:ee:97:a1:be:47:3e:a7:51:c7:
         f2:22:d1:1d:15:f5:06:1e:a9:4b:31:d9:75:09:38:36:e2:f1:
         0b:7f:79:b7:24:cb:48:8d:e0:45:f0:a8:3f:75:7e:92:e6:00:
         6d:5e:1e:c6:8d:2b:d4:80:61:fe:7a:56:be:ff:d1:76:2f:7c:
         62:cd:5e:9d:d8:15:ff:68:b8:7b:a4:b7:5b:e8:f9:9d:f4:5f:
         4a:19:fc:61:4e:a6:77:00:e6:1c:57:78:9d:f9:a2:0e:d1:c4:
         53:cc:eb:7a:ad:1b:cf:b6:96:40:7d:7d:b4:b4:21:ce:6f:34:
         2e:dc:c2:d5:fe:22:5d:7e:70:5a:18:3d:c8:6a:41:e8:63:15:
         22:84:2c:8f:11:2e:bf:2b:f3:92:6e:2e:60:ea:6e:b9:da:17:
         51:ee:db:55:5c:b2:9a:c2:f9:57:ce:c9:bd:29:e9:56:13:94:
         73:69:98:68:6e:2f:7c:39:34:b3:73:97:44:a4:20:2b:8a:ce:
         25:31:10:d2:ae:c8:4e:fe:9b:86:7c:b3:2b:2b:62:74:8b:0b:
         3d:da:6b:fe
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZiVJTUuIbs1XNUJsakE0HCEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk5MWM5MzRlMDhmNTdhMDNlZjRlYmEzNmI1YTRkYTc5OGEy
NTIyMDcwHhcNMjUwODEwMTgwMTQwWhcNMjUwODExMTgwMTQwWjAzMTEwLwYDVQQD
EygyMTBiNzA4ZGQzMTBjOTY3YWNiNjg3M2JiNzIwZDllNmZlZGZmZTk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoxkTnUBtGTSO2lEAzSMsl0N4+fln
a6AyOKCuyVt7YxBLvEh7Nf5OVwV4oaCPMuXRGV7oC/zpq/feFnfFNVMjuN3nJnCl
ftsobEQ7myrWP5Y0Zd8aACtpK4eQ10O7ScilY34jy9B5q/w6zJvQI2baSbZNGJ6q
mKtSYRk7cld7xuxm+JZUbtrd8wrV6LqaJEWJlbze/8fxIm6q0ZLdamb8UlXof9ew
5CNDLZR5J+GXrg8wAt50tC4sdE9J18GKbcAXB8weIGoZRw1iie5CgLUzvBfsrh8O
bAC7j7Fzpuao5KdkdAy/d44GrwtoWJ0QCpyALOewviexa8ymJJgt8mKyXwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCELcI3TEMlnrLaHO7cg2eb+3/6VMB8GA1UdIwQY
MBaAFJkck04I9XoD7066NrWk2nmKJSIHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbVJ5VFRnajFlZ1B2VHJvMnRhVGFlWW9sSWdjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC8wNGMyMzktODg2OS00NmUyLTk1Yjct
OTNiMzkyNTI1MTc1LzEvbVJ5VFRnajFlZ1B2VHJvMnRhVGFlWW9sSWdjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC8wNGMyMzktODg2OS00NmUyLTk1YjctOTNiMzkyNTI1MTc1
LzEvbVJ5VFRnajFlZ1B2VHJvMnRhVGFlWW9sSWdjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATTHX6Pgy
llOp4aDj2ZBo+q6nl8vZFUeDranliapS1yEfLON/JVtuaJd1nLn37pehvkc+p1HH
8iLRHRX1Bh6pSzHZdQk4NuLxC395tyTLSI3gRfCoP3V+kuYAbV4exo0r1IBh/npW
vv/Rdi98Ys1endgV/2i4e6S3W+j5nfRfShn8YU6mdwDmHFd4nfmiDtHEU8zreq0b
z7aWQH19tLQhzm80LtzC1f4iXX5wWhg9yGpB6GMVIoQsjxEuvyvzkm4uYOpuudoX
Ue7bVVyymsL5V87JvSnpVhOUc2mYaG4vfDk0s3OXRKQgK4rOJTEQ0q7ITv6bhnyz
KytidIsLPdpr/g==
-----END CERTIFICATE-----
Generated at Mon Aug 11 04:08:00 2025 by rpki-client