Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/1d27da-b39f-42a9-949f-b6c39ad983dd/1/RzrT6YeegYYjFqEICLtcQhKVTLo.mft
File:                     RzrT6YeegYYjFqEICLtcQhKVTLo.mft (raw, json)
Hash identifier:          CaHslbD02K3MNPdrmpdGkfE6uoz6mMNK6+uZuiLOiHU=
Subject key identifier:   37:DE:F9:6B:0A:99:9D:8E:B8:C7:82:CE:C0:27:8D:09:12:4B:D1:07
Authority key identifier: 47:3A:D3:E9:87:9E:81:86:23:16:A1:08:08:BB:5C:42:12:95:4C:BA
Certificate issuer:       /CN=473ad3e9879e81862316a10808bb5c4212954cba
Certificate serial:       019873E3F7FE5E53114ECFD6193DD0A88E98
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/RzrT6YeegYYjFqEICLtcQhKVTLo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/02/1d27da-b39f-42a9-949f-b6c39ad983dd/1/RzrT6YeegYYjFqEICLtcQhKVTLo.mft
Manifest number:          0EC4
Signing time:             Mon 04 Aug 2025 07:02:56 +0000
Manifest this update:     Mon 04 Aug 2025 07:02:56 +0000
Manifest next update:     Tue 05 Aug 2025 07:02:56 +0000
Files and hashes:         1: RzrT6YeegYYjFqEICLtcQhKVTLo.crl (hash: v+4W1kTRKqx8poI9jnk42c1CPZwDmGOZsI9c8Qw4q7o=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/02/1d27da-b39f-42a9-949f-b6c39ad983dd/1/RzrT6YeegYYjFqEICLtcQhKVTLo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/02/1d27da-b39f-42a9-949f-b6c39ad983dd/1/RzrT6YeegYYjFqEICLtcQhKVTLo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/RzrT6YeegYYjFqEICLtcQhKVTLo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 05 Aug 2025 03:00:28 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:73:e3:f7:fe:5e:53:11:4e:cf:d6:19:3d:d0:a8:8e:98
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=473ad3e9879e81862316a10808bb5c4212954cba
        Validity
            Not Before: Aug  4 07:02:56 2025 GMT
            Not After : Aug  5 07:02:56 2025 GMT
        Subject: CN=37def96b0a999d8eb8c782cec0278d09124bd107
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:76:44:8f:e3:57:14:dd:47:74:00:10:5e:3e:
                    17:61:17:22:77:77:9a:a2:fe:87:71:79:93:a8:42:
                    bd:a3:69:d9:f8:9a:5e:18:5e:b0:e3:bc:60:a2:f0:
                    b1:79:a3:92:05:f7:74:71:05:96:c2:1b:f1:34:2b:
                    56:f7:87:01:38:a7:44:86:15:51:0f:9e:30:3c:7f:
                    18:db:48:9e:21:da:94:8f:c1:42:f9:10:de:b1:da:
                    bb:9f:5a:87:be:ea:9b:b0:8a:b0:4f:2d:a8:d5:cd:
                    c6:2e:31:c5:eb:f3:7e:7b:5d:8d:f2:42:77:6e:c1:
                    9d:87:08:7b:2a:13:cd:31:b6:81:7c:6a:e5:f8:d7:
                    d9:e5:b3:2d:39:df:7f:e7:42:6f:dd:8a:d6:ec:13:
                    75:d9:9d:71:5d:b5:26:97:1b:b7:5f:fb:10:7b:f9:
                    9b:b4:bb:19:33:9b:bd:1e:e0:05:b8:36:33:99:b7:
                    fe:11:44:66:36:bf:03:f1:44:b7:30:5b:2a:14:1a:
                    ea:2e:15:d3:00:8c:48:05:dd:4f:f2:1e:87:63:c2:
                    18:40:52:6b:87:bf:d6:46:cc:30:3e:88:d9:80:b0:
                    47:b0:3e:6f:1a:70:ed:fe:3e:58:5b:1b:52:4a:36:
                    33:96:71:39:85:b4:a1:20:74:52:3d:fb:77:26:8b:
                    63:c5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                37:DE:F9:6B:0A:99:9D:8E:B8:C7:82:CE:C0:27:8D:09:12:4B:D1:07
            X509v3 Authority Key Identifier:
                keyid:47:3A:D3:E9:87:9E:81:86:23:16:A1:08:08:BB:5C:42:12:95:4C:BA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RzrT6YeegYYjFqEICLtcQhKVTLo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/1d27da-b39f-42a9-949f-b6c39ad983dd/1/RzrT6YeegYYjFqEICLtcQhKVTLo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/02/1d27da-b39f-42a9-949f-b6c39ad983dd/1/RzrT6YeegYYjFqEICLtcQhKVTLo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         70:66:9b:1c:fb:b8:24:76:dd:1b:33:1b:40:b0:35:22:67:91:
         21:4d:29:db:18:46:d0:b7:80:57:52:e6:2d:0a:45:88:35:f9:
         78:62:46:fc:ac:58:18:71:21:0f:e9:dc:47:ce:98:a9:0d:c6:
         e0:14:83:93:f1:70:06:85:48:eb:ba:91:b8:b0:9d:d7:71:cf:
         cc:ee:af:69:86:e0:37:d2:ff:57:82:4f:67:70:c4:fb:e9:52:
         77:d0:11:d1:2c:69:69:5d:3a:2b:96:35:f7:89:70:7b:1a:c4:
         cc:9b:6a:98:ba:7a:a8:bd:d6:0a:a2:f9:c8:68:52:7f:be:86:
         ef:9d:b1:cd:4a:cc:c4:77:61:90:52:ec:5d:cc:97:a7:c7:1e:
         69:37:b4:01:5c:3c:00:cf:70:48:bf:e7:08:26:f6:70:e9:c3:
         c4:80:f6:65:f0:fc:b3:f5:e2:81:a8:98:de:c4:25:d0:89:02:
         c6:b0:a1:a7:dc:7e:ce:82:6e:1c:12:99:66:d3:0b:5a:be:20:
         ce:c7:ee:76:54:e8:4a:ec:78:00:9c:b9:4e:b9:f7:9f:3d:0e:
         f8:ab:45:29:77:82:1c:79:e6:11:5e:ab:52:31:07:f7:c6:c4:
         bf:8f:12:2d:e1:12:20:b5:1b:f5:72:c0:f5:ad:66:28:11:3e:
         bd:87:37:62
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZhz4/f+XlMRTs/WGT3QqI6YMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ3M2FkM2U5ODc5ZTgxODYyMzE2YTEwODA4YmI1YzQyMTI5
NTRjYmEwHhcNMjUwODA0MDcwMjU2WhcNMjUwODA1MDcwMjU2WjAzMTEwLwYDVQQD
EygzN2RlZjk2YjBhOTk5ZDhlYjhjNzgyY2VjMDI3OGQwOTEyNGJkMTA3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq3ZEj+NXFN1HdAAQXj4XYRcid3ea
ov6HcXmTqEK9o2nZ+JpeGF6w47xgovCxeaOSBfd0cQWWwhvxNCtW94cBOKdEhhVR
D54wPH8Y20ieIdqUj8FC+RDesdq7n1qHvuqbsIqwTy2o1c3GLjHF6/N+e12N8kJ3
bsGdhwh7KhPNMbaBfGrl+NfZ5bMtOd9/50Jv3YrW7BN12Z1xXbUmlxu3X/sQe/mb
tLsZM5u9HuAFuDYzmbf+EURmNr8D8US3MFsqFBrqLhXTAIxIBd1P8h6HY8IYQFJr
h7/WRswwPojZgLBHsD5vGnDt/j5YWxtSSjYzlnE5hbShIHRSPft3JotjxQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDfe+WsKmZ2OuMeCzsAnjQkSS9EHMB8GA1UdIwQY
MBaAFEc60+mHnoGGIxahCAi7XEISlUy6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUnpyVDZZZWVnWVlqRnFFSUNMdGNRaEtWVExvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi8xZDI3ZGEtYjM5Zi00MmE5LTk0OWYt
YjZjMzlhZDk4M2RkLzEvUnpyVDZZZWVnWVlqRnFFSUNMdGNRaEtWVExvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi8xZDI3ZGEtYjM5Zi00MmE5LTk0OWYtYjZjMzlhZDk4M2Rk
LzEvUnpyVDZZZWVnWVlqRnFFSUNMdGNRaEtWVExvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAcGabHPu4
JHbdGzMbQLA1ImeRIU0p2xhG0LeAV1LmLQpFiDX5eGJG/KxYGHEhD+ncR86YqQ3G
4BSDk/FwBoVI67qRuLCd13HPzO6vaYbgN9L/V4JPZ3DE++lSd9AR0SxpaV06K5Y1
94lwexrEzJtqmLp6qL3WCqL5yGhSf76G752xzUrMxHdhkFLsXcyXp8ceaTe0AVw8
AM9wSL/nCCb2cOnDxID2ZfD8s/XigaiY3sQl0IkCxrChp9x+zoJuHBKZZtMLWr4g
zsfudlToSux4AJy5Trn3nz0O+KtFKXeCHHnmEV6rUjEH98bEv48SLeESILUb9XLA
9a1mKBE+vYc3Yg==
-----END CERTIFICATE-----
Generated at Mon Aug 4 11:03:54 2025 by rpki-client