Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/20d6a8-c4e2-47e3-90df-1c8ed36d2566/1/GyceKuYih3VSuJ28R016EwWEpI4.mft
File:                     GyceKuYih3VSuJ28R016EwWEpI4.mft (raw, json)
Hash identifier:          2mC2NzaXLalx/Red5LuD7RTiA0viQYOTrEzTVHK9Awo=
Subject key identifier:   97:CF:7B:0C:2D:3D:8F:81:89:60:F1:D1:8D:0E:33:8D:13:9E:6D:BF
Authority key identifier: 1B:27:1E:2A:E6:22:87:75:52:B8:9D:BC:47:4D:7A:13:05:84:A4:8E
Certificate issuer:       /CN=1b271e2ae622877552b89dbc474d7a130584a48e
Certificate serial:       019872CF75AD58FB2D9BF14CF89C7695D0FF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/GyceKuYih3VSuJ28R016EwWEpI4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/02/20d6a8-c4e2-47e3-90df-1c8ed36d2566/1/GyceKuYih3VSuJ28R016EwWEpI4.mft
Manifest number:          0A23
Signing time:             Mon 04 Aug 2025 02:00:55 +0000
Manifest this update:     Mon 04 Aug 2025 02:00:55 +0000
Manifest next update:     Tue 05 Aug 2025 02:00:55 +0000
Files and hashes:         1: GyceKuYih3VSuJ28R016EwWEpI4.crl (hash: YuMEBAqgiMC+43PSEMkY7uRlvKTGcw/0WDtRLz34IF8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/02/20d6a8-c4e2-47e3-90df-1c8ed36d2566/1/GyceKuYih3VSuJ28R016EwWEpI4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/02/20d6a8-c4e2-47e3-90df-1c8ed36d2566/1/GyceKuYih3VSuJ28R016EwWEpI4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/GyceKuYih3VSuJ28R016EwWEpI4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 05 Aug 2025 02:00:55 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:72:cf:75:ad:58:fb:2d:9b:f1:4c:f8:9c:76:95:d0:ff
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1b271e2ae622877552b89dbc474d7a130584a48e
        Validity
            Not Before: Aug  4 02:00:55 2025 GMT
            Not After : Aug  5 02:00:55 2025 GMT
        Subject: CN=97cf7b0c2d3d8f818960f1d18d0e338d139e6dbf
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cd:b3:60:1f:c6:e0:bb:38:ac:6f:66:20:f3:0b:
                    df:52:4c:34:f6:fa:a8:00:1d:2c:b6:d5:34:38:2d:
                    1f:9f:bc:ca:db:f1:3a:84:3b:ec:c5:6b:62:83:44:
                    87:26:2c:c3:e6:f7:48:d9:22:f4:ab:a3:b8:d0:10:
                    8c:bd:6b:16:f2:a2:12:21:08:70:74:57:13:14:f6:
                    ca:83:ab:18:b5:c6:4f:3b:49:e8:c8:85:98:1c:90:
                    7d:a2:a0:af:61:74:3e:b9:15:f5:a1:ff:94:15:0f:
                    0c:ae:89:5b:7f:ce:26:f5:4b:cc:1d:cf:7f:18:6f:
                    66:92:3e:a5:d6:bb:ca:5c:a1:0c:b5:2b:67:ca:26:
                    79:b3:85:b0:57:e9:64:a1:77:fb:ab:a2:b9:17:4a:
                    d1:eb:82:2e:b9:de:95:1c:8f:d9:ab:88:3a:be:77:
                    40:cb:71:49:7f:84:ba:f9:b8:b3:13:98:0f:c1:03:
                    ee:e6:95:0b:4b:d0:c3:1e:f7:9a:ff:d5:dc:fe:f3:
                    78:24:49:af:70:77:7f:fd:8b:08:ea:ff:dc:86:12:
                    50:31:e6:63:da:0c:6b:28:d0:61:db:53:5b:ee:20:
                    41:b2:47:31:bc:33:1c:37:02:d3:1a:d3:e3:66:ed:
                    59:bf:d4:80:70:3b:a9:b8:35:c6:3b:60:e9:62:76:
                    ab:7b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                97:CF:7B:0C:2D:3D:8F:81:89:60:F1:D1:8D:0E:33:8D:13:9E:6D:BF
            X509v3 Authority Key Identifier:
                keyid:1B:27:1E:2A:E6:22:87:75:52:B8:9D:BC:47:4D:7A:13:05:84:A4:8E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GyceKuYih3VSuJ28R016EwWEpI4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/20d6a8-c4e2-47e3-90df-1c8ed36d2566/1/GyceKuYih3VSuJ28R016EwWEpI4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/02/20d6a8-c4e2-47e3-90df-1c8ed36d2566/1/GyceKuYih3VSuJ28R016EwWEpI4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         84:03:e6:2d:0a:29:07:f1:7f:6d:98:44:6e:d5:a9:cf:e4:23:
         ea:da:cf:a0:92:27:2c:75:86:3c:33:6c:c4:6d:b9:c6:b0:96:
         b5:75:eb:7c:d6:2f:eb:3a:a3:9e:15:ea:cd:6a:a1:da:d6:24:
         92:10:3f:9f:87:d3:3e:37:03:42:57:89:a8:84:2b:98:41:27:
         58:81:b9:66:24:2b:d0:b6:1a:81:2a:e9:17:64:56:b2:bf:79:
         71:ce:e0:ec:7f:96:b4:87:99:e1:cd:af:90:3e:58:5b:bd:6f:
         c6:c3:f0:2c:47:77:ee:54:a8:80:05:fb:af:8a:70:c9:c3:dd:
         5c:ef:49:26:d7:1a:90:65:48:12:31:17:2d:1b:c0:77:0b:19:
         f9:fe:b2:a4:af:80:ce:f0:34:9c:fe:6e:16:d1:eb:aa:90:40:
         ff:2d:ab:59:38:f4:02:b6:7d:9d:b5:76:22:2b:16:4e:17:10:
         cb:83:49:fe:2a:5b:e4:ab:da:a0:23:f0:f3:66:56:ef:0e:ec:
         d6:83:5a:4c:19:c7:48:84:68:0e:eb:8a:d2:b5:02:2e:15:81:
         3c:c1:60:e1:6b:7b:d0:c9:21:68:e5:49:ef:f7:88:cc:c3:80:
         fa:dc:c4:35:55:2b:0e:dc:88:15:94:9e:4b:1f:44:57:c8:c5:
         6b:28:97:38
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZhyz3WtWPstm/FM+Jx2ldD/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiMjcxZTJhZTYyMjg3NzU1MmI4OWRiYzQ3NGQ3YTEzMDU4
NGE0OGUwHhcNMjUwODA0MDIwMDU1WhcNMjUwODA1MDIwMDU1WjAzMTEwLwYDVQQD
Eyg5N2NmN2IwYzJkM2Q4ZjgxODk2MGYxZDE4ZDBlMzM4ZDEzOWU2ZGJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzbNgH8bguzisb2Yg8wvfUkw09vqo
AB0sttU0OC0fn7zK2/E6hDvsxWtig0SHJizD5vdI2SL0q6O40BCMvWsW8qISIQhw
dFcTFPbKg6sYtcZPO0noyIWYHJB9oqCvYXQ+uRX1of+UFQ8Mrolbf84m9UvMHc9/
GG9mkj6l1rvKXKEMtStnyiZ5s4WwV+lkoXf7q6K5F0rR64Iuud6VHI/Zq4g6vndA
y3FJf4S6+bizE5gPwQPu5pULS9DDHvea/9Xc/vN4JEmvcHd//YsI6v/chhJQMeZj
2gxrKNBh21Nb7iBBskcxvDMcNwLTGtPjZu1Zv9SAcDupuDXGO2DpYnarewIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJfPewwtPY+BiWDx0Y0OM40Tnm2/MB8GA1UdIwQY
MBaAFBsnHirmIod1UridvEdNehMFhKSOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3ljZUt1WWloM1ZTdUoyOFIwMTZFd1dFcEk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi8yMGQ2YTgtYzRlMi00N2UzLTkwZGYt
MWM4ZWQzNmQyNTY2LzEvR3ljZUt1WWloM1ZTdUoyOFIwMTZFd1dFcEk0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi8yMGQ2YTgtYzRlMi00N2UzLTkwZGYtMWM4ZWQzNmQyNTY2
LzEvR3ljZUt1WWloM1ZTdUoyOFIwMTZFd1dFcEk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhAPmLQop
B/F/bZhEbtWpz+Qj6trPoJInLHWGPDNsxG25xrCWtXXrfNYv6zqjnhXqzWqh2tYk
khA/n4fTPjcDQleJqIQrmEEnWIG5ZiQr0LYagSrpF2RWsr95cc7g7H+WtIeZ4c2v
kD5YW71vxsPwLEd37lSogAX7r4pwycPdXO9JJtcakGVIEjEXLRvAdwsZ+f6ypK+A
zvA0nP5uFtHrqpBA/y2rWTj0ArZ9nbV2IisWThcQy4NJ/ipb5KvaoCPw82ZW7w7s
1oNaTBnHSIRoDuuK0rUCLhWBPMFg4Wt70MkhaOVJ7/eIzMOA+tzENVUrDtyIFZSe
Sx9EV8jFayiXOA==
-----END CERTIFICATE-----
Generated at Mon Aug 4 11:06:12 2025 by rpki-client