Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/05/382fdf-b73c-4979-86c5-ed4498115033/1/fIJLILMxe7jIm-pPDzTQlC0dcU4.mft
File:                     fIJLILMxe7jIm-pPDzTQlC0dcU4.mft (raw, json)
Hash identifier:          fyHM59E/ORqt0dH9DTIF7TicH0uMMKU5ojMlQMBzD5k=
Subject key identifier:   91:2A:E7:75:A6:DE:51:B4:F0:CE:1F:C3:6B:23:AA:1D:76:96:B4:7A
Authority key identifier: 7C:82:4B:20:B3:31:7B:B8:C8:9B:EA:4F:0F:34:D0:94:2D:1D:71:4E
Certificate issuer:       /CN=7c824b20b3317bb8c89bea4f0f34d0942d1d714e
Certificate serial:       019880F8E03906AE94337D5B022857063491
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/fIJLILMxe7jIm-pPDzTQlC0dcU4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/05/382fdf-b73c-4979-86c5-ed4498115033/1/fIJLILMxe7jIm-pPDzTQlC0dcU4.mft
Manifest number:          D2
Signing time:             Wed 06 Aug 2025 20:00:50 +0000
Manifest this update:     Wed 06 Aug 2025 20:00:50 +0000
Manifest next update:     Thu 07 Aug 2025 20:00:50 +0000
Files and hashes:         1: fIJLILMxe7jIm-pPDzTQlC0dcU4.crl (hash: QvemLH/3NmKGGuyVYJnNlStqy35VI8/EY1TjaloTeDw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/05/382fdf-b73c-4979-86c5-ed4498115033/1/fIJLILMxe7jIm-pPDzTQlC0dcU4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/05/382fdf-b73c-4979-86c5-ed4498115033/1/fIJLILMxe7jIm-pPDzTQlC0dcU4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/fIJLILMxe7jIm-pPDzTQlC0dcU4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 07 Aug 2025 20:00:50 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:80:f8:e0:39:06:ae:94:33:7d:5b:02:28:57:06:34:91
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7c824b20b3317bb8c89bea4f0f34d0942d1d714e
        Validity
            Not Before: Aug  6 20:00:50 2025 GMT
            Not After : Aug  7 20:00:50 2025 GMT
        Subject: CN=912ae775a6de51b4f0ce1fc36b23aa1d7696b47a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f9:12:5c:5d:c4:dc:dd:67:60:94:88:84:76:f1:
                    3d:84:c7:f4:4b:14:77:a7:d2:30:7b:24:0c:38:79:
                    34:3b:46:4e:16:59:6b:a8:1d:43:12:ba:b0:7c:71:
                    2f:db:14:42:18:c2:5b:69:21:33:3d:9a:e6:ce:f4:
                    4b:61:55:ba:dc:07:cb:f0:9b:7f:03:b8:47:48:15:
                    c3:9e:9a:8a:67:5b:46:92:c5:d5:5a:c6:a8:45:6f:
                    42:6c:63:45:fb:6f:3b:65:9a:24:08:cf:df:b4:a1:
                    fa:bb:5e:f3:05:45:f6:d8:35:ca:8a:cc:ae:5b:78:
                    52:70:a5:92:6a:85:40:c6:cd:12:26:3d:f1:5e:3c:
                    4a:cb:15:57:2b:13:19:b8:6a:74:26:08:e3:b5:aa:
                    a3:86:9b:71:05:e6:51:af:01:9b:02:0b:9f:1f:65:
                    a6:73:24:88:85:86:75:84:59:6f:3b:8c:e4:94:f3:
                    70:ba:99:27:74:89:4e:8b:b7:3c:bf:e1:69:dc:8d:
                    1f:a9:dd:14:9a:f1:f0:a2:72:10:76:11:99:5f:7e:
                    92:36:08:47:ba:1f:d4:1b:62:f4:79:86:a9:f4:ce:
                    3e:07:01:cf:6f:8c:22:75:db:79:30:c6:cf:71:66:
                    40:8c:c1:43:29:73:51:a0:b6:5f:af:6b:6a:4b:67:
                    30:61
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                91:2A:E7:75:A6:DE:51:B4:F0:CE:1F:C3:6B:23:AA:1D:76:96:B4:7A
            X509v3 Authority Key Identifier:
                keyid:7C:82:4B:20:B3:31:7B:B8:C8:9B:EA:4F:0F:34:D0:94:2D:1D:71:4E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fIJLILMxe7jIm-pPDzTQlC0dcU4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/382fdf-b73c-4979-86c5-ed4498115033/1/fIJLILMxe7jIm-pPDzTQlC0dcU4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/05/382fdf-b73c-4979-86c5-ed4498115033/1/fIJLILMxe7jIm-pPDzTQlC0dcU4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         60:2f:bb:05:23:48:fa:7c:34:cf:1b:3c:c7:2a:e0:e0:56:ba:
         b0:e0:2a:49:b8:ea:ef:c2:d7:a7:b6:97:bb:99:f4:50:2c:19:
         a1:56:b8:46:93:49:34:13:56:78:2c:0c:5b:98:ec:05:23:dd:
         a9:94:ef:b9:ce:8b:54:b8:8f:14:e3:8f:5f:bb:c8:5f:46:dd:
         33:d4:5e:3f:60:cb:1f:14:46:f4:a1:47:f8:28:29:20:85:d9:
         3f:b9:6c:3e:bc:d4:76:84:81:fd:90:ab:91:93:04:a1:c1:80:
         e8:1e:5f:98:f2:1d:cc:44:36:6e:c9:30:03:80:79:dc:17:22:
         12:c3:cf:34:17:f6:29:65:30:8d:49:8c:b2:9a:04:16:0b:96:
         a0:ad:4e:de:a6:3a:df:07:35:40:10:a8:ad:c9:20:3a:32:f9:
         78:bb:0e:bb:6a:c5:67:90:27:bb:69:4b:36:fe:88:44:a8:55:
         87:7f:fb:3a:c2:54:d2:52:e3:1e:c2:22:41:35:e7:12:16:58:
         0f:18:8b:62:1e:ec:98:ce:f9:88:4b:3d:06:56:5d:23:55:9f:
         7a:cc:4c:3b:60:27:a5:00:42:1e:a5:0d:e4:b7:70:39:22:3b:
         ba:8d:8a:35:b7:b5:d9:58:d8:e8:44:8d:d6:69:63:1c:6e:89:
         d5:cc:8f:d0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZiA+OA5Bq6UM31bAihXBjSRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdjODI0YjIwYjMzMTdiYjhjODliZWE0ZjBmMzRkMDk0MmQx
ZDcxNGUwHhcNMjUwODA2MjAwMDUwWhcNMjUwODA3MjAwMDUwWjAzMTEwLwYDVQQD
Eyg5MTJhZTc3NWE2ZGU1MWI0ZjBjZTFmYzM2YjIzYWExZDc2OTZiNDdhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+RJcXcTc3WdglIiEdvE9hMf0SxR3
p9IweyQMOHk0O0ZOFllrqB1DErqwfHEv2xRCGMJbaSEzPZrmzvRLYVW63AfL8Jt/
A7hHSBXDnpqKZ1tGksXVWsaoRW9CbGNF+287ZZokCM/ftKH6u17zBUX22DXKisyu
W3hScKWSaoVAxs0SJj3xXjxKyxVXKxMZuGp0JgjjtaqjhptxBeZRrwGbAgufH2Wm
cySIhYZ1hFlvO4zklPNwupkndIlOi7c8v+Fp3I0fqd0UmvHwonIQdhGZX36SNghH
uh/UG2L0eYap9M4+BwHPb4widdt5MMbPcWZAjMFDKXNRoLZfr2tqS2cwYQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJEq53Wm3lG08M4fw2sjqh12lrR6MB8GA1UdIwQY
MBaAFHyCSyCzMXu4yJvqTw800JQtHXFOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZklKTElMTXhlN2pJbS1wUER6VFFsQzBkY1U0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNS8zODJmZGYtYjczYy00OTc5LTg2YzUt
ZWQ0NDk4MTE1MDMzLzEvZklKTElMTXhlN2pJbS1wUER6VFFsQzBkY1U0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNS8zODJmZGYtYjczYy00OTc5LTg2YzUtZWQ0NDk4MTE1MDMz
LzEvZklKTElMTXhlN2pJbS1wUER6VFFsQzBkY1U0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYC+7BSNI
+nw0zxs8xyrg4Fa6sOAqSbjq78LXp7aXu5n0UCwZoVa4RpNJNBNWeCwMW5jsBSPd
qZTvuc6LVLiPFOOPX7vIX0bdM9ReP2DLHxRG9KFH+CgpIIXZP7lsPrzUdoSB/ZCr
kZMEocGA6B5fmPIdzEQ2bskwA4B53BciEsPPNBf2KWUwjUmMspoEFguWoK1O3qY6
3wc1QBCorckgOjL5eLsOu2rFZ5Anu2lLNv6IRKhVh3/7OsJU0lLjHsIiQTXnEhZY
DxiLYh7smM75iEs9BlZdI1WfesxMO2AnpQBCHqUN5LdwOSI7uo2KNbe12VjY6ESN
1mljHG6J1cyP0A==
-----END CERTIFICATE-----
Generated at Thu Aug 7 03:22:29 2025 by rpki-client