Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/05/89f845-5765-4c11-92cd-8472ca40f7a7/1/I9FK_odQITwoDltovvsYhm95SX8.mft
File:                     I9FK_odQITwoDltovvsYhm95SX8.mft (raw, json)
Hash identifier:          NVmFbIg75Yzl99EKMguqr6uMIeXHG1kAFAtQBxEIwnM=
Subject key identifier:   2D:EC:6D:60:8D:78:4D:8A:0F:56:11:B3:EE:45:ED:1C:31:E6:0A:17
Authority key identifier: 23:D1:4A:FE:87:50:21:3C:28:0E:5B:68:BE:FB:18:86:6F:79:49:7F
Certificate issuer:       /CN=23d14afe8750213c280e5b68befb18866f79497f
Certificate serial:       019885459ADC56C4A75A4FE4133DD536E397
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/I9FK_odQITwoDltovvsYhm95SX8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/05/89f845-5765-4c11-92cd-8472ca40f7a7/1/I9FK_odQITwoDltovvsYhm95SX8.mft
Manifest number:          02A1
Signing time:             Thu 07 Aug 2025 16:03:07 +0000
Manifest this update:     Thu 07 Aug 2025 16:03:07 +0000
Manifest next update:     Fri 08 Aug 2025 16:03:07 +0000
Files and hashes:         1: I9FK_odQITwoDltovvsYhm95SX8.crl (hash: ZCQgsmTK89QUcGFLdS0SdlRkfN4LOSGf0iObklwgh+k=)
                          2: bfd_WpvacXpVJP__dq6vej5IyyY.roa (hash: /B+pNt8vIwVV5x8COrKPeKukz7hh0c0T1g3kvtIg6Z0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/05/89f845-5765-4c11-92cd-8472ca40f7a7/1/I9FK_odQITwoDltovvsYhm95SX8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/05/89f845-5765-4c11-92cd-8472ca40f7a7/1/I9FK_odQITwoDltovvsYhm95SX8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/I9FK_odQITwoDltovvsYhm95SX8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 08 Aug 2025 16:03:07 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:85:45:9a:dc:56:c4:a7:5a:4f:e4:13:3d:d5:36:e3:97
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=23d14afe8750213c280e5b68befb18866f79497f
        Validity
            Not Before: Aug  7 16:03:07 2025 GMT
            Not After : Aug  8 16:03:07 2025 GMT
        Subject: CN=2dec6d608d784d8a0f5611b3ee45ed1c31e60a17
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:f1:0a:ab:97:d8:ea:7c:aa:06:a0:ee:e6:4e:
                    12:ad:3d:73:08:97:14:2e:06:e3:5f:5f:4f:6f:a4:
                    a0:c1:c9:b7:7c:1d:62:e7:d0:d4:b8:dc:98:f7:1b:
                    33:37:73:df:6a:7e:96:ba:55:e1:fa:51:01:e0:fb:
                    19:0f:aa:5d:01:0e:5b:c7:9d:77:40:81:73:23:1e:
                    87:60:06:ce:4f:58:d7:f7:51:db:c9:c1:a3:85:bc:
                    b1:98:4c:81:93:94:9e:b3:7b:6c:ab:ed:db:e4:f8:
                    c2:a7:bb:ba:ec:ae:91:bf:53:d9:d7:fe:8e:6b:82:
                    27:b6:74:40:1e:5d:9d:28:08:95:d4:33:9e:e5:eb:
                    e5:68:04:04:f1:ff:2c:ac:d0:7b:a0:1c:2e:56:e0:
                    ee:86:fe:d9:74:a4:60:de:0f:58:f2:75:a0:bf:80:
                    52:cd:13:2a:33:c2:97:27:69:30:dd:b4:d2:cd:02:
                    aa:c3:40:54:ae:b1:46:4b:d2:1c:be:ea:5b:ef:a6:
                    ff:e4:fd:17:9b:dd:c4:3b:2c:b8:59:f5:2d:dd:f6:
                    08:ae:5c:45:8b:33:a8:65:06:a9:ec:2c:a5:fc:bf:
                    03:64:b9:87:fe:b2:29:b2:ea:94:df:04:32:25:e3:
                    76:3a:ca:5b:79:89:3c:8c:ae:d6:b9:ce:2a:be:be:
                    9d:6b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2D:EC:6D:60:8D:78:4D:8A:0F:56:11:B3:EE:45:ED:1C:31:E6:0A:17
            X509v3 Authority Key Identifier:
                keyid:23:D1:4A:FE:87:50:21:3C:28:0E:5B:68:BE:FB:18:86:6F:79:49:7F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/I9FK_odQITwoDltovvsYhm95SX8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/89f845-5765-4c11-92cd-8472ca40f7a7/1/I9FK_odQITwoDltovvsYhm95SX8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/05/89f845-5765-4c11-92cd-8472ca40f7a7/1/I9FK_odQITwoDltovvsYhm95SX8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         48:4a:33:1d:01:c3:74:8f:40:cc:c5:29:42:60:f8:bd:84:9f:
         44:db:fc:d4:63:06:13:64:f1:3c:63:22:b2:72:35:c4:38:0c:
         a8:cb:10:12:5b:bc:70:88:95:fe:0b:91:23:8c:cf:b8:b7:45:
         ca:88:45:cc:2b:a2:7b:f5:9a:d5:60:53:c9:4c:c1:fc:1c:29:
         ff:4a:27:86:c3:e3:9a:3a:39:e1:a8:23:20:7f:70:07:96:ba:
         5c:5e:99:f4:a4:0c:76:e8:29:69:6b:4b:4b:93:7c:65:d7:a7:
         a1:a4:ed:d3:3e:30:84:52:3c:2e:53:86:28:0e:53:4a:98:3e:
         e6:f3:09:d1:c1:de:0c:a2:3d:71:e5:90:7d:04:4a:98:56:f9:
         9a:0b:22:85:bf:1c:32:55:34:26:05:b5:39:dd:25:fd:54:1c:
         29:9d:57:f6:db:78:46:60:71:30:df:56:6c:6e:85:32:dd:f0:
         0a:7c:d9:39:f5:e1:56:fb:57:82:35:62:7a:bb:8c:ff:08:ce:
         ce:a3:31:c3:3c:ed:ac:8a:05:6f:9c:8f:a5:4d:c2:79:2b:13:
         cd:a4:64:a8:a1:98:4e:ff:cc:08:13:6a:6b:71:08:42:e5:8e:
         f6:e8:a8:53:68:87:c2:81:e5:65:cf:17:10:68:16:6c:4e:5a:
         f6:68:ac:e8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZiFRZrcVsSnWk/kEz3VNuOXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIzZDE0YWZlODc1MDIxM2MyODBlNWI2OGJlZmIxODg2NmY3
OTQ5N2YwHhcNMjUwODA3MTYwMzA3WhcNMjUwODA4MTYwMzA3WjAzMTEwLwYDVQQD
EygyZGVjNmQ2MDhkNzg0ZDhhMGY1NjExYjNlZTQ1ZWQxYzMxZTYwYTE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsPEKq5fY6nyqBqDu5k4SrT1zCJcU
LgbjX19Pb6Sgwcm3fB1i59DUuNyY9xszN3Pfan6WulXh+lEB4PsZD6pdAQ5bx513
QIFzIx6HYAbOT1jX91HbycGjhbyxmEyBk5Ses3tsq+3b5PjCp7u67K6Rv1PZ1/6O
a4IntnRAHl2dKAiV1DOe5evlaAQE8f8srNB7oBwuVuDuhv7ZdKRg3g9Y8nWgv4BS
zRMqM8KXJ2kw3bTSzQKqw0BUrrFGS9Icvupb76b/5P0Xm93EOyy4WfUt3fYIrlxF
izOoZQap7Cyl/L8DZLmH/rIpsuqU3wQyJeN2OspbeYk8jK7Wuc4qvr6dawIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFC3sbWCNeE2KD1YRs+5F7Rwx5goXMB8GA1UdIwQY
MBaAFCPRSv6HUCE8KA5baL77GIZveUl/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSTlGS19vZFFJVHdvRGx0b3Z2c1lobTk1U1g4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNS84OWY4NDUtNTc2NS00YzExLTkyY2Qt
ODQ3MmNhNDBmN2E3LzEvSTlGS19vZFFJVHdvRGx0b3Z2c1lobTk1U1g4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNS84OWY4NDUtNTc2NS00YzExLTkyY2QtODQ3MmNhNDBmN2E3
LzEvSTlGS19vZFFJVHdvRGx0b3Z2c1lobTk1U1g4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEASEozHQHD
dI9AzMUpQmD4vYSfRNv81GMGE2TxPGMisnI1xDgMqMsQElu8cIiV/guRI4zPuLdF
yohFzCuie/Wa1WBTyUzB/Bwp/0onhsPjmjo54agjIH9wB5a6XF6Z9KQMdugpaWtL
S5N8ZdenoaTt0z4whFI8LlOGKA5TSpg+5vMJ0cHeDKI9ceWQfQRKmFb5mgsihb8c
MlU0JgW1Od0l/VQcKZ1X9tt4RmBxMN9WbG6FMt3wCnzZOfXhVvtXgjVieruM/wjO
zqMxwzztrIoFb5yPpU3CeSsTzaRkqKGYTv/MCBNqa3EIQuWO9uioU2iHwoHlZc8X
EGgWbE5a9mis6A==
-----END CERTIFICATE-----
Generated at Thu Aug 7 20:18:05 2025 by rpki-client