Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/06/ae5e6c-c70f-40f2-890d-575cf5d335e4/1/bgC7pk9Ra41jNaAc8wS4It7hrtA.mft
File:                     bgC7pk9Ra41jNaAc8wS4It7hrtA.mft (raw, json)
Hash identifier:          2SoNyjWAP2EVAyE67bKEfFG7q/TYXKcsDKC+3RapKKQ=
Subject key identifier:   A4:28:0D:30:16:84:F4:ED:86:6F:91:11:3B:BE:BE:23:40:6E:1C:2C
Authority key identifier: 6E:00:BB:A6:4F:51:6B:8D:63:35:A0:1C:F3:04:B8:22:DE:E1:AE:D0
Certificate issuer:       /CN=6e00bba64f516b8d6335a01cf304b822dee1aed0
Certificate serial:       01989780C30CB9A2F080AA3695F0CA0805ED
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/bgC7pk9Ra41jNaAc8wS4It7hrtA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/06/ae5e6c-c70f-40f2-890d-575cf5d335e4/1/bgC7pk9Ra41jNaAc8wS4It7hrtA.mft
Manifest number:          1627
Signing time:             Mon 11 Aug 2025 05:00:54 +0000
Manifest this update:     Mon 11 Aug 2025 05:00:54 +0000
Manifest next update:     Tue 12 Aug 2025 05:00:54 +0000
Files and hashes:         1: bgC7pk9Ra41jNaAc8wS4It7hrtA.crl (hash: xt5A+z6H1JS2R2UWwvVUAakMkntaWGVUrZNojPzxHQU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/06/ae5e6c-c70f-40f2-890d-575cf5d335e4/1/bgC7pk9Ra41jNaAc8wS4It7hrtA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/06/ae5e6c-c70f-40f2-890d-575cf5d335e4/1/bgC7pk9Ra41jNaAc8wS4It7hrtA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/bgC7pk9Ra41jNaAc8wS4It7hrtA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 12 Aug 2025 05:00:54 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:97:80:c3:0c:b9:a2:f0:80:aa:36:95:f0:ca:08:05:ed
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6e00bba64f516b8d6335a01cf304b822dee1aed0
        Validity
            Not Before: Aug 11 05:00:54 2025 GMT
            Not After : Aug 12 05:00:54 2025 GMT
        Subject: CN=a4280d301684f4ed866f91113bbebe23406e1c2c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ea:86:6d:51:76:6f:02:64:22:cf:7d:f0:79:d1:
                    bd:fb:ca:78:1b:2d:34:79:66:52:31:30:f7:89:0c:
                    d1:49:05:47:98:e4:79:2b:19:60:e0:60:cc:6e:a5:
                    59:2c:ae:df:11:77:8e:52:51:58:56:7f:cd:e0:17:
                    aa:29:55:d0:01:d2:26:15:05:53:73:87:d1:5a:06:
                    b1:a9:41:8d:44:11:7f:04:16:c4:16:da:3f:d8:b2:
                    59:60:e5:14:4f:4b:cc:c1:86:52:3c:34:6e:53:58:
                    49:62:91:29:92:27:3b:28:81:23:68:ab:93:a9:b6:
                    a2:26:3e:fa:fc:3d:fe:c7:b5:a7:9c:50:0d:ab:87:
                    6f:79:23:f3:7c:a0:86:42:e1:35:66:ee:33:31:a3:
                    72:b7:e7:4e:82:8a:0d:5c:ec:92:7c:94:db:8f:8e:
                    b4:b9:a8:ed:a6:72:6b:5a:be:4d:06:c1:a7:99:59:
                    f0:c8:40:44:a0:01:1c:94:67:f2:05:f0:ca:f5:a0:
                    f3:ad:ce:db:cf:87:5e:29:93:4f:30:9c:5f:91:ac:
                    1a:3e:a9:0f:cb:7e:ad:98:b2:94:90:a7:32:74:57:
                    7b:c9:1e:cc:c3:9d:27:fd:ad:74:53:df:1e:4f:13:
                    cf:7c:a3:b4:0d:44:b0:87:bf:3f:1d:f2:a8:9f:b9:
                    ec:3f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A4:28:0D:30:16:84:F4:ED:86:6F:91:11:3B:BE:BE:23:40:6E:1C:2C
            X509v3 Authority Key Identifier:
                keyid:6E:00:BB:A6:4F:51:6B:8D:63:35:A0:1C:F3:04:B8:22:DE:E1:AE:D0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bgC7pk9Ra41jNaAc8wS4It7hrtA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/06/ae5e6c-c70f-40f2-890d-575cf5d335e4/1/bgC7pk9Ra41jNaAc8wS4It7hrtA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/06/ae5e6c-c70f-40f2-890d-575cf5d335e4/1/bgC7pk9Ra41jNaAc8wS4It7hrtA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         45:a8:3e:f5:e5:ae:cb:3c:9b:57:ac:23:49:4f:be:37:57:58:
         e9:e2:d4:e7:a5:88:9e:99:32:a3:c2:a3:2e:42:5b:e0:08:d6:
         a9:14:8d:0d:19:2e:29:d1:55:10:8c:86:8f:79:c2:94:ed:83:
         ff:83:ab:02:26:3e:c5:84:8f:5e:f7:02:30:30:bd:3c:fb:04:
         c0:ff:90:c7:94:a7:9f:7b:7e:fd:c0:3a:5f:df:54:00:81:ee:
         ba:32:c4:47:5e:de:1f:c9:fe:38:32:50:bc:a1:bc:27:1d:8f:
         1a:a5:e3:90:bb:fe:13:37:d0:12:68:df:1f:a0:0f:df:ad:38:
         e8:c6:f6:46:cc:32:7e:d1:8d:21:13:ed:10:1a:f8:38:c2:61:
         e7:b3:4c:b2:ca:4a:14:b5:ac:59:98:38:b5:8e:a2:a4:51:47:
         be:f9:24:ff:19:b8:e0:b2:92:3b:75:40:87:d2:a9:4a:e2:37:
         3d:bb:56:ad:ed:fd:5a:4b:e5:44:1f:c4:3a:40:80:58:34:b3:
         12:19:cc:a9:1d:b2:bb:fd:8e:2d:35:88:7c:c6:52:eb:36:a9:
         cc:22:f1:51:b9:c0:d8:07:65:d1:0b:e9:dd:3e:b2:51:22:76:
         26:91:be:9e:0c:e1:58:21:d7:9f:39:d0:64:6f:58:a6:3e:d0:
         80:20:93:19
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZiXgMMMuaLwgKo2lfDKCAXtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlMDBiYmE2NGY1MTZiOGQ2MzM1YTAxY2YzMDRiODIyZGVl
MWFlZDAwHhcNMjUwODExMDUwMDU0WhcNMjUwODEyMDUwMDU0WjAzMTEwLwYDVQQD
EyhhNDI4MGQzMDE2ODRmNGVkODY2ZjkxMTEzYmJlYmUyMzQwNmUxYzJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6oZtUXZvAmQiz33wedG9+8p4Gy00
eWZSMTD3iQzRSQVHmOR5Kxlg4GDMbqVZLK7fEXeOUlFYVn/N4BeqKVXQAdImFQVT
c4fRWgaxqUGNRBF/BBbEFto/2LJZYOUUT0vMwYZSPDRuU1hJYpEpkic7KIEjaKuT
qbaiJj76/D3+x7WnnFANq4dveSPzfKCGQuE1Zu4zMaNyt+dOgooNXOySfJTbj460
uajtpnJrWr5NBsGnmVnwyEBEoAEclGfyBfDK9aDzrc7bz4deKZNPMJxfkawaPqkP
y36tmLKUkKcydFd7yR7Mw50n/a10U98eTxPPfKO0DUSwh78/HfKon7nsPwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKQoDTAWhPTthm+RETu+viNAbhwsMB8GA1UdIwQY
MBaAFG4Au6ZPUWuNYzWgHPMEuCLe4a7QMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYmdDN3BrOVJhNDFqTmFBYzh3UzRJdDdocnRBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNi9hZTVlNmMtYzcwZi00MGYyLTg5MGQt
NTc1Y2Y1ZDMzNWU0LzEvYmdDN3BrOVJhNDFqTmFBYzh3UzRJdDdocnRBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNi9hZTVlNmMtYzcwZi00MGYyLTg5MGQtNTc1Y2Y1ZDMzNWU0
LzEvYmdDN3BrOVJhNDFqTmFBYzh3UzRJdDdocnRBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEARag+9eWu
yzybV6wjSU++N1dY6eLU56WInpkyo8KjLkJb4AjWqRSNDRkuKdFVEIyGj3nClO2D
/4OrAiY+xYSPXvcCMDC9PPsEwP+Qx5Snn3t+/cA6X99UAIHuujLER17eH8n+ODJQ
vKG8Jx2PGqXjkLv+EzfQEmjfH6AP36046Mb2RswyftGNIRPtEBr4OMJh57NMsspK
FLWsWZg4tY6ipFFHvvkk/xm44LKSO3VAh9KpSuI3PbtWre39WkvlRB/EOkCAWDSz
EhnMqR2yu/2OLTWIfMZS6zapzCLxUbnA2Adl0Qvp3T6yUSJ2JpG+ngzhWCHXnznQ
ZG9Ypj7QgCCTGQ==
-----END CERTIFICATE-----
Generated at Mon Aug 11 14:42:40 2025 by rpki-client