Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/ea2c50-afca-40b1-9381-7decf1e47865/1/APkIwDKKjpc_pArFL8M359PE_tA.mft
File:                     APkIwDKKjpc_pArFL8M359PE_tA.mft (raw, json)
Hash identifier:          RvSByw4epyoYuCW3hchT7cxK5Q9ATBazWpsCu38GAic=
Subject key identifier:   C6:02:AD:E2:04:3D:74:E9:24:4F:7B:35:B1:96:C9:C6:D2:9C:EB:67
Authority key identifier: 00:F9:08:C0:32:8A:8E:97:3F:A4:0A:C5:2F:C3:37:E7:D3:C4:FE:D0
Certificate issuer:       /CN=00f908c0328a8e973fa40ac52fc337e7d3c4fed0
Certificate serial:       01988B0EB5A0D984F0639A07D10CB1E15D37
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/APkIwDKKjpc_pArFL8M359PE_tA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/09/ea2c50-afca-40b1-9381-7decf1e47865/1/APkIwDKKjpc_pArFL8M359PE_tA.mft
Manifest number:          161F
Signing time:             Fri 08 Aug 2025 19:00:53 +0000
Manifest this update:     Fri 08 Aug 2025 19:00:53 +0000
Manifest next update:     Sat 09 Aug 2025 19:00:53 +0000
Files and hashes:         1: APkIwDKKjpc_pArFL8M359PE_tA.crl (hash: NuvY0huz/LkErFY83vgEoF9BwlyGhEE45ezzhPFbZ+g=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/09/ea2c50-afca-40b1-9381-7decf1e47865/1/APkIwDKKjpc_pArFL8M359PE_tA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/09/ea2c50-afca-40b1-9381-7decf1e47865/1/APkIwDKKjpc_pArFL8M359PE_tA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/APkIwDKKjpc_pArFL8M359PE_tA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 09 Aug 2025 19:00:53 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:8b:0e:b5:a0:d9:84:f0:63:9a:07:d1:0c:b1:e1:5d:37
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=00f908c0328a8e973fa40ac52fc337e7d3c4fed0
        Validity
            Not Before: Aug  8 19:00:53 2025 GMT
            Not After : Aug  9 19:00:53 2025 GMT
        Subject: CN=c602ade2043d74e9244f7b35b196c9c6d29ceb67
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:4e:78:8f:5a:4a:45:73:bc:12:48:78:c9:2a:
                    87:64:ec:ef:26:33:0f:f0:65:44:f9:bd:4f:11:67:
                    d1:ae:2c:f0:ff:fc:6f:d6:0e:fb:2d:8d:94:79:b9:
                    7c:e5:38:2f:15:db:5b:65:ef:61:5c:4b:7e:da:63:
                    e3:bb:7f:35:49:10:e9:ca:76:ef:2b:1b:08:9a:6a:
                    4d:60:db:4e:ea:aa:02:08:37:0d:18:4a:b0:be:43:
                    ad:a8:0d:92:74:d1:34:1b:66:36:5d:55:02:8e:41:
                    68:2d:67:80:79:b6:12:ca:bc:91:24:8d:8e:a5:45:
                    eb:5c:a4:92:e2:55:0d:84:7d:80:8b:77:fe:1b:19:
                    0e:4d:91:a0:7f:54:44:de:af:fc:8d:c8:67:f7:c3:
                    ed:f7:2b:81:eb:a8:aa:9e:00:10:a2:a6:9d:a9:c3:
                    3c:fd:78:70:c5:d1:24:c9:c2:3d:3b:11:13:fc:6f:
                    e1:e6:bd:c8:48:1e:82:38:70:60:c5:66:5e:09:10:
                    af:fd:55:d7:15:68:64:86:82:2f:87:1f:58:00:70:
                    54:1e:4c:e1:53:59:ab:f0:e6:eb:20:b1:5e:5a:92:
                    1f:2d:7c:21:13:94:de:a8:45:92:7d:aa:a2:98:d3:
                    fa:8b:7b:b8:84:5a:3b:85:fe:ba:d5:ec:9a:4f:2b:
                    26:dd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C6:02:AD:E2:04:3D:74:E9:24:4F:7B:35:B1:96:C9:C6:D2:9C:EB:67
            X509v3 Authority Key Identifier:
                keyid:00:F9:08:C0:32:8A:8E:97:3F:A4:0A:C5:2F:C3:37:E7:D3:C4:FE:D0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/APkIwDKKjpc_pArFL8M359PE_tA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/ea2c50-afca-40b1-9381-7decf1e47865/1/APkIwDKKjpc_pArFL8M359PE_tA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/09/ea2c50-afca-40b1-9381-7decf1e47865/1/APkIwDKKjpc_pArFL8M359PE_tA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         b3:ee:b0:4d:62:e0:57:94:a2:ec:47:0e:27:bd:3d:e7:4f:6e:
         63:a1:20:9c:72:c2:16:37:dc:f7:18:04:5a:71:2d:15:f3:87:
         1a:1b:0e:86:77:fb:26:52:53:87:f5:37:c2:7f:0f:ed:ad:52:
         8a:98:e6:83:dd:c7:47:6f:bf:ef:13:40:22:4b:02:f1:05:88:
         85:e6:fc:5b:72:3f:f9:ec:f3:ac:e2:20:68:63:36:a3:93:d6:
         c3:a4:22:0a:88:2d:e4:53:26:df:ed:23:28:5d:44:7e:3a:8f:
         04:1a:08:7e:81:7a:5a:ad:a5:03:31:50:65:87:16:de:9a:56:
         67:6e:4b:6e:a1:18:c7:e0:88:a9:10:fb:95:72:99:b9:a5:ea:
         18:46:dc:fe:6f:7b:95:5a:e8:b9:38:4d:bd:89:78:47:c7:b8:
         87:d4:1d:35:9f:f6:dc:79:6a:90:9c:ed:94:ca:b5:95:30:9c:
         ff:06:a3:53:15:69:09:9f:91:79:a7:cd:44:54:6b:09:ed:eb:
         09:4a:a5:6e:3e:8c:1a:b2:fd:3b:e3:58:44:1e:f7:f3:69:b4:
         c1:bd:1a:1a:57:8a:16:53:68:be:f9:7c:21:38:cf:37:99:6f:
         08:21:7f:3a:dd:55:97:c5:67:e3:e8:25:2d:e5:71:8b:5f:f2:
         49:57:12:e7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZiLDrWg2YTwY5oH0Qyx4V03MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAwZjkwOGMwMzI4YThlOTczZmE0MGFjNTJmYzMzN2U3ZDNj
NGZlZDAwHhcNMjUwODA4MTkwMDUzWhcNMjUwODA5MTkwMDUzWjAzMTEwLwYDVQQD
EyhjNjAyYWRlMjA0M2Q3NGU5MjQ0ZjdiMzViMTk2YzljNmQyOWNlYjY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqk54j1pKRXO8Ekh4ySqHZOzvJjMP
8GVE+b1PEWfRrizw//xv1g77LY2Uebl85TgvFdtbZe9hXEt+2mPju381SRDpynbv
KxsImmpNYNtO6qoCCDcNGEqwvkOtqA2SdNE0G2Y2XVUCjkFoLWeAebYSyryRJI2O
pUXrXKSS4lUNhH2Ai3f+GxkOTZGgf1RE3q/8jchn98Pt9yuB66iqngAQoqadqcM8
/XhwxdEkycI9OxET/G/h5r3ISB6COHBgxWZeCRCv/VXXFWhkhoIvhx9YAHBUHkzh
U1mr8ObrILFeWpIfLXwhE5TeqEWSfaqimNP6i3u4hFo7hf661eyaTysm3QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMYCreIEPXTpJE97NbGWycbSnOtnMB8GA1UdIwQY
MBaAFAD5CMAyio6XP6QKxS/DN+fTxP7QMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQVBrSXdES0tqcGNfcEFyRkw4TTM1OVBFX3RBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS9lYTJjNTAtYWZjYS00MGIxLTkzODEt
N2RlY2YxZTQ3ODY1LzEvQVBrSXdES0tqcGNfcEFyRkw4TTM1OVBFX3RBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS9lYTJjNTAtYWZjYS00MGIxLTkzODEtN2RlY2YxZTQ3ODY1
LzEvQVBrSXdES0tqcGNfcEFyRkw4TTM1OVBFX3RBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAs+6wTWLg
V5Si7EcOJ709509uY6EgnHLCFjfc9xgEWnEtFfOHGhsOhnf7JlJTh/U3wn8P7a1S
ipjmg93HR2+/7xNAIksC8QWIheb8W3I/+ezzrOIgaGM2o5PWw6QiCogt5FMm3+0j
KF1EfjqPBBoIfoF6Wq2lAzFQZYcW3ppWZ25LbqEYx+CIqRD7lXKZuaXqGEbc/m97
lVrouThNvYl4R8e4h9QdNZ/23HlqkJztlMq1lTCc/wajUxVpCZ+ReafNRFRrCe3r
CUqlbj6MGrL9O+NYRB7382m0wb0aGleKFlNovvl8ITjPN5lvCCF/Ot1Vl8Vn4+gl
LeVxi1/ySVcS5w==
-----END CERTIFICATE-----
Generated at Sat Aug 9 01:05:42 2025 by rpki-client