Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/929d07-7e3b-4c9a-af91-e212fd43897a/1/IujBtA7lecGDeWRV9Aklc9mVodI.mft
File:                     IujBtA7lecGDeWRV9Aklc9mVodI.mft (raw, json)
Hash identifier:          m/p+vBVClX5um7LmcXVtqKGZXamosZ4gA5Prgd4L8bA=
Subject key identifier:   2A:82:C5:03:67:69:BA:D6:46:8C:F7:2D:23:97:17:35:9B:2B:A5:F7
Authority key identifier: 22:E8:C1:B4:0E:E5:79:C1:83:79:64:55:F4:09:25:73:D9:95:A1:D2
Certificate issuer:       /CN=22e8c1b40ee579c183796455f4092573d995a1d2
Certificate serial:       01988B0ECE081A24EF2EAE5C2188CE438B4E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IujBtA7lecGDeWRV9Aklc9mVodI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/14/929d07-7e3b-4c9a-af91-e212fd43897a/1/IujBtA7lecGDeWRV9Aklc9mVodI.mft
Manifest number:          0A85
Signing time:             Fri 08 Aug 2025 19:00:59 +0000
Manifest this update:     Fri 08 Aug 2025 19:00:59 +0000
Manifest next update:     Sat 09 Aug 2025 19:00:59 +0000
Files and hashes:         1: IujBtA7lecGDeWRV9Aklc9mVodI.crl (hash: EiqJqGZ4gE6G+u2mOtoWa8xHMVE/pIZ4pfGCSlxUHjM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/14/929d07-7e3b-4c9a-af91-e212fd43897a/1/IujBtA7lecGDeWRV9Aklc9mVodI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/14/929d07-7e3b-4c9a-af91-e212fd43897a/1/IujBtA7lecGDeWRV9Aklc9mVodI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/IujBtA7lecGDeWRV9Aklc9mVodI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 09 Aug 2025 19:00:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:8b:0e:ce:08:1a:24:ef:2e:ae:5c:21:88:ce:43:8b:4e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=22e8c1b40ee579c183796455f4092573d995a1d2
        Validity
            Not Before: Aug  8 19:00:59 2025 GMT
            Not After : Aug  9 19:00:59 2025 GMT
        Subject: CN=2a82c5036769bad6468cf72d239717359b2ba5f7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c2:b2:b7:ae:1d:71:30:61:e5:bf:e3:af:b6:81:
                    a3:f0:16:3c:c2:c0:c9:06:96:52:1a:58:05:e8:e6:
                    02:33:09:d1:06:b0:31:21:93:bd:e1:e2:8f:37:5a:
                    75:b8:93:a6:60:8c:e0:8c:ce:53:fd:c4:b0:a0:bc:
                    b3:76:e4:cc:23:d0:3c:7d:e7:2d:4c:c8:49:d2:36:
                    3b:a7:ae:69:d3:e0:9a:06:21:7b:70:a6:f9:f7:b6:
                    9a:0d:85:24:2d:00:58:57:f6:3a:49:13:bf:38:20:
                    b2:77:1b:19:82:59:f2:07:5c:8d:9c:c4:03:2f:b7:
                    73:70:09:02:0f:13:8a:62:71:2b:72:96:c7:d7:9d:
                    6f:06:8d:61:7f:73:f2:e0:3b:26:cc:09:64:86:27:
                    51:48:5b:87:4d:db:bf:8a:07:61:21:4e:ce:b1:2c:
                    9b:21:6a:c0:15:de:b2:72:45:75:da:1a:22:ba:4d:
                    26:ba:4c:5c:3c:5a:bc:7e:1d:d2:e6:8f:89:07:c4:
                    83:d2:da:0e:ed:da:b4:8c:63:06:31:37:23:e1:01:
                    89:89:c7:20:e0:d2:16:65:a4:61:d5:54:53:fe:eb:
                    bf:8b:ed:29:e3:04:4c:ad:ee:78:63:15:1b:0c:a8:
                    be:e5:98:d8:3b:05:3f:57:b0:15:c9:73:b2:4d:d5:
                    3f:6d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2A:82:C5:03:67:69:BA:D6:46:8C:F7:2D:23:97:17:35:9B:2B:A5:F7
            X509v3 Authority Key Identifier:
                keyid:22:E8:C1:B4:0E:E5:79:C1:83:79:64:55:F4:09:25:73:D9:95:A1:D2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IujBtA7lecGDeWRV9Aklc9mVodI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/929d07-7e3b-4c9a-af91-e212fd43897a/1/IujBtA7lecGDeWRV9Aklc9mVodI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/14/929d07-7e3b-4c9a-af91-e212fd43897a/1/IujBtA7lecGDeWRV9Aklc9mVodI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3c:b1:09:2d:50:46:d8:2d:f9:71:26:39:8b:16:b9:01:33:b0:
         38:e9:cd:4e:d6:69:9c:3d:6f:1d:89:dd:02:e8:b6:ac:f2:6d:
         83:1f:dd:3c:9e:ed:be:1a:d1:37:36:d6:3a:19:b5:ac:73:46:
         3e:74:1e:1c:62:c5:d5:7c:e8:8a:15:16:5d:32:64:d5:4b:ea:
         e5:00:ba:9d:31:58:2e:17:6c:fb:4b:cc:5f:1d:59:e7:47:ec:
         ea:ce:bf:60:60:f9:39:3f:47:bf:c3:e5:26:21:9d:e7:3b:29:
         cc:29:20:83:70:90:f8:f3:5e:63:28:89:c4:bd:8b:55:5c:3b:
         4c:97:b1:14:6b:02:2a:34:1a:2d:81:98:50:be:5d:a2:cb:42:
         c1:18:9a:b2:c6:56:51:c3:e4:85:0a:dc:dc:29:63:11:eb:31:
         d8:3e:38:78:7c:29:76:0f:d3:57:54:3a:11:38:bb:8f:1e:ab:
         e6:e9:1d:d2:7a:ab:15:6e:9e:83:88:37:d7:a1:96:01:50:37:
         c8:a5:6c:57:f7:89:34:c1:bf:6b:5b:29:07:62:38:12:c4:23:
         68:34:58:be:04:78:ac:ab:8a:5b:cb:ac:8f:ea:a0:45:e8:b8:
         a6:88:16:09:e6:f9:c7:07:13:1c:36:5b:30:48:93:c4:b4:2f:
         2f:bd:6a:57
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZiLDs4IGiTvLq5cIYjOQ4tOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyZThjMWI0MGVlNTc5YzE4Mzc5NjQ1NWY0MDkyNTczZDk5
NWExZDIwHhcNMjUwODA4MTkwMDU5WhcNMjUwODA5MTkwMDU5WjAzMTEwLwYDVQQD
EygyYTgyYzUwMzY3NjliYWQ2NDY4Y2Y3MmQyMzk3MTczNTliMmJhNWY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwrK3rh1xMGHlv+OvtoGj8BY8wsDJ
BpZSGlgF6OYCMwnRBrAxIZO94eKPN1p1uJOmYIzgjM5T/cSwoLyzduTMI9A8fect
TMhJ0jY7p65p0+CaBiF7cKb597aaDYUkLQBYV/Y6SRO/OCCydxsZglnyB1yNnMQD
L7dzcAkCDxOKYnErcpbH151vBo1hf3Py4DsmzAlkhidRSFuHTdu/igdhIU7OsSyb
IWrAFd6yckV12hoiuk0mukxcPFq8fh3S5o+JB8SD0toO7dq0jGMGMTcj4QGJiccg
4NIWZaRh1VRT/uu/i+0p4wRMre54YxUbDKi+5ZjYOwU/V7AVyXOyTdU/bQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCqCxQNnabrWRoz3LSOXFzWbK6X3MB8GA1UdIwQY
MBaAFCLowbQO5XnBg3lkVfQJJXPZlaHSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXVqQnRBN2xlY0dEZVdSVjlBa2xjOW1Wb2RJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNC85MjlkMDctN2UzYi00YzlhLWFmOTEt
ZTIxMmZkNDM4OTdhLzEvSXVqQnRBN2xlY0dEZVdSVjlBa2xjOW1Wb2RJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNC85MjlkMDctN2UzYi00YzlhLWFmOTEtZTIxMmZkNDM4OTdh
LzEvSXVqQnRBN2xlY0dEZVdSVjlBa2xjOW1Wb2RJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAPLEJLVBG
2C35cSY5ixa5ATOwOOnNTtZpnD1vHYndAui2rPJtgx/dPJ7tvhrRNzbWOhm1rHNG
PnQeHGLF1XzoihUWXTJk1Uvq5QC6nTFYLhds+0vMXx1Z50fs6s6/YGD5OT9Hv8Pl
JiGd5zspzCkgg3CQ+PNeYyiJxL2LVVw7TJexFGsCKjQaLYGYUL5dostCwRiassZW
UcPkhQrc3CljEesx2D44eHwpdg/TV1Q6ETi7jx6r5ukd0nqrFW6eg4g316GWAVA3
yKVsV/eJNMG/a1spB2I4EsQjaDRYvgR4rKuKW8usj+qgRei4pogWCeb5xwcTHDZb
MEiTxLQvL71qVw==
-----END CERTIFICATE-----
Generated at Sat Aug 9 01:23:35 2025 by rpki-client