Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/f4522a-6155-40c6-bd89-5b9ffff082f1/1/R0NPTmaYKfhsbea6PrDo9m2piLY.mft
File:                     R0NPTmaYKfhsbea6PrDo9m2piLY.mft (raw, json)
Hash identifier:          dkraFlfZkaLc+ARaywC8VvjI1mc6TMc4Tsg0oIMc4SY=
Subject key identifier:   B5:9B:0B:9D:0F:8C:56:BA:CF:D2:37:46:C6:10:B0:C2:A7:97:29:AE
Authority key identifier: 47:43:4F:4E:66:98:29:F8:6C:6D:E6:BA:3E:B0:E8:F6:6D:A9:88:B6
Certificate issuer:       /CN=47434f4e669829f86c6de6ba3eb0e8f66da988b6
Certificate serial:       019873E1E2B1CD44900B091A3C5667A2EEC0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/R0NPTmaYKfhsbea6PrDo9m2piLY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/21/f4522a-6155-40c6-bd89-5b9ffff082f1/1/R0NPTmaYKfhsbea6PrDo9m2piLY.mft
Manifest number:          49
Signing time:             Mon 04 Aug 2025 07:00:40 +0000
Manifest this update:     Mon 04 Aug 2025 07:00:40 +0000
Manifest next update:     Tue 05 Aug 2025 07:00:40 +0000
Files and hashes:         1: R0NPTmaYKfhsbea6PrDo9m2piLY.crl (hash: k5nhYaS9ZZwTxq9khHVtYM0Me0vlxKf5ilsKQx6t9iA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/21/f4522a-6155-40c6-bd89-5b9ffff082f1/1/R0NPTmaYKfhsbea6PrDo9m2piLY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/21/f4522a-6155-40c6-bd89-5b9ffff082f1/1/R0NPTmaYKfhsbea6PrDo9m2piLY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/R0NPTmaYKfhsbea6PrDo9m2piLY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 05 Aug 2025 03:00:28 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:73:e1:e2:b1:cd:44:90:0b:09:1a:3c:56:67:a2:ee:c0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=47434f4e669829f86c6de6ba3eb0e8f66da988b6
        Validity
            Not Before: Aug  4 07:00:40 2025 GMT
            Not After : Aug  5 07:00:40 2025 GMT
        Subject: CN=b59b0b9d0f8c56bacfd23746c610b0c2a79729ae
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:95:df:f3:90:99:77:fe:eb:65:9b:9b:70:45:36:
                    60:31:36:a8:4c:1e:54:53:99:b3:6c:ba:0f:3a:ef:
                    9c:6d:9c:d1:e3:d9:0e:f6:6a:18:4d:81:23:09:e0:
                    13:86:a5:be:53:54:37:70:35:5c:f8:fd:03:b2:40:
                    e4:c9:88:fb:07:fc:1f:60:ef:4d:2e:0b:1f:38:06:
                    cc:ba:c7:63:15:90:a5:86:e0:12:84:12:ef:36:44:
                    e6:24:28:1a:4b:8b:58:1a:53:1f:44:76:74:a8:ca:
                    11:00:df:b3:ed:e0:60:4d:ea:82:2e:30:72:a3:29:
                    6c:99:bf:99:ce:6c:9c:11:b0:9c:5c:7e:c6:f4:4a:
                    68:2f:14:c1:72:b6:3e:d2:c7:44:0f:5e:f8:0d:74:
                    6c:8d:d2:a6:28:0d:18:70:85:48:82:df:0d:dc:ee:
                    f5:c9:d3:73:4d:92:6b:a8:4b:c6:b7:ab:a3:01:22:
                    cd:8e:0d:8b:80:02:0a:aa:fa:e7:d8:a5:89:32:05:
                    7c:fc:97:08:98:87:d6:5b:ea:31:5f:8c:79:7a:d2:
                    7a:5f:09:6f:bc:0d:07:96:af:4a:d2:06:ac:d4:5f:
                    61:1c:da:87:52:84:53:88:6e:fa:c9:e0:bf:17:68:
                    c3:18:02:01:c2:42:66:ed:40:ad:49:e9:da:51:fe:
                    c3:1f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B5:9B:0B:9D:0F:8C:56:BA:CF:D2:37:46:C6:10:B0:C2:A7:97:29:AE
            X509v3 Authority Key Identifier:
                keyid:47:43:4F:4E:66:98:29:F8:6C:6D:E6:BA:3E:B0:E8:F6:6D:A9:88:B6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/R0NPTmaYKfhsbea6PrDo9m2piLY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/f4522a-6155-40c6-bd89-5b9ffff082f1/1/R0NPTmaYKfhsbea6PrDo9m2piLY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/21/f4522a-6155-40c6-bd89-5b9ffff082f1/1/R0NPTmaYKfhsbea6PrDo9m2piLY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         10:57:1c:03:70:69:2c:f5:d7:e4:10:0f:75:44:64:d2:7c:c5:
         0e:81:39:f3:0a:28:68:44:42:d9:f3:21:9a:5c:01:13:fc:73:
         fb:e9:25:1f:26:14:47:ae:9a:8e:f9:81:51:64:80:7f:a5:aa:
         ab:e3:93:be:25:3a:67:f3:8f:47:27:09:bf:f6:56:82:89:df:
         41:4e:e9:ec:43:1f:9a:df:8f:62:9e:02:f2:de:e1:78:b0:f9:
         82:04:6d:cc:89:77:b5:a2:26:c7:ee:43:5c:5a:40:5d:b0:f2:
         b8:39:9e:e0:00:e1:1c:ad:e9:07:1f:b0:28:b3:0a:1b:23:7b:
         83:6d:1b:c5:89:1b:96:08:9a:50:f7:ec:be:0f:41:0b:73:a2:
         05:69:70:fb:46:0d:16:7a:37:d6:d5:da:a7:b7:7a:ad:10:0e:
         eb:12:ad:83:cf:25:12:bd:95:7a:52:f4:88:dc:ad:ae:a7:76:
         c0:bf:7a:2f:22:76:b7:fd:d8:87:59:f4:41:f6:f1:c5:aa:b5:
         1b:8a:8c:f3:17:01:9a:19:6f:17:86:7b:0a:b2:51:ee:d4:b1:
         44:2b:ad:06:69:02:db:f7:5c:6f:fd:58:32:d1:8b:d4:31:bf:
         22:3e:86:d6:27:f2:2a:33:58:c4:ad:02:71:30:13:2e:85:28:
         3f:9f:7a:2a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZhz4eKxzUSQCwkaPFZnou7AMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ3NDM0ZjRlNjY5ODI5Zjg2YzZkZTZiYTNlYjBlOGY2NmRh
OTg4YjYwHhcNMjUwODA0MDcwMDQwWhcNMjUwODA1MDcwMDQwWjAzMTEwLwYDVQQD
EyhiNTliMGI5ZDBmOGM1NmJhY2ZkMjM3NDZjNjEwYjBjMmE3OTcyOWFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAld/zkJl3/utlm5twRTZgMTaoTB5U
U5mzbLoPOu+cbZzR49kO9moYTYEjCeAThqW+U1Q3cDVc+P0DskDkyYj7B/wfYO9N
LgsfOAbMusdjFZClhuAShBLvNkTmJCgaS4tYGlMfRHZ0qMoRAN+z7eBgTeqCLjBy
oylsmb+ZzmycEbCcXH7G9EpoLxTBcrY+0sdED174DXRsjdKmKA0YcIVIgt8N3O71
ydNzTZJrqEvGt6ujASLNjg2LgAIKqvrn2KWJMgV8/JcImIfWW+oxX4x5etJ6Xwlv
vA0Hlq9K0gas1F9hHNqHUoRTiG76yeC/F2jDGAIBwkJm7UCtSenaUf7DHwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLWbC50PjFa6z9I3RsYQsMKnlymuMB8GA1UdIwQY
MBaAFEdDT05mmCn4bG3muj6w6PZtqYi2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUjBOUFRtYVlLZmhzYmVhNlByRG85bTJwaUxZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS9mNDUyMmEtNjE1NS00MGM2LWJkODkt
NWI5ZmZmZjA4MmYxLzEvUjBOUFRtYVlLZmhzYmVhNlByRG85bTJwaUxZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS9mNDUyMmEtNjE1NS00MGM2LWJkODktNWI5ZmZmZjA4MmYx
LzEvUjBOUFRtYVlLZmhzYmVhNlByRG85bTJwaUxZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAEFccA3Bp
LPXX5BAPdURk0nzFDoE58wooaERC2fMhmlwBE/xz++klHyYUR66ajvmBUWSAf6Wq
q+OTviU6Z/OPRycJv/ZWgonfQU7p7EMfmt+PYp4C8t7heLD5ggRtzIl3taImx+5D
XFpAXbDyuDme4ADhHK3pBx+wKLMKGyN7g20bxYkblgiaUPfsvg9BC3OiBWlw+0YN
Fno31tXap7d6rRAO6xKtg88lEr2VelL0iNytrqd2wL96LyJ2t/3Yh1n0Qfbxxaq1
G4qM8xcBmhlvF4Z7CrJR7tSxRCutBmkC2/dcb/1YMtGL1DG/Ij6G1ifyKjNYxK0C
cTATLoUoP596Kg==
-----END CERTIFICATE-----
Generated at Mon Aug 4 11:05:28 2025 by rpki-client