Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/653dac-a69c-48e5-b7c8-575a2080896a/1/X765nwZBwgALrAWjJrQYpMApS3o.mft
File:                     X765nwZBwgALrAWjJrQYpMApS3o.mft (raw, json)
Hash identifier:          lFEIC8BMgyOdC/QpBGbApO8G97lJ98374OrwyQbk/4o=
Subject key identifier:   D0:E5:94:67:18:7D:5B:33:38:08:32:44:13:F5:1A:34:8B:F7:A9:4B
Authority key identifier: 5F:BE:B9:9F:06:41:C2:00:0B:AC:05:A3:26:B4:18:A4:C0:29:4B:7A
Certificate issuer:       /CN=5fbeb99f0641c2000bac05a326b418a4c0294b7a
Certificate serial:       01987F79AC90184E1B0B48057C7AF63CB0C2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/X765nwZBwgALrAWjJrQYpMApS3o.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/29/653dac-a69c-48e5-b7c8-575a2080896a/1/X765nwZBwgALrAWjJrQYpMApS3o.mft
Manifest number:          010F
Signing time:             Wed 06 Aug 2025 13:02:17 +0000
Manifest this update:     Wed 06 Aug 2025 13:02:17 +0000
Manifest next update:     Thu 07 Aug 2025 13:02:17 +0000
Files and hashes:         1: X765nwZBwgALrAWjJrQYpMApS3o.crl (hash: bwTKaSWqA0Kb7rtzhxrWZyrjhW8LZyDN/wuJRzFhPWM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/29/653dac-a69c-48e5-b7c8-575a2080896a/1/X765nwZBwgALrAWjJrQYpMApS3o.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/29/653dac-a69c-48e5-b7c8-575a2080896a/1/X765nwZBwgALrAWjJrQYpMApS3o.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/X765nwZBwgALrAWjJrQYpMApS3o.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 07 Aug 2025 13:02:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:7f:79:ac:90:18:4e:1b:0b:48:05:7c:7a:f6:3c:b0:c2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5fbeb99f0641c2000bac05a326b418a4c0294b7a
        Validity
            Not Before: Aug  6 13:02:17 2025 GMT
            Not After : Aug  7 13:02:17 2025 GMT
        Subject: CN=d0e59467187d5b333808324413f51a348bf7a94b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:87:77:7b:50:54:46:fc:2f:6c:23:05:2b:70:d7:
                    6b:68:9d:b2:26:cd:9b:6a:e2:0b:9c:7f:65:06:37:
                    d9:0d:f0:92:d6:7d:b3:cb:ce:b6:d6:ff:f5:ab:61:
                    77:cf:ce:56:cc:6a:b6:db:38:89:69:76:9f:21:09:
                    14:5e:c3:68:ef:4a:a4:9b:e1:62:31:f9:86:01:70:
                    09:6f:d1:6d:7a:a1:bb:ff:fe:86:d9:54:b0:bf:01:
                    f4:62:99:b2:0b:41:92:55:69:c1:55:a0:28:64:f1:
                    fb:32:21:f0:e5:bc:3e:12:3f:13:1f:17:54:8b:fc:
                    ed:a2:95:83:28:98:47:7f:82:b0:24:fe:64:ab:6a:
                    57:db:95:e0:76:c0:d4:2a:e1:93:ae:76:0d:2c:7c:
                    16:6f:6b:2a:d6:8f:cf:1d:94:93:a7:2b:f5:ad:a4:
                    1f:df:62:8f:02:3a:74:49:3c:3a:86:df:50:f5:aa:
                    8d:66:df:c9:d2:20:07:6e:58:52:15:7b:4a:2c:69:
                    bb:06:0e:58:b9:ba:06:74:5c:1e:b2:1e:74:62:21:
                    fd:59:0a:2b:39:de:f7:df:6e:e3:c0:2d:a1:92:6a:
                    fb:dd:96:38:3b:b8:d4:61:15:fc:af:2b:cf:f1:0c:
                    7f:fd:61:c2:ed:ee:75:f7:44:5a:ed:c1:77:99:52:
                    73:03
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D0:E5:94:67:18:7D:5B:33:38:08:32:44:13:F5:1A:34:8B:F7:A9:4B
            X509v3 Authority Key Identifier:
                keyid:5F:BE:B9:9F:06:41:C2:00:0B:AC:05:A3:26:B4:18:A4:C0:29:4B:7A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/X765nwZBwgALrAWjJrQYpMApS3o.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/653dac-a69c-48e5-b7c8-575a2080896a/1/X765nwZBwgALrAWjJrQYpMApS3o.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/29/653dac-a69c-48e5-b7c8-575a2080896a/1/X765nwZBwgALrAWjJrQYpMApS3o.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         80:3e:82:8e:8e:77:56:0c:7d:f8:e2:31:22:d4:5a:d2:30:42:
         f3:ba:41:0d:a3:21:6b:53:3b:83:3c:41:1e:ba:a2:30:51:cf:
         4b:15:6a:6e:6e:91:77:f2:6f:a2:17:57:b8:b4:d8:fa:42:98:
         af:03:46:9d:f0:13:12:4c:d2:10:4d:c4:ad:c7:f5:13:27:ff:
         68:ba:46:43:56:cd:12:d0:d2:da:c3:ae:d7:fe:bd:e6:01:af:
         dd:66:52:ef:b1:47:a8:2c:6e:8d:37:ac:30:b0:cb:02:84:3b:
         97:61:84:15:eb:09:57:e5:eb:0c:6d:57:03:56:31:4e:10:db:
         3b:ce:bc:2a:44:86:c3:ab:02:ec:d8:48:a8:0a:37:ed:ad:3e:
         f6:ac:7d:97:99:9b:15:38:f5:9d:01:41:ab:7b:88:8c:4f:ba:
         89:3a:17:78:b3:ff:f5:6a:e5:73:a6:ce:86:c4:9f:f3:eb:01:
         b0:b2:90:80:77:b5:e4:e4:6f:74:47:ef:6b:d7:17:23:40:d5:
         76:8d:2a:76:15:2f:e8:29:e6:45:b6:87:0c:0a:78:aa:bf:f9:
         8d:a2:b9:e3:ce:cd:1b:1a:27:df:3f:3a:5d:a1:e3:d0:3a:33:
         27:e5:e4:3c:36:00:50:e4:2b:37:74:e9:e4:a7:43:fa:31:dc:
         aa:a0:dd:32
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZh/eayQGE4bC0gFfHr2PLDCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVmYmViOTlmMDY0MWMyMDAwYmFjMDVhMzI2YjQxOGE0YzAy
OTRiN2EwHhcNMjUwODA2MTMwMjE3WhcNMjUwODA3MTMwMjE3WjAzMTEwLwYDVQQD
EyhkMGU1OTQ2NzE4N2Q1YjMzMzgwODMyNDQxM2Y1MWEzNDhiZjdhOTRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh3d7UFRG/C9sIwUrcNdraJ2yJs2b
auILnH9lBjfZDfCS1n2zy8621v/1q2F3z85WzGq22ziJaXafIQkUXsNo70qkm+Fi
MfmGAXAJb9FteqG7//6G2VSwvwH0YpmyC0GSVWnBVaAoZPH7MiHw5bw+Ej8THxdU
i/ztopWDKJhHf4KwJP5kq2pX25XgdsDUKuGTrnYNLHwWb2sq1o/PHZSTpyv1raQf
32KPAjp0STw6ht9Q9aqNZt/J0iAHblhSFXtKLGm7Bg5YuboGdFwesh50YiH9WQor
Od73327jwC2hkmr73ZY4O7jUYRX8ryvP8Qx//WHC7e5190Ra7cF3mVJzAwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNDllGcYfVszOAgyRBP1GjSL96lLMB8GA1UdIwQY
MBaAFF++uZ8GQcIAC6wFoya0GKTAKUt6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWDc2NW53WkJ3Z0FMckFXakpyUVlwTUFwUzNvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS82NTNkYWMtYTY5Yy00OGU1LWI3Yzgt
NTc1YTIwODA4OTZhLzEvWDc2NW53WkJ3Z0FMckFXakpyUVlwTUFwUzNvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS82NTNkYWMtYTY5Yy00OGU1LWI3YzgtNTc1YTIwODA4OTZh
LzEvWDc2NW53WkJ3Z0FMckFXakpyUVlwTUFwUzNvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAgD6Cjo53
Vgx9+OIxItRa0jBC87pBDaMha1M7gzxBHrqiMFHPSxVqbm6Rd/JvohdXuLTY+kKY
rwNGnfATEkzSEE3Ercf1Eyf/aLpGQ1bNEtDS2sOu1/695gGv3WZS77FHqCxujTes
MLDLAoQ7l2GEFesJV+XrDG1XA1YxThDbO868KkSGw6sC7NhIqAo37a0+9qx9l5mb
FTj1nQFBq3uIjE+6iToXeLP/9Wrlc6bOhsSf8+sBsLKQgHe15ORvdEfva9cXI0DV
do0qdhUv6CnmRbaHDAp4qr/5jaK5487NGxon3z86XaHj0DozJ+XkPDYAUOQrN3Tp
5KdD+jHcqqDdMg==
-----END CERTIFICATE-----
Generated at Wed Aug 6 18:24:59 2025 by rpki-client