Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2c/ecda24-d7c3-446a-af36-fe5634c17cc9/1/Q5OKPegDvWyR8UrZZ71BQbigKK8.mft
File:                     Q5OKPegDvWyR8UrZZ71BQbigKK8.mft (raw, json)
Hash identifier:          aES+D7GgDpKLkOypAZ9ilonuSnkQNUl98LMLrdT2AdA=
Subject key identifier:   F5:1F:ED:7E:DB:A0:15:77:A0:73:FD:51:51:2A:74:5F:C8:B3:44:8C
Authority key identifier: 43:93:8A:3D:E8:03:BD:6C:91:F1:4A:D9:67:BD:41:41:B8:A0:28:AF
Certificate issuer:       /CN=43938a3de803bd6c91f14ad967bd4141b8a028af
Certificate serial:       019874BDB3BBBA33F60F788E80A896991B2E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Q5OKPegDvWyR8UrZZ71BQbigKK8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2c/ecda24-d7c3-446a-af36-fe5634c17cc9/1/Q5OKPegDvWyR8UrZZ71BQbigKK8.mft
Manifest number:          1338
Signing time:             Mon 04 Aug 2025 11:00:45 +0000
Manifest this update:     Mon 04 Aug 2025 11:00:45 +0000
Manifest next update:     Tue 05 Aug 2025 11:00:45 +0000
Files and hashes:         1: Q5OKPegDvWyR8UrZZ71BQbigKK8.crl (hash: ikQg7MjDc4+HFTjYxtPz4eozafALfMe43qRru/6GRpk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/2c/ecda24-d7c3-446a-af36-fe5634c17cc9/1/Q5OKPegDvWyR8UrZZ71BQbigKK8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/2c/ecda24-d7c3-446a-af36-fe5634c17cc9/1/Q5OKPegDvWyR8UrZZ71BQbigKK8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Q5OKPegDvWyR8UrZZ71BQbigKK8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 05 Aug 2025 11:00:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:74:bd:b3:bb:ba:33:f6:0f:78:8e:80:a8:96:99:1b:2e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=43938a3de803bd6c91f14ad967bd4141b8a028af
        Validity
            Not Before: Aug  4 11:00:45 2025 GMT
            Not After : Aug  5 11:00:45 2025 GMT
        Subject: CN=f51fed7edba01577a073fd51512a745fc8b3448c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9c:86:ab:6d:2d:98:bf:cf:66:d8:0c:f2:04:e3:
                    87:11:23:3a:21:ef:3c:77:38:31:33:28:23:33:4a:
                    d4:78:7a:83:5f:e6:52:26:db:46:7a:95:6b:f9:f2:
                    51:c7:69:1d:3c:2b:01:f8:b2:21:e5:0a:6c:0d:ca:
                    ab:3d:7e:c1:d3:c6:6b:14:6b:db:2f:bf:5a:59:5c:
                    e1:d5:02:3c:e4:87:01:7c:ae:3a:4a:32:43:20:4d:
                    8e:fc:aa:49:2e:57:ba:e4:b8:b6:2e:13:39:c7:cd:
                    b2:dd:a7:c2:68:00:c1:95:70:e3:cd:fe:a6:ca:f2:
                    f8:1f:09:e4:48:70:c9:56:e0:6f:0d:bd:e8:4f:99:
                    b4:14:ca:17:23:f1:b0:79:16:78:da:2d:51:a6:85:
                    6a:2b:06:19:19:e3:60:96:60:45:14:cc:14:15:64:
                    ee:79:52:ad:bc:7f:34:0e:89:87:24:84:b9:96:1a:
                    f6:9b:88:fd:f8:c6:40:57:74:e5:ec:21:7d:28:2f:
                    94:80:8c:d9:37:c6:ef:4c:9d:3d:96:dc:02:ce:99:
                    40:f9:d1:81:9e:57:21:15:fa:e5:9c:a5:86:da:f7:
                    7b:85:66:72:b7:d9:da:c9:f1:57:c3:64:bf:e2:bf:
                    ed:ab:d2:e7:00:96:2e:3c:9a:38:77:4a:21:d3:4c:
                    24:55
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F5:1F:ED:7E:DB:A0:15:77:A0:73:FD:51:51:2A:74:5F:C8:B3:44:8C
            X509v3 Authority Key Identifier:
                keyid:43:93:8A:3D:E8:03:BD:6C:91:F1:4A:D9:67:BD:41:41:B8:A0:28:AF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Q5OKPegDvWyR8UrZZ71BQbigKK8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/ecda24-d7c3-446a-af36-fe5634c17cc9/1/Q5OKPegDvWyR8UrZZ71BQbigKK8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/ecda24-d7c3-446a-af36-fe5634c17cc9/1/Q5OKPegDvWyR8UrZZ71BQbigKK8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         b1:eb:88:f6:de:36:e6:85:bf:cc:ee:5a:b9:51:c6:39:44:8f:
         8c:e8:4c:6a:55:49:c1:a7:e5:cf:b0:99:78:9f:1e:52:bc:a8:
         83:bf:ac:9b:09:54:3c:b5:79:5a:bf:59:06:d9:45:e9:30:b9:
         79:5b:d2:da:d0:d6:e4:6c:eb:c1:1e:ad:99:74:6a:bb:27:bd:
         d5:61:81:33:f5:41:49:ca:f4:5a:9d:25:04:df:a0:e7:bd:09:
         bd:d9:bc:11:6a:9d:f3:63:8d:d1:0d:cc:df:ad:39:97:1e:ed:
         50:c7:04:24:19:ac:45:fe:01:ec:14:99:a9:5e:a6:e1:e9:88:
         e0:7c:e4:36:85:ff:a0:01:b2:6b:5c:67:f7:2d:ef:7b:6e:5f:
         6f:2c:21:f9:ae:26:3a:2e:50:43:76:11:8c:9e:b2:fc:65:18:
         c5:fe:73:51:97:44:9e:7e:9f:41:32:11:93:bc:ac:32:d0:3f:
         8c:c1:39:cb:18:6d:5f:4d:45:55:c6:22:e8:dc:16:0a:d9:5a:
         5e:87:33:a5:c2:ff:26:2d:d8:48:65:61:fc:1b:ee:00:9d:2b:
         16:1c:1b:0f:f3:e1:b5:77:57:21:88:e1:ca:b9:78:de:94:26:
         96:65:df:1f:df:af:e5:5f:54:b0:ac:5e:50:84:8f:10:75:49:
         80:8d:0a:ce
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZh0vbO7ujP2D3iOgKiWmRsuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzOTM4YTNkZTgwM2JkNmM5MWYxNGFkOTY3YmQ0MTQxYjhh
MDI4YWYwHhcNMjUwODA0MTEwMDQ1WhcNMjUwODA1MTEwMDQ1WjAzMTEwLwYDVQQD
EyhmNTFmZWQ3ZWRiYTAxNTc3YTA3M2ZkNTE1MTJhNzQ1ZmM4YjM0NDhjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnIarbS2Yv89m2AzyBOOHESM6Ie88
dzgxMygjM0rUeHqDX+ZSJttGepVr+fJRx2kdPCsB+LIh5QpsDcqrPX7B08ZrFGvb
L79aWVzh1QI85IcBfK46SjJDIE2O/KpJLle65Li2LhM5x82y3afCaADBlXDjzf6m
yvL4HwnkSHDJVuBvDb3oT5m0FMoXI/GweRZ42i1RpoVqKwYZGeNglmBFFMwUFWTu
eVKtvH80DomHJIS5lhr2m4j9+MZAV3Tl7CF9KC+UgIzZN8bvTJ09ltwCzplA+dGB
nlchFfrlnKWG2vd7hWZyt9nayfFXw2S/4r/tq9LnAJYuPJo4d0oh00wkVQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPUf7X7boBV3oHP9UVEqdF/Is0SMMB8GA1UdIwQY
MBaAFEOTij3oA71skfFK2We9QUG4oCivMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUTVPS1BlZ0R2V3lSOFVyWlo3MUJRYmlnS0s4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYy9lY2RhMjQtZDdjMy00NDZhLWFmMzYt
ZmU1NjM0YzE3Y2M5LzEvUTVPS1BlZ0R2V3lSOFVyWlo3MUJRYmlnS0s4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYy9lY2RhMjQtZDdjMy00NDZhLWFmMzYtZmU1NjM0YzE3Y2M5
LzEvUTVPS1BlZ0R2V3lSOFVyWlo3MUJRYmlnS0s4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAseuI9t42
5oW/zO5auVHGOUSPjOhMalVJwaflz7CZeJ8eUryog7+smwlUPLV5Wr9ZBtlF6TC5
eVvS2tDW5GzrwR6tmXRquye91WGBM/VBScr0Wp0lBN+g570Jvdm8EWqd82ON0Q3M
3605lx7tUMcEJBmsRf4B7BSZqV6m4emI4HzkNoX/oAGya1xn9y3ve25fbywh+a4m
Oi5QQ3YRjJ6y/GUYxf5zUZdEnn6fQTIRk7ysMtA/jME5yxhtX01FVcYi6NwWCtla
XoczpcL/Ji3YSGVh/BvuAJ0rFhwbD/PhtXdXIYjhyrl43pQmlmXfH9+v5V9UsKxe
UISPEHVJgI0Kzg==
-----END CERTIFICATE-----
Generated at Mon Aug 4 16:10:30 2025 by rpki-client