Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/01b79c-7225-4916-8221-12edd0e0d21b/1/UB7eLUfXfhQKl78pidqCpYdzyMA.mft
File:                     UB7eLUfXfhQKl78pidqCpYdzyMA.mft (raw, json)
Hash identifier:          IZ+0JkgALd9AKjJEBzl1O8ZrC57CvP1D87VyEDL2ExI=
Subject key identifier:   A2:3D:62:DA:C7:8D:4C:89:8A:70:7E:D9:48:FD:41:88:4C:D8:5C:1B
Authority key identifier: 50:1E:DE:2D:47:D7:7E:14:0A:97:BF:29:89:DA:82:A5:87:73:C8:C0
Certificate issuer:       /CN=501ede2d47d77e140a97bf2989da82a58773c8c0
Certificate serial:       01988B0F68B422240654C07DEE25AC8D20C8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/UB7eLUfXfhQKl78pidqCpYdzyMA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2f/01b79c-7225-4916-8221-12edd0e0d21b/1/UB7eLUfXfhQKl78pidqCpYdzyMA.mft
Manifest number:          0D08
Signing time:             Fri 08 Aug 2025 19:01:39 +0000
Manifest this update:     Fri 08 Aug 2025 19:01:39 +0000
Manifest next update:     Sat 09 Aug 2025 19:01:39 +0000
Files and hashes:         1: UB7eLUfXfhQKl78pidqCpYdzyMA.crl (hash: fa46JAK6B+M2uIeT8Sj8rWUrnxjFMhse5p4xl6t2UBI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/2f/01b79c-7225-4916-8221-12edd0e0d21b/1/UB7eLUfXfhQKl78pidqCpYdzyMA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/2f/01b79c-7225-4916-8221-12edd0e0d21b/1/UB7eLUfXfhQKl78pidqCpYdzyMA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/UB7eLUfXfhQKl78pidqCpYdzyMA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 09 Aug 2025 19:01:39 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:8b:0f:68:b4:22:24:06:54:c0:7d:ee:25:ac:8d:20:c8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=501ede2d47d77e140a97bf2989da82a58773c8c0
        Validity
            Not Before: Aug  8 19:01:39 2025 GMT
            Not After : Aug  9 19:01:39 2025 GMT
        Subject: CN=a23d62dac78d4c898a707ed948fd41884cd85c1b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:d6:1f:47:e5:32:3c:55:e9:6c:dc:04:1f:09:
                    56:eb:f4:35:69:d5:d5:f1:93:ed:40:ef:d4:75:b1:
                    de:b4:66:7d:53:66:9a:d8:11:ce:7c:17:e8:5b:f5:
                    33:db:01:cd:37:4e:0d:d1:e6:8f:ae:8e:bb:23:43:
                    42:e4:8a:30:cc:91:62:5c:4c:fe:a1:53:48:a2:72:
                    9b:d3:15:74:fa:9b:ed:19:e7:10:ab:7e:bd:13:f5:
                    13:cd:22:1c:a9:14:7d:d2:5d:a5:c2:05:5d:f7:53:
                    56:2c:73:2e:33:f2:25:f7:a3:26:8c:cb:8a:3d:a7:
                    5f:40:9f:5d:2c:02:c7:2f:a6:a8:42:79:56:23:b2:
                    cc:7f:15:8f:91:a4:06:f3:df:07:67:c1:19:22:f8:
                    12:5b:7b:c4:63:0e:6d:bf:9a:f2:7f:0c:a1:be:2e:
                    9f:82:e0:c1:b2:a4:f6:ec:da:b0:38:9d:8b:d7:dd:
                    59:16:99:d2:18:c3:09:30:f5:c1:a5:b2:a5:3e:89:
                    3c:cd:13:10:c1:bc:f5:48:10:2e:1a:02:88:6c:6b:
                    f3:b5:bf:22:a6:17:2c:ac:6c:dc:b2:51:82:55:bc:
                    63:6d:2e:7a:37:45:34:c1:31:5b:0f:b2:de:37:ab:
                    e7:fb:bf:58:51:81:5c:7e:5a:64:ed:4c:ca:d2:83:
                    bd:91
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A2:3D:62:DA:C7:8D:4C:89:8A:70:7E:D9:48:FD:41:88:4C:D8:5C:1B
            X509v3 Authority Key Identifier:
                keyid:50:1E:DE:2D:47:D7:7E:14:0A:97:BF:29:89:DA:82:A5:87:73:C8:C0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UB7eLUfXfhQKl78pidqCpYdzyMA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/01b79c-7225-4916-8221-12edd0e0d21b/1/UB7eLUfXfhQKl78pidqCpYdzyMA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/01b79c-7225-4916-8221-12edd0e0d21b/1/UB7eLUfXfhQKl78pidqCpYdzyMA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         58:81:8c:6b:1a:0d:d5:d8:93:5a:f9:cf:49:8c:e7:98:cb:21:
         bf:cd:15:d3:45:7b:ce:b5:9d:fc:74:3f:4d:47:91:fb:8e:57:
         a1:e8:04:e5:71:62:f2:34:f9:d0:3b:d9:23:8d:e3:2d:60:85:
         09:7d:b8:f4:21:5d:64:40:c4:fe:57:4b:52:fe:30:5b:8c:ec:
         95:c3:7a:27:70:b2:2e:ad:e0:6a:f6:b0:02:3a:ad:c8:4c:5e:
         81:72:b7:5f:a5:6e:6b:ad:7f:8a:8e:a3:ab:49:23:39:11:4f:
         b6:6f:96:81:42:90:66:59:a4:ee:07:76:d2:d2:8a:5e:58:b3:
         78:b6:05:cd:87:bf:d7:6e:6d:a3:40:7b:b4:bf:2e:ab:2b:f6:
         82:03:38:b6:88:55:4c:a7:5f:53:87:d7:3e:2f:8a:5b:47:fe:
         c3:fe:cb:41:c5:3f:8a:07:6a:60:55:51:ab:e0:28:f3:31:ea:
         53:fa:c3:91:91:c5:37:42:77:47:91:dc:9a:0a:2f:a3:bb:26:
         3b:32:1a:8d:cc:f5:45:a3:c9:6f:94:1e:8a:a9:dd:51:df:a6:
         25:11:81:63:3a:fb:29:ba:5c:04:40:f6:21:b0:11:fd:06:a9:
         77:28:b3:b0:15:78:a6:bd:7b:d7:aa:3f:ee:ee:36:73:57:0d:
         0c:af:8c:d6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZiLD2i0IiQGVMB97iWsjSDIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUwMWVkZTJkNDdkNzdlMTQwYTk3YmYyOTg5ZGE4MmE1ODc3
M2M4YzAwHhcNMjUwODA4MTkwMTM5WhcNMjUwODA5MTkwMTM5WjAzMTEwLwYDVQQD
EyhhMjNkNjJkYWM3OGQ0Yzg5OGE3MDdlZDk0OGZkNDE4ODRjZDg1YzFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv9YfR+UyPFXpbNwEHwlW6/Q1adXV
8ZPtQO/UdbHetGZ9U2aa2BHOfBfoW/Uz2wHNN04N0eaPro67I0NC5IowzJFiXEz+
oVNIonKb0xV0+pvtGecQq369E/UTzSIcqRR90l2lwgVd91NWLHMuM/Il96MmjMuK
PadfQJ9dLALHL6aoQnlWI7LMfxWPkaQG898HZ8EZIvgSW3vEYw5tv5ryfwyhvi6f
guDBsqT27NqwOJ2L191ZFpnSGMMJMPXBpbKlPok8zRMQwbz1SBAuGgKIbGvztb8i
phcsrGzcslGCVbxjbS56N0U0wTFbD7LeN6vn+79YUYFcflpk7UzK0oO9kQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKI9YtrHjUyJinB+2Uj9QYhM2FwbMB8GA1UdIwQY
MBaAFFAe3i1H134UCpe/KYnagqWHc8jAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVUI3ZUxVZlhmaFFLbDc4cGlkcUNwWWR6eU1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi8wMWI3OWMtNzIyNS00OTE2LTgyMjEt
MTJlZGQwZTBkMjFiLzEvVUI3ZUxVZlhmaFFLbDc4cGlkcUNwWWR6eU1BLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZi8wMWI3OWMtNzIyNS00OTE2LTgyMjEtMTJlZGQwZTBkMjFi
LzEvVUI3ZUxVZlhmaFFLbDc4cGlkcUNwWWR6eU1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWIGMaxoN
1diTWvnPSYznmMshv80V00V7zrWd/HQ/TUeR+45XoegE5XFi8jT50DvZI43jLWCF
CX249CFdZEDE/ldLUv4wW4zslcN6J3CyLq3gavawAjqtyExegXK3X6Vua61/io6j
q0kjORFPtm+WgUKQZlmk7gd20tKKXlizeLYFzYe/125to0B7tL8uqyv2ggM4tohV
TKdfU4fXPi+KW0f+w/7LQcU/igdqYFVRq+Ao8zHqU/rDkZHFN0J3R5Hcmgovo7sm
OzIajcz1RaPJb5QeiqndUd+mJRGBYzr7KbpcBED2IbAR/QapdyizsBV4pr1716o/
7u42c1cNDK+M1g==
-----END CERTIFICATE-----
Generated at Sat Aug 9 05:51:46 2025 by rpki-client