Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/aabb5f-72f2-4928-92a9-2ff9d42ee213/1/d2Pkf8hQrMj_2gbj2iOkpETC1vw.mft
File:                     d2Pkf8hQrMj_2gbj2iOkpETC1vw.mft (raw, json)
Hash identifier:          eJ3L7TiO3AnPyS1K+o4zmiSKidGUzVU+JeV2YiVCHjY=
Subject key identifier:   2B:87:F2:3A:A7:BB:C5:63:96:6D:2E:D2:BA:34:BD:93:E6:F5:5B:94
Authority key identifier: 77:63:E4:7F:C8:50:AC:C8:FF:DA:06:E3:DA:23:A4:A4:44:C2:D6:FC
Certificate issuer:       /CN=7763e47fc850acc8ffda06e3da23a4a444c2d6fc
Certificate serial:       01987D8BE6C2AAF309D485AD14DA455C18D3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/d2Pkf8hQrMj_2gbj2iOkpETC1vw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/30/aabb5f-72f2-4928-92a9-2ff9d42ee213/1/d2Pkf8hQrMj_2gbj2iOkpETC1vw.mft
Manifest number:          0845
Signing time:             Wed 06 Aug 2025 04:02:57 +0000
Manifest this update:     Wed 06 Aug 2025 04:02:57 +0000
Manifest next update:     Thu 07 Aug 2025 04:02:57 +0000
Files and hashes:         1: d2Pkf8hQrMj_2gbj2iOkpETC1vw.crl (hash: iCk33rJyWLhTgEgdvnQ4fEp1xOXHReGR9ZQBs5Sk28Y=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/30/aabb5f-72f2-4928-92a9-2ff9d42ee213/1/d2Pkf8hQrMj_2gbj2iOkpETC1vw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/30/aabb5f-72f2-4928-92a9-2ff9d42ee213/1/d2Pkf8hQrMj_2gbj2iOkpETC1vw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/d2Pkf8hQrMj_2gbj2iOkpETC1vw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 07 Aug 2025 04:02:57 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:7d:8b:e6:c2:aa:f3:09:d4:85:ad:14:da:45:5c:18:d3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7763e47fc850acc8ffda06e3da23a4a444c2d6fc
        Validity
            Not Before: Aug  6 04:02:57 2025 GMT
            Not After : Aug  7 04:02:57 2025 GMT
        Subject: CN=2b87f23aa7bbc563966d2ed2ba34bd93e6f55b94
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c5:02:f2:c7:47:05:62:f6:f6:28:37:d8:0f:21:
                    02:49:aa:3b:a1:71:57:09:98:22:9d:58:85:2b:eb:
                    a9:a7:37:53:77:24:97:a4:6a:ba:81:36:1e:38:a3:
                    dc:78:a9:cc:47:d2:22:f1:d3:18:03:24:4d:39:1c:
                    d8:28:9b:8e:f6:db:38:90:17:48:68:62:53:85:59:
                    36:09:45:64:a0:c6:74:7a:e6:78:a7:17:ce:af:58:
                    89:40:26:23:82:b0:8e:30:c5:9f:29:12:ce:08:a7:
                    b9:4d:5c:33:2c:ec:e9:cd:b2:37:1d:fb:82:5e:fc:
                    08:8b:7f:6f:d2:05:84:44:ca:5e:98:87:65:4e:26:
                    86:05:44:01:fe:5b:ab:37:8f:05:f3:79:1f:9d:7d:
                    53:32:af:12:12:6a:f7:7c:94:e0:a6:27:17:36:75:
                    0e:6e:a3:55:f6:b0:2e:ce:a4:4e:e1:44:55:2f:50:
                    59:58:66:c8:8f:13:65:16:21:8a:52:38:53:8e:d8:
                    53:a5:09:04:2b:37:44:eb:02:64:cf:e8:0a:e4:19:
                    f3:d3:b0:09:ee:25:64:f9:97:d3:2d:bd:99:0a:d4:
                    dd:8c:82:3b:c3:8f:24:5f:83:ff:fd:28:6c:d2:c7:
                    cb:0d:2f:01:2b:35:85:cd:0d:06:d1:a2:8e:e9:72:
                    e2:07
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2B:87:F2:3A:A7:BB:C5:63:96:6D:2E:D2:BA:34:BD:93:E6:F5:5B:94
            X509v3 Authority Key Identifier:
                keyid:77:63:E4:7F:C8:50:AC:C8:FF:DA:06:E3:DA:23:A4:A4:44:C2:D6:FC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/d2Pkf8hQrMj_2gbj2iOkpETC1vw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/aabb5f-72f2-4928-92a9-2ff9d42ee213/1/d2Pkf8hQrMj_2gbj2iOkpETC1vw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/30/aabb5f-72f2-4928-92a9-2ff9d42ee213/1/d2Pkf8hQrMj_2gbj2iOkpETC1vw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         66:da:91:2e:51:e4:9d:a1:9e:1e:bf:bc:84:1d:81:83:44:5f:
         9d:f7:23:14:5d:d7:af:dd:3e:49:68:6c:d1:d4:1e:5f:53:b6:
         b9:b8:da:bd:5e:47:8b:80:a9:b9:4f:12:da:2f:90:8d:a3:a0:
         c4:a8:0f:ee:bf:c2:96:da:ea:cb:82:3a:fd:ac:f9:55:e6:cd:
         8f:4e:07:75:1d:55:78:02:86:f9:1c:de:85:6c:76:06:fc:35:
         c6:d4:c0:cd:10:00:82:56:d1:b4:6b:50:18:7a:2c:07:f7:79:
         c3:49:37:61:ca:2b:fb:6d:5c:46:ae:52:c0:e9:50:95:1f:d7:
         11:28:a8:bc:d2:4d:01:78:a8:b8:8a:50:47:e3:70:8e:c1:36:
         1d:0c:62:69:1f:b6:2a:3b:25:99:4a:d6:14:b7:91:ee:20:fc:
         eb:35:47:d6:f2:3d:99:a7:02:a6:a8:02:59:fc:64:43:1c:b9:
         87:71:38:1d:c3:5b:58:a2:de:ca:40:ae:e8:cb:8c:fa:6d:be:
         de:27:40:d5:1f:91:b0:94:37:c4:ad:59:f0:df:77:0c:4d:3b:
         99:ba:b1:aa:4c:55:a9:03:e0:6f:5e:ac:ac:9b:d8:24:33:f8:
         ab:e0:2e:fd:b4:c2:15:51:67:36:15:98:c0:b9:92:4a:1e:6a:
         c5:ba:53:21
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZh9i+bCqvMJ1IWtFNpFXBjTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc3NjNlNDdmYzg1MGFjYzhmZmRhMDZlM2RhMjNhNGE0NDRj
MmQ2ZmMwHhcNMjUwODA2MDQwMjU3WhcNMjUwODA3MDQwMjU3WjAzMTEwLwYDVQQD
EygyYjg3ZjIzYWE3YmJjNTYzOTY2ZDJlZDJiYTM0YmQ5M2U2ZjU1Yjk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxQLyx0cFYvb2KDfYDyECSao7oXFX
CZginViFK+uppzdTdySXpGq6gTYeOKPceKnMR9Ii8dMYAyRNORzYKJuO9ts4kBdI
aGJThVk2CUVkoMZ0euZ4pxfOr1iJQCYjgrCOMMWfKRLOCKe5TVwzLOzpzbI3HfuC
XvwIi39v0gWERMpemIdlTiaGBUQB/lurN48F83kfnX1TMq8SEmr3fJTgpicXNnUO
bqNV9rAuzqRO4URVL1BZWGbIjxNlFiGKUjhTjthTpQkEKzdE6wJkz+gK5Bnz07AJ
7iVk+ZfTLb2ZCtTdjII7w48kX4P//Shs0sfLDS8BKzWFzQ0G0aKO6XLiBwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCuH8jqnu8Vjlm0u0ro0vZPm9VuUMB8GA1UdIwQY
MBaAFHdj5H/IUKzI/9oG49ojpKREwtb8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZDJQa2Y4aFFyTWpfMmdiajJpT2twRVRDMXZ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC9hYWJiNWYtNzJmMi00OTI4LTkyYTkt
MmZmOWQ0MmVlMjEzLzEvZDJQa2Y4aFFyTWpfMmdiajJpT2twRVRDMXZ3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC9hYWJiNWYtNzJmMi00OTI4LTkyYTktMmZmOWQ0MmVlMjEz
LzEvZDJQa2Y4aFFyTWpfMmdiajJpT2twRVRDMXZ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZtqRLlHk
naGeHr+8hB2Bg0RfnfcjFF3Xr90+SWhs0dQeX1O2ubjavV5Hi4CpuU8S2i+QjaOg
xKgP7r/Cltrqy4I6/az5VebNj04HdR1VeAKG+RzehWx2Bvw1xtTAzRAAglbRtGtQ
GHosB/d5w0k3Ycor+21cRq5SwOlQlR/XESiovNJNAXiouIpQR+NwjsE2HQxiaR+2
KjslmUrWFLeR7iD86zVH1vI9macCpqgCWfxkQxy5h3E4HcNbWKLeykCu6MuM+m2+
3idA1R+RsJQ3xK1Z8N93DE07mbqxqkxVqQPgb16srJvYJDP4q+Au/bTCFVFnNhWY
wLmSSh5qxbpTIQ==
-----END CERTIFICATE-----
Generated at Wed Aug 6 12:29:04 2025 by rpki-client