Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/d568ed-1780-4d60-a6f7-5a8360dea3a3/1/sdLmgf8j3d89UXhY4cZKHa0phyk.mft
File:                     sdLmgf8j3d89UXhY4cZKHa0phyk.mft (raw, json)
Hash identifier:          FI4+9U5/r3qDUTEdugDtC0RHSDHVkdoYXBbsAaKZOr0=
Subject key identifier:   2B:37:5E:EE:4A:63:F8:E8:31:88:67:3C:7D:AA:16:4B:3A:8E:36:CB
Authority key identifier: B1:D2:E6:81:FF:23:DD:DF:3D:51:78:58:E1:C6:4A:1D:AD:29:87:29
Certificate issuer:       /CN=b1d2e681ff23dddf3d517858e1c64a1dad298729
Certificate serial:       019873E23A5F23762932E95AB575AEBBA87D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/sdLmgf8j3d89UXhY4cZKHa0phyk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/33/d568ed-1780-4d60-a6f7-5a8360dea3a3/1/sdLmgf8j3d89UXhY4cZKHa0phyk.mft
Manifest number:          1464
Signing time:             Mon 04 Aug 2025 07:01:02 +0000
Manifest this update:     Mon 04 Aug 2025 07:01:02 +0000
Manifest next update:     Tue 05 Aug 2025 07:01:02 +0000
Files and hashes:         1: hDoqXFR8UibPRuqFY2xn-m_-15I.roa (hash: qknu8HOpVZZ1hKraF3WMV/fgLgKt1U80KJN/d09ixdI=)
                          2: sdLmgf8j3d89UXhY4cZKHa0phyk.crl (hash: 0ZwToG29p9/dLJZLnFedQqsw+FBmEJ+xlqzTRjHM258=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/33/d568ed-1780-4d60-a6f7-5a8360dea3a3/1/sdLmgf8j3d89UXhY4cZKHa0phyk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/33/d568ed-1780-4d60-a6f7-5a8360dea3a3/1/sdLmgf8j3d89UXhY4cZKHa0phyk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/sdLmgf8j3d89UXhY4cZKHa0phyk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 05 Aug 2025 03:00:28 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:73:e2:3a:5f:23:76:29:32:e9:5a:b5:75:ae:bb:a8:7d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b1d2e681ff23dddf3d517858e1c64a1dad298729
        Validity
            Not Before: Aug  4 07:01:02 2025 GMT
            Not After : Aug  5 07:01:02 2025 GMT
        Subject: CN=2b375eee4a63f8e83188673c7daa164b3a8e36cb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:ee:b7:58:03:9c:b9:3a:1b:b9:2b:b6:93:95:
                    75:0d:7f:2f:24:f0:d2:d3:b3:8e:55:f7:09:03:fd:
                    9c:f3:22:6a:71:b0:91:fe:8c:ec:38:82:29:a4:f0:
                    5b:de:44:25:61:0c:a9:53:dd:81:3c:6c:46:79:8d:
                    02:29:65:d5:c0:d7:4f:f1:45:e2:b5:c7:0c:6f:cc:
                    49:df:cb:90:81:d0:f6:02:ad:3b:18:27:f7:50:d3:
                    6d:e9:87:47:8c:24:eb:77:88:2f:bc:3d:e1:85:df:
                    a8:51:f9:49:64:e2:d0:44:b2:8f:0a:8f:d0:6c:80:
                    69:98:10:e4:c9:31:d8:11:d5:ec:92:b1:43:54:19:
                    8a:d1:bc:ed:5b:96:4d:89:87:47:a2:1f:8d:e9:4a:
                    33:34:05:e9:15:fb:fb:89:6c:54:86:07:20:82:2f:
                    66:a7:3c:24:6b:d3:39:fa:ef:32:4b:dc:c9:8b:f2:
                    7d:21:d0:cb:39:f2:91:1d:2d:fb:2a:19:0d:a2:80:
                    d2:0e:7c:88:06:8a:b8:f1:4d:9a:58:77:fe:3b:e8:
                    b5:7e:c9:a8:c0:0e:8c:34:cf:93:cf:97:de:62:55:
                    bf:76:e8:3e:88:08:d7:07:0e:01:30:7e:4d:ed:14:
                    56:ac:a0:e6:96:a5:cc:33:ae:52:cc:84:4d:25:7b:
                    36:83
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2B:37:5E:EE:4A:63:F8:E8:31:88:67:3C:7D:AA:16:4B:3A:8E:36:CB
            X509v3 Authority Key Identifier:
                keyid:B1:D2:E6:81:FF:23:DD:DF:3D:51:78:58:E1:C6:4A:1D:AD:29:87:29

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sdLmgf8j3d89UXhY4cZKHa0phyk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/d568ed-1780-4d60-a6f7-5a8360dea3a3/1/sdLmgf8j3d89UXhY4cZKHa0phyk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/33/d568ed-1780-4d60-a6f7-5a8360dea3a3/1/sdLmgf8j3d89UXhY4cZKHa0phyk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         aa:89:50:b2:fd:23:4b:c6:29:c4:da:13:4f:97:11:2e:7f:e0:
         d9:3f:4a:00:1d:de:72:3b:2d:fc:b5:52:26:77:8a:7d:26:19:
         33:c8:8f:70:c2:99:08:a4:c2:60:c2:ce:8f:5d:f2:5c:ed:2b:
         2a:b9:fe:64:16:99:77:32:a1:b6:d0:a6:ed:bc:5f:d0:86:12:
         ca:7a:02:ee:35:0b:ae:bb:22:3f:ec:89:47:a1:cc:54:04:58:
         cb:18:19:28:ca:c4:41:a4:72:10:13:d0:fe:94:54:c1:eb:bf:
         30:48:43:c9:25:48:05:37:16:ad:1b:60:15:15:35:35:26:cd:
         9e:96:1f:ee:b8:8a:65:42:06:b8:68:46:6f:0e:36:fb:6e:68:
         43:e2:31:3e:45:ac:3d:10:61:cc:e8:70:fd:7d:f3:3e:f1:ec:
         5b:3c:4f:25:72:8b:26:32:64:98:d7:33:b3:19:1b:bb:6b:a2:
         45:bd:f3:27:86:a6:f5:25:8b:83:82:6f:7e:ed:c1:56:67:f1:
         dc:ae:ef:25:dd:92:42:5f:f6:b9:57:a8:0d:18:ae:eb:3c:d1:
         4e:7a:83:5f:4c:1f:4c:8b:3c:fa:ca:7a:6d:92:1c:53:58:99:
         fe:a7:3e:1c:a9:16:32:59:22:12:f3:c3:aa:5b:ce:0e:a6:86:
         84:ae:5d:b2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZhz4jpfI3YpMulatXWuu6h9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxZDJlNjgxZmYyM2RkZGYzZDUxNzg1OGUxYzY0YTFkYWQy
OTg3MjkwHhcNMjUwODA0MDcwMTAyWhcNMjUwODA1MDcwMTAyWjAzMTEwLwYDVQQD
EygyYjM3NWVlZTRhNjNmOGU4MzE4ODY3M2M3ZGFhMTY0YjNhOGUzNmNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwO63WAOcuTobuSu2k5V1DX8vJPDS
07OOVfcJA/2c8yJqcbCR/ozsOIIppPBb3kQlYQypU92BPGxGeY0CKWXVwNdP8UXi
tccMb8xJ38uQgdD2Aq07GCf3UNNt6YdHjCTrd4gvvD3hhd+oUflJZOLQRLKPCo/Q
bIBpmBDkyTHYEdXskrFDVBmK0bztW5ZNiYdHoh+N6UozNAXpFfv7iWxUhgcggi9m
pzwka9M5+u8yS9zJi/J9IdDLOfKRHS37KhkNooDSDnyIBoq48U2aWHf+O+i1fsmo
wA6MNM+Tz5feYlW/dug+iAjXBw4BMH5N7RRWrKDmlqXMM65SzIRNJXs2gwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCs3Xu5KY/joMYhnPH2qFks6jjbLMB8GA1UdIwQY
MBaAFLHS5oH/I93fPVF4WOHGSh2tKYcpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc2RMbWdmOGozZDg5VVhoWTRjWktIYTBwaHlrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy9kNTY4ZWQtMTc4MC00ZDYwLWE2Zjct
NWE4MzYwZGVhM2EzLzEvc2RMbWdmOGozZDg5VVhoWTRjWktIYTBwaHlrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMy9kNTY4ZWQtMTc4MC00ZDYwLWE2ZjctNWE4MzYwZGVhM2Ez
LzEvc2RMbWdmOGozZDg5VVhoWTRjWktIYTBwaHlrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAqolQsv0j
S8YpxNoTT5cRLn/g2T9KAB3ecjst/LVSJneKfSYZM8iPcMKZCKTCYMLOj13yXO0r
Krn+ZBaZdzKhttCm7bxf0IYSynoC7jULrrsiP+yJR6HMVARYyxgZKMrEQaRyEBPQ
/pRUweu/MEhDySVIBTcWrRtgFRU1NSbNnpYf7riKZUIGuGhGbw42+25oQ+IxPkWs
PRBhzOhw/X3zPvHsWzxPJXKLJjJkmNczsxkbu2uiRb3zJ4am9SWLg4Jvfu3BVmfx
3K7vJd2SQl/2uVeoDRiu6zzRTnqDX0wfTIs8+sp6bZIcU1iZ/qc+HKkWMlkiEvPD
qlvODqaGhK5dsg==
-----END CERTIFICATE-----
Generated at Mon Aug 4 11:05:46 2025 by rpki-client