Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3d/029fc6-77d3-44d1-b8c8-e07f0ac78530/1/RDNmA3i76zplxtyp7Qp3b70gRhA.mft
File:                     RDNmA3i76zplxtyp7Qp3b70gRhA.mft (raw, json)
Hash identifier:          p1sJaIpRgmYDFQno+6tLzq0XFtcUUmHuZs6lbowoQKU=
Subject key identifier:   59:C4:EB:00:39:16:5C:73:74:33:F4:5E:4B:A7:AA:CE:3D:23:67:0F
Authority key identifier: 44:33:66:03:78:BB:EB:3A:65:C6:DC:A9:ED:0A:77:6F:BD:20:46:10
Certificate issuer:       /CN=4433660378bbeb3a65c6dca9ed0a776fbd204610
Certificate serial:       01988BEA0E73FB379557AF8AC29144FB71F4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/RDNmA3i76zplxtyp7Qp3b70gRhA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3d/029fc6-77d3-44d1-b8c8-e07f0ac78530/1/RDNmA3i76zplxtyp7Qp3b70gRhA.mft
Manifest number:          0360
Signing time:             Fri 08 Aug 2025 23:00:28 +0000
Manifest this update:     Fri 08 Aug 2025 23:00:28 +0000
Manifest next update:     Sat 09 Aug 2025 23:00:28 +0000
Files and hashes:         1: RDNmA3i76zplxtyp7Qp3b70gRhA.crl (hash: J8lPo2YpTnS8p3eZVoCYGKHuac8OHu8+tiriDz4zLKM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3d/029fc6-77d3-44d1-b8c8-e07f0ac78530/1/RDNmA3i76zplxtyp7Qp3b70gRhA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3d/029fc6-77d3-44d1-b8c8-e07f0ac78530/1/RDNmA3i76zplxtyp7Qp3b70gRhA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/RDNmA3i76zplxtyp7Qp3b70gRhA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 09 Aug 2025 20:00:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:8b:ea:0e:73:fb:37:95:57:af:8a:c2:91:44:fb:71:f4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4433660378bbeb3a65c6dca9ed0a776fbd204610
        Validity
            Not Before: Aug  8 23:00:28 2025 GMT
            Not After : Aug  9 23:00:28 2025 GMT
        Subject: CN=59c4eb0039165c737433f45e4ba7aace3d23670f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:2f:c1:dd:23:ef:d6:f5:1b:49:c9:e5:41:21:
                    f7:d3:74:a3:21:6f:54:6e:86:77:0f:03:16:9e:7a:
                    ec:b3:54:a6:d7:c8:44:2f:e4:9e:3b:27:27:cc:2c:
                    b3:e4:a7:ac:af:84:42:96:14:24:35:2b:e1:cf:44:
                    bb:29:2a:0b:06:dc:da:2f:c8:6d:db:01:98:ad:b9:
                    42:50:e5:f9:13:b4:49:db:5f:b4:84:36:ab:f4:ca:
                    cb:b5:d6:b7:0a:46:52:e2:41:29:d7:0d:66:be:e3:
                    5e:ac:ea:6c:bb:c4:a2:e3:44:85:47:ed:fe:bd:2a:
                    e5:aa:56:05:15:2a:46:d2:58:81:76:11:49:d0:b4:
                    f4:0f:9d:6b:44:53:d8:e9:ff:37:c3:ab:14:a4:98:
                    5d:b4:96:b8:e6:25:ad:c7:40:e6:85:50:5d:18:2c:
                    87:76:1b:f2:ad:5b:65:6e:30:57:17:30:3a:51:09:
                    b3:d5:fe:eb:ed:4e:c3:15:d9:4a:4f:61:15:68:71:
                    4f:d2:d6:0c:c5:5f:bf:5e:46:90:0b:9f:3c:aa:3c:
                    ef:f9:04:45:7d:49:de:17:8f:eb:df:ce:27:10:21:
                    4f:53:50:73:10:dc:f6:fc:19:d3:d3:52:f5:dc:48:
                    83:88:72:1e:1f:3c:c1:d5:32:e9:d5:47:2a:15:4b:
                    84:cf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                59:C4:EB:00:39:16:5C:73:74:33:F4:5E:4B:A7:AA:CE:3D:23:67:0F
            X509v3 Authority Key Identifier:
                keyid:44:33:66:03:78:BB:EB:3A:65:C6:DC:A9:ED:0A:77:6F:BD:20:46:10

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RDNmA3i76zplxtyp7Qp3b70gRhA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/029fc6-77d3-44d1-b8c8-e07f0ac78530/1/RDNmA3i76zplxtyp7Qp3b70gRhA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/029fc6-77d3-44d1-b8c8-e07f0ac78530/1/RDNmA3i76zplxtyp7Qp3b70gRhA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4c:da:64:2d:8c:9f:49:47:e9:e6:73:a4:9c:a0:e7:dc:8a:83:
         c4:47:a4:04:bf:43:ed:fc:d0:8b:ac:5e:a3:f6:1f:e5:9a:b6:
         e5:b1:ea:4e:cb:bb:5c:a1:04:ca:76:65:07:fd:72:8f:c0:71:
         48:cf:5f:dc:ca:13:bd:d2:c7:b4:61:e6:21:f6:73:6b:39:51:
         0a:27:a3:59:06:a0:fc:5e:b7:35:65:83:9a:0e:e7:28:87:8a:
         ea:bf:98:5b:b5:f2:ce:7a:29:49:e2:34:24:c1:63:62:9e:ac:
         6b:05:8e:7c:5e:d7:f0:e1:7e:68:63:15:96:ca:a8:db:7a:73:
         82:ee:c3:d9:78:32:85:e8:aa:d7:44:c5:7b:14:13:7f:da:ce:
         85:6f:89:97:aa:9d:b4:24:8a:41:60:b7:15:cf:78:ac:99:f4:
         60:8a:ed:4f:15:37:e0:b6:eb:3d:b7:2a:4a:44:8a:b1:8c:1f:
         49:1a:b6:7b:bf:67:c9:3d:f6:6d:7b:11:11:6a:d0:5b:b1:5e:
         b9:c3:98:d8:09:7e:45:03:be:55:4c:f8:62:bf:61:12:1e:8f:
         29:3c:08:1e:ae:ab:3e:57:79:a3:d2:c8:52:22:a1:46:05:57:
         9b:1e:14:d0:b7:8e:72:b8:9d:53:64:f3:d6:b5:2d:6a:96:5f:
         94:86:76:2a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZiL6g5z+zeVV6+KwpFE+3H0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ0MzM2NjAzNzhiYmViM2E2NWM2ZGNhOWVkMGE3NzZmYmQy
MDQ2MTAwHhcNMjUwODA4MjMwMDI4WhcNMjUwODA5MjMwMDI4WjAzMTEwLwYDVQQD
Eyg1OWM0ZWIwMDM5MTY1YzczNzQzM2Y0NWU0YmE3YWFjZTNkMjM2NzBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAti/B3SPv1vUbScnlQSH303SjIW9U
boZ3DwMWnnrss1Sm18hEL+SeOycnzCyz5Kesr4RClhQkNSvhz0S7KSoLBtzaL8ht
2wGYrblCUOX5E7RJ21+0hDar9MrLtda3CkZS4kEp1w1mvuNerOpsu8Si40SFR+3+
vSrlqlYFFSpG0liBdhFJ0LT0D51rRFPY6f83w6sUpJhdtJa45iWtx0DmhVBdGCyH
dhvyrVtlbjBXFzA6UQmz1f7r7U7DFdlKT2EVaHFP0tYMxV+/XkaQC588qjzv+QRF
fUneF4/r384nECFPU1BzENz2/BnT01L13EiDiHIeHzzB1TLp1UcqFUuEzwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFnE6wA5FlxzdDP0Xkunqs49I2cPMB8GA1UdIwQY
MBaAFEQzZgN4u+s6Zcbcqe0Kd2+9IEYQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUkRObUEzaTc2enBseHR5cDdRcDNiNzBnUmhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZC8wMjlmYzYtNzdkMy00NGQxLWI4Yzgt
ZTA3ZjBhYzc4NTMwLzEvUkRObUEzaTc2enBseHR5cDdRcDNiNzBnUmhBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZC8wMjlmYzYtNzdkMy00NGQxLWI4YzgtZTA3ZjBhYzc4NTMw
LzEvUkRObUEzaTc2enBseHR5cDdRcDNiNzBnUmhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATNpkLYyf
SUfp5nOknKDn3IqDxEekBL9D7fzQi6xeo/Yf5Zq25bHqTsu7XKEEynZlB/1yj8Bx
SM9f3MoTvdLHtGHmIfZzazlRCiejWQag/F63NWWDmg7nKIeK6r+YW7XyznopSeI0
JMFjYp6sawWOfF7X8OF+aGMVlsqo23pzgu7D2Xgyheiq10TFexQTf9rOhW+Jl6qd
tCSKQWC3Fc94rJn0YIrtTxU34LbrPbcqSkSKsYwfSRq2e79nyT32bXsREWrQW7Fe
ucOY2Al+RQO+VUz4Yr9hEh6PKTwIHq6rPld5o9LIUiKhRgVXmx4U0LeOcridU2Tz
1rUtapZflIZ2Kg==
-----END CERTIFICATE-----
Generated at Sat Aug 9 05:53:19 2025 by rpki-client