Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3d/2aa9f9-bdb4-4ab9-8f9b-6b8aa0a2c960/1/9Lf2q209ljfV1-rM4943lLnPPg8.mft
File:                     9Lf2q209ljfV1-rM4943lLnPPg8.mft (raw, json)
Hash identifier:          ikUxcdZw4T4V4XuB1/EcKKq3dPNZiJS6FFqZ4CN6vWQ=
Subject key identifier:   D9:E0:EF:73:88:1A:C1:00:91:F8:49:AE:E9:D3:14:06:FE:B2:15:B8
Authority key identifier: F4:B7:F6:AB:6D:3D:96:37:D5:D7:EA:CC:E3:DE:37:94:B9:CF:3E:0F
Certificate issuer:       /CN=f4b7f6ab6d3d9637d5d7eacce3de3794b9cf3e0f
Certificate serial:       01989524335994781516165FA981F4E295D5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/9Lf2q209ljfV1-rM4943lLnPPg8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3d/2aa9f9-bdb4-4ab9-8f9b-6b8aa0a2c960/1/9Lf2q209ljfV1-rM4943lLnPPg8.mft
Manifest number:          01D2
Signing time:             Sun 10 Aug 2025 18:00:34 +0000
Manifest this update:     Sun 10 Aug 2025 18:00:34 +0000
Manifest next update:     Mon 11 Aug 2025 18:00:34 +0000
Files and hashes:         1: 9Lf2q209ljfV1-rM4943lLnPPg8.crl (hash: Na2bnRIJxKr5p6Olf2xwAM58kGz5R937Z0QT4eINp2Q=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3d/2aa9f9-bdb4-4ab9-8f9b-6b8aa0a2c960/1/9Lf2q209ljfV1-rM4943lLnPPg8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3d/2aa9f9-bdb4-4ab9-8f9b-6b8aa0a2c960/1/9Lf2q209ljfV1-rM4943lLnPPg8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/9Lf2q209ljfV1-rM4943lLnPPg8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 11 Aug 2025 18:00:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:95:24:33:59:94:78:15:16:16:5f:a9:81:f4:e2:95:d5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f4b7f6ab6d3d9637d5d7eacce3de3794b9cf3e0f
        Validity
            Not Before: Aug 10 18:00:34 2025 GMT
            Not After : Aug 11 18:00:34 2025 GMT
        Subject: CN=d9e0ef73881ac10091f849aee9d31406feb215b8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8f:3d:df:c9:cf:b1:90:67:fd:02:f8:df:32:d0:
                    0c:e6:7e:a7:aa:a6:7e:d1:0b:09:ed:ca:51:d4:70:
                    03:07:70:9e:64:5c:4b:3d:a6:ec:e9:a3:81:04:1b:
                    b1:09:86:34:69:89:8c:fb:83:57:35:45:62:37:60:
                    ed:31:e8:6c:8b:05:16:da:87:12:10:5c:92:66:26:
                    7a:86:88:09:52:32:65:93:09:55:82:e6:33:2b:9b:
                    80:ea:b3:16:d0:4f:ed:f7:26:9a:9a:0f:e2:64:2d:
                    53:34:06:bf:86:aa:6a:37:c1:e5:b9:c9:97:e5:4f:
                    dd:66:99:b6:78:4a:2b:39:9d:ab:2b:bf:12:80:64:
                    91:c9:1e:f3:b7:27:78:01:7c:97:6f:cc:38:52:44:
                    3f:00:6a:ad:87:4b:31:5c:b6:da:8e:54:7d:1e:1a:
                    9d:aa:87:30:94:f5:b4:d0:cb:f3:c9:06:4a:cc:36:
                    9a:2f:f8:99:b0:0f:02:26:bc:22:3d:9a:d8:66:5d:
                    23:ff:82:eb:43:5e:f4:38:ec:c3:56:40:c4:38:a6:
                    d2:5c:a3:d8:3e:b1:21:ec:8e:ef:30:a3:ed:0b:0c:
                    da:3e:1a:5a:24:9d:96:b3:d6:cf:c0:79:6d:8a:84:
                    2e:e6:74:d1:fb:53:a4:eb:ce:22:15:f0:40:8d:a1:
                    d4:e3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D9:E0:EF:73:88:1A:C1:00:91:F8:49:AE:E9:D3:14:06:FE:B2:15:B8
            X509v3 Authority Key Identifier:
                keyid:F4:B7:F6:AB:6D:3D:96:37:D5:D7:EA:CC:E3:DE:37:94:B9:CF:3E:0F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9Lf2q209ljfV1-rM4943lLnPPg8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/2aa9f9-bdb4-4ab9-8f9b-6b8aa0a2c960/1/9Lf2q209ljfV1-rM4943lLnPPg8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/2aa9f9-bdb4-4ab9-8f9b-6b8aa0a2c960/1/9Lf2q209ljfV1-rM4943lLnPPg8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         49:96:06:b0:d8:b9:72:ff:49:ea:5e:7e:76:24:fa:a7:78:ea:
         d8:0d:bd:5d:1c:c5:fe:72:2c:2a:e2:f9:cc:ed:dd:0f:57:46:
         e9:82:03:d0:27:a4:87:6b:4d:23:5c:75:d5:e0:ad:00:3a:d2:
         69:fb:24:45:fb:f9:98:81:74:0c:b6:43:0e:01:cb:77:e5:91:
         0c:34:aa:1c:6c:b3:9a:3a:77:cd:44:17:c2:71:67:7c:8c:42:
         ad:45:32:90:43:9c:2d:ab:9d:eb:27:2b:fb:2d:d8:4a:21:7e:
         45:d9:f0:68:e5:30:0a:10:b6:07:b0:46:83:1d:71:4d:da:2e:
         cc:c1:a9:92:67:ee:f5:99:4a:52:65:d1:bb:91:5c:98:d2:22:
         aa:66:35:c1:f9:fd:30:28:9c:66:d9:d4:69:d2:cd:79:75:8a:
         9a:e8:1c:f7:dd:63:49:bf:c8:6d:62:a5:cf:8c:0a:2c:25:fb:
         a5:b5:5f:c6:fe:3c:bf:d1:04:0e:47:d2:fd:9f:35:35:31:38:
         de:63:45:0a:4e:31:80:91:a5:bd:a5:26:dd:91:c1:18:00:51:
         bc:e4:12:a3:2e:47:2c:07:39:c3:ef:1a:d2:5a:ed:5a:16:5b:
         bd:d1:00:ba:f4:89:4d:9d:ed:dc:ba:56:6f:17:e4:0b:db:1a:
         92:f7:e5:33
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZiVJDNZlHgVFhZfqYH04pXVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY0YjdmNmFiNmQzZDk2MzdkNWQ3ZWFjY2UzZGUzNzk0Yjlj
ZjNlMGYwHhcNMjUwODEwMTgwMDM0WhcNMjUwODExMTgwMDM0WjAzMTEwLwYDVQQD
EyhkOWUwZWY3Mzg4MWFjMTAwOTFmODQ5YWVlOWQzMTQwNmZlYjIxNWI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjz3fyc+xkGf9AvjfMtAM5n6nqqZ+
0QsJ7cpR1HADB3CeZFxLPabs6aOBBBuxCYY0aYmM+4NXNUViN2DtMehsiwUW2ocS
EFySZiZ6hogJUjJlkwlVguYzK5uA6rMW0E/t9yaamg/iZC1TNAa/hqpqN8HlucmX
5U/dZpm2eEorOZ2rK78SgGSRyR7ztyd4AXyXb8w4UkQ/AGqth0sxXLbajlR9Hhqd
qocwlPW00MvzyQZKzDaaL/iZsA8CJrwiPZrYZl0j/4LrQ170OOzDVkDEOKbSXKPY
PrEh7I7vMKPtCwzaPhpaJJ2Ws9bPwHltioQu5nTR+1Ok684iFfBAjaHU4wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNng73OIGsEAkfhJrunTFAb+shW4MB8GA1UdIwQY
MBaAFPS39qttPZY31dfqzOPeN5S5zz4PMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOUxmMnEyMDlsamZWMS1yTTQ5NDNsTG5QUGc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZC8yYWE5ZjktYmRiNC00YWI5LThmOWIt
NmI4YWEwYTJjOTYwLzEvOUxmMnEyMDlsamZWMS1yTTQ5NDNsTG5QUGc4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZC8yYWE5ZjktYmRiNC00YWI5LThmOWItNmI4YWEwYTJjOTYw
LzEvOUxmMnEyMDlsamZWMS1yTTQ5NDNsTG5QUGc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEASZYGsNi5
cv9J6l5+diT6p3jq2A29XRzF/nIsKuL5zO3dD1dG6YID0Cekh2tNI1x11eCtADrS
afskRfv5mIF0DLZDDgHLd+WRDDSqHGyzmjp3zUQXwnFnfIxCrUUykEOcLaud6ycr
+y3YSiF+RdnwaOUwChC2B7BGgx1xTdouzMGpkmfu9ZlKUmXRu5FcmNIiqmY1wfn9
MCicZtnUadLNeXWKmugc991jSb/IbWKlz4wKLCX7pbVfxv48v9EEDkfS/Z81NTE4
3mNFCk4xgJGlvaUm3ZHBGABRvOQSoy5HLAc5w+8a0lrtWhZbvdEAuvSJTZ3t3LpW
bxfkC9sakvflMw==
-----END CERTIFICATE-----
Generated at Mon Aug 11 04:07:52 2025 by rpki-client