Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/9b57ab-6ca2-4aa8-8387-afdd53827e93/1/JYkGVU2Mi0KO3oyzUCaGDT13cd8.mft
File:                     JYkGVU2Mi0KO3oyzUCaGDT13cd8.mft (raw, json)
Hash identifier:          qsOZIJO0EXOTnssG/cKTWGNJW7hRSU8HJ6h/DJmUCD4=
Subject key identifier:   E9:2D:D4:9D:57:70:10:54:30:7D:D5:38:9D:42:2B:FF:6F:74:BF:DA
Authority key identifier: 25:89:06:55:4D:8C:8B:42:8E:DE:8C:B3:50:26:86:0D:3D:77:71:DF
Certificate issuer:       /CN=258906554d8c8b428ede8cb35026860d3d7771df
Certificate serial:       01988B7D08E0E35B2B6193119CDEF293D2D4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/JYkGVU2Mi0KO3oyzUCaGDT13cd8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/42/9b57ab-6ca2-4aa8-8387-afdd53827e93/1/JYkGVU2Mi0KO3oyzUCaGDT13cd8.mft
Manifest number:          0D03
Signing time:             Fri 08 Aug 2025 21:01:23 +0000
Manifest this update:     Fri 08 Aug 2025 21:01:23 +0000
Manifest next update:     Sat 09 Aug 2025 21:01:23 +0000
Files and hashes:         1: JYkGVU2Mi0KO3oyzUCaGDT13cd8.crl (hash: pvK7Dbe27yRz3mI3cPyuCFJJUurzadhxCBHqo2mbL2Y=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/42/9b57ab-6ca2-4aa8-8387-afdd53827e93/1/JYkGVU2Mi0KO3oyzUCaGDT13cd8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/42/9b57ab-6ca2-4aa8-8387-afdd53827e93/1/JYkGVU2Mi0KO3oyzUCaGDT13cd8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/JYkGVU2Mi0KO3oyzUCaGDT13cd8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 09 Aug 2025 20:00:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:8b:7d:08:e0:e3:5b:2b:61:93:11:9c:de:f2:93:d2:d4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=258906554d8c8b428ede8cb35026860d3d7771df
        Validity
            Not Before: Aug  8 21:01:23 2025 GMT
            Not After : Aug  9 21:01:23 2025 GMT
        Subject: CN=e92dd49d57701054307dd5389d422bff6f74bfda
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d3:5a:2d:71:bc:db:6b:82:92:09:2c:87:ce:21:
                    ba:f4:1b:06:08:69:ab:5e:40:26:71:ae:8c:b8:31:
                    ba:4e:69:55:e4:ed:57:b8:53:e1:ce:e2:58:42:f3:
                    cc:ef:c3:86:b0:62:23:4f:d1:17:88:e4:ab:30:77:
                    e2:fd:ce:b9:3b:4b:89:96:88:f6:d2:db:fb:8c:be:
                    6d:1e:ac:ea:0b:e1:f4:cb:d2:dd:50:d9:d6:7d:7b:
                    c7:6e:87:e7:a0:09:79:8a:c9:15:3e:dc:cc:50:1a:
                    c4:7a:11:23:82:12:b2:42:58:b4:4a:19:f3:b3:6a:
                    0d:ba:87:de:81:7f:d6:95:df:95:22:9f:0c:7f:7b:
                    65:34:2e:39:55:44:27:cf:2f:0b:3b:d6:64:f3:76:
                    1a:d5:78:59:52:cf:e5:42:53:7c:08:4f:19:9e:e9:
                    1a:3c:83:b5:fd:2e:c7:54:e2:49:c7:15:4e:28:f5:
                    b1:66:61:67:be:53:2f:21:00:c2:f1:d2:db:cb:74:
                    61:10:14:4c:a9:97:ed:f0:e1:26:b9:ae:5e:8a:d1:
                    85:3d:59:5b:fd:43:5e:9f:45:26:8e:0b:a9:40:95:
                    1f:0f:07:a2:f1:c9:9d:0b:36:7f:24:76:6d:0e:02:
                    c0:65:26:65:70:e3:31:96:fb:09:6e:de:1e:f9:60:
                    c4:53
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E9:2D:D4:9D:57:70:10:54:30:7D:D5:38:9D:42:2B:FF:6F:74:BF:DA
            X509v3 Authority Key Identifier:
                keyid:25:89:06:55:4D:8C:8B:42:8E:DE:8C:B3:50:26:86:0D:3D:77:71:DF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JYkGVU2Mi0KO3oyzUCaGDT13cd8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/9b57ab-6ca2-4aa8-8387-afdd53827e93/1/JYkGVU2Mi0KO3oyzUCaGDT13cd8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/42/9b57ab-6ca2-4aa8-8387-afdd53827e93/1/JYkGVU2Mi0KO3oyzUCaGDT13cd8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         50:9f:8e:b6:46:fb:03:d2:52:6f:3b:fa:09:32:b0:35:ad:24:
         b6:83:e0:ce:c0:30:db:a3:6d:aa:bf:32:e3:73:84:0d:f8:37:
         fe:42:8e:23:ae:44:b9:d6:3f:89:c4:99:f7:c3:80:5c:54:2f:
         6b:70:fb:b5:d7:66:1a:f9:49:8c:93:cc:e5:16:37:4a:b6:20:
         2b:08:a7:02:9f:9c:67:9c:c7:87:e1:61:f6:40:23:9e:f9:fd:
         4f:44:6e:0c:da:6d:59:70:a0:9b:4c:5a:90:a6:38:56:c4:14:
         2f:9b:4b:fa:9d:9d:45:a1:2a:ba:9f:24:04:ca:74:30:a6:f8:
         82:37:12:f2:67:4e:af:16:ac:51:22:80:6c:77:02:1b:85:ad:
         59:24:dd:c3:66:69:82:15:00:a2:1e:a6:10:d4:03:4e:34:ec:
         af:1c:b5:e9:49:5a:35:32:0d:3d:9e:b4:c8:9a:eb:02:02:8b:
         8d:6d:b4:e6:57:19:f9:8e:52:4a:5c:5d:ec:f8:8a:5f:16:e3:
         6a:0e:69:85:eb:eb:f8:80:b1:f0:ba:c5:98:d5:a9:f1:86:02:
         fd:24:6b:dd:7c:bd:ef:4a:9a:91:14:21:ed:64:0d:b0:4b:a3:
         91:a0:83:80:fe:4d:13:89:c7:0c:d6:84:95:ca:06:cf:2c:a8:
         95:99:f9:67
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZiLfQjg41srYZMRnN7yk9LUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI1ODkwNjU1NGQ4YzhiNDI4ZWRlOGNiMzUwMjY4NjBkM2Q3
NzcxZGYwHhcNMjUwODA4MjEwMTIzWhcNMjUwODA5MjEwMTIzWjAzMTEwLwYDVQQD
EyhlOTJkZDQ5ZDU3NzAxMDU0MzA3ZGQ1Mzg5ZDQyMmJmZjZmNzRiZmRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA01otcbzba4KSCSyHziG69BsGCGmr
XkAmca6MuDG6TmlV5O1XuFPhzuJYQvPM78OGsGIjT9EXiOSrMHfi/c65O0uJloj2
0tv7jL5tHqzqC+H0y9LdUNnWfXvHbofnoAl5iskVPtzMUBrEehEjghKyQli0Shnz
s2oNuofegX/Wld+VIp8Mf3tlNC45VUQnzy8LO9Zk83Ya1XhZUs/lQlN8CE8Znuka
PIO1/S7HVOJJxxVOKPWxZmFnvlMvIQDC8dLby3RhEBRMqZft8OEmua5eitGFPVlb
/UNen0UmjgupQJUfDwei8cmdCzZ/JHZtDgLAZSZlcOMxlvsJbt4e+WDEUwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOkt1J1XcBBUMH3VOJ1CK/9vdL/aMB8GA1UdIwQY
MBaAFCWJBlVNjItCjt6Ms1Amhg09d3HfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSllrR1ZVMk1pMEtPM295elVDYUdEVDEzY2Q4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi85YjU3YWItNmNhMi00YWE4LTgzODct
YWZkZDUzODI3ZTkzLzEvSllrR1ZVMk1pMEtPM295elVDYUdEVDEzY2Q4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi85YjU3YWItNmNhMi00YWE4LTgzODctYWZkZDUzODI3ZTkz
LzEvSllrR1ZVMk1pMEtPM295elVDYUdEVDEzY2Q4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAUJ+Otkb7
A9JSbzv6CTKwNa0ktoPgzsAw26Ntqr8y43OEDfg3/kKOI65EudY/icSZ98OAXFQv
a3D7tddmGvlJjJPM5RY3SrYgKwinAp+cZ5zHh+Fh9kAjnvn9T0RuDNptWXCgm0xa
kKY4VsQUL5tL+p2dRaEqup8kBMp0MKb4gjcS8mdOrxasUSKAbHcCG4WtWSTdw2Zp
ghUAoh6mENQDTjTsrxy16UlaNTINPZ60yJrrAgKLjW205lcZ+Y5SSlxd7PiKXxbj
ag5phevr+ICx8LrFmNWp8YYC/SRr3Xy970qakRQh7WQNsEujkaCDgP5NE4nHDNaE
lcoGzyyolZn5Zw==
-----END CERTIFICATE-----
Generated at Sat Aug 9 05:51:39 2025 by rpki-client