Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/43/bb5912-17c7-4607-9472-e2152edf9f9c/1/L8tesBINBwkLEmJWxFo1KC1awKw.mft
File:                     L8tesBINBwkLEmJWxFo1KC1awKw.mft (raw, json)
Hash identifier:          yMwxNgqLW1p6Vi7svmzIU1FevT6MzsQFNrmR1t5nXAc=
Subject key identifier:   07:BB:40:36:A3:C7:99:15:D0:F5:A0:A6:20:1C:49:B3:FC:00:40:5C
Authority key identifier: 2F:CB:5E:B0:12:0D:07:09:0B:12:62:56:C4:5A:35:28:2D:5A:C0:AC
Certificate issuer:       /CN=2fcb5eb0120d07090b126256c45a35282d5ac0ac
Certificate serial:       01988167F29614DC170987FFA9CFBC637418
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/L8tesBINBwkLEmJWxFo1KC1awKw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/43/bb5912-17c7-4607-9472-e2152edf9f9c/1/L8tesBINBwkLEmJWxFo1KC1awKw.mft
Manifest number:          D2
Signing time:             Wed 06 Aug 2025 22:02:09 +0000
Manifest this update:     Wed 06 Aug 2025 22:02:09 +0000
Manifest next update:     Thu 07 Aug 2025 22:02:09 +0000
Files and hashes:         1: L8tesBINBwkLEmJWxFo1KC1awKw.crl (hash: gYR4+kYMHUX3iQ+iUmx83tke78J19niNu4GP18Xxw1o=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/43/bb5912-17c7-4607-9472-e2152edf9f9c/1/L8tesBINBwkLEmJWxFo1KC1awKw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/43/bb5912-17c7-4607-9472-e2152edf9f9c/1/L8tesBINBwkLEmJWxFo1KC1awKw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/L8tesBINBwkLEmJWxFo1KC1awKw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 07 Aug 2025 20:46:39 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:81:67:f2:96:14:dc:17:09:87:ff:a9:cf:bc:63:74:18
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2fcb5eb0120d07090b126256c45a35282d5ac0ac
        Validity
            Not Before: Aug  6 22:02:09 2025 GMT
            Not After : Aug  7 22:02:09 2025 GMT
        Subject: CN=07bb4036a3c79915d0f5a0a6201c49b3fc00405c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:77:d9:a2:c9:bd:af:1c:6c:c7:e9:21:83:f7:
                    ad:e3:73:95:a2:8b:4c:c3:02:61:2e:78:25:69:95:
                    3a:11:59:16:8d:97:d2:8a:98:61:c4:fd:e1:96:d6:
                    7e:96:dd:f3:5f:1f:d4:1e:df:f8:21:57:35:2c:4a:
                    23:72:cf:4f:4b:ce:10:3c:3b:30:5b:0c:77:33:93:
                    29:4d:8d:4a:da:94:e9:99:28:26:3d:c5:26:38:7e:
                    fa:0b:90:57:0a:a8:76:c3:72:bc:ba:a2:77:dd:5c:
                    91:c7:e2:d4:82:95:3a:23:64:b0:30:ea:b3:23:84:
                    8c:b5:5e:b7:80:f0:3d:00:fe:0f:0d:96:f6:c2:b0:
                    28:4a:07:8f:3c:88:e0:78:f7:62:f4:f8:6e:68:db:
                    a8:7c:2d:43:78:58:6d:6b:08:5e:61:3d:89:30:7b:
                    b8:80:93:35:24:02:38:f7:37:4f:ac:e2:c2:07:0f:
                    12:9d:92:2c:77:4a:77:ed:67:2e:5e:52:47:55:dd:
                    4b:29:4b:34:70:52:72:33:2f:3f:8f:83:48:0b:1f:
                    e5:d7:b4:9e:7d:41:e2:ef:00:cb:bb:db:a5:0e:22:
                    4e:4f:8c:07:8d:d4:f7:ac:ff:ef:b7:6a:ff:8f:6e:
                    8b:2c:a3:77:b1:71:21:0f:5d:4f:c2:6a:bc:09:54:
                    45:41
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                07:BB:40:36:A3:C7:99:15:D0:F5:A0:A6:20:1C:49:B3:FC:00:40:5C
            X509v3 Authority Key Identifier:
                keyid:2F:CB:5E:B0:12:0D:07:09:0B:12:62:56:C4:5A:35:28:2D:5A:C0:AC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/L8tesBINBwkLEmJWxFo1KC1awKw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/43/bb5912-17c7-4607-9472-e2152edf9f9c/1/L8tesBINBwkLEmJWxFo1KC1awKw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/43/bb5912-17c7-4607-9472-e2152edf9f9c/1/L8tesBINBwkLEmJWxFo1KC1awKw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1e:2f:23:a5:30:5d:08:77:93:6e:ed:9e:74:89:9f:7e:17:91:
         f5:5a:8f:3f:f8:4c:00:b4:44:72:6f:76:26:f8:5d:fe:49:fe:
         45:c5:84:60:26:56:04:d3:73:b0:57:78:85:9d:6b:43:23:4c:
         44:0a:88:42:74:fd:d3:b1:6e:9c:9e:e1:f1:1b:9c:0a:92:6d:
         ae:94:da:49:a7:ec:5d:08:05:41:e7:c9:7b:5f:63:da:27:00:
         d1:0b:a0:b9:fb:e6:63:be:da:82:85:db:76:fd:1f:5e:95:17:
         d5:ff:9b:85:61:73:ea:0a:b4:e5:74:ea:2b:d5:10:42:a3:34:
         49:a1:b7:87:40:9e:c7:47:ec:05:5a:d7:77:72:01:cc:a4:a2:
         07:f8:64:e3:4d:27:fd:39:48:e8:1f:01:40:62:ec:c8:18:0f:
         44:e0:4a:3c:6c:20:b6:dc:64:9e:c2:52:5b:de:e0:ba:3a:bb:
         a8:63:55:19:78:8f:48:bc:6b:ac:e0:59:ff:37:76:22:1a:69:
         af:56:01:79:a8:80:d6:84:ee:50:50:04:ea:5b:74:4e:e0:7c:
         81:fb:57:60:52:82:b5:1a:fc:69:13:ac:5d:03:cd:f1:8b:72:
         88:a7:61:6b:4a:08:6e:f8:16:0a:f2:42:4d:10:07:8d:f7:95:
         26:d3:a8:67
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZiBZ/KWFNwXCYf/qc+8Y3QYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJmY2I1ZWIwMTIwZDA3MDkwYjEyNjI1NmM0NWEzNTI4MmQ1
YWMwYWMwHhcNMjUwODA2MjIwMjA5WhcNMjUwODA3MjIwMjA5WjAzMTEwLwYDVQQD
EygwN2JiNDAzNmEzYzc5OTE1ZDBmNWEwYTYyMDFjNDliM2ZjMDA0MDVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApXfZosm9rxxsx+khg/et43OVootM
wwJhLnglaZU6EVkWjZfSiphhxP3hltZ+lt3zXx/UHt/4IVc1LEojcs9PS84QPDsw
Wwx3M5MpTY1K2pTpmSgmPcUmOH76C5BXCqh2w3K8uqJ33VyRx+LUgpU6I2SwMOqz
I4SMtV63gPA9AP4PDZb2wrAoSgePPIjgePdi9PhuaNuofC1DeFhtawheYT2JMHu4
gJM1JAI49zdPrOLCBw8SnZIsd0p37WcuXlJHVd1LKUs0cFJyMy8/j4NICx/l17Se
fUHi7wDLu9ulDiJOT4wHjdT3rP/vt2r/j26LLKN3sXEhD11Pwmq8CVRFQQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAe7QDajx5kV0PWgpiAcSbP8AEBcMB8GA1UdIwQY
MBaAFC/LXrASDQcJCxJiVsRaNSgtWsCsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTDh0ZXNCSU5Cd2tMRW1KV3hGbzFLQzFhd0t3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80My9iYjU5MTItMTdjNy00NjA3LTk0NzIt
ZTIxNTJlZGY5ZjljLzEvTDh0ZXNCSU5Cd2tMRW1KV3hGbzFLQzFhd0t3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80My9iYjU5MTItMTdjNy00NjA3LTk0NzItZTIxNTJlZGY5Zjlj
LzEvTDh0ZXNCSU5Cd2tMRW1KV3hGbzFLQzFhd0t3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHi8jpTBd
CHeTbu2edImffheR9VqPP/hMALREcm92Jvhd/kn+RcWEYCZWBNNzsFd4hZ1rQyNM
RAqIQnT907FunJ7h8RucCpJtrpTaSafsXQgFQefJe19j2icA0QugufvmY77agoXb
dv0fXpUX1f+bhWFz6gq05XTqK9UQQqM0SaG3h0Cex0fsBVrXd3IBzKSiB/hk400n
/TlI6B8BQGLsyBgPROBKPGwgttxknsJSW97gujq7qGNVGXiPSLxrrOBZ/zd2Ihpp
r1YBeaiA1oTuUFAE6lt0TuB8gftXYFKCtRr8aROsXQPN8YtyiKdha0oIbvgWCvJC
TRAHjfeVJtOoZw==
-----END CERTIFICATE-----
Generated at Thu Aug 7 00:31:09 2025 by rpki-client