Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/56/e7edd1-c79f-4890-a175-12e6a6edd124/1/PI_isZvT639wpO7atha1MlABFSA.mft
File:                     PI_isZvT639wpO7atha1MlABFSA.mft (raw, json)
Hash identifier:          GPafQNdbjqTuBttZi7QOcKkdKFu51ROzOsSVRZz1l0c=
Subject key identifier:   96:B7:D0:F2:5A:B7:E8:B6:F0:0F:BA:B2:21:46:F7:96:24:45:DC:A1
Authority key identifier: 3C:8F:E2:B1:9B:D3:EB:7F:70:A4:EE:DA:B6:16:B5:32:50:01:15:20
Certificate issuer:       /CN=3c8fe2b19bd3eb7f70a4eedab616b53250011520
Certificate serial:       019872D001F03F20B0338FD7C8E3DE77C78A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/PI_isZvT639wpO7atha1MlABFSA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/56/e7edd1-c79f-4890-a175-12e6a6edd124/1/PI_isZvT639wpO7atha1MlABFSA.mft
Manifest number:          02E9
Signing time:             Mon 04 Aug 2025 02:01:31 +0000
Manifest this update:     Mon 04 Aug 2025 02:01:31 +0000
Manifest next update:     Tue 05 Aug 2025 02:01:31 +0000
Files and hashes:         1: PI_isZvT639wpO7atha1MlABFSA.crl (hash: 6ZtqCuKHWE9f66u8LiNNGgj0m+lo3T8ruVCCblNpFRg=)
                          2: iTxg6a45pQs6yguLKNzKJpXtu1I.roa (hash: IbbuNrBXDC3r/NQaAU8s873gXp019KR8EegJpijUcwo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/56/e7edd1-c79f-4890-a175-12e6a6edd124/1/PI_isZvT639wpO7atha1MlABFSA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/56/e7edd1-c79f-4890-a175-12e6a6edd124/1/PI_isZvT639wpO7atha1MlABFSA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/PI_isZvT639wpO7atha1MlABFSA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 05 Aug 2025 02:01:31 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:72:d0:01:f0:3f:20:b0:33:8f:d7:c8:e3:de:77:c7:8a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3c8fe2b19bd3eb7f70a4eedab616b53250011520
        Validity
            Not Before: Aug  4 02:01:31 2025 GMT
            Not After : Aug  5 02:01:31 2025 GMT
        Subject: CN=96b7d0f25ab7e8b6f00fbab22146f7962445dca1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9e:b2:2d:b9:a6:91:ac:ca:3b:cf:0a:20:5b:54:
                    7c:e3:41:6e:b2:7c:d2:ba:4e:5f:5b:92:9b:88:d2:
                    fd:15:b1:98:ba:08:b9:b2:4e:16:2c:9b:c3:10:e5:
                    73:f7:94:9f:4f:78:8b:a5:1d:eb:c4:93:2e:30:d3:
                    3b:7a:03:ba:23:8c:92:20:e1:0e:7c:21:ec:90:10:
                    02:10:c8:e9:08:7e:7c:cd:8f:b9:2e:83:f3:4e:ce:
                    0e:2e:fd:33:82:81:3e:2b:7d:7b:c0:b4:d4:4d:be:
                    bf:44:fd:4e:42:9f:90:99:49:e8:10:a2:7b:cc:ef:
                    ad:15:a6:dd:5a:b9:63:1e:07:9a:58:14:e1:2f:df:
                    34:46:f1:47:8b:f4:e3:0d:ff:78:20:c8:1f:a7:de:
                    31:ad:b3:92:18:44:a2:45:9b:04:d8:58:0f:d3:19:
                    3e:96:03:73:01:3d:9f:49:22:99:fc:d6:f5:a9:67:
                    ac:35:ec:a1:73:c7:86:be:93:9d:55:7a:65:0d:5d:
                    a0:6f:9b:3c:cb:b0:0a:6b:0b:dd:0b:1d:34:27:d7:
                    9b:9f:11:10:44:d4:81:05:3f:8c:d4:82:d7:10:bf:
                    f8:ec:1e:82:8b:9f:6f:f9:1c:0d:97:f6:8c:b0:b9:
                    76:fe:82:22:19:4b:e9:c7:4a:97:e5:ea:cf:03:d5:
                    ae:a1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                96:B7:D0:F2:5A:B7:E8:B6:F0:0F:BA:B2:21:46:F7:96:24:45:DC:A1
            X509v3 Authority Key Identifier:
                keyid:3C:8F:E2:B1:9B:D3:EB:7F:70:A4:EE:DA:B6:16:B5:32:50:01:15:20

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PI_isZvT639wpO7atha1MlABFSA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/56/e7edd1-c79f-4890-a175-12e6a6edd124/1/PI_isZvT639wpO7atha1MlABFSA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/56/e7edd1-c79f-4890-a175-12e6a6edd124/1/PI_isZvT639wpO7atha1MlABFSA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         52:7c:60:09:17:ef:ef:c2:01:9f:02:5c:a4:91:d2:34:eb:4b:
         3d:09:18:71:fd:54:dc:14:62:7d:d0:3f:38:3a:a8:41:ae:9e:
         d6:80:39:68:b3:b4:7a:aa:2e:92:87:e7:54:81:ae:9b:1a:65:
         20:48:a6:d7:bf:db:42:aa:04:ca:0d:5f:5f:b7:ef:18:37:e7:
         c0:6e:4e:ae:6d:97:11:a6:76:e7:81:4e:45:53:c1:30:f4:ae:
         55:52:d1:07:13:10:f3:1b:61:31:2d:2f:c8:ef:65:98:4d:a2:
         26:c3:bf:14:6c:c1:10:22:33:47:4e:0f:d0:a2:cd:7e:03:75:
         b4:e0:a8:b5:3b:c3:b4:d4:e8:f4:5e:c9:8b:0d:7d:31:ad:9a:
         a8:33:00:e6:a4:33:be:94:12:cb:1c:1f:84:b5:18:3a:09:85:
         f6:31:d7:3f:16:a1:16:d6:62:09:a2:bc:4e:79:e2:c3:5d:8b:
         43:8c:7c:94:54:de:59:9a:22:08:0f:31:89:6c:db:53:8d:e5:
         da:03:b3:fb:7c:1b:20:c8:41:22:02:a9:1f:39:bf:24:31:df:
         95:eb:ef:0f:2a:bc:20:2c:c3:08:3e:a0:30:7a:be:12:67:1f:
         56:cc:a3:78:39:2a:dc:60:48:ba:26:22:c5:fa:4b:f0:3a:36:
         c7:3f:44:ff
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZhy0AHwPyCwM4/XyOPed8eKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNjOGZlMmIxOWJkM2ViN2Y3MGE0ZWVkYWI2MTZiNTMyNTAw
MTE1MjAwHhcNMjUwODA0MDIwMTMxWhcNMjUwODA1MDIwMTMxWjAzMTEwLwYDVQQD
Eyg5NmI3ZDBmMjVhYjdlOGI2ZjAwZmJhYjIyMTQ2Zjc5NjI0NDVkY2ExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnrItuaaRrMo7zwogW1R840FusnzS
uk5fW5KbiNL9FbGYugi5sk4WLJvDEOVz95SfT3iLpR3rxJMuMNM7egO6I4ySIOEO
fCHskBACEMjpCH58zY+5LoPzTs4OLv0zgoE+K317wLTUTb6/RP1OQp+QmUnoEKJ7
zO+tFabdWrljHgeaWBThL980RvFHi/TjDf94IMgfp94xrbOSGESiRZsE2FgP0xk+
lgNzAT2fSSKZ/Nb1qWesNeyhc8eGvpOdVXplDV2gb5s8y7AKawvdCx00J9ebnxEQ
RNSBBT+M1ILXEL/47B6Ci59v+RwNl/aMsLl2/oIiGUvpx0qX5erPA9WuoQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJa30PJat+i28A+6siFG95YkRdyhMB8GA1UdIwQY
MBaAFDyP4rGb0+t/cKTu2rYWtTJQARUgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUElfaXNadlQ2Mzl3cE83YXRoYTFNbEFCRlNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ni9lN2VkZDEtYzc5Zi00ODkwLWExNzUt
MTJlNmE2ZWRkMTI0LzEvUElfaXNadlQ2Mzl3cE83YXRoYTFNbEFCRlNBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ni9lN2VkZDEtYzc5Zi00ODkwLWExNzUtMTJlNmE2ZWRkMTI0
LzEvUElfaXNadlQ2Mzl3cE83YXRoYTFNbEFCRlNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAUnxgCRfv
78IBnwJcpJHSNOtLPQkYcf1U3BRifdA/ODqoQa6e1oA5aLO0eqoukofnVIGumxpl
IEim17/bQqoEyg1fX7fvGDfnwG5Orm2XEaZ254FORVPBMPSuVVLRBxMQ8xthMS0v
yO9lmE2iJsO/FGzBECIzR04P0KLNfgN1tOCotTvDtNTo9F7Jiw19Ma2aqDMA5qQz
vpQSyxwfhLUYOgmF9jHXPxahFtZiCaK8Tnniw12LQ4x8lFTeWZoiCA8xiWzbU43l
2gOz+3wbIMhBIgKpHzm/JDHflevvDyq8ICzDCD6gMHq+EmcfVsyjeDkq3GBIuiYi
xfpL8Do2xz9E/w==
-----END CERTIFICATE-----
Generated at Mon Aug 4 11:04:41 2025 by rpki-client