Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/2fa725-945c-48df-b629-2d140e4c5a3f/1/iPdXItsls3I97Npdhw32m_DYZa4.mft
File:                     iPdXItsls3I97Npdhw32m_DYZa4.mft (raw, json)
Hash identifier:          DguNr6RkXrXZaFBcwq091cLf8dJRMbSC9KxgAJWm4Rs=
Subject key identifier:   BC:82:D1:63:5A:11:9B:B7:23:21:D6:79:6D:A8:64:84:AF:03:55:03
Authority key identifier: 88:F7:57:22:DB:25:B3:72:3D:EC:DA:5D:87:0D:F6:9B:F0:D8:65:AE
Certificate issuer:       /CN=88f75722db25b3723decda5d870df69bf0d865ae
Certificate serial:       01988167B2623537C45A9466A83BAE5D2649
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/iPdXItsls3I97Npdhw32m_DYZa4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/57/2fa725-945c-48df-b629-2d140e4c5a3f/1/iPdXItsls3I97Npdhw32m_DYZa4.mft
Manifest number:          1016
Signing time:             Wed 06 Aug 2025 22:01:53 +0000
Manifest this update:     Wed 06 Aug 2025 22:01:53 +0000
Manifest next update:     Thu 07 Aug 2025 22:01:53 +0000
Files and hashes:         1: iPdXItsls3I97Npdhw32m_DYZa4.crl (hash: Q3HZAlu+YMF5XfoH5fcV+UEJ30bfI/N9i52+v3egoFk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/57/2fa725-945c-48df-b629-2d140e4c5a3f/1/iPdXItsls3I97Npdhw32m_DYZa4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/57/2fa725-945c-48df-b629-2d140e4c5a3f/1/iPdXItsls3I97Npdhw32m_DYZa4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/iPdXItsls3I97Npdhw32m_DYZa4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 07 Aug 2025 20:46:39 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:81:67:b2:62:35:37:c4:5a:94:66:a8:3b:ae:5d:26:49
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=88f75722db25b3723decda5d870df69bf0d865ae
        Validity
            Not Before: Aug  6 22:01:53 2025 GMT
            Not After : Aug  7 22:01:53 2025 GMT
        Subject: CN=bc82d1635a119bb72321d6796da86484af035503
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cc:7b:59:97:54:74:53:2a:b1:c4:43:9e:e5:a2:
                    10:44:b9:97:9f:76:19:ec:b1:30:2a:63:15:c5:9e:
                    e3:e4:f0:fc:82:e2:f0:b2:d8:63:1d:9f:85:9d:a8:
                    ef:42:04:1f:0a:99:45:a2:15:d5:12:2b:44:1b:92:
                    9d:86:9b:57:b3:ae:7a:e9:9d:77:76:f3:51:17:1a:
                    0d:93:34:63:19:9c:3c:85:8e:74:26:d0:07:f2:00:
                    9f:6a:a8:07:bb:21:c8:4b:87:19:fb:a7:5b:2f:72:
                    d8:5d:9b:27:b4:77:b4:fa:d0:74:ef:6d:5e:ad:ac:
                    6a:5d:30:66:cc:a3:12:23:b4:c6:b5:81:c5:2b:68:
                    a5:c6:fd:3d:1c:35:de:f4:b9:91:46:e7:2b:b7:50:
                    5d:1a:e7:bc:36:3d:f2:9f:37:60:64:d4:17:db:6b:
                    5d:83:b0:a3:04:21:6d:45:d1:7f:9a:3b:78:46:2b:
                    90:ec:dc:df:49:19:b7:f8:51:0b:c8:f5:1f:63:b7:
                    48:7c:83:fd:95:5c:a4:cd:ae:41:c5:88:18:ae:5e:
                    f5:48:c7:89:d9:6c:7d:43:41:51:91:30:d8:83:0d:
                    80:ef:07:1d:69:14:34:62:6b:9b:b3:35:d2:0a:ba:
                    3a:a2:ba:16:70:d4:08:3d:72:35:32:08:ee:1a:61:
                    8f:67
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BC:82:D1:63:5A:11:9B:B7:23:21:D6:79:6D:A8:64:84:AF:03:55:03
            X509v3 Authority Key Identifier:
                keyid:88:F7:57:22:DB:25:B3:72:3D:EC:DA:5D:87:0D:F6:9B:F0:D8:65:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iPdXItsls3I97Npdhw32m_DYZa4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/2fa725-945c-48df-b629-2d140e4c5a3f/1/iPdXItsls3I97Npdhw32m_DYZa4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/57/2fa725-945c-48df-b629-2d140e4c5a3f/1/iPdXItsls3I97Npdhw32m_DYZa4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         db:59:2f:d3:9e:6b:83:6f:79:a3:46:be:60:13:2c:cd:1b:0a:
         e2:3f:69:ce:fd:c9:32:e2:16:b0:1b:30:da:c3:89:5e:95:5e:
         24:4b:65:c8:c0:35:61:72:50:a7:a4:03:c4:10:85:74:e0:ae:
         2f:3c:c1:06:51:32:53:cc:1c:f2:71:75:94:b6:d1:43:23:87:
         53:0c:7f:8d:34:7f:3e:03:c6:cf:86:e2:95:bd:6a:de:e6:da:
         1d:0c:9e:f2:ac:80:2e:e3:2f:89:c6:0f:f3:7d:6b:ad:e4:ed:
         68:f2:ab:83:8e:59:2a:ad:f8:88:0e:ff:07:bc:d9:b5:94:ea:
         97:50:af:8b:68:3d:3e:54:91:df:55:2b:41:e9:4d:b8:83:ac:
         55:65:0b:68:54:f6:b8:cb:57:2c:95:56:ba:44:d5:7e:a2:7b:
         f9:82:57:d5:71:cf:f3:f7:7d:45:4b:71:26:55:e9:80:8d:37:
         bf:0f:5e:b1:49:04:a5:96:1a:69:86:a6:e5:ca:77:82:84:74:
         64:a9:29:92:37:81:21:74:8e:db:f0:67:4a:e4:86:4e:15:e6:
         28:9d:43:6b:c5:64:2a:df:59:59:6b:8a:0c:ab:f5:05:f8:5d:
         13:55:4a:7c:1e:ab:69:9a:22:1c:ec:86:34:e6:22:a8:1f:51:
         ba:90:27:58
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZiBZ7JiNTfEWpRmqDuuXSZJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4Zjc1NzIyZGIyNWIzNzIzZGVjZGE1ZDg3MGRmNjliZjBk
ODY1YWUwHhcNMjUwODA2MjIwMTUzWhcNMjUwODA3MjIwMTUzWjAzMTEwLwYDVQQD
EyhiYzgyZDE2MzVhMTE5YmI3MjMyMWQ2Nzk2ZGE4NjQ4NGFmMDM1NTAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzHtZl1R0UyqxxEOe5aIQRLmXn3YZ
7LEwKmMVxZ7j5PD8guLwsthjHZ+FnajvQgQfCplFohXVEitEG5KdhptXs6566Z13
dvNRFxoNkzRjGZw8hY50JtAH8gCfaqgHuyHIS4cZ+6dbL3LYXZsntHe0+tB0721e
raxqXTBmzKMSI7TGtYHFK2ilxv09HDXe9LmRRucrt1BdGue8Nj3ynzdgZNQX22td
g7CjBCFtRdF/mjt4RiuQ7NzfSRm3+FELyPUfY7dIfIP9lVykza5BxYgYrl71SMeJ
2Wx9Q0FRkTDYgw2A7wcdaRQ0YmubszXSCro6oroWcNQIPXI1MgjuGmGPZwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLyC0WNaEZu3IyHWeW2oZISvA1UDMB8GA1UdIwQY
MBaAFIj3VyLbJbNyPezaXYcN9pvw2GWuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaVBkWEl0c2xzM0k5N05wZGh3MzJtX0RZWmE0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny8yZmE3MjUtOTQ1Yy00OGRmLWI2Mjkt
MmQxNDBlNGM1YTNmLzEvaVBkWEl0c2xzM0k5N05wZGh3MzJtX0RZWmE0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny8yZmE3MjUtOTQ1Yy00OGRmLWI2MjktMmQxNDBlNGM1YTNm
LzEvaVBkWEl0c2xzM0k5N05wZGh3MzJtX0RZWmE0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEA21kv055r
g295o0a+YBMszRsK4j9pzv3JMuIWsBsw2sOJXpVeJEtlyMA1YXJQp6QDxBCFdOCu
LzzBBlEyU8wc8nF1lLbRQyOHUwx/jTR/PgPGz4bilb1q3ubaHQye8qyALuMvicYP
831rreTtaPKrg45ZKq34iA7/B7zZtZTql1Cvi2g9PlSR31UrQelNuIOsVWULaFT2
uMtXLJVWukTVfqJ7+YJX1XHP8/d9RUtxJlXpgI03vw9esUkEpZYaaYam5cp3goR0
ZKkpkjeBIXSO2/BnSuSGThXmKJ1Da8VkKt9ZWWuKDKv1BfhdE1VKfB6raZoiHOyG
NOYiqB9RupAnWA==
-----END CERTIFICATE-----
Generated at Thu Aug 7 00:30:11 2025 by rpki-client