Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/e5af16-ddfd-4f3d-96a6-5c5a78bb2b8d/1/dNUnZVf32kEAET2Fc5VmSBVA5hw.mft
File:                     dNUnZVf32kEAET2Fc5VmSBVA5hw.mft (raw, json)
Hash identifier:          DolNW5QSZv57B0KTHClDsoyYdpGDi+y+act7zbk5TfY=
Subject key identifier:   71:4C:47:C6:37:A4:60:D9:BE:0F:4C:8C:CE:E3:66:5D:A7:F0:04:91
Authority key identifier: 74:D5:27:65:57:F7:DA:41:00:11:3D:85:73:95:66:48:15:40:E6:1C
Certificate issuer:       /CN=74d5276557f7da4100113d85739566481540e61c
Certificate serial:       01988B7C8F2697484ED76DD6DCAC9B6F264D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/dNUnZVf32kEAET2Fc5VmSBVA5hw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5a/e5af16-ddfd-4f3d-96a6-5c5a78bb2b8d/1/dNUnZVf32kEAET2Fc5VmSBVA5hw.mft
Manifest number:          08D5
Signing time:             Fri 08 Aug 2025 21:00:52 +0000
Manifest this update:     Fri 08 Aug 2025 21:00:52 +0000
Manifest next update:     Sat 09 Aug 2025 21:00:52 +0000
Files and hashes:         1: dNUnZVf32kEAET2Fc5VmSBVA5hw.crl (hash: Ap8sxEBSPxhF7rINB+cs9cYb+zpN7Fe7at0DLYZTVgA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5a/e5af16-ddfd-4f3d-96a6-5c5a78bb2b8d/1/dNUnZVf32kEAET2Fc5VmSBVA5hw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5a/e5af16-ddfd-4f3d-96a6-5c5a78bb2b8d/1/dNUnZVf32kEAET2Fc5VmSBVA5hw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/dNUnZVf32kEAET2Fc5VmSBVA5hw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 09 Aug 2025 20:00:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:8b:7c:8f:26:97:48:4e:d7:6d:d6:dc:ac:9b:6f:26:4d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=74d5276557f7da4100113d85739566481540e61c
        Validity
            Not Before: Aug  8 21:00:52 2025 GMT
            Not After : Aug  9 21:00:52 2025 GMT
        Subject: CN=714c47c637a460d9be0f4c8ccee3665da7f00491
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:fb:1b:f8:50:e4:8e:28:fc:58:01:ce:2b:7b:70:
                    1b:78:c2:d5:b4:8c:62:fc:65:2b:5d:a1:11:5e:45:
                    dc:f6:cf:dd:b2:22:9f:bf:8e:31:a8:84:9b:c2:2f:
                    90:6a:37:65:63:8a:c6:c6:9b:88:7a:98:0f:2a:0f:
                    1c:f5:ab:da:7c:67:fc:b2:88:6c:e2:bb:ae:f3:9d:
                    a2:e7:1c:40:de:2b:5a:69:ea:84:c5:a8:5c:09:b0:
                    1e:0a:35:e1:94:70:a0:c0:1f:63:78:6a:d1:57:87:
                    58:be:ee:b8:3b:ea:49:2a:06:c2:aa:16:a6:8a:d0:
                    4b:5e:c5:70:31:7d:9b:3c:d2:f9:19:0a:af:66:07:
                    64:69:85:bd:b4:d1:13:b5:53:6a:95:a5:84:bb:30:
                    76:00:d5:ae:9e:18:5b:27:94:99:ba:5b:81:e6:53:
                    a8:e7:d5:af:52:ac:37:8f:87:43:56:b6:72:3c:31:
                    aa:34:72:02:7a:6a:44:c2:de:6e:43:3a:45:f0:69:
                    94:5e:a5:1d:d0:01:d4:13:02:af:c9:04:34:d1:dc:
                    f2:3d:67:3f:9e:1b:7f:1a:e6:a5:e6:f6:39:ca:4b:
                    83:60:4a:a9:9e:6d:48:be:b0:44:bc:c9:ec:64:49:
                    ca:fa:37:3a:a1:e9:2f:ac:b1:a6:50:6c:24:4d:38:
                    f1:2f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                71:4C:47:C6:37:A4:60:D9:BE:0F:4C:8C:CE:E3:66:5D:A7:F0:04:91
            X509v3 Authority Key Identifier:
                keyid:74:D5:27:65:57:F7:DA:41:00:11:3D:85:73:95:66:48:15:40:E6:1C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dNUnZVf32kEAET2Fc5VmSBVA5hw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/e5af16-ddfd-4f3d-96a6-5c5a78bb2b8d/1/dNUnZVf32kEAET2Fc5VmSBVA5hw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/e5af16-ddfd-4f3d-96a6-5c5a78bb2b8d/1/dNUnZVf32kEAET2Fc5VmSBVA5hw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         49:87:24:ae:79:96:2b:18:7e:44:d8:2e:d7:c7:aa:24:42:01:
         2c:5e:6b:23:68:16:9d:88:3f:ee:a7:55:8a:2c:f8:ce:31:4d:
         84:15:6a:33:d4:82:f1:5c:16:38:65:38:f0:62:17:70:76:a5:
         0f:00:4c:d6:6e:fc:7c:2d:de:e8:b7:ef:c3:da:b3:80:da:8f:
         c0:e8:3e:b1:44:43:01:b1:a9:0a:87:6a:ec:17:70:63:81:72:
         4b:96:b6:07:dc:75:e6:2a:7b:9c:44:e5:7b:48:3c:2f:f7:62:
         7c:28:40:ac:37:bd:a5:14:3a:70:d5:f2:89:82:72:ca:c8:65:
         c4:0e:19:13:68:a2:3c:b4:e1:1f:3e:2f:de:21:f4:62:c6:38:
         f0:8e:d4:cd:45:83:45:0d:df:08:e8:3a:43:4f:6c:c5:a5:be:
         a8:1c:58:75:d6:af:c9:9d:b0:d9:38:ae:8c:b8:7c:0d:3c:de:
         6e:67:a6:24:2c:04:74:7c:3f:9a:c8:80:88:d6:98:7c:c6:54:
         32:0f:83:68:ca:70:ec:d8:67:ac:03:ca:a5:f2:a4:9d:a9:7c:
         ad:7d:7c:7b:05:d8:a2:e7:5f:27:b2:fd:dc:3f:e4:cc:ab:fa:
         b0:dd:08:6f:1a:ee:62:77:80:4f:0a:cd:8b:ea:bf:f0:87:3b:
         bd:37:4b:52
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZiLfI8ml0hO123W3KybbyZNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0ZDUyNzY1NTdmN2RhNDEwMDExM2Q4NTczOTU2NjQ4MTU0
MGU2MWMwHhcNMjUwODA4MjEwMDUyWhcNMjUwODA5MjEwMDUyWjAzMTEwLwYDVQQD
Eyg3MTRjNDdjNjM3YTQ2MGQ5YmUwZjRjOGNjZWUzNjY1ZGE3ZjAwNDkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+xv4UOSOKPxYAc4re3AbeMLVtIxi
/GUrXaERXkXc9s/dsiKfv44xqISbwi+QajdlY4rGxpuIepgPKg8c9avafGf8sohs
4ruu852i5xxA3itaaeqExahcCbAeCjXhlHCgwB9jeGrRV4dYvu64O+pJKgbCqham
itBLXsVwMX2bPNL5GQqvZgdkaYW9tNETtVNqlaWEuzB2ANWunhhbJ5SZuluB5lOo
59WvUqw3j4dDVrZyPDGqNHICempEwt5uQzpF8GmUXqUd0AHUEwKvyQQ00dzyPWc/
nht/Gual5vY5ykuDYEqpnm1IvrBEvMnsZEnK+jc6oekvrLGmUGwkTTjxLwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHFMR8Y3pGDZvg9MjM7jZl2n8ASRMB8GA1UdIwQY
MBaAFHTVJ2VX99pBABE9hXOVZkgVQOYcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZE5VblpWZjMya0VBRVQyRmM1Vm1TQlZBNWh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS9lNWFmMTYtZGRmZC00ZjNkLTk2YTYt
NWM1YTc4YmIyYjhkLzEvZE5VblpWZjMya0VBRVQyRmM1Vm1TQlZBNWh3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS9lNWFmMTYtZGRmZC00ZjNkLTk2YTYtNWM1YTc4YmIyYjhk
LzEvZE5VblpWZjMya0VBRVQyRmM1Vm1TQlZBNWh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEASYckrnmW
Kxh+RNgu18eqJEIBLF5rI2gWnYg/7qdViiz4zjFNhBVqM9SC8VwWOGU48GIXcHal
DwBM1m78fC3e6Lfvw9qzgNqPwOg+sURDAbGpCodq7BdwY4FyS5a2B9x15ip7nETl
e0g8L/difChArDe9pRQ6cNXyiYJyyshlxA4ZE2iiPLThHz4v3iH0YsY48I7UzUWD
RQ3fCOg6Q09sxaW+qBxYddavyZ2w2TiujLh8DTzebmemJCwEdHw/msiAiNaYfMZU
Mg+DaMpw7NhnrAPKpfKknal8rX18ewXYoudfJ7L93D/kzKv6sN0IbxruYneATwrN
i+q/8Ic7vTdLUg==
-----END CERTIFICATE-----
Generated at Sat Aug 9 05:49:48 2025 by rpki-client