Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5c/e0564d-9453-4dc2-aca2-a038be15b97b/1/cUt8OIAz4WI_xti-t69cOUJRkds.mft
File:                     cUt8OIAz4WI_xti-t69cOUJRkds.mft (raw, json)
Hash identifier:          LgvywO4S0g+IpNF+tN1U7TP2kaCC1nfBB9tMI5+h8os=
Subject key identifier:   91:9F:04:D4:ED:EA:1C:E0:E5:D6:62:85:0B:B3:5A:90:67:B4:36:4B
Authority key identifier: 71:4B:7C:38:80:33:E1:62:3F:C6:D8:BE:B7:AF:5C:39:42:51:91:DB
Certificate issuer:       /CN=714b7c388033e1623fc6d8beb7af5c39425191db
Certificate serial:       019873E29502C9412B2BCD5AB0A727B96CED
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/cUt8OIAz4WI_xti-t69cOUJRkds.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5c/e0564d-9453-4dc2-aca2-a038be15b97b/1/cUt8OIAz4WI_xti-t69cOUJRkds.mft
Manifest number:          07CE
Signing time:             Mon 04 Aug 2025 07:01:25 +0000
Manifest this update:     Mon 04 Aug 2025 07:01:25 +0000
Manifest next update:     Tue 05 Aug 2025 07:01:25 +0000
Files and hashes:         1: cUt8OIAz4WI_xti-t69cOUJRkds.crl (hash: jeU2nvy674VEJR4TP345BL3xF27HbIhWm7vURwJp2LM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5c/e0564d-9453-4dc2-aca2-a038be15b97b/1/cUt8OIAz4WI_xti-t69cOUJRkds.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5c/e0564d-9453-4dc2-aca2-a038be15b97b/1/cUt8OIAz4WI_xti-t69cOUJRkds.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/cUt8OIAz4WI_xti-t69cOUJRkds.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 05 Aug 2025 03:00:28 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:73:e2:95:02:c9:41:2b:2b:cd:5a:b0:a7:27:b9:6c:ed
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=714b7c388033e1623fc6d8beb7af5c39425191db
        Validity
            Not Before: Aug  4 07:01:25 2025 GMT
            Not After : Aug  5 07:01:25 2025 GMT
        Subject: CN=919f04d4edea1ce0e5d662850bb35a9067b4364b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:e7:7e:15:62:3d:28:03:61:ea:1f:4a:d3:55:
                    1d:01:0d:ec:ff:22:43:8e:5a:4f:48:8b:cb:a0:7f:
                    7f:30:c2:94:2e:2e:5b:f4:21:90:4b:e0:6c:b5:21:
                    a8:4a:a1:b8:7a:f7:b0:5c:e8:ba:dc:2a:1a:64:6e:
                    95:ff:2d:0a:53:3f:2c:7f:4a:30:e9:a3:da:a0:f7:
                    a8:c1:9b:2a:6c:cd:1d:89:94:15:29:1d:a6:6f:ea:
                    e9:04:13:85:83:54:3a:7c:29:ac:0b:74:47:0c:5b:
                    49:0a:c0:e0:68:41:94:d0:3f:5b:15:bb:3d:9a:22:
                    8e:69:61:cb:45:c6:30:f0:59:02:da:35:d1:56:ec:
                    e4:f3:56:e5:de:c0:57:ac:32:c2:28:d2:aa:9f:c4:
                    d4:cf:8d:1b:01:cb:e3:60:8b:76:db:29:0e:3f:42:
                    69:42:b8:94:81:60:ad:54:d1:31:78:e9:7f:9e:55:
                    d2:99:e0:63:e9:49:80:81:77:24:46:60:c7:6c:90:
                    4e:8f:27:c7:e5:94:5d:c7:a1:39:10:bc:81:43:82:
                    31:f9:02:0f:fc:18:aa:5c:cf:ce:40:97:aa:86:24:
                    41:f6:31:50:12:92:4a:59:d8:7c:4a:41:ab:4d:88:
                    c3:3b:9d:41:96:97:d2:93:98:e9:92:dc:13:99:ae:
                    6b:9b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                91:9F:04:D4:ED:EA:1C:E0:E5:D6:62:85:0B:B3:5A:90:67:B4:36:4B
            X509v3 Authority Key Identifier:
                keyid:71:4B:7C:38:80:33:E1:62:3F:C6:D8:BE:B7:AF:5C:39:42:51:91:DB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cUt8OIAz4WI_xti-t69cOUJRkds.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/e0564d-9453-4dc2-aca2-a038be15b97b/1/cUt8OIAz4WI_xti-t69cOUJRkds.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/e0564d-9453-4dc2-aca2-a038be15b97b/1/cUt8OIAz4WI_xti-t69cOUJRkds.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2d:93:01:41:4b:76:a8:77:76:b5:2b:55:1b:8b:72:7d:73:e4:
         a2:ae:5f:6e:0b:b5:a4:32:52:f0:ba:d0:07:34:be:e6:65:97:
         28:dc:bc:28:86:3c:56:66:7e:12:69:25:fa:c5:31:48:32:16:
         b5:16:ef:be:5c:a4:99:a7:42:e5:70:4c:e9:6f:a3:f9:bc:cb:
         99:da:15:4a:6e:69:fc:b7:a5:94:7e:a3:59:a1:c9:f4:ef:a3:
         5a:20:55:8d:a3:32:22:06:8c:ea:ee:18:f6:7b:75:cf:10:5e:
         b1:82:83:17:08:2e:10:e9:fe:2a:4a:ff:75:02:97:bb:b7:3b:
         2b:92:fb:63:77:17:63:ca:05:6e:17:d8:be:2c:b5:36:fb:02:
         b4:ec:25:1a:c1:d5:98:1c:09:9e:8d:40:ca:17:e8:9b:29:d8:
         2b:bf:24:db:7e:cc:26:e3:76:6b:dd:96:ef:5f:48:db:58:45:
         4a:43:b6:7e:a2:15:5f:95:7d:34:8b:ff:5b:c6:50:9b:da:14:
         56:1c:ae:a1:66:1d:0e:6f:a6:c6:15:40:0a:3e:92:95:6e:4e:
         cf:e0:7e:39:ab:52:4c:b1:c6:78:4c:43:b3:ba:9e:b3:b9:e5:
         0e:cf:4a:01:6a:af:1c:7f:15:ce:4a:f9:84:5a:68:28:92:10:
         c1:bf:f6:14
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZhz4pUCyUErK81asKcnuWztMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcxNGI3YzM4ODAzM2UxNjIzZmM2ZDhiZWI3YWY1YzM5NDI1
MTkxZGIwHhcNMjUwODA0MDcwMTI1WhcNMjUwODA1MDcwMTI1WjAzMTEwLwYDVQQD
Eyg5MTlmMDRkNGVkZWExY2UwZTVkNjYyODUwYmIzNWE5MDY3YjQzNjRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvud+FWI9KANh6h9K01UdAQ3s/yJD
jlpPSIvLoH9/MMKULi5b9CGQS+BstSGoSqG4evewXOi63CoaZG6V/y0KUz8sf0ow
6aPaoPeowZsqbM0diZQVKR2mb+rpBBOFg1Q6fCmsC3RHDFtJCsDgaEGU0D9bFbs9
miKOaWHLRcYw8FkC2jXRVuzk81bl3sBXrDLCKNKqn8TUz40bAcvjYIt22ykOP0Jp
QriUgWCtVNExeOl/nlXSmeBj6UmAgXckRmDHbJBOjyfH5ZRdx6E5ELyBQ4Ix+QIP
/BiqXM/OQJeqhiRB9jFQEpJKWdh8SkGrTYjDO51BlpfSk5jpktwTma5rmwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJGfBNTt6hzg5dZihQuzWpBntDZLMB8GA1UdIwQY
MBaAFHFLfDiAM+FiP8bYvrevXDlCUZHbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY1V0OE9JQXo0V0lfeHRpLXQ2OWNPVUpSa2RzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yy9lMDU2NGQtOTQ1My00ZGMyLWFjYTIt
YTAzOGJlMTViOTdiLzEvY1V0OE9JQXo0V0lfeHRpLXQ2OWNPVUpSa2RzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yy9lMDU2NGQtOTQ1My00ZGMyLWFjYTItYTAzOGJlMTViOTdi
LzEvY1V0OE9JQXo0V0lfeHRpLXQ2OWNPVUpSa2RzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALZMBQUt2
qHd2tStVG4tyfXPkoq5fbgu1pDJS8LrQBzS+5mWXKNy8KIY8VmZ+Emkl+sUxSDIW
tRbvvlykmadC5XBM6W+j+bzLmdoVSm5p/LellH6jWaHJ9O+jWiBVjaMyIgaM6u4Y
9nt1zxBesYKDFwguEOn+Kkr/dQKXu7c7K5L7Y3cXY8oFbhfYviy1NvsCtOwlGsHV
mBwJno1AyhfomynYK78k237MJuN2a92W719I21hFSkO2fqIVX5V9NIv/W8ZQm9oU
VhyuoWYdDm+mxhVACj6SlW5Oz+B+OatSTLHGeExDs7qes7nlDs9KAWqvHH8Vzkr5
hFpoKJIQwb/2FA==
-----END CERTIFICATE-----
Generated at Mon Aug 4 11:04:29 2025 by rpki-client