Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/19c93b-c9a1-494b-9bc0-0f2b540eca08/1/tz2I10aK9gGvFMXh7ZA8TzbK9fo.mft
File:                     tz2I10aK9gGvFMXh7ZA8TzbK9fo.mft (raw, json)
Hash identifier:          xoKfuZfqaes9MGkkq9jGP/VmT0mDPG5rgAHkxBO7J64=
Subject key identifier:   93:8C:5E:EF:EB:B6:54:46:93:BC:F1:BE:A9:5E:49:91:EF:74:B8:70
Authority key identifier: B7:3D:88:D7:46:8A:F6:01:AF:14:C5:E1:ED:90:3C:4F:36:CA:F5:FA
Certificate issuer:       /CN=b73d88d7468af601af14c5e1ed903c4f36caf5fa
Certificate serial:       01988EEC9ABC7258562341278B045B8DC6B5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/tz2I10aK9gGvFMXh7ZA8TzbK9fo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/65/19c93b-c9a1-494b-9bc0-0f2b540eca08/1/tz2I10aK9gGvFMXh7ZA8TzbK9fo.mft
Manifest number:          1621
Signing time:             Sat 09 Aug 2025 13:02:07 +0000
Manifest this update:     Sat 09 Aug 2025 13:02:07 +0000
Manifest next update:     Sun 10 Aug 2025 13:02:07 +0000
Files and hashes:         1: tz2I10aK9gGvFMXh7ZA8TzbK9fo.crl (hash: Z1LFF9bgyUXqrXvvHBR54fxrylKtX7TARgHEF+bevIQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/65/19c93b-c9a1-494b-9bc0-0f2b540eca08/1/tz2I10aK9gGvFMXh7ZA8TzbK9fo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/65/19c93b-c9a1-494b-9bc0-0f2b540eca08/1/tz2I10aK9gGvFMXh7ZA8TzbK9fo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/tz2I10aK9gGvFMXh7ZA8TzbK9fo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 10 Aug 2025 13:02:07 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:8e:ec:9a:bc:72:58:56:23:41:27:8b:04:5b:8d:c6:b5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b73d88d7468af601af14c5e1ed903c4f36caf5fa
        Validity
            Not Before: Aug  9 13:02:07 2025 GMT
            Not After : Aug 10 13:02:07 2025 GMT
        Subject: CN=938c5eefebb6544693bcf1bea95e4991ef74b870
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:53:9c:ed:6a:24:76:c1:64:f9:33:ca:31:e0:
                    61:26:28:1a:83:e2:1d:39:2b:f9:35:42:54:4e:1e:
                    56:14:28:06:5d:bc:dd:c0:43:bc:67:38:ad:46:1b:
                    27:22:b2:b2:85:dc:35:35:8d:a5:36:3a:9c:7a:0f:
                    19:d0:af:7e:73:99:8b:f7:36:bf:87:e3:49:c8:63:
                    bc:5b:bc:95:c8:e5:a9:2c:be:db:19:27:14:7a:e2:
                    42:7b:44:6f:81:fc:1c:10:68:e8:62:fc:fa:08:29:
                    fb:3e:0e:f8:3e:52:c9:2a:20:9d:c5:2c:2c:ea:3e:
                    6b:48:af:0c:74:0d:88:c2:0b:8f:1a:a9:31:1f:51:
                    fe:23:75:35:73:f2:da:69:04:80:72:ee:8d:8a:5b:
                    d8:ca:96:76:1b:72:02:86:87:8a:fb:6c:2e:60:f0:
                    d8:33:d5:c4:43:2d:eb:21:0d:8a:55:ac:42:03:73:
                    22:78:26:d9:e6:8a:84:65:0e:b1:02:c0:f2:7f:bb:
                    7b:0d:3f:87:72:9f:42:3f:6a:8f:3a:ec:d0:71:7b:
                    2c:00:ec:68:9f:e7:39:9d:20:84:9b:b4:ad:b9:43:
                    8f:8a:3f:b5:1c:51:af:02:35:e7:2a:ca:3d:e0:8d:
                    b4:3f:f9:82:37:dc:d8:26:07:13:7a:1b:33:7f:26:
                    04:a7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                93:8C:5E:EF:EB:B6:54:46:93:BC:F1:BE:A9:5E:49:91:EF:74:B8:70
            X509v3 Authority Key Identifier:
                keyid:B7:3D:88:D7:46:8A:F6:01:AF:14:C5:E1:ED:90:3C:4F:36:CA:F5:FA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tz2I10aK9gGvFMXh7ZA8TzbK9fo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/19c93b-c9a1-494b-9bc0-0f2b540eca08/1/tz2I10aK9gGvFMXh7ZA8TzbK9fo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/65/19c93b-c9a1-494b-9bc0-0f2b540eca08/1/tz2I10aK9gGvFMXh7ZA8TzbK9fo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4f:f7:c2:6f:3c:cd:31:c4:b1:5d:da:88:ae:e2:36:59:d1:21:
         b5:b8:4b:d9:0b:fe:93:36:55:3a:b1:dc:34:39:52:56:25:a4:
         c1:50:2c:85:87:59:39:71:7a:63:ec:0e:db:99:da:c2:9c:f2:
         9e:7f:fd:53:8a:00:01:95:9f:73:02:9f:ea:98:7f:e0:8d:f2:
         0f:a5:b2:ff:e3:2b:e9:b9:76:6a:38:0f:d5:25:32:aa:7e:56:
         b6:d5:2e:7e:48:9b:f3:03:de:6e:ff:dd:99:88:88:ec:8a:91:
         73:9e:aa:5b:04:13:73:1d:05:93:54:00:73:bd:27:b0:0e:f0:
         72:01:b5:69:27:6d:af:2a:e6:7c:1e:2c:17:17:fc:01:03:38:
         1f:d2:65:8b:4d:02:76:72:87:14:38:dd:bb:fd:68:b0:bf:a6:
         e7:f5:8e:ef:cb:5e:4a:9f:eb:f3:84:6f:32:a8:d8:dc:41:2a:
         e1:e3:41:cd:24:2c:f7:df:47:33:c5:c0:0d:84:94:29:e7:b7:
         24:d4:45:8f:3f:fa:76:c6:aa:09:d0:6f:9b:18:ff:f9:dc:e2:
         3f:da:ab:8a:f1:a0:3f:73:cf:f7:2e:f0:40:d4:3b:34:fb:c0:
         de:01:80:94:ba:9f:c9:36:79:27:9e:a0:ec:99:eb:97:6c:c8:
         40:b4:b3:05
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZiO7Jq8clhWI0EniwRbjca1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI3M2Q4OGQ3NDY4YWY2MDFhZjE0YzVlMWVkOTAzYzRmMzZj
YWY1ZmEwHhcNMjUwODA5MTMwMjA3WhcNMjUwODEwMTMwMjA3WjAzMTEwLwYDVQQD
Eyg5MzhjNWVlZmViYjY1NDQ2OTNiY2YxYmVhOTVlNDk5MWVmNzRiODcwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoFOc7WokdsFk+TPKMeBhJigag+Id
OSv5NUJUTh5WFCgGXbzdwEO8ZzitRhsnIrKyhdw1NY2lNjqceg8Z0K9+c5mL9za/
h+NJyGO8W7yVyOWpLL7bGScUeuJCe0RvgfwcEGjoYvz6CCn7Pg74PlLJKiCdxSws
6j5rSK8MdA2IwguPGqkxH1H+I3U1c/LaaQSAcu6NilvYypZ2G3IChoeK+2wuYPDY
M9XEQy3rIQ2KVaxCA3MieCbZ5oqEZQ6xAsDyf7t7DT+Hcp9CP2qPOuzQcXssAOxo
n+c5nSCEm7StuUOPij+1HFGvAjXnKso94I20P/mCN9zYJgcTehszfyYEpwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJOMXu/rtlRGk7zxvqleSZHvdLhwMB8GA1UdIwQY
MBaAFLc9iNdGivYBrxTF4e2QPE82yvX6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdHoySTEwYUs5Z0d2Rk1YaDdaQThUemJLOWZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS8xOWM5M2ItYzlhMS00OTRiLTliYzAt
MGYyYjU0MGVjYTA4LzEvdHoySTEwYUs5Z0d2Rk1YaDdaQThUemJLOWZvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS8xOWM5M2ItYzlhMS00OTRiLTliYzAtMGYyYjU0MGVjYTA4
LzEvdHoySTEwYUs5Z0d2Rk1YaDdaQThUemJLOWZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAT/fCbzzN
McSxXdqIruI2WdEhtbhL2Qv+kzZVOrHcNDlSViWkwVAshYdZOXF6Y+wO25nawpzy
nn/9U4oAAZWfcwKf6ph/4I3yD6Wy/+Mr6bl2ajgP1SUyqn5WttUufkib8wPebv/d
mYiI7IqRc56qWwQTcx0Fk1QAc70nsA7wcgG1aSdtryrmfB4sFxf8AQM4H9Jli00C
dnKHFDjdu/1osL+m5/WO78teSp/r84RvMqjY3EEq4eNBzSQs999HM8XADYSUKee3
JNRFjz/6dsaqCdBvmxj/+dziP9qrivGgP3PP9y7wQNQ7NPvA3gGAlLqfyTZ5J56g
7Jnrl2zIQLSzBQ==
-----END CERTIFICATE-----
Generated at Sat Aug 9 22:37:43 2025 by rpki-client