Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/1bb45a-551c-4967-95ca-77344bcc9191/1/PE7ZQuXHQud7-5vrlU-HJTT1KEg.mft
File:                     PE7ZQuXHQud7-5vrlU-HJTT1KEg.mft (raw, json)
Hash identifier:          Fo5/+CeF8Nrhgfx8Eh6ghvwZSKfjdOcuCQStnymJBy4=
Subject key identifier:   D4:28:ED:26:32:CD:87:E3:B3:8F:F6:0E:F1:E4:70:A4:7C:4F:00:F7
Authority key identifier: 3C:4E:D9:42:E5:C7:42:E7:7B:FB:9B:EB:95:4F:87:25:34:F5:28:48
Certificate issuer:       /CN=3c4ed942e5c742e77bfb9beb954f872534f52848
Certificate serial:       019880C1F7361FB50E44DC4FCBEE7409436F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/PE7ZQuXHQud7-5vrlU-HJTT1KEg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/66/1bb45a-551c-4967-95ca-77344bcc9191/1/PE7ZQuXHQud7-5vrlU-HJTT1KEg.mft
Manifest number:          10F1
Signing time:             Wed 06 Aug 2025 19:00:51 +0000
Manifest this update:     Wed 06 Aug 2025 19:00:51 +0000
Manifest next update:     Thu 07 Aug 2025 19:00:51 +0000
Files and hashes:         1: PE7ZQuXHQud7-5vrlU-HJTT1KEg.crl (hash: NAbZfhrkuEO76o14LopND5AdhLB01hQ4n9k0Dl6rEoM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/66/1bb45a-551c-4967-95ca-77344bcc9191/1/PE7ZQuXHQud7-5vrlU-HJTT1KEg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/66/1bb45a-551c-4967-95ca-77344bcc9191/1/PE7ZQuXHQud7-5vrlU-HJTT1KEg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/PE7ZQuXHQud7-5vrlU-HJTT1KEg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 07 Aug 2025 19:00:51 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:80:c1:f7:36:1f:b5:0e:44:dc:4f:cb:ee:74:09:43:6f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3c4ed942e5c742e77bfb9beb954f872534f52848
        Validity
            Not Before: Aug  6 19:00:51 2025 GMT
            Not After : Aug  7 19:00:51 2025 GMT
        Subject: CN=d428ed2632cd87e3b38ff60ef1e470a47c4f00f7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ca:ac:e0:b5:b6:5e:83:a7:1d:a4:8c:c6:e5:98:
                    cb:d3:c1:33:d9:0a:8f:21:b9:05:fc:94:9f:b8:67:
                    85:11:04:de:ee:2a:7f:8a:5c:7c:6d:1b:2d:f7:c8:
                    c5:c1:00:cc:ef:98:c4:f5:38:0e:1f:63:e4:e1:c4:
                    2b:84:fe:02:de:3b:9c:6a:b2:6f:51:30:fc:fa:cb:
                    b9:1b:70:81:ee:3f:2c:a7:ab:7e:f4:32:bf:3d:dc:
                    a2:4a:7a:d1:83:0a:22:d1:6e:1f:50:8f:79:d0:2e:
                    35:07:db:22:2f:39:df:24:a8:4d:84:c6:0e:62:f6:
                    8b:73:14:1e:49:5a:58:56:df:0b:76:2c:8f:69:63:
                    6d:5d:6a:a4:71:d9:af:65:46:fc:51:35:5d:24:77:
                    33:c5:7b:fe:c0:d9:14:88:24:34:f1:c6:53:85:3e:
                    b4:d2:b6:13:51:4a:9e:6c:38:29:dd:51:4b:06:f4:
                    d9:94:09:90:51:4f:8e:b6:7e:8e:7e:9a:51:76:47:
                    d9:79:e1:3c:8d:58:b3:26:59:8f:3a:f2:c8:e6:a6:
                    c0:aa:91:1d:d1:c7:f5:e6:cc:88:d0:de:ca:7a:bb:
                    9f:3c:16:e3:05:03:40:69:3b:7f:cf:eb:26:43:ea:
                    d5:64:16:a4:8c:aa:cc:3f:eb:1b:48:de:30:4c:17:
                    6e:5d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D4:28:ED:26:32:CD:87:E3:B3:8F:F6:0E:F1:E4:70:A4:7C:4F:00:F7
            X509v3 Authority Key Identifier:
                keyid:3C:4E:D9:42:E5:C7:42:E7:7B:FB:9B:EB:95:4F:87:25:34:F5:28:48

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PE7ZQuXHQud7-5vrlU-HJTT1KEg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/1bb45a-551c-4967-95ca-77344bcc9191/1/PE7ZQuXHQud7-5vrlU-HJTT1KEg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/66/1bb45a-551c-4967-95ca-77344bcc9191/1/PE7ZQuXHQud7-5vrlU-HJTT1KEg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1e:88:ac:3a:1c:5c:5b:dd:32:09:ef:74:4e:4d:56:2d:58:ff:
         38:71:27:47:98:dc:90:94:3a:cd:bf:71:34:0f:af:2c:6b:c4:
         95:6b:4d:00:1a:59:be:89:94:81:63:2c:9c:35:3f:87:a5:6c:
         0a:13:3c:94:0d:ae:df:32:93:18:65:1e:58:b8:30:63:6c:dc:
         8e:47:66:a4:55:e9:ac:b1:ba:38:fe:7b:dc:e7:59:35:83:f7:
         21:37:d8:60:ba:34:b3:ab:1d:9e:0e:aa:9e:a7:c3:05:69:6a:
         a1:b3:02:d0:ac:97:17:2c:c1:d4:f9:40:61:9f:a9:41:6c:93:
         56:a0:b0:3a:36:9c:9f:0b:c4:03:f9:42:1c:11:c6:72:32:ee:
         74:c1:f7:fb:89:53:ce:af:de:ae:c0:9b:23:c6:c1:bf:a2:52:
         f9:f4:63:88:68:8e:e6:1d:2a:24:7d:c4:6c:8a:17:15:fe:b0:
         1c:81:6c:ba:c9:eb:06:66:6c:16:b1:13:7c:5f:4b:6e:46:ba:
         ea:14:e6:c7:09:6f:77:9b:9c:28:1e:a7:7b:a8:84:f2:5a:92:
         52:8d:8b:e2:5a:fd:ed:d8:de:6b:ee:33:80:41:94:93:e6:74:
         8e:03:fb:e0:09:99:03:1e:42:9d:4d:9e:5a:35:0b:5d:cf:cf:
         8f:a8:64:df
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZiAwfc2H7UORNxPy+50CUNvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNjNGVkOTQyZTVjNzQyZTc3YmZiOWJlYjk1NGY4NzI1MzRm
NTI4NDgwHhcNMjUwODA2MTkwMDUxWhcNMjUwODA3MTkwMDUxWjAzMTEwLwYDVQQD
EyhkNDI4ZWQyNjMyY2Q4N2UzYjM4ZmY2MGVmMWU0NzBhNDdjNGYwMGY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyqzgtbZeg6cdpIzG5ZjL08Ez2QqP
IbkF/JSfuGeFEQTe7ip/ilx8bRst98jFwQDM75jE9TgOH2Pk4cQrhP4C3jucarJv
UTD8+su5G3CB7j8sp6t+9DK/PdyiSnrRgwoi0W4fUI950C41B9siLznfJKhNhMYO
YvaLcxQeSVpYVt8LdiyPaWNtXWqkcdmvZUb8UTVdJHczxXv+wNkUiCQ08cZThT60
0rYTUUqebDgp3VFLBvTZlAmQUU+Otn6OfppRdkfZeeE8jVizJlmPOvLI5qbAqpEd
0cf15syI0N7KerufPBbjBQNAaTt/z+smQ+rVZBakjKrMP+sbSN4wTBduXQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNQo7SYyzYfjs4/2DvHkcKR8TwD3MB8GA1UdIwQY
MBaAFDxO2ULlx0Lne/ub65VPhyU09ShIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUEU3WlF1WEhRdWQ3LTV2cmxVLUhKVFQxS0VnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni8xYmI0NWEtNTUxYy00OTY3LTk1Y2Et
NzczNDRiY2M5MTkxLzEvUEU3WlF1WEhRdWQ3LTV2cmxVLUhKVFQxS0VnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni8xYmI0NWEtNTUxYy00OTY3LTk1Y2EtNzczNDRiY2M5MTkx
LzEvUEU3WlF1WEhRdWQ3LTV2cmxVLUhKVFQxS0VnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHoisOhxc
W90yCe90Tk1WLVj/OHEnR5jckJQ6zb9xNA+vLGvElWtNABpZvomUgWMsnDU/h6Vs
ChM8lA2u3zKTGGUeWLgwY2zcjkdmpFXprLG6OP573OdZNYP3ITfYYLo0s6sdng6q
nqfDBWlqobMC0KyXFyzB1PlAYZ+pQWyTVqCwOjacnwvEA/lCHBHGcjLudMH3+4lT
zq/ersCbI8bBv6JS+fRjiGiO5h0qJH3EbIoXFf6wHIFsusnrBmZsFrETfF9Lbka6
6hTmxwlvd5ucKB6ne6iE8lqSUo2L4lr97djea+4zgEGUk+Z0jgP74AmZAx5CnU2e
WjULXc/Pj6hk3w==
-----END CERTIFICATE-----
Generated at Thu Aug 7 03:23:05 2025 by rpki-client