Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/fa396e-0dd4-4226-ae61-6e89a88dae93/1/09XiCPMtcw1DHUpNTtgJWx59lDE.mft
File:                     09XiCPMtcw1DHUpNTtgJWx59lDE.mft (raw, json)
Hash identifier:          y2cBjvsCzFDKpgONYTjfO7f22z8dmD1K66U97Ok7ZC4=
Subject key identifier:   79:7C:70:6E:80:CA:D0:81:C4:9F:C4:6F:88:C6:B5:71:76:7E:4E:86
Authority key identifier: D3:D5:E2:08:F3:2D:73:0D:43:1D:4A:4D:4E:D8:09:5B:1E:7D:94:31
Certificate issuer:       /CN=d3d5e208f32d730d431d4a4d4ed8095b1e7d9431
Certificate serial:       01988B0ED7EFA238175A1CDDEE9BD627B568
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/09XiCPMtcw1DHUpNTtgJWx59lDE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/66/fa396e-0dd4-4226-ae61-6e89a88dae93/1/09XiCPMtcw1DHUpNTtgJWx59lDE.mft
Manifest number:          0150
Signing time:             Fri 08 Aug 2025 19:01:02 +0000
Manifest this update:     Fri 08 Aug 2025 19:01:02 +0000
Manifest next update:     Sat 09 Aug 2025 19:01:02 +0000
Files and hashes:         1: 09XiCPMtcw1DHUpNTtgJWx59lDE.crl (hash: EXDfouV3Ui1/C/yhCXmlherQMuUfLlkQCaK4RHpwCaM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/66/fa396e-0dd4-4226-ae61-6e89a88dae93/1/09XiCPMtcw1DHUpNTtgJWx59lDE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/66/fa396e-0dd4-4226-ae61-6e89a88dae93/1/09XiCPMtcw1DHUpNTtgJWx59lDE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/09XiCPMtcw1DHUpNTtgJWx59lDE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 09 Aug 2025 19:01:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:8b:0e:d7:ef:a2:38:17:5a:1c:dd:ee:9b:d6:27:b5:68
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d3d5e208f32d730d431d4a4d4ed8095b1e7d9431
        Validity
            Not Before: Aug  8 19:01:02 2025 GMT
            Not After : Aug  9 19:01:02 2025 GMT
        Subject: CN=797c706e80cad081c49fc46f88c6b571767e4e86
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:92:de:15:68:10:b7:7f:e2:bd:79:af:44:07:
                    68:b9:fc:8e:0b:57:56:7a:1d:3e:a8:25:30:0c:c7:
                    3d:fe:70:e9:f0:06:4d:51:c7:56:50:02:90:bf:c2:
                    67:87:ec:f1:73:7e:76:7e:e5:8d:48:4f:21:8d:94:
                    dd:28:3e:30:1a:4d:fe:33:d3:7b:b4:8b:7c:c0:11:
                    89:31:4d:75:76:af:55:74:4a:fe:eb:a9:b3:25:4d:
                    6c:32:23:7d:e6:20:d2:64:d8:c1:25:cb:4d:14:79:
                    1b:f6:aa:d1:68:ba:71:8b:1d:9d:d6:bc:54:ee:99:
                    39:21:1e:a4:0f:c6:62:50:67:35:f4:c1:df:a5:f9:
                    1e:a2:f0:d3:96:7f:ed:16:6d:77:a0:a0:98:4b:8e:
                    ce:9d:60:09:53:ed:b6:fa:66:32:94:5e:d6:40:9b:
                    49:ec:23:0f:4c:2f:61:e7:76:c1:72:ff:2f:b9:75:
                    45:00:42:1b:a8:2c:5b:cb:bd:f6:7e:64:ea:11:1d:
                    d4:dd:20:81:59:7a:52:5c:83:1e:d1:81:06:81:f9:
                    fd:a6:bb:3a:0b:95:ec:7c:25:db:ec:ba:d5:de:15:
                    49:04:89:20:5c:0c:2d:41:6c:4a:39:ae:42:8a:46:
                    f7:f0:77:1d:41:96:9f:a4:41:5d:0a:f2:cb:84:9b:
                    8c:65
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                79:7C:70:6E:80:CA:D0:81:C4:9F:C4:6F:88:C6:B5:71:76:7E:4E:86
            X509v3 Authority Key Identifier:
                keyid:D3:D5:E2:08:F3:2D:73:0D:43:1D:4A:4D:4E:D8:09:5B:1E:7D:94:31

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/09XiCPMtcw1DHUpNTtgJWx59lDE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/fa396e-0dd4-4226-ae61-6e89a88dae93/1/09XiCPMtcw1DHUpNTtgJWx59lDE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/66/fa396e-0dd4-4226-ae61-6e89a88dae93/1/09XiCPMtcw1DHUpNTtgJWx59lDE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         40:5e:44:db:09:42:a5:61:de:5d:5b:57:d3:c6:da:89:ea:27:
         61:5f:4f:3f:00:4c:c8:e5:e1:73:c7:e6:c7:40:a9:07:7f:cf:
         6e:8d:37:88:2f:ee:49:5f:17:74:47:71:ee:e4:03:e7:ef:06:
         94:7a:19:cd:25:b4:d0:b7:01:75:fd:a4:f6:a0:1f:a4:4d:56:
         25:4a:9e:5a:df:ae:21:2f:59:36:23:8a:b7:48:e1:6f:70:07:
         38:72:2e:fe:2f:c0:c8:e0:4b:77:cb:9c:c7:fb:b7:1e:c0:7c:
         c8:48:9d:7a:ed:16:c9:85:fd:59:26:05:db:22:cd:2f:df:d0:
         fb:ae:d4:27:a7:69:a2:85:41:46:e6:87:71:96:d1:6e:eb:6c:
         c5:f7:8c:45:40:07:2e:3d:a7:d8:f7:81:44:5a:27:1b:28:a9:
         ed:79:75:65:7a:6a:01:c3:e9:4a:5a:61:a6:15:f7:f8:28:1d:
         df:46:9e:27:5c:7f:19:e1:69:b9:05:a6:2f:43:04:c9:cc:b5:
         30:2d:22:36:f1:60:98:b1:a9:75:91:35:e9:9c:a4:3c:e0:4f:
         db:06:b5:56:10:f3:1e:51:ac:63:b0:8a:74:d8:1d:ab:ba:aa:
         fa:e4:5a:ec:6a:3a:b4:fe:44:77:67:b7:0a:fa:12:ac:d8:5c:
         37:9c:6a:18
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZiLDtfvojgXWhzd7pvWJ7VoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzZDVlMjA4ZjMyZDczMGQ0MzFkNGE0ZDRlZDgwOTViMWU3
ZDk0MzEwHhcNMjUwODA4MTkwMTAyWhcNMjUwODA5MTkwMTAyWjAzMTEwLwYDVQQD
Eyg3OTdjNzA2ZTgwY2FkMDgxYzQ5ZmM0NmY4OGM2YjU3MTc2N2U0ZTg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq5LeFWgQt3/ivXmvRAdoufyOC1dW
eh0+qCUwDMc9/nDp8AZNUcdWUAKQv8Jnh+zxc352fuWNSE8hjZTdKD4wGk3+M9N7
tIt8wBGJMU11dq9VdEr+66mzJU1sMiN95iDSZNjBJctNFHkb9qrRaLpxix2d1rxU
7pk5IR6kD8ZiUGc19MHfpfkeovDTln/tFm13oKCYS47OnWAJU+22+mYylF7WQJtJ
7CMPTC9h53bBcv8vuXVFAEIbqCxby732fmTqER3U3SCBWXpSXIMe0YEGgfn9prs6
C5XsfCXb7LrV3hVJBIkgXAwtQWxKOa5Cikb38HcdQZafpEFdCvLLhJuMZQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHl8cG6AytCBxJ/Eb4jGtXF2fk6GMB8GA1UdIwQY
MBaAFNPV4gjzLXMNQx1KTU7YCVsefZQxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDlYaUNQTXRjdzFESFVwTlR0Z0pXeDU5bERFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni9mYTM5NmUtMGRkNC00MjI2LWFlNjEt
NmU4OWE4OGRhZTkzLzEvMDlYaUNQTXRjdzFESFVwTlR0Z0pXeDU5bERFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni9mYTM5NmUtMGRkNC00MjI2LWFlNjEtNmU4OWE4OGRhZTkz
LzEvMDlYaUNQTXRjdzFESFVwTlR0Z0pXeDU5bERFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQF5E2wlC
pWHeXVtX08baieonYV9PPwBMyOXhc8fmx0CpB3/Pbo03iC/uSV8XdEdx7uQD5+8G
lHoZzSW00LcBdf2k9qAfpE1WJUqeWt+uIS9ZNiOKt0jhb3AHOHIu/i/AyOBLd8uc
x/u3HsB8yEideu0WyYX9WSYF2yLNL9/Q+67UJ6dpooVBRuaHcZbRbutsxfeMRUAH
Lj2n2PeBRFonGyip7Xl1ZXpqAcPpSlphphX3+Cgd30aeJ1x/GeFpuQWmL0MEycy1
MC0iNvFgmLGpdZE16ZykPOBP2wa1VhDzHlGsY7CKdNgdq7qq+uRa7Go6tP5Ed2e3
CvoSrNhcN5xqGA==
-----END CERTIFICATE-----
Generated at Sat Aug 9 05:49:39 2025 by rpki-client