Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/69/ee63f3-7d48-49e7-aea7-e249e73eccf1/1/jR4EozwylZxnL0X0a-EIZLgemEo.mft
File:                     jR4EozwylZxnL0X0a-EIZLgemEo.mft (raw, json)
Hash identifier:          LT8xZVxSIQX11N8Nk3wDGG7wnF1WHa6SNCAW4Kfrg6M=
Subject key identifier:   F6:1C:BF:43:2F:DE:85:23:A8:B8:C4:58:7A:A1:41:6F:6B:70:48:F8
Authority key identifier: 8D:1E:04:A3:3C:32:95:9C:67:2F:45:F4:6B:E1:08:64:B8:1E:98:4A
Certificate issuer:       /CN=8d1e04a33c32959c672f45f46be10864b81e984a
Certificate serial:       01988F90373D7821F1D516B51974CE9CDEFF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/jR4EozwylZxnL0X0a-EIZLgemEo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/69/ee63f3-7d48-49e7-aea7-e249e73eccf1/1/jR4EozwylZxnL0X0a-EIZLgemEo.mft
Manifest number:          1620
Signing time:             Sat 09 Aug 2025 16:00:49 +0000
Manifest this update:     Sat 09 Aug 2025 16:00:49 +0000
Manifest next update:     Sun 10 Aug 2025 16:00:49 +0000
Files and hashes:         1: jR4EozwylZxnL0X0a-EIZLgemEo.crl (hash: QcfeeiS+dD5sbJMmPRABY9B19F8Xuz94D8lD5FYKFlI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/69/ee63f3-7d48-49e7-aea7-e249e73eccf1/1/jR4EozwylZxnL0X0a-EIZLgemEo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/69/ee63f3-7d48-49e7-aea7-e249e73eccf1/1/jR4EozwylZxnL0X0a-EIZLgemEo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/jR4EozwylZxnL0X0a-EIZLgemEo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 10 Aug 2025 14:00:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:8f:90:37:3d:78:21:f1:d5:16:b5:19:74:ce:9c:de:ff
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8d1e04a33c32959c672f45f46be10864b81e984a
        Validity
            Not Before: Aug  9 16:00:49 2025 GMT
            Not After : Aug 10 16:00:49 2025 GMT
        Subject: CN=f61cbf432fde8523a8b8c4587aa1416f6b7048f8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:fb:f9:30:b9:56:33:e5:8b:cf:38:24:cd:d9:
                    bf:73:9f:e5:12:36:3d:e7:0c:a0:11:f3:eb:61:e9:
                    f3:75:44:7d:2f:bb:e6:ed:2e:71:63:f3:d5:30:52:
                    d8:17:27:7f:61:ca:61:c1:3a:9c:40:70:a2:e9:e8:
                    78:46:bd:5f:5d:da:50:6c:04:ca:dd:4f:d4:83:60:
                    5a:89:e4:bd:9b:42:de:65:b7:0f:19:65:09:cf:14:
                    30:55:fb:54:d6:2f:90:64:4a:4c:d6:c1:83:b8:c5:
                    69:4f:81:65:97:63:b8:45:b6:98:4e:d1:b0:ce:6d:
                    11:6e:c8:fe:e8:26:00:4e:60:ca:5e:3b:c1:86:8c:
                    bd:49:f5:c2:6d:2f:8b:8f:e7:c1:27:8e:0f:4c:f1:
                    a8:30:f1:87:b9:79:95:6a:65:aa:1b:f5:d7:87:92:
                    3b:3a:d6:f1:b0:51:0d:39:c2:d9:68:dc:d3:d2:54:
                    ba:07:5b:8d:26:00:1b:3c:6e:7e:49:8e:88:37:ed:
                    32:51:9c:97:53:47:95:6d:6a:39:39:ee:84:d1:31:
                    5f:a2:55:8e:7b:48:f9:c6:cb:ad:dd:8f:88:53:b4:
                    1f:1f:5c:78:0a:09:78:b3:c3:e9:54:23:19:de:8b:
                    ca:53:54:25:35:24:7e:f6:1c:9e:36:c5:13:a7:0a:
                    54:93
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F6:1C:BF:43:2F:DE:85:23:A8:B8:C4:58:7A:A1:41:6F:6B:70:48:F8
            X509v3 Authority Key Identifier:
                keyid:8D:1E:04:A3:3C:32:95:9C:67:2F:45:F4:6B:E1:08:64:B8:1E:98:4A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jR4EozwylZxnL0X0a-EIZLgemEo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/69/ee63f3-7d48-49e7-aea7-e249e73eccf1/1/jR4EozwylZxnL0X0a-EIZLgemEo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/69/ee63f3-7d48-49e7-aea7-e249e73eccf1/1/jR4EozwylZxnL0X0a-EIZLgemEo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a0:19:7d:35:67:73:6b:9c:87:6b:c0:b2:cb:42:33:d6:4c:31:
         41:e4:a1:1d:82:49:e4:d1:8a:76:05:be:0f:e6:62:23:7a:7b:
         e3:28:03:a4:01:08:a2:21:75:b4:e3:a8:88:9e:fc:6c:b4:47:
         85:26:03:69:e0:11:64:e6:d7:aa:0c:d2:d8:10:97:2e:0d:52:
         fe:6d:ac:9b:5a:09:39:38:58:7c:8b:60:13:8e:3f:01:06:34:
         8a:7e:eb:4c:6c:0e:0f:10:34:cd:e6:b8:8c:78:e6:fa:8d:13:
         f8:95:59:0c:e2:a8:10:f2:06:2c:a5:2f:6a:0c:b2:0c:0d:ad:
         73:18:d0:08:96:66:3a:95:30:6f:be:e8:99:3c:0b:88:74:64:
         a2:49:ea:22:73:c8:fc:a3:b9:c7:f0:35:8a:e9:86:73:1e:ab:
         49:e3:c8:49:00:94:b4:af:3c:2a:51:b6:d4:8e:be:4f:4b:af:
         25:0b:b4:48:93:ae:fc:b2:fa:16:13:e2:2a:c2:d4:90:35:54:
         e6:0a:6c:60:3a:5c:34:61:24:a3:90:f6:8b:d6:27:df:fc:a5:
         34:e1:e5:09:f5:75:da:1b:e7:ab:ef:69:64:01:c4:3e:52:2d:
         70:cd:95:00:50:79:10:19:48:96:18:12:b6:e5:cd:ff:1f:8b:
         45:4f:19:58
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZiPkDc9eCHx1Ra1GXTOnN7/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhkMWUwNGEzM2MzMjk1OWM2NzJmNDVmNDZiZTEwODY0Yjgx
ZTk4NGEwHhcNMjUwODA5MTYwMDQ5WhcNMjUwODEwMTYwMDQ5WjAzMTEwLwYDVQQD
EyhmNjFjYmY0MzJmZGU4NTIzYThiOGM0NTg3YWExNDE2ZjZiNzA0OGY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvfv5MLlWM+WLzzgkzdm/c5/lEjY9
5wygEfPrYenzdUR9L7vm7S5xY/PVMFLYFyd/YcphwTqcQHCi6eh4Rr1fXdpQbATK
3U/Ug2BaieS9m0LeZbcPGWUJzxQwVftU1i+QZEpM1sGDuMVpT4Fll2O4RbaYTtGw
zm0Rbsj+6CYATmDKXjvBhoy9SfXCbS+Lj+fBJ44PTPGoMPGHuXmVamWqG/XXh5I7
OtbxsFENOcLZaNzT0lS6B1uNJgAbPG5+SY6IN+0yUZyXU0eVbWo5Oe6E0TFfolWO
e0j5xsut3Y+IU7QfH1x4Cgl4s8PpVCMZ3ovKU1QlNSR+9hyeNsUTpwpUkwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPYcv0Mv3oUjqLjEWHqhQW9rcEj4MB8GA1UdIwQY
MBaAFI0eBKM8MpWcZy9F9GvhCGS4HphKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvalI0RW96d3lsWnhuTDBYMGEtRUlaTGdlbUVvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OS9lZTYzZjMtN2Q0OC00OWU3LWFlYTct
ZTI0OWU3M2VjY2YxLzEvalI0RW96d3lsWnhuTDBYMGEtRUlaTGdlbUVvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OS9lZTYzZjMtN2Q0OC00OWU3LWFlYTctZTI0OWU3M2VjY2Yx
LzEvalI0RW96d3lsWnhuTDBYMGEtRUlaTGdlbUVvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAoBl9NWdz
a5yHa8Cyy0Iz1kwxQeShHYJJ5NGKdgW+D+ZiI3p74ygDpAEIoiF1tOOoiJ78bLRH
hSYDaeARZObXqgzS2BCXLg1S/m2sm1oJOThYfItgE44/AQY0in7rTGwODxA0zea4
jHjm+o0T+JVZDOKoEPIGLKUvagyyDA2tcxjQCJZmOpUwb77omTwLiHRkoknqInPI
/KO5x/A1iumGcx6rSePISQCUtK88KlG21I6+T0uvJQu0SJOu/LL6FhPiKsLUkDVU
5gpsYDpcNGEko5D2i9Yn3/ylNOHlCfV12hvnq+9pZAHEPlItcM2VAFB5EBlIlhgS
tuXN/x+LRU8ZWA==
-----END CERTIFICATE-----
Generated at Sat Aug 9 22:37:48 2025 by rpki-client