Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/50ff00-777a-411d-938b-f4d60ecdf2b2/1/r433xPeRM3MP4-aJR3enlgSly3k.mft
File:                     r433xPeRM3MP4-aJR3enlgSly3k.mft (raw, json)
Hash identifier:          TRAKk4SuZZbk7bQKAKwTMTeaPKgTNH1WcBXjsMomgvQ=
Subject key identifier:   A3:6D:03:7A:C1:93:8A:54:BE:BF:24:89:05:D6:5E:54:6C:72:BB:FC
Authority key identifier: AF:8D:F7:C4:F7:91:33:73:0F:E3:E6:89:47:77:A7:96:04:A5:CB:79
Certificate issuer:       /CN=af8df7c4f79133730fe3e6894777a79604a5cb79
Certificate serial:       0198865638354B5A42A9B54A861340487514
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/r433xPeRM3MP4-aJR3enlgSly3k.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/80/50ff00-777a-411d-938b-f4d60ecdf2b2/1/r433xPeRM3MP4-aJR3enlgSly3k.mft
Manifest number:          1620
Signing time:             Thu 07 Aug 2025 21:00:54 +0000
Manifest this update:     Thu 07 Aug 2025 21:00:54 +0000
Manifest next update:     Fri 08 Aug 2025 21:00:54 +0000
Files and hashes:         1: Sj0PB6C71UQWy93CM-Vpj4pjoBg.roa (hash: StQmSXi8WTjztpX70qdwwtDI4sB0dsxFMynA07YhLgY=)
                          2: r433xPeRM3MP4-aJR3enlgSly3k.crl (hash: ux21iBKA9x5O+sbO9H6u3hW6ZE9pNFdXAOTSD4Kqbvc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/80/50ff00-777a-411d-938b-f4d60ecdf2b2/1/r433xPeRM3MP4-aJR3enlgSly3k.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/80/50ff00-777a-411d-938b-f4d60ecdf2b2/1/r433xPeRM3MP4-aJR3enlgSly3k.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/r433xPeRM3MP4-aJR3enlgSly3k.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 08 Aug 2025 17:00:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:86:56:38:35:4b:5a:42:a9:b5:4a:86:13:40:48:75:14
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=af8df7c4f79133730fe3e6894777a79604a5cb79
        Validity
            Not Before: Aug  7 21:00:54 2025 GMT
            Not After : Aug  8 21:00:54 2025 GMT
        Subject: CN=a36d037ac1938a54bebf248905d65e546c72bbfc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e7:1a:aa:40:9b:fc:e3:77:74:43:ff:da:fb:2e:
                    23:92:2b:4a:00:8a:fb:54:4e:06:ba:c7:9a:ce:b0:
                    4f:eb:25:65:31:b2:da:fc:70:dd:97:6b:b2:0f:b4:
                    74:08:ee:42:80:b9:11:03:17:e2:ca:41:17:55:14:
                    f0:4d:12:b8:99:c5:44:38:2f:76:c5:a9:cd:a9:10:
                    ff:aa:56:21:98:b2:f6:a3:c8:37:84:bd:cc:59:29:
                    cf:3d:8b:ec:95:c2:8d:cb:b2:65:dd:f7:36:be:88:
                    27:f0:fb:61:d0:ad:52:d6:bb:36:f7:18:be:e4:d3:
                    ca:c6:55:50:c5:e4:a0:d0:df:23:d3:97:d3:64:54:
                    a1:44:0a:d2:6d:dc:2b:9d:ba:2a:05:7a:c6:e1:9f:
                    f8:0c:96:87:f9:57:4e:6e:42:55:fe:d7:b3:b4:47:
                    b2:48:71:6e:ed:eb:86:d4:68:e4:64:47:da:bb:c5:
                    1d:de:9e:05:df:33:da:f5:fb:ab:ae:8c:ef:45:45:
                    36:ae:7b:8b:e5:93:77:62:b2:b1:72:81:d4:26:fe:
                    f0:c7:fb:91:e8:70:3f:61:e4:84:c8:d3:d0:e9:bb:
                    57:91:15:ab:fc:84:20:0c:26:61:6f:ab:2f:fe:53:
                    f8:2f:77:2b:cf:b9:14:b7:7f:65:b6:e7:18:eb:e7:
                    67:1d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A3:6D:03:7A:C1:93:8A:54:BE:BF:24:89:05:D6:5E:54:6C:72:BB:FC
            X509v3 Authority Key Identifier:
                keyid:AF:8D:F7:C4:F7:91:33:73:0F:E3:E6:89:47:77:A7:96:04:A5:CB:79

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r433xPeRM3MP4-aJR3enlgSly3k.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/50ff00-777a-411d-938b-f4d60ecdf2b2/1/r433xPeRM3MP4-aJR3enlgSly3k.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/80/50ff00-777a-411d-938b-f4d60ecdf2b2/1/r433xPeRM3MP4-aJR3enlgSly3k.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         33:5f:4e:c9:35:ca:c3:48:b7:cb:6d:a2:81:e5:60:fe:e7:e4:
         d1:6b:d7:c4:41:8c:e5:2d:a7:67:6c:7c:1d:d3:58:dc:a5:87:
         b4:7f:d3:bf:bd:02:c0:f5:4f:55:38:2a:19:a7:2c:69:86:68:
         7d:62:09:fc:6b:9c:cb:c6:49:ab:a2:0c:e1:91:a6:ec:1f:0b:
         ec:3f:d1:3f:07:53:2a:2d:43:de:db:82:e9:5d:58:f1:d4:99:
         ed:63:82:ec:5d:e3:69:c4:64:6e:c0:68:87:39:51:b2:b9:cc:
         aa:48:4f:59:4f:3d:ea:18:78:20:7a:3b:67:85:bc:88:19:8a:
         be:40:ee:12:0c:95:2a:d7:43:63:e6:48:79:92:19:5d:2b:b8:
         e3:71:1b:f8:d2:fe:b4:be:a4:84:ee:ad:d2:cc:25:5b:62:99:
         10:5b:29:ea:47:3b:9f:ee:35:0b:33:c4:5e:ba:75:c7:17:e5:
         81:7d:2a:b9:d6:d0:a0:a0:27:c3:06:a7:e8:76:1f:4d:88:e1:
         10:12:3d:a7:a6:3f:df:f1:80:ac:5e:3d:90:06:c1:f4:46:e5:
         c5:07:55:8e:7d:27:19:f6:f5:ca:b3:42:7d:66:bd:64:2e:57:
         89:85:8f:fb:2a:23:e7:df:42:cc:47:24:f0:b2:12:25:2e:a4:
         ee:dc:cd:11
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZiGVjg1S1pCqbVKhhNASHUUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmOGRmN2M0Zjc5MTMzNzMwZmUzZTY4OTQ3NzdhNzk2MDRh
NWNiNzkwHhcNMjUwODA3MjEwMDU0WhcNMjUwODA4MjEwMDU0WjAzMTEwLwYDVQQD
EyhhMzZkMDM3YWMxOTM4YTU0YmViZjI0ODkwNWQ2NWU1NDZjNzJiYmZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5xqqQJv843d0Q//a+y4jkitKAIr7
VE4GuseazrBP6yVlMbLa/HDdl2uyD7R0CO5CgLkRAxfiykEXVRTwTRK4mcVEOC92
xanNqRD/qlYhmLL2o8g3hL3MWSnPPYvslcKNy7Jl3fc2vogn8Pth0K1S1rs29xi+
5NPKxlVQxeSg0N8j05fTZFShRArSbdwrnboqBXrG4Z/4DJaH+VdObkJV/teztEey
SHFu7euG1GjkZEfau8Ud3p4F3zPa9furrozvRUU2rnuL5ZN3YrKxcoHUJv7wx/uR
6HA/YeSEyNPQ6btXkRWr/IQgDCZhb6sv/lP4L3crz7kUt39ltucY6+dnHQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKNtA3rBk4pUvr8kiQXWXlRscrv8MB8GA1UdIwQY
MBaAFK+N98T3kTNzD+PmiUd3p5YEpct5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcjQzM3hQZVJNM01QNC1hSlIzZW5sZ1NseTNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC81MGZmMDAtNzc3YS00MTFkLTkzOGIt
ZjRkNjBlY2RmMmIyLzEvcjQzM3hQZVJNM01QNC1hSlIzZW5sZ1NseTNrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC81MGZmMDAtNzc3YS00MTFkLTkzOGItZjRkNjBlY2RmMmIy
LzEvcjQzM3hQZVJNM01QNC1hSlIzZW5sZ1NseTNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAM19OyTXK
w0i3y22igeVg/ufk0WvXxEGM5S2nZ2x8HdNY3KWHtH/Tv70CwPVPVTgqGacsaYZo
fWIJ/Gucy8ZJq6IM4ZGm7B8L7D/RPwdTKi1D3tuC6V1Y8dSZ7WOC7F3jacRkbsBo
hzlRsrnMqkhPWU896hh4IHo7Z4W8iBmKvkDuEgyVKtdDY+ZIeZIZXSu443Eb+NL+
tL6khO6t0swlW2KZEFsp6kc7n+41CzPEXrp1xxflgX0qudbQoKAnwwan6HYfTYjh
EBI9p6Y/3/GArF49kAbB9EblxQdVjn0nGfb1yrNCfWa9ZC5XiYWP+yoj599CzEck
8LISJS6k7tzNEQ==
-----END CERTIFICATE-----
Generated at Fri Aug 8 00:33:34 2025 by rpki-client