Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/82/87aa20-222c-4acb-b291-f629508c072d/1/IvvvaV-pXQyVkJ5Rqh-rlPxAJn0.mft
File:                     IvvvaV-pXQyVkJ5Rqh-rlPxAJn0.mft (raw, json)
Hash identifier:          kDW1kSBmCRxQagdYIe3vDxud7iCzwQxaaV/UxFxKaW4=
Subject key identifier:   C0:F5:58:F4:F1:20:C4:48:DF:AF:D3:3E:9B:23:DB:AC:08:44:07:77
Authority key identifier: 22:FB:EF:69:5F:A9:5D:0C:95:90:9E:51:AA:1F:AB:94:FC:40:26:7D
Certificate issuer:       /CN=22fbef695fa95d0c95909e51aa1fab94fc40267d
Certificate serial:       01987A899D8DD5ED25350B2A98F1939D4DCF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IvvvaV-pXQyVkJ5Rqh-rlPxAJn0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/82/87aa20-222c-4acb-b291-f629508c072d/1/IvvvaV-pXQyVkJ5Rqh-rlPxAJn0.mft
Manifest number:          0BEB
Signing time:             Tue 05 Aug 2025 14:01:35 +0000
Manifest this update:     Tue 05 Aug 2025 14:01:35 +0000
Manifest next update:     Wed 06 Aug 2025 14:01:35 +0000
Files and hashes:         1: IvvvaV-pXQyVkJ5Rqh-rlPxAJn0.crl (hash: i2mzkasQd35pOM+CKQ/hZyxaQ6wTRql/aPTNUIdoXFI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/82/87aa20-222c-4acb-b291-f629508c072d/1/IvvvaV-pXQyVkJ5Rqh-rlPxAJn0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/82/87aa20-222c-4acb-b291-f629508c072d/1/IvvvaV-pXQyVkJ5Rqh-rlPxAJn0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/IvvvaV-pXQyVkJ5Rqh-rlPxAJn0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 06 Aug 2025 14:01:35 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:7a:89:9d:8d:d5:ed:25:35:0b:2a:98:f1:93:9d:4d:cf
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=22fbef695fa95d0c95909e51aa1fab94fc40267d
        Validity
            Not Before: Aug  5 14:01:35 2025 GMT
            Not After : Aug  6 14:01:35 2025 GMT
        Subject: CN=c0f558f4f120c448dfafd33e9b23dbac08440777
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c7:0f:4f:d5:01:dc:03:3c:20:00:0a:25:06:43:
                    35:21:60:2e:89:4b:48:18:49:ca:3e:73:6d:54:54:
                    5f:5e:7d:90:8c:3b:bb:8b:9c:6e:41:8d:9c:7f:99:
                    ac:6b:2c:50:0e:f0:58:43:1a:ae:32:80:20:ac:84:
                    de:36:9a:57:0f:e4:24:8f:11:90:4f:31:f9:6d:1b:
                    8f:4a:e4:60:db:39:2a:e4:73:24:53:5a:cc:5b:8d:
                    67:3c:69:49:7e:6d:34:c6:04:c2:7c:49:e8:7c:8a:
                    9f:93:5c:6f:04:e3:18:1a:62:21:c9:35:89:dd:f6:
                    a8:59:c8:8b:bc:16:1a:4c:76:c7:2c:73:f5:b1:c9:
                    03:f5:00:36:a8:1a:06:08:9f:76:f2:dc:e4:6a:3c:
                    da:93:02:a1:35:f4:45:c6:48:fd:7e:ef:86:8d:52:
                    fc:35:b3:63:b3:da:b2:be:4c:cb:b8:41:9a:46:04:
                    3d:31:73:a8:a3:9d:89:3a:2b:a1:db:e7:84:c4:fa:
                    ae:c4:58:f9:4a:ea:37:1f:4f:ee:c2:bc:a9:aa:cc:
                    52:73:8c:ba:6e:ba:2e:5d:85:c8:1e:b9:df:6f:b9:
                    3c:c1:0f:18:49:bd:03:a7:48:e9:f2:23:28:a3:6b:
                    2e:8a:95:1e:83:26:03:be:48:73:b2:fe:cd:88:22:
                    0c:6b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C0:F5:58:F4:F1:20:C4:48:DF:AF:D3:3E:9B:23:DB:AC:08:44:07:77
            X509v3 Authority Key Identifier:
                keyid:22:FB:EF:69:5F:A9:5D:0C:95:90:9E:51:AA:1F:AB:94:FC:40:26:7D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IvvvaV-pXQyVkJ5Rqh-rlPxAJn0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/82/87aa20-222c-4acb-b291-f629508c072d/1/IvvvaV-pXQyVkJ5Rqh-rlPxAJn0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/82/87aa20-222c-4acb-b291-f629508c072d/1/IvvvaV-pXQyVkJ5Rqh-rlPxAJn0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         cf:7f:00:56:b3:15:ac:7f:5d:52:e0:d5:ab:aa:61:6b:5c:56:
         e4:42:e3:3b:01:a0:5b:de:7c:37:07:80:51:38:6e:f0:29:7e:
         7f:e9:e8:88:c6:44:30:b2:59:bc:69:6f:09:fa:22:08:4e:14:
         2f:58:3b:ae:4f:4e:98:41:02:17:70:0d:01:a7:c5:13:2d:b8:
         7c:8f:4a:f7:f9:31:15:70:f4:a4:83:74:38:77:81:39:a2:c1:
         e3:59:13:bd:f2:e4:bb:d9:07:f5:02:20:64:8f:15:41:2e:b1:
         cf:9d:90:e7:45:5d:a9:c1:b8:2b:66:e1:fd:19:dc:92:66:f3:
         0f:76:3e:e3:8e:70:f1:28:6c:54:eb:59:69:17:2d:65:08:0f:
         a6:4a:d7:8c:fe:9d:c7:79:2b:6d:93:d5:13:38:00:97:5b:6f:
         0d:12:d1:59:90:b1:aa:eb:12:e2:f7:5f:d1:11:70:2f:21:0b:
         2a:dd:de:e9:7b:ae:0f:ae:ec:47:5d:dd:68:75:df:39:fe:8a:
         bf:38:86:9b:2d:e5:ea:1b:12:ba:a1:45:84:1b:59:54:b4:5d:
         37:34:5c:71:18:38:d5:3d:04:12:a5:d2:1c:2b:9e:d0:12:04:
         a6:1c:6e:a3:93:0e:7b:be:d6:3d:43:33:9c:72:84:1b:04:c4:
         54:e6:22:ca
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZh6iZ2N1e0lNQsqmPGTnU3PMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyZmJlZjY5NWZhOTVkMGM5NTkwOWU1MWFhMWZhYjk0ZmM0
MDI2N2QwHhcNMjUwODA1MTQwMTM1WhcNMjUwODA2MTQwMTM1WjAzMTEwLwYDVQQD
EyhjMGY1NThmNGYxMjBjNDQ4ZGZhZmQzM2U5YjIzZGJhYzA4NDQwNzc3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxw9P1QHcAzwgAAolBkM1IWAuiUtI
GEnKPnNtVFRfXn2QjDu7i5xuQY2cf5msayxQDvBYQxquMoAgrITeNppXD+QkjxGQ
TzH5bRuPSuRg2zkq5HMkU1rMW41nPGlJfm00xgTCfEnofIqfk1xvBOMYGmIhyTWJ
3faoWciLvBYaTHbHLHP1sckD9QA2qBoGCJ928tzkajzakwKhNfRFxkj9fu+GjVL8
NbNjs9qyvkzLuEGaRgQ9MXOoo52JOiuh2+eExPquxFj5Suo3H0/uwrypqsxSc4y6
brouXYXIHrnfb7k8wQ8YSb0Dp0jp8iMoo2suipUegyYDvkhzsv7NiCIMawIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMD1WPTxIMRI36/TPpsj26wIRAd3MB8GA1UdIwQY
MBaAFCL772lfqV0MlZCeUaofq5T8QCZ9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXZ2dmFWLXBYUXlWa0o1UnFoLXJsUHhBSm4wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Mi84N2FhMjAtMjIyYy00YWNiLWIyOTEt
ZjYyOTUwOGMwNzJkLzEvSXZ2dmFWLXBYUXlWa0o1UnFoLXJsUHhBSm4wLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Mi84N2FhMjAtMjIyYy00YWNiLWIyOTEtZjYyOTUwOGMwNzJk
LzEvSXZ2dmFWLXBYUXlWa0o1UnFoLXJsUHhBSm4wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAz38AVrMV
rH9dUuDVq6pha1xW5ELjOwGgW958NweAUThu8Cl+f+noiMZEMLJZvGlvCfoiCE4U
L1g7rk9OmEECF3ANAafFEy24fI9K9/kxFXD0pIN0OHeBOaLB41kTvfLku9kH9QIg
ZI8VQS6xz52Q50VdqcG4K2bh/RnckmbzD3Y+445w8ShsVOtZaRctZQgPpkrXjP6d
x3krbZPVEzgAl1tvDRLRWZCxqusS4vdf0RFwLyELKt3e6XuuD67sR13daHXfOf6K
vziGmy3l6hsSuqFFhBtZVLRdNzRccRg41T0EEqXSHCue0BIEphxuo5MOe77WPUMz
nHKEGwTEVOYiyg==
-----END CERTIFICATE-----
Generated at Tue Aug 5 20:06:02 2025 by rpki-client