Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/65cf0a-ade3-40b1-9987-8c34e4cf9026/1/h5WLpmHENczSXCBgRi72ANJxnuA.mft
File:                     h5WLpmHENczSXCBgRi72ANJxnuA.mft (raw, json)
Hash identifier:          cX81b8+I2NS2AxWaDO2eQti97yr6eZ0r+0p592FDU54=
Subject key identifier:   85:6C:44:D8:A1:C4:B6:31:D3:01:55:7B:0F:85:A1:B6:A3:78:2D:EC
Authority key identifier: 87:95:8B:A6:61:C4:35:CC:D2:5C:20:60:46:2E:F6:00:D2:71:9E:E0
Certificate issuer:       /CN=87958ba661c435ccd25c2060462ef600d2719ee0
Certificate serial:       0198879F6AE260C155930066E237694DB415
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/h5WLpmHENczSXCBgRi72ANJxnuA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/86/65cf0a-ade3-40b1-9987-8c34e4cf9026/1/h5WLpmHENczSXCBgRi72ANJxnuA.mft
Manifest number:          1622
Signing time:             Fri 08 Aug 2025 03:00:28 +0000
Manifest this update:     Fri 08 Aug 2025 03:00:28 +0000
Manifest next update:     Sat 09 Aug 2025 03:00:28 +0000
Files and hashes:         1: h5WLpmHENczSXCBgRi72ANJxnuA.crl (hash: kYVVrF73cZvvq2Y596Rh4R7GNAgssWA9WnwIHzAIY8E=)
                          2: jQqQfOrb2tEbgL6-n1pYKtKDCGI.roa (hash: urbNu0k2kZWVDcdCEYQ210AYS3ke0pUxaEecPK2agnE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/86/65cf0a-ade3-40b1-9987-8c34e4cf9026/1/h5WLpmHENczSXCBgRi72ANJxnuA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/86/65cf0a-ade3-40b1-9987-8c34e4cf9026/1/h5WLpmHENczSXCBgRi72ANJxnuA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/h5WLpmHENczSXCBgRi72ANJxnuA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 09 Aug 2025 03:00:28 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:87:9f:6a:e2:60:c1:55:93:00:66:e2:37:69:4d:b4:15
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=87958ba661c435ccd25c2060462ef600d2719ee0
        Validity
            Not Before: Aug  8 03:00:28 2025 GMT
            Not After : Aug  9 03:00:28 2025 GMT
        Subject: CN=856c44d8a1c4b631d301557b0f85a1b6a3782dec
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:b6:83:de:e9:c1:bf:c2:6a:4d:3c:ba:40:32:
                    5c:ac:ec:3a:f2:41:7b:69:ce:5d:85:75:8a:35:ef:
                    3a:3c:9f:e8:e0:3d:4e:98:ea:8b:f9:9f:8a:e2:35:
                    53:e6:46:ab:72:cc:8d:df:ab:41:0a:0c:8b:54:6d:
                    a4:66:78:e8:b8:3d:41:b1:c5:13:36:d9:f9:42:c1:
                    f5:31:93:3c:49:43:3a:04:58:2d:44:9d:89:ac:8c:
                    d2:6b:0c:ed:63:f0:a7:f3:88:8a:bf:04:f8:f1:09:
                    ea:00:38:7d:0f:85:74:15:27:73:f4:e8:16:27:93:
                    9e:b7:de:39:cb:93:67:1a:c0:b2:40:5c:aa:9d:56:
                    74:cf:b6:97:63:ff:1a:17:80:b2:97:37:66:b1:a7:
                    13:57:cc:36:49:f6:40:79:db:81:31:be:41:6d:d3:
                    5c:56:bb:a8:da:63:98:be:ee:37:08:ea:33:6a:a8:
                    15:f0:f8:8b:6a:2e:bb:b7:fb:8c:0b:f3:c2:b3:e9:
                    11:f6:f8:a5:99:04:75:e2:ef:11:91:91:aa:ca:17:
                    b4:b9:cf:3b:07:8f:f2:51:6a:ab:0e:93:a1:80:7a:
                    5d:9b:e3:07:01:3c:83:2a:1f:2d:c9:65:73:a5:3c:
                    24:aa:bb:10:63:c2:c9:29:46:d2:68:f9:91:dc:82:
                    13:eb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                85:6C:44:D8:A1:C4:B6:31:D3:01:55:7B:0F:85:A1:B6:A3:78:2D:EC
            X509v3 Authority Key Identifier:
                keyid:87:95:8B:A6:61:C4:35:CC:D2:5C:20:60:46:2E:F6:00:D2:71:9E:E0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h5WLpmHENczSXCBgRi72ANJxnuA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/65cf0a-ade3-40b1-9987-8c34e4cf9026/1/h5WLpmHENczSXCBgRi72ANJxnuA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/86/65cf0a-ade3-40b1-9987-8c34e4cf9026/1/h5WLpmHENczSXCBgRi72ANJxnuA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7e:52:d7:6a:f5:fc:a8:75:07:26:6c:e6:b2:57:73:a1:08:76:
         07:b2:3c:67:92:6c:ba:ed:a5:6a:14:59:be:ae:25:89:4e:91:
         ef:32:2d:4e:f0:be:33:b3:21:7c:01:85:ef:8a:37:8e:1a:bd:
         d7:8b:e4:22:0b:ee:4f:7e:c0:c0:b5:9d:40:3a:3f:e0:5d:28:
         95:7e:15:09:39:9e:26:57:5e:de:42:2f:25:da:e1:49:d5:5c:
         52:af:6d:d9:94:fb:19:78:fc:5f:77:14:db:ed:14:09:3d:04:
         4f:b8:a9:01:9e:55:c4:c5:bb:0e:ec:8d:05:11:80:3e:4b:b8:
         f3:20:fc:72:16:69:fe:0d:04:e3:85:0d:8e:99:93:ab:2e:b7:
         ba:68:08:fc:1d:ed:41:fb:cd:0e:52:cc:ef:9e:1d:9a:e0:39:
         fe:33:fd:af:b1:21:84:b9:80:33:29:2e:eb:6d:76:b2:ac:f3:
         83:a6:47:9c:92:18:1d:33:41:3a:c9:3c:a4:36:c1:ca:d0:09:
         89:aa:4e:4a:c8:f2:20:a7:1f:09:5d:01:44:01:6a:4d:ce:80:
         c5:48:0d:26:74:e9:f6:87:fc:80:e1:29:d2:5c:52:e8:d9:b5:
         c8:dd:9b:20:29:a4:eb:dc:bb:2c:e3:1d:37:8a:3d:f3:2f:cb:
         cc:17:c2:0c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZiHn2riYMFVkwBm4jdpTbQVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3OTU4YmE2NjFjNDM1Y2NkMjVjMjA2MDQ2MmVmNjAwZDI3
MTllZTAwHhcNMjUwODA4MDMwMDI4WhcNMjUwODA5MDMwMDI4WjAzMTEwLwYDVQQD
Eyg4NTZjNDRkOGExYzRiNjMxZDMwMTU1N2IwZjg1YTFiNmEzNzgyZGVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApraD3unBv8JqTTy6QDJcrOw68kF7
ac5dhXWKNe86PJ/o4D1OmOqL+Z+K4jVT5karcsyN36tBCgyLVG2kZnjouD1BscUT
Ntn5QsH1MZM8SUM6BFgtRJ2JrIzSawztY/Cn84iKvwT48QnqADh9D4V0FSdz9OgW
J5Oet945y5NnGsCyQFyqnVZ0z7aXY/8aF4CylzdmsacTV8w2SfZAeduBMb5BbdNc
Vruo2mOYvu43COozaqgV8PiLai67t/uMC/PCs+kR9vilmQR14u8RkZGqyhe0uc87
B4/yUWqrDpOhgHpdm+MHATyDKh8tyWVzpTwkqrsQY8LJKUbSaPmR3IIT6wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIVsRNihxLYx0wFVew+FobajeC3sMB8GA1UdIwQY
MBaAFIeVi6ZhxDXM0lwgYEYu9gDScZ7gMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaDVXTHBtSEVOY3pTWENCZ1JpNzJBTkp4bnVBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni82NWNmMGEtYWRlMy00MGIxLTk5ODct
OGMzNGU0Y2Y5MDI2LzEvaDVXTHBtSEVOY3pTWENCZ1JpNzJBTkp4bnVBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni82NWNmMGEtYWRlMy00MGIxLTk5ODctOGMzNGU0Y2Y5MDI2
LzEvaDVXTHBtSEVOY3pTWENCZ1JpNzJBTkp4bnVBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAflLXavX8
qHUHJmzmsldzoQh2B7I8Z5Jsuu2lahRZvq4liU6R7zItTvC+M7MhfAGF74o3jhq9
14vkIgvuT37AwLWdQDo/4F0olX4VCTmeJlde3kIvJdrhSdVcUq9t2ZT7GXj8X3cU
2+0UCT0ET7ipAZ5VxMW7DuyNBRGAPku48yD8chZp/g0E44UNjpmTqy63umgI/B3t
QfvNDlLM754dmuA5/jP9r7EhhLmAMyku6212sqzzg6ZHnJIYHTNBOsk8pDbBytAJ
iapOSsjyIKcfCV0BRAFqTc6AxUgNJnTp9of8gOEp0lxS6Nm1yN2bICmk69y7LOMd
N4o98y/LzBfCDA==
-----END CERTIFICATE-----
Generated at Fri Aug 8 13:02:07 2025 by rpki-client