Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/95/820f17-37bb-4867-bc80-c7d3e96fd35b/1/MP2VzoDqznNONA3dcjEQ-lJS-jQ.mft
File:                     MP2VzoDqznNONA3dcjEQ-lJS-jQ.mft (raw, json)
Hash identifier:          8cI/0RpSH3lLIHwr4l8dMdb1arY4gwg7GCO5ZX9nZvA=
Subject key identifier:   52:2D:CE:E3:83:31:1E:04:65:5A:F6:32:65:43:27:E3:08:91:E2:88
Authority key identifier: 30:FD:95:CE:80:EA:CE:73:4E:34:0D:DD:72:31:10:FA:52:52:FA:34
Certificate issuer:       /CN=30fd95ce80eace734e340ddd723110fa5252fa34
Certificate serial:       0198819DFD62ECDDBAE1E03AA6CCAD1AFCC8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/MP2VzoDqznNONA3dcjEQ-lJS-jQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/95/820f17-37bb-4867-bc80-c7d3e96fd35b/1/MP2VzoDqznNONA3dcjEQ-lJS-jQ.mft
Manifest number:          161C
Signing time:             Wed 06 Aug 2025 23:01:11 +0000
Manifest this update:     Wed 06 Aug 2025 23:01:11 +0000
Manifest next update:     Thu 07 Aug 2025 23:01:11 +0000
Files and hashes:         1: MP2VzoDqznNONA3dcjEQ-lJS-jQ.crl (hash: sIH/OGzbl8gP7EWKSLClCDV5ZGGv3mmN1fln0Mu0esY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/95/820f17-37bb-4867-bc80-c7d3e96fd35b/1/MP2VzoDqznNONA3dcjEQ-lJS-jQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/95/820f17-37bb-4867-bc80-c7d3e96fd35b/1/MP2VzoDqznNONA3dcjEQ-lJS-jQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/MP2VzoDqznNONA3dcjEQ-lJS-jQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 07 Aug 2025 23:00:39 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:81:9d:fd:62:ec:dd:ba:e1:e0:3a:a6:cc:ad:1a:fc:c8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=30fd95ce80eace734e340ddd723110fa5252fa34
        Validity
            Not Before: Aug  6 23:01:11 2025 GMT
            Not After : Aug  7 23:01:11 2025 GMT
        Subject: CN=522dcee383311e04655af632654327e30891e288
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c6:94:bb:46:38:69:e3:d3:dd:f4:6b:36:91:34:
                    4d:4e:9a:7d:db:ec:64:35:c3:c7:83:5b:b7:9d:33:
                    e3:92:c8:36:b6:d9:f0:68:32:96:85:d3:3b:b5:94:
                    40:c3:d3:4d:58:a7:d0:a3:88:8c:54:66:34:b9:6f:
                    29:5c:a7:49:cf:b5:74:cd:93:b0:df:4e:a6:5b:f2:
                    f0:6d:a3:78:77:f9:87:0e:1a:82:ba:15:d5:03:0e:
                    bf:91:6e:bf:58:d7:30:6f:a5:d5:cb:e9:d9:4a:51:
                    4c:a0:5d:52:ad:1e:42:3e:4f:58:54:07:78:7b:15:
                    69:7e:ad:a5:c9:3b:47:23:e8:48:e1:94:f3:7c:b3:
                    eb:a5:74:19:67:b5:88:07:1a:14:ee:36:8e:08:37:
                    a1:68:5a:99:0a:d4:52:81:14:cf:de:1a:f0:84:d9:
                    2f:a9:bb:ea:19:e1:64:63:47:d4:67:10:26:c5:16:
                    ca:de:60:4c:92:88:e5:67:fe:81:5e:35:d2:27:2b:
                    17:51:c1:75:33:5b:8c:78:aa:96:bc:a0:45:2c:b1:
                    b3:6c:e4:39:5a:15:7a:0a:f5:ff:74:c7:69:d4:a3:
                    24:8f:b9:6c:71:b3:e5:f3:5b:56:b5:61:93:81:66:
                    57:29:d3:c6:9e:e1:23:e5:01:ff:5d:1c:0c:13:34:
                    7f:bf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                52:2D:CE:E3:83:31:1E:04:65:5A:F6:32:65:43:27:E3:08:91:E2:88
            X509v3 Authority Key Identifier:
                keyid:30:FD:95:CE:80:EA:CE:73:4E:34:0D:DD:72:31:10:FA:52:52:FA:34

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MP2VzoDqznNONA3dcjEQ-lJS-jQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/95/820f17-37bb-4867-bc80-c7d3e96fd35b/1/MP2VzoDqznNONA3dcjEQ-lJS-jQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/95/820f17-37bb-4867-bc80-c7d3e96fd35b/1/MP2VzoDqznNONA3dcjEQ-lJS-jQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         67:56:7c:86:16:02:c6:1d:7b:ab:c7:c1:2c:48:5e:da:8e:f8:
         98:63:db:18:50:e4:07:79:83:a2:a5:df:9a:45:88:d0:02:69:
         ea:3f:3a:31:6f:0f:bf:eb:c9:47:fd:da:03:6a:f0:69:28:42:
         46:23:00:fa:90:4b:71:68:8d:47:51:51:67:7c:f0:d3:db:23:
         7f:aa:21:a9:63:f8:8a:78:00:5d:4b:a9:91:51:c1:0e:0f:c6:
         f7:8b:e8:03:8b:e2:4e:5f:f1:77:69:1b:e8:d9:a8:12:94:4a:
         10:85:ec:7a:d4:4b:51:1c:bc:82:f4:79:d8:81:0c:8f:ce:14:
         a7:41:5f:1e:61:37:14:52:54:61:b4:5d:77:60:09:05:a5:b5:
         c7:42:36:21:ef:e2:4d:4f:27:ee:fd:e0:15:07:9d:41:26:4e:
         a3:27:7d:d1:8b:32:e9:b2:b5:06:0a:78:01:d1:5b:a9:dd:ea:
         64:3c:da:9a:79:7d:18:e3:6c:c2:07:75:20:67:d6:a1:0a:78:
         ff:d4:e6:1f:b0:81:80:fe:d0:a2:43:ad:b4:99:01:ae:3c:94:
         28:53:66:62:7e:6d:aa:7a:71:fb:76:1f:b1:6a:c1:50:86:b1:
         c3:ef:de:46:50:76:ad:27:33:89:88:a7:1a:7d:f1:d7:14:92:
         d6:48:27:fb
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZiBnf1i7N264eA6psytGvzIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMwZmQ5NWNlODBlYWNlNzM0ZTM0MGRkZDcyMzExMGZhNTI1
MmZhMzQwHhcNMjUwODA2MjMwMTExWhcNMjUwODA3MjMwMTExWjAzMTEwLwYDVQQD
Eyg1MjJkY2VlMzgzMzExZTA0NjU1YWY2MzI2NTQzMjdlMzA4OTFlMjg4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxpS7Rjhp49Pd9Gs2kTRNTpp92+xk
NcPHg1u3nTPjksg2ttnwaDKWhdM7tZRAw9NNWKfQo4iMVGY0uW8pXKdJz7V0zZOw
306mW/LwbaN4d/mHDhqCuhXVAw6/kW6/WNcwb6XVy+nZSlFMoF1SrR5CPk9YVAd4
exVpfq2lyTtHI+hI4ZTzfLPrpXQZZ7WIBxoU7jaOCDehaFqZCtRSgRTP3hrwhNkv
qbvqGeFkY0fUZxAmxRbK3mBMkojlZ/6BXjXSJysXUcF1M1uMeKqWvKBFLLGzbOQ5
WhV6CvX/dMdp1KMkj7lscbPl81tWtWGTgWZXKdPGnuEj5QH/XRwMEzR/vwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFItzuODMR4EZVr2MmVDJ+MIkeKIMB8GA1UdIwQY
MBaAFDD9lc6A6s5zTjQN3XIxEPpSUvo0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTVAyVnpvRHF6bk5PTkEzZGNqRVEtbEpTLWpRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NS84MjBmMTctMzdiYi00ODY3LWJjODAt
YzdkM2U5NmZkMzViLzEvTVAyVnpvRHF6bk5PTkEzZGNqRVEtbEpTLWpRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85NS84MjBmMTctMzdiYi00ODY3LWJjODAtYzdkM2U5NmZkMzVi
LzEvTVAyVnpvRHF6bk5PTkEzZGNqRVEtbEpTLWpRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZ1Z8hhYC
xh17q8fBLEhe2o74mGPbGFDkB3mDoqXfmkWI0AJp6j86MW8Pv+vJR/3aA2rwaShC
RiMA+pBLcWiNR1FRZ3zw09sjf6ohqWP4ingAXUupkVHBDg/G94voA4viTl/xd2kb
6NmoEpRKEIXsetRLURy8gvR52IEMj84Up0FfHmE3FFJUYbRdd2AJBaW1x0I2Ie/i
TU8n7v3gFQedQSZOoyd90Ysy6bK1Bgp4AdFbqd3qZDzamnl9GONswgd1IGfWoQp4
/9TmH7CBgP7QokOttJkBrjyUKFNmYn5tqnpx+3YfsWrBUIaxw+/eRlB2rScziYin
Gn3x1xSS1kgn+w==
-----END CERTIFICATE-----
Generated at Thu Aug 7 07:36:57 2025 by rpki-client