Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a1/05bb43-4ae8-4b6d-b46c-113ede3aff79/1/y5ocuA-2NzLlMAR6HsVSn4yLGgY.mft
File:                     y5ocuA-2NzLlMAR6HsVSn4yLGgY.mft (raw, json)
Hash identifier:          iCfqKI7w8bA7KgNmuBaFwD8qsNij6MdS4920Q7BR/Gw=
Subject key identifier:   99:AB:5C:B9:36:DD:D7:52:48:1F:CD:6D:55:98:53:AA:D1:44:6A:DF
Authority key identifier: CB:9A:1C:B8:0F:B6:37:32:E5:30:04:7A:1E:C5:52:9F:8C:8B:1A:06
Certificate issuer:       /CN=cb9a1cb80fb63732e530047a1ec5529f8c8b1a06
Certificate serial:       0198744FAFD087545FBBB97C89932B916727
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/y5ocuA-2NzLlMAR6HsVSn4yLGgY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a1/05bb43-4ae8-4b6d-b46c-113ede3aff79/1/y5ocuA-2NzLlMAR6HsVSn4yLGgY.mft
Manifest number:          032F
Signing time:             Mon 04 Aug 2025 09:00:35 +0000
Manifest this update:     Mon 04 Aug 2025 09:00:35 +0000
Manifest next update:     Tue 05 Aug 2025 09:00:35 +0000
Files and hashes:         1: y5ocuA-2NzLlMAR6HsVSn4yLGgY.crl (hash: aHTwNpGz6SkbTxKlbkM3YbxU5KaRTiScRcUw7mhb3oY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a1/05bb43-4ae8-4b6d-b46c-113ede3aff79/1/y5ocuA-2NzLlMAR6HsVSn4yLGgY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a1/05bb43-4ae8-4b6d-b46c-113ede3aff79/1/y5ocuA-2NzLlMAR6HsVSn4yLGgY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/y5ocuA-2NzLlMAR6HsVSn4yLGgY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 05 Aug 2025 03:00:28 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:74:4f:af:d0:87:54:5f:bb:b9:7c:89:93:2b:91:67:27
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cb9a1cb80fb63732e530047a1ec5529f8c8b1a06
        Validity
            Not Before: Aug  4 09:00:35 2025 GMT
            Not After : Aug  5 09:00:35 2025 GMT
        Subject: CN=99ab5cb936ddd752481fcd6d559853aad1446adf
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8f:87:3e:c6:a2:b9:2c:24:83:8a:ff:db:9f:bd:
                    85:98:9a:ab:84:cb:76:8b:92:69:40:68:64:05:05:
                    ae:cf:ab:23:30:45:6f:e0:a7:55:41:8f:36:68:8a:
                    ea:7b:d6:a2:63:aa:5d:68:1b:6c:4e:6b:d4:52:71:
                    d4:f7:b8:e6:7b:ae:6f:9e:2e:81:64:1c:d8:d1:98:
                    8b:22:63:00:9c:cc:bd:50:07:fc:76:53:8a:34:b3:
                    98:4d:7c:f2:b6:c4:46:7e:8b:f1:40:b3:18:db:81:
                    4d:ae:a1:d4:59:e5:2f:30:16:24:1e:27:56:60:95:
                    cc:56:f1:26:8b:c7:04:a3:32:f1:2e:38:cb:24:c5:
                    f5:e4:07:e5:a2:4a:d1:e9:d5:17:e4:fa:30:ff:94:
                    45:58:20:9d:40:2f:7b:aa:ac:c7:2f:7d:d3:52:4b:
                    12:a5:ac:42:a4:10:bc:de:b1:36:5c:79:f5:56:e1:
                    af:3f:66:9d:a3:d2:57:cf:cf:31:b7:74:8a:da:0f:
                    f3:35:39:59:9c:91:89:6e:09:7b:ee:9d:52:77:a0:
                    37:cd:c0:a9:91:78:9f:de:9f:10:a5:cd:cb:af:05:
                    4c:2b:34:ef:35:f4:62:ab:95:b3:d6:01:ad:34:48:
                    6d:39:ed:aa:77:b7:20:26:bf:7b:b3:47:9d:9f:f7:
                    a6:d1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                99:AB:5C:B9:36:DD:D7:52:48:1F:CD:6D:55:98:53:AA:D1:44:6A:DF
            X509v3 Authority Key Identifier:
                keyid:CB:9A:1C:B8:0F:B6:37:32:E5:30:04:7A:1E:C5:52:9F:8C:8B:1A:06

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/y5ocuA-2NzLlMAR6HsVSn4yLGgY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/05bb43-4ae8-4b6d-b46c-113ede3aff79/1/y5ocuA-2NzLlMAR6HsVSn4yLGgY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/05bb43-4ae8-4b6d-b46c-113ede3aff79/1/y5ocuA-2NzLlMAR6HsVSn4yLGgY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         00:4e:6f:f9:d2:5f:02:48:ea:47:68:ea:b4:f3:37:53:e7:d2:
         07:f1:de:e5:b7:56:cb:db:62:58:e3:be:12:4c:fe:49:8a:8b:
         39:21:72:79:de:5a:c1:32:20:d4:94:0d:ca:94:98:e3:ff:88:
         f3:b0:83:ec:3a:bf:aa:17:30:1d:ff:2f:5c:86:e4:3f:7e:c1:
         3c:d6:3f:13:75:81:be:c7:98:a1:0c:06:42:f7:9d:11:7c:3c:
         c9:5e:6a:a5:53:89:d2:c6:05:9b:56:88:67:9f:52:9d:73:73:
         72:1f:75:e7:09:f9:4d:fa:af:f8:88:80:9d:17:d1:23:0d:1d:
         7d:89:38:46:59:88:9a:40:57:fd:49:14:97:91:e5:b4:29:4b:
         a6:6c:d5:37:df:24:10:9f:1f:4a:96:5b:54:f3:be:dd:3f:05:
         75:65:d8:1c:c3:4a:22:10:54:c4:4e:dc:13:11:57:c0:1e:38:
         55:05:25:7f:bc:19:61:31:69:ac:88:d2:00:0a:18:90:64:6e:
         87:b2:4e:d6:81:47:fc:61:db:be:d8:38:61:6c:49:48:7d:40:
         2e:0a:58:ce:a3:cd:7c:3c:d7:0b:c0:c1:4c:ed:3e:00:f1:75:
         7e:05:a9:95:e9:57:0d:15:31:24:7a:e7:71:70:6d:6c:98:6a:
         c2:e1:e8:82
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZh0T6/Qh1Rfu7l8iZMrkWcnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNiOWExY2I4MGZiNjM3MzJlNTMwMDQ3YTFlYzU1MjlmOGM4
YjFhMDYwHhcNMjUwODA0MDkwMDM1WhcNMjUwODA1MDkwMDM1WjAzMTEwLwYDVQQD
Eyg5OWFiNWNiOTM2ZGRkNzUyNDgxZmNkNmQ1NTk4NTNhYWQxNDQ2YWRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj4c+xqK5LCSDiv/bn72FmJqrhMt2
i5JpQGhkBQWuz6sjMEVv4KdVQY82aIrqe9aiY6pdaBtsTmvUUnHU97jme65vni6B
ZBzY0ZiLImMAnMy9UAf8dlOKNLOYTXzytsRGfovxQLMY24FNrqHUWeUvMBYkHidW
YJXMVvEmi8cEozLxLjjLJMX15AflokrR6dUX5Pow/5RFWCCdQC97qqzHL33TUksS
paxCpBC83rE2XHn1VuGvP2ado9JXz88xt3SK2g/zNTlZnJGJbgl77p1Sd6A3zcCp
kXif3p8Qpc3LrwVMKzTvNfRiq5Wz1gGtNEhtOe2qd7cgJr97s0edn/em0QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJmrXLk23ddSSB/NbVWYU6rRRGrfMB8GA1UdIwQY
MBaAFMuaHLgPtjcy5TAEeh7FUp+MixoGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveTVvY3VBLTJOekxsTUFSNkhzVlNuNHlMR2dZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMS8wNWJiNDMtNGFlOC00YjZkLWI0NmMt
MTEzZWRlM2FmZjc5LzEveTVvY3VBLTJOekxsTUFSNkhzVlNuNHlMR2dZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMS8wNWJiNDMtNGFlOC00YjZkLWI0NmMtMTEzZWRlM2FmZjc5
LzEveTVvY3VBLTJOekxsTUFSNkhzVlNuNHlMR2dZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAAE5v+dJf
AkjqR2jqtPM3U+fSB/He5bdWy9tiWOO+Ekz+SYqLOSFyed5awTIg1JQNypSY4/+I
87CD7Dq/qhcwHf8vXIbkP37BPNY/E3WBvseYoQwGQvedEXw8yV5qpVOJ0sYFm1aI
Z59SnXNzch915wn5Tfqv+IiAnRfRIw0dfYk4RlmImkBX/UkUl5HltClLpmzVN98k
EJ8fSpZbVPO+3T8FdWXYHMNKIhBUxE7cExFXwB44VQUlf7wZYTFprIjSAAoYkGRu
h7JO1oFH/GHbvtg4YWxJSH1ALgpYzqPNfDzXC8DBTO0+APF1fgWplelXDRUxJHrn
cXBtbJhqwuHogg==
-----END CERTIFICATE-----
Generated at Mon Aug 4 11:03:58 2025 by rpki-client