Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/61b73b-f265-43d4-b5b3-946fdafe2ec6/1/aPBj7S4KJnS8RxAQGJ_HetsxwX8.mft
File:                     aPBj7S4KJnS8RxAQGJ_HetsxwX8.mft (raw, json)
Hash identifier:          gWGfstxDsJhYOqbJQ3pjbueVbOK77Be+ChF+IeL3n2c=
Subject key identifier:   4B:D4:FE:D9:B9:C0:92:6D:07:6D:19:8E:97:CE:82:68:69:32:2E:44
Authority key identifier: 68:F0:63:ED:2E:0A:26:74:BC:47:10:10:18:9F:C7:7A:DB:31:C1:7F
Certificate issuer:       /CN=68f063ed2e0a2674bc471010189fc77adb31c17f
Certificate serial:       01987DC0F3A82138626E0BBAA70AB291F315
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/aPBj7S4KJnS8RxAQGJ_HetsxwX8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a7/61b73b-f265-43d4-b5b3-946fdafe2ec6/1/aPBj7S4KJnS8RxAQGJ_HetsxwX8.mft
Manifest number:          151A
Signing time:             Wed 06 Aug 2025 05:00:53 +0000
Manifest this update:     Wed 06 Aug 2025 05:00:53 +0000
Manifest next update:     Thu 07 Aug 2025 05:00:53 +0000
Files and hashes:         1: aPBj7S4KJnS8RxAQGJ_HetsxwX8.crl (hash: QuUQOP62EvTgZCAuKXhbC+/bPZCVBLQw+ea3b1owtHY=)
                          2: cMnqdtCxCnyUSWOfUxTVBWPspak.roa (hash: OOJ4v4cc4LujDvo5fdL7b0ZauPjg9CekPa/sj+wo+LE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a7/61b73b-f265-43d4-b5b3-946fdafe2ec6/1/aPBj7S4KJnS8RxAQGJ_HetsxwX8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a7/61b73b-f265-43d4-b5b3-946fdafe2ec6/1/aPBj7S4KJnS8RxAQGJ_HetsxwX8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/aPBj7S4KJnS8RxAQGJ_HetsxwX8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 07 Aug 2025 05:00:53 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:7d:c0:f3:a8:21:38:62:6e:0b:ba:a7:0a:b2:91:f3:15
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=68f063ed2e0a2674bc471010189fc77adb31c17f
        Validity
            Not Before: Aug  6 05:00:53 2025 GMT
            Not After : Aug  7 05:00:53 2025 GMT
        Subject: CN=4bd4fed9b9c0926d076d198e97ce826869322e44
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c2:b3:2a:55:3c:ca:2b:ea:75:33:03:c8:7a:22:
                    84:32:6f:b6:7d:f6:df:7f:fc:0a:d3:ac:10:3c:4a:
                    4a:91:6b:70:dd:5a:7d:b9:cc:ff:2c:d0:7e:b4:2b:
                    2c:a4:e3:34:8d:d9:47:54:ca:1f:bf:47:0c:91:ec:
                    b2:f2:c9:20:6b:54:f7:da:43:4c:ba:89:dc:7d:62:
                    c5:f4:e6:16:53:9e:9b:1e:79:8d:b5:60:b3:75:e0:
                    1e:fa:f1:71:c8:a3:4e:13:38:7a:ed:b0:60:cf:0d:
                    fc:cb:66:a8:8c:29:e9:12:41:6b:dc:17:4a:63:0b:
                    25:47:0c:8b:17:e7:ff:45:8e:96:fe:f9:24:60:e1:
                    b2:fb:51:ce:20:b9:0f:2c:21:f7:0f:75:fd:21:32:
                    96:0a:3c:5c:44:7c:76:e9:a5:d1:ae:d4:0c:a4:4f:
                    f9:5f:84:67:d4:b1:28:f7:c6:00:c3:ac:95:75:e4:
                    2b:69:61:f9:38:7d:a3:bf:6f:e1:5b:15:19:3c:cc:
                    34:c6:66:61:85:56:65:7a:e6:d3:11:f0:57:a1:dd:
                    df:4d:26:6e:9c:e0:df:bb:9d:40:b7:f7:e4:72:83:
                    ca:f8:15:67:41:ba:13:62:8e:8d:ba:dd:16:35:e3:
                    7f:71:56:aa:13:01:ef:38:14:f5:6a:91:bf:2a:67:
                    d9:13
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4B:D4:FE:D9:B9:C0:92:6D:07:6D:19:8E:97:CE:82:68:69:32:2E:44
            X509v3 Authority Key Identifier:
                keyid:68:F0:63:ED:2E:0A:26:74:BC:47:10:10:18:9F:C7:7A:DB:31:C1:7F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aPBj7S4KJnS8RxAQGJ_HetsxwX8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/61b73b-f265-43d4-b5b3-946fdafe2ec6/1/aPBj7S4KJnS8RxAQGJ_HetsxwX8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/61b73b-f265-43d4-b5b3-946fdafe2ec6/1/aPBj7S4KJnS8RxAQGJ_HetsxwX8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         43:64:0d:1c:12:94:9c:59:a0:fe:f4:cc:6e:12:35:9e:8c:d8:
         a8:83:e0:ab:11:68:45:dd:d0:11:9f:79:8a:99:ad:3d:ca:53:
         9c:d4:43:b9:7d:44:5f:41:40:c4:9e:aa:10:a1:ed:c5:ee:50:
         f1:a5:82:30:56:e5:2d:22:5b:8c:06:29:96:5e:c4:d1:51:88:
         95:23:21:70:7b:f9:69:3f:17:bf:23:e5:c9:df:b0:b3:f5:6a:
         4e:1f:94:27:5b:e5:99:34:05:55:d8:89:62:7a:da:bb:2d:69:
         13:0e:c5:52:14:5a:52:b7:4b:1a:e4:b5:df:9d:92:fe:b1:2e:
         5b:02:7c:91:d0:37:f9:2e:60:7d:3e:9d:6a:7e:6b:c6:0e:06:
         33:27:a4:ef:3a:8b:fc:ca:78:60:a7:3e:f8:7c:cb:09:44:c6:
         13:56:7b:68:9b:78:72:f5:b4:f5:d9:06:eb:42:92:c8:a3:c8:
         26:24:e2:ae:96:8d:eb:fc:18:98:55:b9:d1:01:25:b9:a9:e7:
         ab:e4:a5:da:e5:f0:d5:4e:75:04:10:17:cc:6a:d4:6e:7d:ce:
         8f:e7:1a:ed:27:54:21:e7:79:88:95:1d:72:e2:ee:bb:db:74:
         17:43:a5:3c:1b:11:96:8b:57:7d:99:47:66:98:62:51:10:94:
         5b:b5:3d:01
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZh9wPOoIThibgu6pwqykfMVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4ZjA2M2VkMmUwYTI2NzRiYzQ3MTAxMDE4OWZjNzdhZGIz
MWMxN2YwHhcNMjUwODA2MDUwMDUzWhcNMjUwODA3MDUwMDUzWjAzMTEwLwYDVQQD
Eyg0YmQ0ZmVkOWI5YzA5MjZkMDc2ZDE5OGU5N2NlODI2ODY5MzIyZTQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwrMqVTzKK+p1MwPIeiKEMm+2ffbf
f/wK06wQPEpKkWtw3Vp9ucz/LNB+tCsspOM0jdlHVMofv0cMkeyy8skga1T32kNM
uoncfWLF9OYWU56bHnmNtWCzdeAe+vFxyKNOEzh67bBgzw38y2aojCnpEkFr3BdK
YwslRwyLF+f/RY6W/vkkYOGy+1HOILkPLCH3D3X9ITKWCjxcRHx26aXRrtQMpE/5
X4Rn1LEo98YAw6yVdeQraWH5OH2jv2/hWxUZPMw0xmZhhVZleubTEfBXod3fTSZu
nODfu51At/fkcoPK+BVnQboTYo6Nut0WNeN/cVaqEwHvOBT1apG/KmfZEwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEvU/tm5wJJtB20ZjpfOgmhpMi5EMB8GA1UdIwQY
MBaAFGjwY+0uCiZ0vEcQEBifx3rbMcF/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYVBCajdTNEtKblM4UnhBUUdKX0hldHN4d1g4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy82MWI3M2ItZjI2NS00M2Q0LWI1YjMt
OTQ2ZmRhZmUyZWM2LzEvYVBCajdTNEtKblM4UnhBUUdKX0hldHN4d1g4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy82MWI3M2ItZjI2NS00M2Q0LWI1YjMtOTQ2ZmRhZmUyZWM2
LzEvYVBCajdTNEtKblM4UnhBUUdKX0hldHN4d1g4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQ2QNHBKU
nFmg/vTMbhI1nozYqIPgqxFoRd3QEZ95ipmtPcpTnNRDuX1EX0FAxJ6qEKHtxe5Q
8aWCMFblLSJbjAYpll7E0VGIlSMhcHv5aT8XvyPlyd+ws/VqTh+UJ1vlmTQFVdiJ
Ynrauy1pEw7FUhRaUrdLGuS1352S/rEuWwJ8kdA3+S5gfT6dan5rxg4GMyek7zqL
/Mp4YKc++HzLCUTGE1Z7aJt4cvW09dkG60KSyKPIJiTirpaN6/wYmFW50QEluann
q+Sl2uXw1U51BBAXzGrUbn3Oj+ca7SdUIed5iJUdcuLuu9t0F0OlPBsRlotXfZlH
ZphiURCUW7U9AQ==
-----END CERTIFICATE-----
Generated at Wed Aug 6 10:12:29 2025 by rpki-client