Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b7/68ce51-bd3e-4cd1-bcc2-dd2a584a62bb/1/LhgQ1ckRtKgQc_rmOJcbV33XpkI.mft
File:                     LhgQ1ckRtKgQc_rmOJcbV33XpkI.mft (raw, json)
Hash identifier:          YM40D79Vuipe6EOvF/Aq6dzuE5JKNiT4/orKKX8XIIk=
Subject key identifier:   8B:7B:02:B6:C1:C3:77:2F:0A:F1:FF:27:5B:7C:42:01:39:1C:43:CD
Authority key identifier: 2E:18:10:D5:C9:11:B4:A8:10:73:FA:E6:38:97:1B:57:7D:D7:A6:42
Certificate issuer:       /CN=2e1810d5c911b4a81073fae638971b577dd7a642
Certificate serial:       019873E1B953615F8EE185F0FCF25E02902B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/LhgQ1ckRtKgQc_rmOJcbV33XpkI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b7/68ce51-bd3e-4cd1-bcc2-dd2a584a62bb/1/LhgQ1ckRtKgQc_rmOJcbV33XpkI.mft
Manifest number:          10E3
Signing time:             Mon 04 Aug 2025 07:00:29 +0000
Manifest this update:     Mon 04 Aug 2025 07:00:29 +0000
Manifest next update:     Tue 05 Aug 2025 07:00:29 +0000
Files and hashes:         1: LhgQ1ckRtKgQc_rmOJcbV33XpkI.crl (hash: /EIYmE2RDvftY43c7/jMY2RxUMemoz0lsjqAemZLRSQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b7/68ce51-bd3e-4cd1-bcc2-dd2a584a62bb/1/LhgQ1ckRtKgQc_rmOJcbV33XpkI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b7/68ce51-bd3e-4cd1-bcc2-dd2a584a62bb/1/LhgQ1ckRtKgQc_rmOJcbV33XpkI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/LhgQ1ckRtKgQc_rmOJcbV33XpkI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 05 Aug 2025 03:00:28 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:73:e1:b9:53:61:5f:8e:e1:85:f0:fc:f2:5e:02:90:2b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2e1810d5c911b4a81073fae638971b577dd7a642
        Validity
            Not Before: Aug  4 07:00:29 2025 GMT
            Not After : Aug  5 07:00:29 2025 GMT
        Subject: CN=8b7b02b6c1c3772f0af1ff275b7c4201391c43cd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:37:b8:ee:1b:30:2d:34:6e:0b:cc:02:72:7d:
                    46:44:f7:c4:27:70:cb:db:8d:8b:a5:ba:f8:6d:cc:
                    70:48:93:a1:73:95:41:6e:79:64:23:70:77:63:53:
                    c5:e3:6b:a6:f2:a7:74:17:a2:6b:d5:20:10:76:b0:
                    17:d7:17:9e:dd:08:51:bc:75:ec:1e:2e:ab:2d:09:
                    a1:77:20:78:34:be:82:5e:1d:47:06:c3:5e:9b:47:
                    e8:5c:06:a4:20:8d:6b:1b:4a:81:b0:a0:b0:c6:ff:
                    cb:eb:49:e9:be:a4:b5:35:fe:f1:62:49:6e:9d:c2:
                    85:79:dc:25:07:1b:22:89:49:92:3c:e4:b3:7c:65:
                    38:bf:66:f8:59:97:4f:ba:ee:a2:8f:6d:92:e2:e5:
                    44:64:94:2b:78:3b:a7:e2:f0:ed:77:2a:de:69:46:
                    8e:6b:e2:91:73:c9:b6:33:48:f3:f8:4c:59:59:fc:
                    63:bb:02:59:d5:1b:72:65:1a:47:57:ac:fa:e1:04:
                    15:4c:5d:0a:0a:5a:ba:38:cc:a7:c6:4f:4a:eb:d2:
                    6c:f8:71:64:2f:7e:eb:76:48:2d:5c:aa:ca:6e:d3:
                    52:5a:a6:aa:82:59:64:eb:03:9f:23:3e:76:5f:22:
                    49:21:1c:f9:a5:96:8e:a3:b1:dd:39:75:aa:93:b5:
                    82:a1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8B:7B:02:B6:C1:C3:77:2F:0A:F1:FF:27:5B:7C:42:01:39:1C:43:CD
            X509v3 Authority Key Identifier:
                keyid:2E:18:10:D5:C9:11:B4:A8:10:73:FA:E6:38:97:1B:57:7D:D7:A6:42

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LhgQ1ckRtKgQc_rmOJcbV33XpkI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/68ce51-bd3e-4cd1-bcc2-dd2a584a62bb/1/LhgQ1ckRtKgQc_rmOJcbV33XpkI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/68ce51-bd3e-4cd1-bcc2-dd2a584a62bb/1/LhgQ1ckRtKgQc_rmOJcbV33XpkI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         12:17:f2:a6:69:8e:35:95:51:e3:7b:9f:d0:40:7a:99:cb:f0:
         e0:c1:0f:be:70:af:a5:9c:c9:d9:6e:6c:27:6c:10:6b:9b:c4:
         0a:8b:04:62:5d:ae:18:03:8a:5f:b4:c0:5c:a6:c1:31:8e:e9:
         4f:73:6b:21:d2:26:85:a8:5c:84:8b:21:45:f7:0d:4a:ec:73:
         34:00:b5:d2:59:c5:a4:07:2d:f4:eb:16:47:8e:35:e4:5a:49:
         0a:ef:44:23:14:97:a8:52:b9:b1:84:97:31:3f:c0:1b:81:e7:
         8a:7d:18:59:e2:45:85:2e:8d:75:07:58:96:5d:f3:f9:c9:0d:
         ca:55:01:21:c3:ad:18:1e:39:55:1e:c5:8f:06:aa:68:7a:06:
         a9:fc:92:b8:73:6f:e5:bc:8c:90:a0:c4:08:9c:0b:75:dd:47:
         62:66:11:d5:2b:5f:29:bb:1f:76:7d:ec:05:59:13:cd:87:23:
         80:84:e2:da:68:02:d4:a8:81:b1:96:93:2d:15:44:ef:26:d2:
         0f:bb:47:a7:c8:71:b6:1a:50:59:33:02:a6:78:56:ae:49:bd:
         f2:8e:5c:ec:59:1a:09:99:19:75:1b:1b:60:3f:e4:55:b4:b7:
         49:50:4e:1e:1a:f0:c3:83:ea:da:98:59:66:b1:67:82:4e:49:
         2c:8e:43:19
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZhz4blTYV+O4YXw/PJeApArMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJlMTgxMGQ1YzkxMWI0YTgxMDczZmFlNjM4OTcxYjU3N2Rk
N2E2NDIwHhcNMjUwODA0MDcwMDI5WhcNMjUwODA1MDcwMDI5WjAzMTEwLwYDVQQD
Eyg4YjdiMDJiNmMxYzM3NzJmMGFmMWZmMjc1YjdjNDIwMTM5MWM0M2NkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvje47hswLTRuC8wCcn1GRPfEJ3DL
242Lpbr4bcxwSJOhc5VBbnlkI3B3Y1PF42um8qd0F6Jr1SAQdrAX1xee3QhRvHXs
Hi6rLQmhdyB4NL6CXh1HBsNem0foXAakII1rG0qBsKCwxv/L60npvqS1Nf7xYklu
ncKFedwlBxsiiUmSPOSzfGU4v2b4WZdPuu6ij22S4uVEZJQreDun4vDtdyreaUaO
a+KRc8m2M0jz+ExZWfxjuwJZ1RtyZRpHV6z64QQVTF0KClq6OMynxk9K69Js+HFk
L37rdkgtXKrKbtNSWqaqgllk6wOfIz52XyJJIRz5pZaOo7HdOXWqk7WCoQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIt7ArbBw3cvCvH/J1t8QgE5HEPNMB8GA1UdIwQY
MBaAFC4YENXJEbSoEHP65jiXG1d916ZCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTGhnUTFja1J0S2dRY19ybU9KY2JWMzNYcGtJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNy82OGNlNTEtYmQzZS00Y2QxLWJjYzIt
ZGQyYTU4NGE2MmJiLzEvTGhnUTFja1J0S2dRY19ybU9KY2JWMzNYcGtJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNy82OGNlNTEtYmQzZS00Y2QxLWJjYzItZGQyYTU4NGE2MmJi
LzEvTGhnUTFja1J0S2dRY19ybU9KY2JWMzNYcGtJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAEhfypmmO
NZVR43uf0EB6mcvw4MEPvnCvpZzJ2W5sJ2wQa5vECosEYl2uGAOKX7TAXKbBMY7p
T3NrIdImhahchIshRfcNSuxzNAC10lnFpAct9OsWR4415FpJCu9EIxSXqFK5sYSX
MT/AG4Hnin0YWeJFhS6NdQdYll3z+ckNylUBIcOtGB45VR7FjwaqaHoGqfySuHNv
5byMkKDECJwLdd1HYmYR1StfKbsfdn3sBVkTzYcjgITi2mgC1KiBsZaTLRVE7ybS
D7tHp8hxthpQWTMCpnhWrkm98o5c7FkaCZkZdRsbYD/kVbS3SVBOHhrww4Pq2phZ
ZrFngk5JLI5DGQ==
-----END CERTIFICATE-----
Generated at Mon Aug 4 11:04:24 2025 by rpki-client