Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b7/d30b5d-7f3b-4a5a-9897-0c011c9c927d/1/aErIoCEnBoJ2XSPvAzjzXHht2zU.mft
File:                     aErIoCEnBoJ2XSPvAzjzXHht2zU.mft (raw, json)
Hash identifier:          3gZyE1IJY65dG+Hg6qWWE+AC3xh5LdEfd54ab0LpjkQ=
Subject key identifier:   C8:11:3E:A0:08:71:69:8A:EC:A7:9A:5A:81:C4:9A:4D:77:53:F5:01
Authority key identifier: 68:4A:C8:A0:21:27:06:82:76:5D:23:EF:03:38:F3:5C:78:6D:DB:35
Certificate issuer:       /CN=684ac8a021270682765d23ef0338f35c786ddb35
Certificate serial:       0198737448EC597BC52CC11EB015C75A3CAC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/aErIoCEnBoJ2XSPvAzjzXHht2zU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b7/d30b5d-7f3b-4a5a-9897-0c011c9c927d/1/aErIoCEnBoJ2XSPvAzjzXHht2zU.mft
Manifest number:          12C5
Signing time:             Mon 04 Aug 2025 05:00:57 +0000
Manifest this update:     Mon 04 Aug 2025 05:00:57 +0000
Manifest next update:     Tue 05 Aug 2025 05:00:57 +0000
Files and hashes:         1: aErIoCEnBoJ2XSPvAzjzXHht2zU.crl (hash: O90NqCZ5PugJ3H//Dj5PDZbVzEinTuq0MHTx14HKiEI=)
                          2: eEP1VypyuqVxmlLrgaA9LlVwYK4.roa (hash: 5dvQLaqP0vbYafUJXNT7sKTWbRstUgrMUzxGvHU5Rgc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b7/d30b5d-7f3b-4a5a-9897-0c011c9c927d/1/aErIoCEnBoJ2XSPvAzjzXHht2zU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b7/d30b5d-7f3b-4a5a-9897-0c011c9c927d/1/aErIoCEnBoJ2XSPvAzjzXHht2zU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/aErIoCEnBoJ2XSPvAzjzXHht2zU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 05 Aug 2025 03:00:28 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:73:74:48:ec:59:7b:c5:2c:c1:1e:b0:15:c7:5a:3c:ac
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=684ac8a021270682765d23ef0338f35c786ddb35
        Validity
            Not Before: Aug  4 05:00:57 2025 GMT
            Not After : Aug  5 05:00:57 2025 GMT
        Subject: CN=c8113ea00871698aeca79a5a81c49a4d7753f501
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:dd:2b:62:9c:54:76:7c:3c:15:96:cd:39:5a:
                    71:67:28:45:1a:20:59:1e:d4:10:e7:7d:62:b3:af:
                    58:f0:90:3c:f2:27:52:1a:9e:ec:35:e7:db:24:4c:
                    78:eb:94:bd:52:97:2c:63:61:69:68:d7:85:e8:97:
                    c0:97:27:ff:4b:eb:fc:2e:81:a0:78:49:cd:79:6b:
                    ae:cd:ed:64:e9:3c:b4:fe:77:d8:cb:50:41:3c:f1:
                    7c:74:16:2a:9b:08:d4:20:32:8b:a4:e2:82:e0:24:
                    07:5c:0d:68:7f:e2:f1:47:cf:ff:a6:84:89:4e:21:
                    ed:31:41:96:9b:b0:95:6f:81:fa:59:54:93:76:bd:
                    97:06:4f:c3:45:09:be:99:8b:c5:7e:aa:60:9c:9d:
                    60:62:8a:34:27:d1:60:67:7a:66:a4:b8:ae:88:37:
                    9c:75:9a:fb:9f:d2:6b:45:4d:8f:9c:a6:e1:27:c9:
                    f4:89:30:46:d7:5d:c3:c6:9c:da:f1:03:62:b9:2c:
                    1c:b2:03:35:41:59:02:d3:e6:22:94:6c:2e:46:d0:
                    60:8f:9c:31:12:cc:1b:c8:61:24:e8:28:17:c8:b1:
                    30:fe:de:cd:78:4e:41:b8:1a:e8:30:fa:57:db:48:
                    c1:ec:17:be:ca:29:e0:1d:17:9d:a4:b3:25:40:e9:
                    42:09
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C8:11:3E:A0:08:71:69:8A:EC:A7:9A:5A:81:C4:9A:4D:77:53:F5:01
            X509v3 Authority Key Identifier:
                keyid:68:4A:C8:A0:21:27:06:82:76:5D:23:EF:03:38:F3:5C:78:6D:DB:35

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aErIoCEnBoJ2XSPvAzjzXHht2zU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/d30b5d-7f3b-4a5a-9897-0c011c9c927d/1/aErIoCEnBoJ2XSPvAzjzXHht2zU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/d30b5d-7f3b-4a5a-9897-0c011c9c927d/1/aErIoCEnBoJ2XSPvAzjzXHht2zU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         29:57:26:a5:e0:f0:31:27:32:04:ad:f1:f8:ea:c5:45:ea:be:
         f5:b2:9f:b4:4b:5f:35:15:95:cc:78:91:ac:b8:47:3a:0d:d6:
         2c:8e:45:81:11:19:bd:7d:f8:d5:93:b8:cc:a6:24:c3:dc:b0:
         23:26:13:94:69:a7:15:73:2c:0c:2a:bd:4d:7f:8b:f8:f4:0e:
         b8:84:b9:ef:96:bf:e9:51:34:8a:50:80:c2:47:f4:ef:ff:11:
         a6:50:3a:a6:ee:0b:23:1f:cb:38:ab:33:f6:f5:7e:e7:f2:09:
         60:bd:57:96:ce:cc:89:29:f2:d7:13:d7:55:af:46:b3:3e:42:
         05:ba:62:66:41:14:a4:5d:15:15:ee:fb:c0:a8:42:c5:64:c7:
         12:ef:f4:dd:b8:ac:12:f6:d5:7f:ae:96:62:d2:0a:e8:db:5b:
         27:d3:60:b4:a6:03:ae:74:3b:df:37:36:87:eb:5c:e6:2d:44:
         dd:a4:53:b7:30:5e:9b:96:6d:c0:22:aa:a2:57:17:f7:89:13:
         62:a2:3d:c0:e2:06:3a:16:5a:43:da:73:6e:de:09:df:70:a6:
         50:80:c8:f9:4e:ce:14:a7:27:92:4a:93:8c:81:bd:18:71:fb:
         7d:06:e9:42:aa:bd:6a:11:b1:6f:dd:2b:e3:b6:f0:b4:2e:a4:
         55:11:3a:ef
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZhzdEjsWXvFLMEesBXHWjysMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4NGFjOGEwMjEyNzA2ODI3NjVkMjNlZjAzMzhmMzVjNzg2
ZGRiMzUwHhcNMjUwODA0MDUwMDU3WhcNMjUwODA1MDUwMDU3WjAzMTEwLwYDVQQD
EyhjODExM2VhMDA4NzE2OThhZWNhNzlhNWE4MWM0OWE0ZDc3NTNmNTAxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtd0rYpxUdnw8FZbNOVpxZyhFGiBZ
HtQQ531is69Y8JA88idSGp7sNefbJEx465S9UpcsY2FpaNeF6JfAlyf/S+v8LoGg
eEnNeWuuze1k6Ty0/nfYy1BBPPF8dBYqmwjUIDKLpOKC4CQHXA1of+LxR8//poSJ
TiHtMUGWm7CVb4H6WVSTdr2XBk/DRQm+mYvFfqpgnJ1gYoo0J9FgZ3pmpLiuiDec
dZr7n9JrRU2PnKbhJ8n0iTBG113Dxpza8QNiuSwcsgM1QVkC0+YilGwuRtBgj5wx
EswbyGEk6CgXyLEw/t7NeE5BuBroMPpX20jB7Be+yingHRedpLMlQOlCCQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMgRPqAIcWmK7KeaWoHEmk13U/UBMB8GA1UdIwQY
MBaAFGhKyKAhJwaCdl0j7wM481x4bds1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYUVySW9DRW5Cb0oyWFNQdkF6anpYSGh0MnpVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNy9kMzBiNWQtN2YzYi00YTVhLTk4OTct
MGMwMTFjOWM5MjdkLzEvYUVySW9DRW5Cb0oyWFNQdkF6anpYSGh0MnpVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNy9kMzBiNWQtN2YzYi00YTVhLTk4OTctMGMwMTFjOWM5Mjdk
LzEvYUVySW9DRW5Cb0oyWFNQdkF6anpYSGh0MnpVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKVcmpeDw
MScyBK3x+OrFReq+9bKftEtfNRWVzHiRrLhHOg3WLI5FgREZvX341ZO4zKYkw9yw
IyYTlGmnFXMsDCq9TX+L+PQOuIS575a/6VE0ilCAwkf07/8RplA6pu4LIx/LOKsz
9vV+5/IJYL1Xls7MiSny1xPXVa9Gsz5CBbpiZkEUpF0VFe77wKhCxWTHEu/03bis
EvbVf66WYtIK6NtbJ9NgtKYDrnQ73zc2h+tc5i1E3aRTtzBem5ZtwCKqolcX94kT
YqI9wOIGOhZaQ9pzbt4J33CmUIDI+U7OFKcnkkqTjIG9GHH7fQbpQqq9ahGxb90r
47bwtC6kVRE67w==
-----END CERTIFICATE-----
Generated at Mon Aug 4 11:04:34 2025 by rpki-client