Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bb/3ff463-0e3d-4e77-bd13-5b3b4b913cf8/1/3kK6kvCUZ8GIi16eNEiVB0SweYE.mft
File:                     3kK6kvCUZ8GIi16eNEiVB0SweYE.mft (raw, json)
Hash identifier:          fCLYiggZiGzjZNYLFUZsOSLl1AEHvjzWOK/8eGJBZwY=
Subject key identifier:   33:F1:4F:91:A3:8D:4C:9A:69:72:73:45:9C:0F:7C:12:63:5F:E7:CD
Authority key identifier: DE:42:BA:92:F0:94:67:C1:88:8B:5E:9E:34:48:95:07:44:B0:79:81
Certificate issuer:       /CN=de42ba92f09467c1888b5e9e3448950744b07981
Certificate serial:       019873E3E264A6AD0F28A50BBC039C3018F7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3kK6kvCUZ8GIi16eNEiVB0SweYE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bb/3ff463-0e3d-4e77-bd13-5b3b4b913cf8/1/3kK6kvCUZ8GIi16eNEiVB0SweYE.mft
Manifest number:          1086
Signing time:             Mon 04 Aug 2025 07:02:51 +0000
Manifest this update:     Mon 04 Aug 2025 07:02:51 +0000
Manifest next update:     Tue 05 Aug 2025 07:02:51 +0000
Files and hashes:         1: 3kK6kvCUZ8GIi16eNEiVB0SweYE.crl (hash: NbbG6fh5VIchAVWELXZwbjlkwn+4izi6oZaBls0zh50=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/bb/3ff463-0e3d-4e77-bd13-5b3b4b913cf8/1/3kK6kvCUZ8GIi16eNEiVB0SweYE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/bb/3ff463-0e3d-4e77-bd13-5b3b4b913cf8/1/3kK6kvCUZ8GIi16eNEiVB0SweYE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3kK6kvCUZ8GIi16eNEiVB0SweYE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 05 Aug 2025 07:02:51 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:73:e3:e2:64:a6:ad:0f:28:a5:0b:bc:03:9c:30:18:f7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=de42ba92f09467c1888b5e9e3448950744b07981
        Validity
            Not Before: Aug  4 07:02:51 2025 GMT
            Not After : Aug  5 07:02:51 2025 GMT
        Subject: CN=33f14f91a38d4c9a697273459c0f7c12635fe7cd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9c:37:93:18:56:62:92:4a:1c:d7:a4:b6:db:26:
                    96:5e:94:0a:f2:f0:50:f3:c5:de:ca:ee:bb:4a:98:
                    99:1d:e8:d6:5a:14:96:fd:0b:2e:01:4f:9d:b8:11:
                    de:71:96:5d:da:e1:8a:f8:1c:83:fe:49:8f:19:31:
                    1f:3b:fb:12:e6:94:6a:aa:bc:d7:13:51:78:0e:98:
                    1a:c8:b6:33:9b:a6:ee:3d:50:c8:42:ee:56:45:51:
                    a2:4e:d1:e8:ee:12:dd:32:b3:b1:30:5a:c2:57:ea:
                    f3:db:af:ff:44:08:50:70:d2:9c:9d:d8:7f:ac:b6:
                    88:46:c9:74:6c:88:19:58:1e:88:a2:8d:b8:62:12:
                    91:e3:6d:64:84:21:78:52:67:00:e0:e3:32:ac:2d:
                    65:e0:dc:bb:b3:d8:c2:29:6f:8a:fb:d6:b5:5c:66:
                    b2:fd:b7:ec:82:03:48:93:34:23:02:b9:b3:a3:15:
                    c5:98:50:1b:97:50:6f:09:38:b3:24:86:28:2b:91:
                    00:e7:61:bd:93:09:6e:b9:de:22:b4:86:58:eb:0c:
                    c4:3b:64:ff:09:40:f5:ff:19:6a:2b:88:82:3b:84:
                    ef:cf:d1:e1:aa:16:a7:26:f5:ea:06:25:2f:3d:2e:
                    28:a4:7c:35:10:24:8e:cb:8f:e1:fa:3d:50:89:11:
                    2e:45
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                33:F1:4F:91:A3:8D:4C:9A:69:72:73:45:9C:0F:7C:12:63:5F:E7:CD
            X509v3 Authority Key Identifier:
                keyid:DE:42:BA:92:F0:94:67:C1:88:8B:5E:9E:34:48:95:07:44:B0:79:81

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3kK6kvCUZ8GIi16eNEiVB0SweYE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/3ff463-0e3d-4e77-bd13-5b3b4b913cf8/1/3kK6kvCUZ8GIi16eNEiVB0SweYE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/3ff463-0e3d-4e77-bd13-5b3b4b913cf8/1/3kK6kvCUZ8GIi16eNEiVB0SweYE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a2:e7:28:64:ba:67:34:60:ba:96:8e:31:86:48:a5:47:e1:e8:
         69:7b:f6:ed:b3:22:d1:24:a8:fc:64:5c:0f:9b:c1:1e:df:cd:
         07:8a:0b:b3:94:16:83:46:41:92:22:d0:a0:e7:71:bb:8a:48:
         14:49:8e:10:71:e5:5a:3d:e3:c7:fd:04:0a:4f:f0:db:0e:1c:
         b3:16:34:df:61:db:22:93:ef:23:14:00:3f:94:95:8a:ae:28:
         ae:52:58:28:42:ff:75:53:35:75:a7:3a:0d:5d:fb:f1:37:ac:
         65:be:64:20:63:76:a5:d7:7c:a8:11:ff:31:8a:2a:67:9f:28:
         87:69:0a:02:5c:c7:e7:a0:a6:8f:3b:8d:19:5b:49:2b:97:4a:
         41:57:fa:61:28:ca:28:06:cb:61:1b:0e:51:2d:5a:45:36:38:
         ae:2c:c8:15:2c:61:2f:89:28:ac:95:a9:f3:5e:83:25:ec:16:
         8e:8d:e0:41:c6:29:c2:54:db:97:fd:98:54:a7:d3:e7:b2:93:
         f2:7b:cc:a6:90:7f:9d:f7:8c:3e:5a:b0:89:90:8b:72:7f:2d:
         b8:bb:3c:c3:36:9d:f0:9d:c4:6e:ab:ff:57:ff:45:b5:fb:c1:
         fa:6b:90:d0:e6:46:7e:9e:ee:39:b4:a6:c8:cf:3d:02:84:93:
         5f:f2:c5:f9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZhz4+Jkpq0PKKULvAOcMBj3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRlNDJiYTkyZjA5NDY3YzE4ODhiNWU5ZTM0NDg5NTA3NDRi
MDc5ODEwHhcNMjUwODA0MDcwMjUxWhcNMjUwODA1MDcwMjUxWjAzMTEwLwYDVQQD
EygzM2YxNGY5MWEzOGQ0YzlhNjk3MjczNDU5YzBmN2MxMjYzNWZlN2NkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnDeTGFZikkoc16S22yaWXpQK8vBQ
88Xeyu67SpiZHejWWhSW/QsuAU+duBHecZZd2uGK+ByD/kmPGTEfO/sS5pRqqrzX
E1F4DpgayLYzm6buPVDIQu5WRVGiTtHo7hLdMrOxMFrCV+rz26//RAhQcNKcndh/
rLaIRsl0bIgZWB6Ioo24YhKR421khCF4UmcA4OMyrC1l4Ny7s9jCKW+K+9a1XGay
/bfsggNIkzQjArmzoxXFmFAbl1BvCTizJIYoK5EA52G9kwluud4itIZY6wzEO2T/
CUD1/xlqK4iCO4Tvz9HhqhanJvXqBiUvPS4opHw1ECSOy4/h+j1QiREuRQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDPxT5GjjUyaaXJzRZwPfBJjX+fNMB8GA1UdIwQY
MBaAFN5CupLwlGfBiItenjRIlQdEsHmBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2tLNmt2Q1VaOEdJaTE2ZU5FaVZCMFN3ZVlFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYi8zZmY0NjMtMGUzZC00ZTc3LWJkMTMt
NWIzYjRiOTEzY2Y4LzEvM2tLNmt2Q1VaOEdJaTE2ZU5FaVZCMFN3ZVlFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYi8zZmY0NjMtMGUzZC00ZTc3LWJkMTMtNWIzYjRiOTEzY2Y4
LzEvM2tLNmt2Q1VaOEdJaTE2ZU5FaVZCMFN3ZVlFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAoucoZLpn
NGC6lo4xhkilR+HoaXv27bMi0SSo/GRcD5vBHt/NB4oLs5QWg0ZBkiLQoOdxu4pI
FEmOEHHlWj3jx/0ECk/w2w4csxY032HbIpPvIxQAP5SViq4orlJYKEL/dVM1dac6
DV378TesZb5kIGN2pdd8qBH/MYoqZ58oh2kKAlzH56CmjzuNGVtJK5dKQVf6YSjK
KAbLYRsOUS1aRTY4rizIFSxhL4korJWp816DJewWjo3gQcYpwlTbl/2YVKfT57KT
8nvMppB/nfeMPlqwiZCLcn8tuLs8wzad8J3Ebqv/V/9FtfvB+muQ0OZGfp7uObSm
yM89AoSTX/LF+Q==
-----END CERTIFICATE-----
Generated at Mon Aug 4 16:11:34 2025 by rpki-client