Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d1/3d4c46-7545-4b3d-8f1c-2a63402bec66/1/tIENfJv8WLngoeWRacPdMi3p9zc.mft
File:                     tIENfJv8WLngoeWRacPdMi3p9zc.mft (raw, json)
Hash identifier:          5tKmrfxRXvFPvNdlvlJJoz+FYronZlu2tLT3xyUh6Sc=
Subject key identifier:   72:9C:FE:A8:C3:91:D1:77:3E:85:FF:86:F1:9A:F9:E8:A9:E1:E2:7B
Authority key identifier: B4:81:0D:7C:9B:FC:58:B9:E0:A1:E5:91:69:C3:DD:32:2D:E9:F7:37
Certificate issuer:       /CN=b4810d7c9bfc58b9e0a1e59169c3dd322de9f737
Certificate serial:       019874507048BF1F182CE0399AF30BA5B567
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/tIENfJv8WLngoeWRacPdMi3p9zc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d1/3d4c46-7545-4b3d-8f1c-2a63402bec66/1/tIENfJv8WLngoeWRacPdMi3p9zc.mft
Manifest number:          1617
Signing time:             Mon 04 Aug 2025 09:01:25 +0000
Manifest this update:     Mon 04 Aug 2025 09:01:25 +0000
Manifest next update:     Tue 05 Aug 2025 09:01:25 +0000
Files and hashes:         1: jHERjwHQQByovrguIT9kNAenUlw.roa (hash: fC13Nqgu9Ca7tsn1KpGgJ5T6X5W9BeqrdrYm3SZE1Rs=)
                          2: tIENfJv8WLngoeWRacPdMi3p9zc.crl (hash: Z/QeK/6d3+BbDBiym2sMxMhGIakkoTECcQG3RszWoZU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d1/3d4c46-7545-4b3d-8f1c-2a63402bec66/1/tIENfJv8WLngoeWRacPdMi3p9zc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d1/3d4c46-7545-4b3d-8f1c-2a63402bec66/1/tIENfJv8WLngoeWRacPdMi3p9zc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/tIENfJv8WLngoeWRacPdMi3p9zc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 05 Aug 2025 03:00:28 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:74:50:70:48:bf:1f:18:2c:e0:39:9a:f3:0b:a5:b5:67
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b4810d7c9bfc58b9e0a1e59169c3dd322de9f737
        Validity
            Not Before: Aug  4 09:01:25 2025 GMT
            Not After : Aug  5 09:01:25 2025 GMT
        Subject: CN=729cfea8c391d1773e85ff86f19af9e8a9e1e27b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cd:14:1a:87:f9:32:8a:c1:51:fa:00:21:7f:e4:
                    93:27:29:a0:dd:3c:a0:4d:3a:39:d9:e1:80:be:ea:
                    38:2f:89:69:c9:06:b7:58:c8:d6:9c:93:c4:88:8a:
                    c4:d6:c8:fb:32:a4:72:46:76:a3:99:37:45:f3:ff:
                    93:6b:38:0f:1b:84:e3:cb:8c:c2:c2:26:d8:29:00:
                    f5:4f:97:39:0b:99:83:56:c5:e6:3a:a2:78:ec:27:
                    ca:f2:85:4a:ba:41:cc:6a:9b:a5:d0:62:8d:57:fa:
                    ab:e4:08:ac:f6:ae:a2:7c:ce:50:9e:e7:22:fa:ab:
                    cb:86:ba:47:13:33:f6:56:54:a4:00:da:66:8a:16:
                    f1:fc:9c:69:c1:82:f3:e4:e1:28:55:a6:a4:9e:8f:
                    95:6c:ba:90:70:94:12:c5:71:af:10:a9:b2:bf:fb:
                    ed:d5:ca:82:e9:e4:6f:0d:16:1e:a4:42:cb:05:f2:
                    c6:e5:5a:0e:98:6e:e2:2c:2d:77:4a:1c:79:ca:15:
                    05:d2:39:bb:f0:d3:5a:0d:3a:9b:f7:e1:f7:7d:39:
                    10:8f:71:cc:df:d9:d8:5a:b1:ba:5f:03:27:45:65:
                    10:4b:63:5f:f0:19:f9:85:9c:9f:ea:91:c4:dc:05:
                    2b:10:8c:87:cc:22:70:b2:f4:aa:0c:c7:f5:29:e8:
                    9d:d3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                72:9C:FE:A8:C3:91:D1:77:3E:85:FF:86:F1:9A:F9:E8:A9:E1:E2:7B
            X509v3 Authority Key Identifier:
                keyid:B4:81:0D:7C:9B:FC:58:B9:E0:A1:E5:91:69:C3:DD:32:2D:E9:F7:37

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tIENfJv8WLngoeWRacPdMi3p9zc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/3d4c46-7545-4b3d-8f1c-2a63402bec66/1/tIENfJv8WLngoeWRacPdMi3p9zc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/3d4c46-7545-4b3d-8f1c-2a63402bec66/1/tIENfJv8WLngoeWRacPdMi3p9zc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         23:dd:b0:ed:52:01:ff:45:c7:3f:17:b1:97:b2:a7:f0:b9:17:
         fd:e0:17:cc:45:d1:3d:de:a6:59:c5:46:60:8c:a6:b6:2d:4e:
         bb:83:36:af:15:76:30:fb:37:74:ac:b3:a9:6f:fc:4b:3a:06:
         a8:eb:7b:15:1e:ed:d3:38:5a:db:1f:bd:32:c5:b6:65:1c:88:
         04:05:15:70:e1:6b:3d:89:8c:b1:5c:3f:c6:b9:21:62:20:86:
         41:9e:ba:85:03:c7:4f:4b:64:1a:2c:d6:b5:ca:0b:92:03:ec:
         41:c8:17:5e:8e:c0:77:6f:b9:26:49:4f:af:19:6a:5e:27:4a:
         10:0c:e3:fe:80:50:42:0d:b3:5a:9b:67:63:f4:0a:5e:06:1f:
         ee:f4:88:df:2a:56:4d:cf:29:ff:fa:31:c4:fa:7d:b0:db:e9:
         25:62:af:52:a9:c4:15:6e:52:bf:22:ca:a5:0c:aa:11:19:31:
         51:21:19:bc:53:96:06:9c:eb:8f:4b:1e:c8:86:9d:3b:1f:49:
         31:dd:71:cf:e1:58:0f:fb:22:0c:d1:3e:f7:7e:3b:23:10:74:
         46:77:b3:b1:d0:4c:3f:4d:04:4d:0e:7e:79:8f:5f:1d:a5:e6:
         26:e4:09:47:57:ac:8f:04:f0:fb:b6:7f:55:1c:f3:9d:97:db:
         51:ae:2f:98
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZh0UHBIvx8YLOA5mvMLpbVnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0ODEwZDdjOWJmYzU4YjllMGExZTU5MTY5YzNkZDMyMmRl
OWY3MzcwHhcNMjUwODA0MDkwMTI1WhcNMjUwODA1MDkwMTI1WjAzMTEwLwYDVQQD
Eyg3MjljZmVhOGMzOTFkMTc3M2U4NWZmODZmMTlhZjllOGE5ZTFlMjdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzRQah/kyisFR+gAhf+STJymg3Tyg
TTo52eGAvuo4L4lpyQa3WMjWnJPEiIrE1sj7MqRyRnajmTdF8/+TazgPG4Tjy4zC
wibYKQD1T5c5C5mDVsXmOqJ47CfK8oVKukHMapul0GKNV/qr5Ais9q6ifM5Qnuci
+qvLhrpHEzP2VlSkANpmihbx/JxpwYLz5OEoVaakno+VbLqQcJQSxXGvEKmyv/vt
1cqC6eRvDRYepELLBfLG5VoOmG7iLC13Shx5yhUF0jm78NNaDTqb9+H3fTkQj3HM
39nYWrG6XwMnRWUQS2Nf8Bn5hZyf6pHE3AUrEIyHzCJwsvSqDMf1Keid0wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHKc/qjDkdF3PoX/hvGa+eip4eJ7MB8GA1UdIwQY
MBaAFLSBDXyb/Fi54KHlkWnD3TIt6fc3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdElFTmZKdjhXTG5nb2VXUmFjUGRNaTNwOXpjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMS8zZDRjNDYtNzU0NS00YjNkLThmMWMt
MmE2MzQwMmJlYzY2LzEvdElFTmZKdjhXTG5nb2VXUmFjUGRNaTNwOXpjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMS8zZDRjNDYtNzU0NS00YjNkLThmMWMtMmE2MzQwMmJlYzY2
LzEvdElFTmZKdjhXTG5nb2VXUmFjUGRNaTNwOXpjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAI92w7VIB
/0XHPxexl7Kn8LkX/eAXzEXRPd6mWcVGYIymti1Ou4M2rxV2MPs3dKyzqW/8SzoG
qOt7FR7t0zha2x+9MsW2ZRyIBAUVcOFrPYmMsVw/xrkhYiCGQZ66hQPHT0tkGizW
tcoLkgPsQcgXXo7Ad2+5JklPrxlqXidKEAzj/oBQQg2zWptnY/QKXgYf7vSI3ypW
Tc8p//oxxPp9sNvpJWKvUqnEFW5SvyLKpQyqERkxUSEZvFOWBpzrj0seyIadOx9J
Md1xz+FYD/siDNE+9347IxB0RnezsdBMP00ETQ5+eY9fHaXmJuQJR1esjwTw+7Z/
VRzznZfbUa4vmA==
-----END CERTIFICATE-----
Generated at Mon Aug 4 11:03:19 2025 by rpki-client