Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/974264-8eab-467a-a2dd-4becb3369dec/1/d_bMQsdY59p8S_q8ISEtHSghYDE.mft
File:                     d_bMQsdY59p8S_q8ISEtHSghYDE.mft (raw, json)
Hash identifier:          KNrG+FgYPY87gMWSiMEP6mUbZH4280TvvIrxdWs+kQA=
Subject key identifier:   9D:73:6B:7F:2C:9D:51:F9:7B:F8:BE:5D:DE:A7:64:DE:24:23:D6:7A
Authority key identifier: 77:F6:CC:42:C7:58:E7:DA:7C:4B:FA:BC:21:21:2D:1D:28:21:60:31
Certificate issuer:       /CN=77f6cc42c758e7da7c4bfabc21212d1d28216031
Certificate serial:       01988B7D6A95EFF63483C7F2DF204E4EC6AE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/d_bMQsdY59p8S_q8ISEtHSghYDE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d3/974264-8eab-467a-a2dd-4becb3369dec/1/d_bMQsdY59p8S_q8ISEtHSghYDE.mft
Manifest number:          05EC
Signing time:             Fri 08 Aug 2025 21:01:48 +0000
Manifest this update:     Fri 08 Aug 2025 21:01:48 +0000
Manifest next update:     Sat 09 Aug 2025 21:01:48 +0000
Files and hashes:         1: d_bMQsdY59p8S_q8ISEtHSghYDE.crl (hash: /1IZIjFr7KRGzalxbin+/9FI429IRHte0a0bzWjb91s=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d3/974264-8eab-467a-a2dd-4becb3369dec/1/d_bMQsdY59p8S_q8ISEtHSghYDE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d3/974264-8eab-467a-a2dd-4becb3369dec/1/d_bMQsdY59p8S_q8ISEtHSghYDE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/d_bMQsdY59p8S_q8ISEtHSghYDE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 09 Aug 2025 20:00:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:8b:7d:6a:95:ef:f6:34:83:c7:f2:df:20:4e:4e:c6:ae
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=77f6cc42c758e7da7c4bfabc21212d1d28216031
        Validity
            Not Before: Aug  8 21:01:48 2025 GMT
            Not After : Aug  9 21:01:48 2025 GMT
        Subject: CN=9d736b7f2c9d51f97bf8be5ddea764de2423d67a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:27:46:22:a8:d1:f7:0c:da:30:88:71:6d:85:
                    2b:6c:89:6f:80:6e:ab:7b:3f:6f:e9:93:35:1a:2d:
                    47:0b:19:0e:2d:8e:3f:99:44:59:81:2b:c2:2e:94:
                    fe:47:e5:2d:d1:2f:b5:cb:19:3e:cb:fc:60:d9:22:
                    07:41:22:0c:fe:6e:79:2d:3a:fd:3b:dc:05:42:9c:
                    92:9f:12:d7:4d:c5:2d:80:b6:62:33:ad:b7:d4:04:
                    33:44:79:53:94:b4:3a:8d:b4:15:a5:f5:cf:9e:e0:
                    ed:54:3a:34:6b:ad:ab:1e:b6:e9:c2:8f:d6:3f:15:
                    95:62:35:3f:0a:a1:13:c2:f9:05:b2:e2:47:5d:82:
                    00:b1:4e:d2:23:fb:17:df:3e:25:34:57:e1:f7:e2:
                    36:db:3e:72:13:fa:58:b7:c1:bf:b0:3a:09:e8:96:
                    05:42:9f:44:92:02:9c:b9:a7:16:85:d4:a4:34:dc:
                    71:8e:a6:8f:b5:5e:20:8b:84:9b:00:0e:fc:c8:72:
                    f7:c6:be:6c:0b:18:cf:58:bc:bf:92:fb:6a:f3:fb:
                    06:d3:1a:ba:8b:da:05:1d:a4:f2:db:9d:82:5b:e0:
                    09:dc:11:7b:72:90:04:ad:30:49:e0:1c:f6:2f:6a:
                    13:4c:80:b8:4f:7d:d8:80:a6:ed:17:88:0b:ee:a7:
                    cc:7b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9D:73:6B:7F:2C:9D:51:F9:7B:F8:BE:5D:DE:A7:64:DE:24:23:D6:7A
            X509v3 Authority Key Identifier:
                keyid:77:F6:CC:42:C7:58:E7:DA:7C:4B:FA:BC:21:21:2D:1D:28:21:60:31

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/d_bMQsdY59p8S_q8ISEtHSghYDE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/974264-8eab-467a-a2dd-4becb3369dec/1/d_bMQsdY59p8S_q8ISEtHSghYDE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/974264-8eab-467a-a2dd-4becb3369dec/1/d_bMQsdY59p8S_q8ISEtHSghYDE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         93:e2:4e:91:74:38:ff:c6:8f:ce:03:66:0d:11:be:06:42:44:
         49:54:41:13:16:96:6f:7e:af:bf:44:9c:eb:51:b0:56:4c:cb:
         e2:25:74:b6:d5:f0:79:30:d0:9d:84:cb:7d:f0:b6:9d:94:aa:
         a2:bf:54:b7:f3:dc:57:76:af:ba:be:94:57:fa:2b:cb:f1:4e:
         92:97:c2:ee:cf:93:0e:ca:2e:45:0c:ef:09:32:02:d9:3c:07:
         3a:58:4d:e6:c6:21:70:6d:20:a9:ac:0c:dc:ad:f5:5e:41:05:
         56:d5:b9:85:98:57:c8:c8:6c:8b:4b:82:24:b0:5f:97:0b:7c:
         4e:be:de:5e:76:37:d7:3f:0c:e7:1f:be:c6:ab:67:73:e0:7a:
         0c:1d:5c:be:5c:d2:95:f9:02:57:85:88:9c:d7:b0:e3:dd:3c:
         d9:fd:d5:ad:3e:d0:f2:3e:52:b3:92:c8:f5:98:1d:59:90:9a:
         8f:51:77:8f:55:d2:75:53:43:ec:67:f1:23:1c:82:12:2d:7f:
         48:63:a6:64:de:75:5a:e2:85:d2:e7:6f:2a:09:0a:85:c4:7e:
         04:5a:db:64:5b:c1:94:d1:54:f0:ba:1c:33:aa:7f:f7:f2:93:
         6b:0c:f4:6d:4c:4e:10:b2:c3:67:6c:6a:ba:70:9d:fc:fd:5c:
         e1:ce:d6:a4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZiLfWqV7/Y0g8fy3yBOTsauMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc3ZjZjYzQyYzc1OGU3ZGE3YzRiZmFiYzIxMjEyZDFkMjgy
MTYwMzEwHhcNMjUwODA4MjEwMTQ4WhcNMjUwODA5MjEwMTQ4WjAzMTEwLwYDVQQD
Eyg5ZDczNmI3ZjJjOWQ1MWY5N2JmOGJlNWRkZWE3NjRkZTI0MjNkNjdhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArSdGIqjR9wzaMIhxbYUrbIlvgG6r
ez9v6ZM1Gi1HCxkOLY4/mURZgSvCLpT+R+Ut0S+1yxk+y/xg2SIHQSIM/m55LTr9
O9wFQpySnxLXTcUtgLZiM6231AQzRHlTlLQ6jbQVpfXPnuDtVDo0a62rHrbpwo/W
PxWVYjU/CqETwvkFsuJHXYIAsU7SI/sX3z4lNFfh9+I22z5yE/pYt8G/sDoJ6JYF
Qp9EkgKcuacWhdSkNNxxjqaPtV4gi4SbAA78yHL3xr5sCxjPWLy/kvtq8/sG0xq6
i9oFHaTy252CW+AJ3BF7cpAErTBJ4Bz2L2oTTIC4T33YgKbtF4gL7qfMewIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJ1za38snVH5e/i+Xd6nZN4kI9Z6MB8GA1UdIwQY
MBaAFHf2zELHWOfafEv6vCEhLR0oIWAxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZF9iTVFzZFk1OXA4U19xOElTRXRIU2doWURFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy85NzQyNjQtOGVhYi00NjdhLWEyZGQt
NGJlY2IzMzY5ZGVjLzEvZF9iTVFzZFk1OXA4U19xOElTRXRIU2doWURFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy85NzQyNjQtOGVhYi00NjdhLWEyZGQtNGJlY2IzMzY5ZGVj
LzEvZF9iTVFzZFk1OXA4U19xOElTRXRIU2doWURFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAk+JOkXQ4
/8aPzgNmDRG+BkJESVRBExaWb36vv0Sc61GwVkzL4iV0ttXweTDQnYTLffC2nZSq
or9Ut/PcV3avur6UV/ory/FOkpfC7s+TDsouRQzvCTIC2TwHOlhN5sYhcG0gqawM
3K31XkEFVtW5hZhXyMhsi0uCJLBflwt8Tr7eXnY31z8M5x++xqtnc+B6DB1cvlzS
lfkCV4WInNew49082f3VrT7Q8j5Ss5LI9ZgdWZCaj1F3j1XSdVND7GfxIxyCEi1/
SGOmZN51WuKF0udvKgkKhcR+BFrbZFvBlNFU8LocM6p/9/KTawz0bUxOELLDZ2xq
unCd/P1c4c7WpA==
-----END CERTIFICATE-----
Generated at Sat Aug 9 01:22:25 2025 by rpki-client