Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d6/f62552-14f1-499c-af78-7f6a655fd788/1/BkwamGxZM6O5EIToo_8IBm05jhk.mft
File:                     BkwamGxZM6O5EIToo_8IBm05jhk.mft (raw, json)
Hash identifier:          yUby24DuOU/129U2uO/1kFw91SmFiFzoDop6kplym6U=
Subject key identifier:   9D:73:D7:7D:EC:8E:67:C4:4A:00:33:A4:90:CD:2E:00:EC:79:DB:D0
Authority key identifier: 06:4C:1A:98:6C:59:33:A3:B9:10:84:E8:A3:FF:08:06:6D:39:8E:19
Certificate issuer:       /CN=064c1a986c5933a3b91084e8a3ff08066d398e19
Certificate serial:       019873E3D59D31DA03BFDED3E611801C1252
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/BkwamGxZM6O5EIToo_8IBm05jhk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d6/f62552-14f1-499c-af78-7f6a655fd788/1/BkwamGxZM6O5EIToo_8IBm05jhk.mft
Manifest number:          0A27
Signing time:             Mon 04 Aug 2025 07:02:47 +0000
Manifest this update:     Mon 04 Aug 2025 07:02:47 +0000
Manifest next update:     Tue 05 Aug 2025 07:02:47 +0000
Files and hashes:         1: BkwamGxZM6O5EIToo_8IBm05jhk.crl (hash: kr5+Lf5W/7SLphO8KC0aadW6WCNSir43ZA9Spsrl900=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d6/f62552-14f1-499c-af78-7f6a655fd788/1/BkwamGxZM6O5EIToo_8IBm05jhk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d6/f62552-14f1-499c-af78-7f6a655fd788/1/BkwamGxZM6O5EIToo_8IBm05jhk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/BkwamGxZM6O5EIToo_8IBm05jhk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 05 Aug 2025 03:00:28 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:73:e3:d5:9d:31:da:03:bf:de:d3:e6:11:80:1c:12:52
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=064c1a986c5933a3b91084e8a3ff08066d398e19
        Validity
            Not Before: Aug  4 07:02:47 2025 GMT
            Not After : Aug  5 07:02:47 2025 GMT
        Subject: CN=9d73d77dec8e67c44a0033a490cd2e00ec79dbd0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d9:8a:08:dd:b5:41:c9:a1:db:65:3c:85:c2:f8:
                    d2:eb:db:60:03:bc:d4:b8:2e:31:c2:e3:2d:10:64:
                    66:7c:dd:f1:9f:df:df:6f:d3:c4:c6:64:9c:57:7e:
                    31:6e:72:41:ec:3c:29:ec:48:e7:88:43:3e:e7:30:
                    32:25:1d:27:55:e4:5f:a0:02:c3:ba:f7:89:50:31:
                    1f:7f:51:e5:ae:b0:10:dd:a5:82:73:d3:ed:89:ce:
                    28:d0:22:e1:9a:28:55:21:5e:13:70:8f:0e:1e:c8:
                    d4:53:16:50:5b:70:15:8f:25:fc:d4:31:52:54:f5:
                    56:51:8d:33:bd:20:6a:d8:b8:9b:1c:49:df:30:00:
                    3d:23:72:86:3e:e3:ce:67:18:cb:32:2d:52:b7:43:
                    f4:a9:de:14:b3:8e:92:8a:9c:fa:10:72:73:d7:77:
                    b0:0e:79:9f:73:2d:d9:0e:4d:dc:68:e7:8b:6e:35:
                    bf:71:5a:f6:f5:2d:15:16:bc:14:ab:5f:b5:29:0c:
                    a9:a3:7c:43:4e:3e:e8:d8:d8:60:4d:53:22:8a:f9:
                    3c:bb:be:ea:6a:5b:bc:6f:ae:86:57:f9:37:f9:74:
                    87:d4:dd:b7:69:73:60:e1:03:c2:f9:76:73:83:3e:
                    ea:14:d5:c5:98:d5:c2:5b:d9:4b:0a:d0:cb:9a:67:
                    44:b1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9D:73:D7:7D:EC:8E:67:C4:4A:00:33:A4:90:CD:2E:00:EC:79:DB:D0
            X509v3 Authority Key Identifier:
                keyid:06:4C:1A:98:6C:59:33:A3:B9:10:84:E8:A3:FF:08:06:6D:39:8E:19

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BkwamGxZM6O5EIToo_8IBm05jhk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d6/f62552-14f1-499c-af78-7f6a655fd788/1/BkwamGxZM6O5EIToo_8IBm05jhk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d6/f62552-14f1-499c-af78-7f6a655fd788/1/BkwamGxZM6O5EIToo_8IBm05jhk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3c:2f:a0:ca:90:e0:81:e4:8a:32:35:af:72:c1:e1:0c:31:cd:
         d7:44:26:88:28:47:74:6d:66:36:bb:ce:8d:d2:ee:a7:c2:27:
         db:e9:94:d7:4e:fc:c6:fa:4a:05:e3:70:e6:ff:db:32:b3:d9:
         a4:a9:d4:75:f8:43:0b:fc:9e:4c:82:d6:bb:2d:e9:c5:bd:13:
         e0:90:49:65:d3:5e:3e:00:2a:ec:09:ae:05:02:0c:2b:81:af:
         ba:72:ac:f1:a5:0a:55:a1:54:f2:78:e9:67:51:ce:58:cd:aa:
         d5:26:85:7c:0d:3c:b2:ff:e6:a1:c9:e7:c4:ff:52:61:30:34:
         5a:99:ae:44:22:26:81:1c:54:fe:ab:90:20:bb:d9:51:26:92:
         87:da:73:ce:bc:95:57:8f:98:31:da:38:8a:0c:43:54:01:58:
         98:c3:54:67:a2:9c:36:ee:50:bb:04:db:d5:f1:92:e9:0e:fd:
         fa:7b:6b:79:d8:a1:18:e9:a1:d1:82:63:b9:39:73:7a:2f:25:
         02:d9:26:80:85:65:b2:e8:5a:85:93:ba:ef:d2:67:96:f3:84:
         ad:e9:4c:f7:76:af:3e:bd:01:03:d3:ac:12:4e:03:7e:72:2c:
         f7:20:ee:5c:a0:f8:6f:fc:6b:a7:fd:67:a4:23:1e:64:b5:f2:
         62:a7:98:80
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZhz49WdMdoDv97T5hGAHBJSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA2NGMxYTk4NmM1OTMzYTNiOTEwODRlOGEzZmYwODA2NmQz
OThlMTkwHhcNMjUwODA0MDcwMjQ3WhcNMjUwODA1MDcwMjQ3WjAzMTEwLwYDVQQD
Eyg5ZDczZDc3ZGVjOGU2N2M0NGEwMDMzYTQ5MGNkMmUwMGVjNzlkYmQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2YoI3bVByaHbZTyFwvjS69tgA7zU
uC4xwuMtEGRmfN3xn9/fb9PExmScV34xbnJB7Dwp7EjniEM+5zAyJR0nVeRfoALD
uveJUDEff1HlrrAQ3aWCc9Ptic4o0CLhmihVIV4TcI8OHsjUUxZQW3AVjyX81DFS
VPVWUY0zvSBq2LibHEnfMAA9I3KGPuPOZxjLMi1St0P0qd4Us46Sipz6EHJz13ew
Dnmfcy3ZDk3caOeLbjW/cVr29S0VFrwUq1+1KQypo3xDTj7o2NhgTVMiivk8u77q
alu8b66GV/k3+XSH1N23aXNg4QPC+XZzgz7qFNXFmNXCW9lLCtDLmmdEsQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJ1z133sjmfESgAzpJDNLgDsedvQMB8GA1UdIwQY
MBaAFAZMGphsWTOjuRCE6KP/CAZtOY4ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQmt3YW1HeFpNNk81RUlUb29fOElCbTA1amhrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNi9mNjI1NTItMTRmMS00OTljLWFmNzgt
N2Y2YTY1NWZkNzg4LzEvQmt3YW1HeFpNNk81RUlUb29fOElCbTA1amhrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNi9mNjI1NTItMTRmMS00OTljLWFmNzgtN2Y2YTY1NWZkNzg4
LzEvQmt3YW1HeFpNNk81RUlUb29fOElCbTA1amhrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAPC+gypDg
geSKMjWvcsHhDDHN10QmiChHdG1mNrvOjdLup8In2+mU1078xvpKBeNw5v/bMrPZ
pKnUdfhDC/yeTILWuy3pxb0T4JBJZdNePgAq7AmuBQIMK4GvunKs8aUKVaFU8njp
Z1HOWM2q1SaFfA08sv/mocnnxP9SYTA0WpmuRCImgRxU/quQILvZUSaSh9pzzryV
V4+YMdo4igxDVAFYmMNUZ6KcNu5QuwTb1fGS6Q79+ntredihGOmh0YJjuTlzei8l
AtkmgIVlsuhahZO679JnlvOErelM93avPr0BA9OsEk4DfnIs9yDuXKD4b/xrp/1n
pCMeZLXyYqeYgA==
-----END CERTIFICATE-----
Generated at Mon Aug 4 11:06:11 2025 by rpki-client