Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/4d95ba-99fc-493e-a5c4-6b9ff2cfa07f/1/tY6n73bYACz8pmxSD3ybYIo5XZU.mft
File:                     tY6n73bYACz8pmxSD3ybYIo5XZU.mft (raw, json)
Hash identifier:          MSQWhMZtxfd4awsSWg0rO/3wu8XeEwjzk33oVC9b+PQ=
Subject key identifier:   A0:9D:F6:CF:7E:70:43:09:BB:44:9F:AC:3D:2E:B1:A7:06:FC:23:73
Authority key identifier: B5:8E:A7:EF:76:D8:00:2C:FC:A6:6C:52:0F:7C:9B:60:8A:39:5D:95
Certificate issuer:       /CN=b58ea7ef76d8002cfca66c520f7c9b608a395d95
Certificate serial:       0198733DAF5113D8550AAA7DA4371B119D15
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/tY6n73bYACz8pmxSD3ybYIo5XZU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e5/4d95ba-99fc-493e-a5c4-6b9ff2cfa07f/1/tY6n73bYACz8pmxSD3ybYIo5XZU.mft
Manifest number:          05A7
Signing time:             Mon 04 Aug 2025 04:01:19 +0000
Manifest this update:     Mon 04 Aug 2025 04:01:19 +0000
Manifest next update:     Tue 05 Aug 2025 04:01:19 +0000
Files and hashes:         1: tY6n73bYACz8pmxSD3ybYIo5XZU.crl (hash: REglVItmGcTypmwa5r9SdN13JM0N5/HljZm1/HBanlc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e5/4d95ba-99fc-493e-a5c4-6b9ff2cfa07f/1/tY6n73bYACz8pmxSD3ybYIo5XZU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e5/4d95ba-99fc-493e-a5c4-6b9ff2cfa07f/1/tY6n73bYACz8pmxSD3ybYIo5XZU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/tY6n73bYACz8pmxSD3ybYIo5XZU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 05 Aug 2025 03:00:28 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:73:3d:af:51:13:d8:55:0a:aa:7d:a4:37:1b:11:9d:15
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b58ea7ef76d8002cfca66c520f7c9b608a395d95
        Validity
            Not Before: Aug  4 04:01:19 2025 GMT
            Not After : Aug  5 04:01:19 2025 GMT
        Subject: CN=a09df6cf7e704309bb449fac3d2eb1a706fc2373
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ce:f6:6c:a9:bf:ab:9e:1e:3d:1c:24:76:0f:60:
                    3e:bd:54:0a:4f:4e:57:83:43:3a:8b:38:de:2e:d3:
                    89:88:34:fd:0e:19:ed:7c:9f:4b:3e:73:9e:64:00:
                    6e:e3:0b:99:02:46:8b:53:b2:93:c3:68:ff:22:46:
                    c2:24:67:e8:6d:22:2c:39:18:b1:5e:82:8a:7e:b2:
                    28:00:70:d5:71:4e:b1:85:e9:d0:c0:95:f9:ac:8b:
                    8f:4c:9f:75:ef:4b:8a:e4:85:8a:21:07:13:2b:ec:
                    66:56:ef:96:bd:00:8d:91:74:38:33:5e:8b:2f:52:
                    43:8f:9b:a0:1f:c2:95:c3:54:33:1c:5a:93:83:df:
                    e5:ed:c8:5c:39:87:d5:a0:fc:77:82:13:35:81:30:
                    2e:61:10:e4:c3:00:17:a4:ff:fc:ec:e8:aa:87:64:
                    14:0f:95:f8:ed:a0:2c:4c:79:6b:05:19:49:8b:7c:
                    f7:47:74:b4:a9:2c:34:57:86:12:4f:c4:24:83:91:
                    68:66:e6:b9:b5:5c:61:bb:86:32:31:ef:a0:e0:51:
                    7f:e2:88:21:2d:72:32:30:4d:67:73:62:1f:7b:05:
                    f1:1b:0b:10:d0:96:73:f9:f7:d7:8f:6d:9a:6d:61:
                    09:84:bb:a7:62:cb:2d:59:a6:9e:9a:bd:7e:03:de:
                    40:ad
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A0:9D:F6:CF:7E:70:43:09:BB:44:9F:AC:3D:2E:B1:A7:06:FC:23:73
            X509v3 Authority Key Identifier:
                keyid:B5:8E:A7:EF:76:D8:00:2C:FC:A6:6C:52:0F:7C:9B:60:8A:39:5D:95

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tY6n73bYACz8pmxSD3ybYIo5XZU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/4d95ba-99fc-493e-a5c4-6b9ff2cfa07f/1/tY6n73bYACz8pmxSD3ybYIo5XZU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/4d95ba-99fc-493e-a5c4-6b9ff2cfa07f/1/tY6n73bYACz8pmxSD3ybYIo5XZU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         9c:b6:9d:aa:64:b3:ae:73:3c:af:91:99:a3:d0:70:44:53:6f:
         b6:84:11:63:f2:99:9a:db:38:a5:bc:ba:22:58:56:29:f1:aa:
         de:32:32:bf:d2:b1:03:ee:16:b4:f4:80:f5:3d:ce:23:eb:d7:
         8b:3b:84:3f:f4:a6:e3:51:41:0e:f1:49:3b:96:0f:2f:16:75:
         5b:ab:3e:bc:c2:41:37:3b:4b:b0:65:d1:6c:94:e8:bc:f9:4e:
         47:6f:34:9d:d0:46:d4:37:07:76:c5:1f:01:d9:e0:9c:69:fc:
         44:b2:6d:86:3c:22:e5:f0:df:17:4c:bd:28:15:12:7b:38:eb:
         eb:26:9a:69:03:61:cd:30:ff:9a:24:0a:89:c4:fb:85:90:9c:
         5a:f6:7a:98:62:48:85:9c:b6:fc:c7:77:27:54:d2:02:1b:fd:
         14:ba:aa:e8:8c:f7:86:c4:45:44:f3:ec:41:aa:2f:78:4f:9a:
         1d:5a:cd:7f:2c:6d:3d:79:71:df:06:10:53:70:55:bb:ed:88:
         fd:8f:0e:3c:9c:32:9c:1b:35:59:36:2a:d0:3e:cd:16:d2:8f:
         9f:33:eb:24:fc:d7:36:58:1b:42:00:67:fb:dd:ca:e4:0b:85:
         67:30:f9:38:48:ec:77:cd:11:f2:03:c0:2c:d4:44:46:f0:45:
         57:20:3f:95
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZhzPa9RE9hVCqp9pDcbEZ0VMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI1OGVhN2VmNzZkODAwMmNmY2E2NmM1MjBmN2M5YjYwOGEz
OTVkOTUwHhcNMjUwODA0MDQwMTE5WhcNMjUwODA1MDQwMTE5WjAzMTEwLwYDVQQD
EyhhMDlkZjZjZjdlNzA0MzA5YmI0NDlmYWMzZDJlYjFhNzA2ZmMyMzczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzvZsqb+rnh49HCR2D2A+vVQKT05X
g0M6izjeLtOJiDT9DhntfJ9LPnOeZABu4wuZAkaLU7KTw2j/IkbCJGfobSIsORix
XoKKfrIoAHDVcU6xhenQwJX5rIuPTJ9170uK5IWKIQcTK+xmVu+WvQCNkXQ4M16L
L1JDj5ugH8KVw1QzHFqTg9/l7chcOYfVoPx3ghM1gTAuYRDkwwAXpP/87Oiqh2QU
D5X47aAsTHlrBRlJi3z3R3S0qSw0V4YST8Qkg5FoZua5tVxhu4YyMe+g4FF/4ogh
LXIyME1nc2IfewXxGwsQ0JZz+ffXj22abWEJhLunYsstWaaemr1+A95ArQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKCd9s9+cEMJu0SfrD0usacG/CNzMB8GA1UdIwQY
MBaAFLWOp+922AAs/KZsUg98m2CKOV2VMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFk2bjczYllBQ3o4cG14U0QzeWJZSW81WFpVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS80ZDk1YmEtOTlmYy00OTNlLWE1YzQt
NmI5ZmYyY2ZhMDdmLzEvdFk2bjczYllBQ3o4cG14U0QzeWJZSW81WFpVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNS80ZDk1YmEtOTlmYy00OTNlLWE1YzQtNmI5ZmYyY2ZhMDdm
LzEvdFk2bjczYllBQ3o4cG14U0QzeWJZSW81WFpVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAnLadqmSz
rnM8r5GZo9BwRFNvtoQRY/KZmts4pby6IlhWKfGq3jIyv9KxA+4WtPSA9T3OI+vX
izuEP/Sm41FBDvFJO5YPLxZ1W6s+vMJBNztLsGXRbJTovPlOR280ndBG1DcHdsUf
AdngnGn8RLJthjwi5fDfF0y9KBUSezjr6yaaaQNhzTD/miQKicT7hZCcWvZ6mGJI
hZy2/Md3J1TSAhv9FLqq6Iz3hsRFRPPsQaoveE+aHVrNfyxtPXlx3wYQU3BVu+2I
/Y8OPJwynBs1WTYq0D7NFtKPnzPrJPzXNlgbQgBn+93K5AuFZzD5OEjsd80R8gPA
LNRERvBFVyA/lQ==
-----END CERTIFICATE-----
Generated at Mon Aug 4 11:04:26 2025 by rpki-client