Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/4f2563-2e82-478e-8f60-86931bfe3eea/1/2GkQtETemfqBw5NVDJfkoyC86BI.mft
File:                     2GkQtETemfqBw5NVDJfkoyC86BI.mft (raw, json)
Hash identifier:          utAi9gSskmkrHmKqV1t+cT2EeISXCey2ZmzxqEkmDck=
Subject key identifier:   F4:8D:4B:FB:FE:67:55:80:F8:B0:56:3D:F0:66:B8:A6:15:71:3A:C4
Authority key identifier: D8:69:10:B4:44:DE:99:FA:81:C3:93:55:0C:97:E4:A3:20:BC:E8:12
Certificate issuer:       /CN=d86910b444de99fa81c393550c97e4a320bce812
Certificate serial:       01987BD2ECE1ABFC5A38EC08BF7E9098279C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2GkQtETemfqBw5NVDJfkoyC86BI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e7/4f2563-2e82-478e-8f60-86931bfe3eea/1/2GkQtETemfqBw5NVDJfkoyC86BI.mft
Manifest number:          0D23
Signing time:             Tue 05 Aug 2025 20:01:17 +0000
Manifest this update:     Tue 05 Aug 2025 20:01:17 +0000
Manifest next update:     Wed 06 Aug 2025 20:01:17 +0000
Files and hashes:         1: 2GkQtETemfqBw5NVDJfkoyC86BI.crl (hash: Y/Gtt76Lyl11OzWmV4w7TihnVBKnJ9uc83Z5+PIQ+wY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e7/4f2563-2e82-478e-8f60-86931bfe3eea/1/2GkQtETemfqBw5NVDJfkoyC86BI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e7/4f2563-2e82-478e-8f60-86931bfe3eea/1/2GkQtETemfqBw5NVDJfkoyC86BI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2GkQtETemfqBw5NVDJfkoyC86BI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 06 Aug 2025 20:01:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:7b:d2:ec:e1:ab:fc:5a:38:ec:08:bf:7e:90:98:27:9c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d86910b444de99fa81c393550c97e4a320bce812
        Validity
            Not Before: Aug  5 20:01:17 2025 GMT
            Not After : Aug  6 20:01:17 2025 GMT
        Subject: CN=f48d4bfbfe675580f8b0563df066b8a615713ac4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:20:84:f1:23:19:34:9b:61:62:09:5f:4b:92:
                    d5:03:cb:f7:1e:6d:2d:4d:ac:e1:24:f4:71:33:bc:
                    b0:6f:f8:f2:bf:72:7c:40:15:ba:ba:e7:44:96:0d:
                    c7:12:b9:a2:d5:59:a8:02:40:c5:df:14:84:59:a4:
                    ab:a8:18:81:41:57:5b:24:56:5e:e5:95:9a:be:92:
                    74:02:44:00:a4:14:df:65:c7:1f:03:54:5b:07:c9:
                    b6:8c:58:3c:ab:10:ad:9d:e2:e3:8f:cb:99:9c:df:
                    52:29:2a:0c:63:9a:44:86:de:db:af:02:76:d3:fc:
                    f6:c2:0c:1a:73:b9:9d:7c:d3:d4:bb:4f:3d:af:6e:
                    82:57:d6:35:23:7c:85:4e:1f:07:ec:a1:cf:de:4b:
                    06:d1:b0:ae:e9:53:0f:af:88:8c:cc:85:31:d9:c2:
                    b8:2f:55:76:76:8b:b3:34:fc:54:a9:4d:ce:2e:3a:
                    0b:57:47:5f:b6:65:fb:3c:b9:cd:11:12:15:4b:4a:
                    c7:5e:b4:c8:10:b6:57:3f:f7:37:38:ca:85:ed:59:
                    e5:df:38:3c:fc:14:31:81:c3:be:95:5d:d3:b5:7a:
                    ad:15:51:74:22:7f:a3:38:b7:62:ed:ef:43:c3:2e:
                    6c:0e:4d:c2:b6:b7:64:82:5e:61:e1:a4:4f:bf:de:
                    a6:cf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F4:8D:4B:FB:FE:67:55:80:F8:B0:56:3D:F0:66:B8:A6:15:71:3A:C4
            X509v3 Authority Key Identifier:
                keyid:D8:69:10:B4:44:DE:99:FA:81:C3:93:55:0C:97:E4:A3:20:BC:E8:12

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2GkQtETemfqBw5NVDJfkoyC86BI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/4f2563-2e82-478e-8f60-86931bfe3eea/1/2GkQtETemfqBw5NVDJfkoyC86BI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/4f2563-2e82-478e-8f60-86931bfe3eea/1/2GkQtETemfqBw5NVDJfkoyC86BI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         30:05:bb:d8:6d:7b:26:a8:ef:aa:61:3e:5e:19:13:04:92:c5:
         7f:7e:e4:ac:e5:7d:15:5f:52:45:7b:8b:8e:08:f5:3d:1d:1c:
         93:ac:9f:47:ca:42:82:a7:a4:14:ca:be:44:19:80:f5:a2:dd:
         c9:32:80:dc:c2:a3:3b:6b:cf:66:6a:66:55:ad:f8:02:1e:65:
         65:e2:dd:12:3c:37:ae:53:56:72:26:d8:7a:6f:46:7f:c6:98:
         b4:68:0b:fe:83:cd:6f:89:9a:8a:5f:bc:b0:2f:f0:26:d0:41:
         66:79:0a:8e:ad:c4:36:7c:37:19:8d:84:2a:31:10:e8:66:20:
         92:1f:e6:85:ae:e9:48:b0:0b:70:00:60:f7:3b:24:28:1d:17:
         87:51:2e:cf:02:bd:39:2f:b9:9f:c6:13:2d:3d:38:42:fc:99:
         01:f4:70:64:88:4c:21:d9:8a:fb:8f:56:8a:ae:95:ed:1c:6b:
         c3:ed:58:63:92:94:4e:c3:e3:c8:f7:cd:78:8a:96:26:70:81:
         a6:74:66:b5:f3:b0:39:a6:4a:ff:9b:2a:dc:d5:97:cf:ea:65:
         6e:7a:5c:5c:c7:51:ef:65:40:dc:09:e6:81:14:84:27:50:08:
         03:50:03:9a:fe:2e:a5:53:64:b6:f6:9c:0e:d6:1c:c9:d1:af:
         e0:c1:f6:bc
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZh70uzhq/xaOOwIv36QmCecMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4NjkxMGI0NDRkZTk5ZmE4MWMzOTM1NTBjOTdlNGEzMjBi
Y2U4MTIwHhcNMjUwODA1MjAwMTE3WhcNMjUwODA2MjAwMTE3WjAzMTEwLwYDVQQD
EyhmNDhkNGJmYmZlNjc1NTgwZjhiMDU2M2RmMDY2YjhhNjE1NzEzYWM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAryCE8SMZNJthYglfS5LVA8v3Hm0t
TazhJPRxM7ywb/jyv3J8QBW6uudElg3HErmi1VmoAkDF3xSEWaSrqBiBQVdbJFZe
5ZWavpJ0AkQApBTfZccfA1RbB8m2jFg8qxCtneLjj8uZnN9SKSoMY5pEht7brwJ2
0/z2wgwac7mdfNPUu089r26CV9Y1I3yFTh8H7KHP3ksG0bCu6VMPr4iMzIUx2cK4
L1V2douzNPxUqU3OLjoLV0dftmX7PLnNERIVS0rHXrTIELZXP/c3OMqF7Vnl3zg8
/BQxgcO+lV3TtXqtFVF0In+jOLdi7e9Dwy5sDk3Ctrdkgl5h4aRPv96mzwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPSNS/v+Z1WA+LBWPfBmuKYVcTrEMB8GA1UdIwQY
MBaAFNhpELRE3pn6gcOTVQyX5KMgvOgSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMkdrUXRFVGVtZnFCdzVOVkRKZmtveUM4NkJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy80ZjI1NjMtMmU4Mi00NzhlLThmNjAt
ODY5MzFiZmUzZWVhLzEvMkdrUXRFVGVtZnFCdzVOVkRKZmtveUM4NkJJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy80ZjI1NjMtMmU4Mi00NzhlLThmNjAtODY5MzFiZmUzZWVh
LzEvMkdrUXRFVGVtZnFCdzVOVkRKZmtveUM4NkJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMAW72G17
JqjvqmE+XhkTBJLFf37krOV9FV9SRXuLjgj1PR0ck6yfR8pCgqekFMq+RBmA9aLd
yTKA3MKjO2vPZmpmVa34Ah5lZeLdEjw3rlNWcibYem9Gf8aYtGgL/oPNb4mail+8
sC/wJtBBZnkKjq3ENnw3GY2EKjEQ6GYgkh/mha7pSLALcABg9zskKB0Xh1EuzwK9
OS+5n8YTLT04QvyZAfRwZIhMIdmK+49Wiq6V7Rxrw+1YY5KUTsPjyPfNeIqWJnCB
pnRmtfOwOaZK/5sq3NWXz+plbnpcXMdR72VA3AnmgRSEJ1AIA1ADmv4upVNktvac
DtYcydGv4MH2vA==
-----END CERTIFICATE-----
Generated at Wed Aug 6 06:02:11 2025 by rpki-client