Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f1/c2ee7a-cbb7-470e-b965-907daa46463b/1/cHl9sHv21Fl6wtyL40-JKYAI8s0.mft
File:                     cHl9sHv21Fl6wtyL40-JKYAI8s0.mft (raw, json)
Hash identifier:          WUpxRkcxv65kwpA7/QwHtbsYUlCG/1RE33cJWxROy48=
Subject key identifier:   05:2E:01:A1:C8:F3:FC:72:6E:36:28:90:EE:45:46:DB:F9:9E:A2:E3
Authority key identifier: 70:79:7D:B0:7B:F6:D4:59:7A:C2:DC:8B:E3:4F:89:29:80:08:F2:CD
Certificate issuer:       /CN=70797db07bf6d4597ac2dc8be34f89298008f2cd
Certificate serial:       019873746CD443270B45CB34C93135C5EA52
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/cHl9sHv21Fl6wtyL40-JKYAI8s0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f1/c2ee7a-cbb7-470e-b965-907daa46463b/1/cHl9sHv21Fl6wtyL40-JKYAI8s0.mft
Manifest number:          161B
Signing time:             Mon 04 Aug 2025 05:01:06 +0000
Manifest this update:     Mon 04 Aug 2025 05:01:06 +0000
Manifest next update:     Tue 05 Aug 2025 05:01:06 +0000
Files and hashes:         1: aSlfyLBw9tgMgXUQzZob6GMDMuM.roa (hash: DQ6riuAx/+y5wvPOEmkDzdZnToFJiPSBUt3sxo+9O3s=)
                          2: cHl9sHv21Fl6wtyL40-JKYAI8s0.crl (hash: KRqGGJZ0MKelXTVgQFHewRTxJw+qXAS1WNFY0A4ZOj4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f1/c2ee7a-cbb7-470e-b965-907daa46463b/1/cHl9sHv21Fl6wtyL40-JKYAI8s0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f1/c2ee7a-cbb7-470e-b965-907daa46463b/1/cHl9sHv21Fl6wtyL40-JKYAI8s0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/cHl9sHv21Fl6wtyL40-JKYAI8s0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 05 Aug 2025 03:00:28 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:73:74:6c:d4:43:27:0b:45:cb:34:c9:31:35:c5:ea:52
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=70797db07bf6d4597ac2dc8be34f89298008f2cd
        Validity
            Not Before: Aug  4 05:01:06 2025 GMT
            Not After : Aug  5 05:01:06 2025 GMT
        Subject: CN=052e01a1c8f3fc726e362890ee4546dbf99ea2e3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d4:ca:0e:b9:2e:d2:47:b6:f4:a4:aa:b5:6d:de:
                    d1:b6:cd:d0:7a:08:23:95:93:6f:a4:47:02:db:ed:
                    07:19:48:84:45:c3:79:ab:6f:68:4f:5d:cf:1d:e5:
                    a6:c6:54:67:64:58:68:66:0e:27:83:7d:87:fc:ae:
                    34:30:d0:78:db:9d:72:e8:c3:75:96:ca:44:0e:cb:
                    73:49:0c:f9:a4:48:6a:bd:37:80:95:77:d9:a2:ba:
                    41:9a:8e:c9:a1:fa:da:2f:c7:6d:59:f9:69:ee:25:
                    ca:90:d3:25:94:8e:32:9c:d0:19:e7:70:9c:89:a3:
                    a5:02:5a:db:d0:7c:fb:41:44:74:0c:ba:d7:a6:22:
                    cf:fb:69:11:1a:56:28:78:26:f9:bc:85:17:53:b0:
                    22:1a:ed:58:8b:be:eb:f6:67:8f:a0:ce:bc:03:46:
                    5b:60:71:f7:09:99:ec:59:9e:76:bb:cf:53:86:2e:
                    86:98:f3:af:16:ec:42:02:c1:15:da:61:fe:f2:cf:
                    b3:2f:dd:a1:d6:51:37:c1:43:c7:3a:61:3b:c1:3e:
                    1f:0a:8c:9d:72:5c:5b:61:4c:94:11:65:9a:29:0f:
                    6f:8c:0a:50:fa:ee:34:67:66:aa:de:4e:21:a8:28:
                    14:13:e3:06:8d:e4:05:d6:d0:3d:d8:3f:32:77:66:
                    8c:9d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                05:2E:01:A1:C8:F3:FC:72:6E:36:28:90:EE:45:46:DB:F9:9E:A2:E3
            X509v3 Authority Key Identifier:
                keyid:70:79:7D:B0:7B:F6:D4:59:7A:C2:DC:8B:E3:4F:89:29:80:08:F2:CD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cHl9sHv21Fl6wtyL40-JKYAI8s0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/c2ee7a-cbb7-470e-b965-907daa46463b/1/cHl9sHv21Fl6wtyL40-JKYAI8s0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/c2ee7a-cbb7-470e-b965-907daa46463b/1/cHl9sHv21Fl6wtyL40-JKYAI8s0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7c:87:af:d2:d8:5f:f9:7b:92:dd:db:1c:32:b9:59:4d:48:84:
         34:e7:b9:a4:5e:de:e2:8e:06:96:ac:86:a3:e0:19:61:f2:93:
         0b:34:2d:11:74:c9:48:29:39:29:ca:09:9a:15:2b:00:f6:f5:
         88:35:4f:64:06:15:05:3d:7a:89:e9:3f:f5:50:ef:ec:8c:51:
         e7:fe:35:50:87:af:e5:24:5c:8d:e5:74:31:2b:4d:2d:11:8d:
         19:1b:94:90:e9:85:ad:2d:9d:f6:ad:97:c5:6f:ac:38:9a:94:
         14:df:e0:9c:7d:63:84:bb:d3:ee:d5:61:27:52:d5:41:ce:2e:
         c9:9a:0d:aa:f6:46:3e:ae:10:33:3e:b8:7f:de:74:42:e5:95:
         ec:90:39:93:e4:2a:23:b6:e0:2b:67:05:ec:60:9b:d8:24:46:
         9f:6e:1a:5b:11:0b:af:80:82:44:81:18:a8:04:8b:4a:82:e0:
         a8:9f:b2:ba:35:8a:84:b7:85:62:31:e8:27:d3:e7:ab:8b:46:
         9f:c9:22:27:2c:c2:70:da:22:74:a6:ea:6f:f1:cc:07:3d:da:
         21:8c:ab:a5:19:a4:d6:3c:4f:c3:b1:d1:c5:4a:1e:cb:db:01:
         d9:f5:98:82:f9:1b:87:c5:03:a7:68:63:06:01:be:cc:82:dc:
         44:b5:cd:f3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZhzdGzUQycLRcs0yTE1xepSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcwNzk3ZGIwN2JmNmQ0NTk3YWMyZGM4YmUzNGY4OTI5ODAw
OGYyY2QwHhcNMjUwODA0MDUwMTA2WhcNMjUwODA1MDUwMTA2WjAzMTEwLwYDVQQD
EygwNTJlMDFhMWM4ZjNmYzcyNmUzNjI4OTBlZTQ1NDZkYmY5OWVhMmUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1MoOuS7SR7b0pKq1bd7Rts3Qeggj
lZNvpEcC2+0HGUiERcN5q29oT13PHeWmxlRnZFhoZg4ng32H/K40MNB4251y6MN1
lspEDstzSQz5pEhqvTeAlXfZorpBmo7JofraL8dtWflp7iXKkNMllI4ynNAZ53Cc
iaOlAlrb0Hz7QUR0DLrXpiLP+2kRGlYoeCb5vIUXU7AiGu1Yi77r9mePoM68A0Zb
YHH3CZnsWZ52u89Thi6GmPOvFuxCAsEV2mH+8s+zL92h1lE3wUPHOmE7wT4fCoyd
clxbYUyUEWWaKQ9vjApQ+u40Z2aq3k4hqCgUE+MGjeQF1tA92D8yd2aMnQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAUuAaHI8/xybjYokO5FRtv5nqLjMB8GA1UdIwQY
MBaAFHB5fbB79tRZesLci+NPiSmACPLNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY0hsOXNIdjIxRmw2d3R5TDQwLUpLWUFJOHMwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMS9jMmVlN2EtY2JiNy00NzBlLWI5NjUt
OTA3ZGFhNDY0NjNiLzEvY0hsOXNIdjIxRmw2d3R5TDQwLUpLWUFJOHMwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMS9jMmVlN2EtY2JiNy00NzBlLWI5NjUtOTA3ZGFhNDY0NjNi
LzEvY0hsOXNIdjIxRmw2d3R5TDQwLUpLWUFJOHMwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAfIev0thf
+XuS3dscMrlZTUiENOe5pF7e4o4GlqyGo+AZYfKTCzQtEXTJSCk5KcoJmhUrAPb1
iDVPZAYVBT16iek/9VDv7IxR5/41UIev5SRcjeV0MStNLRGNGRuUkOmFrS2d9q2X
xW+sOJqUFN/gnH1jhLvT7tVhJ1LVQc4uyZoNqvZGPq4QMz64f950QuWV7JA5k+Qq
I7bgK2cF7GCb2CRGn24aWxELr4CCRIEYqASLSoLgqJ+yujWKhLeFYjHoJ9Pnq4tG
n8kiJyzCcNoidKbqb/HMBz3aIYyrpRmk1jxPw7HRxUoey9sB2fWYgvkbh8UDp2hj
BgG+zILcRLXN8w==
-----END CERTIFICATE-----
Generated at Mon Aug 4 11:04:09 2025 by rpki-client