Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/cfa0b5-e1a1-41ff-88cb-029715de4c6f/1/AhfGZs2iPpINFLkK6TY3EzUKrB4.mft
File:                     AhfGZs2iPpINFLkK6TY3EzUKrB4.mft (raw, json)
Hash identifier:          7W0Bjw8MnL7Qnd8MVqlzi96C64mqUt+s9HlMNixLCEk=
Subject key identifier:   22:B6:F1:27:CD:5E:9A:FF:69:47:A5:EA:DB:20:B2:B2:CD:84:DD:41
Authority key identifier: 02:17:C6:66:CD:A2:3E:92:0D:14:B9:0A:E9:36:37:13:35:0A:AC:1E
Certificate issuer:       /CN=0217c666cda23e920d14b90ae9363713350aac1e
Certificate serial:       01988BEAD009D4B981D47881A5DC1B89FC8A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/AhfGZs2iPpINFLkK6TY3EzUKrB4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ff/cfa0b5-e1a1-41ff-88cb-029715de4c6f/1/AhfGZs2iPpINFLkK6TY3EzUKrB4.mft
Manifest number:          1623
Signing time:             Fri 08 Aug 2025 23:01:18 +0000
Manifest this update:     Fri 08 Aug 2025 23:01:18 +0000
Manifest next update:     Sat 09 Aug 2025 23:01:18 +0000
Files and hashes:         1: AhfGZs2iPpINFLkK6TY3EzUKrB4.crl (hash: ICWC5R3CTzb/JoDTSEborETvGYdLeqrQ00TWuCDpxz4=)
                          2: osyzbtU7GZmaeY_CNmdQy5Vz8jw.roa (hash: /Wf83f8E6EuxQUr3auZsag/VGfFdi1UD8Jonkresr4U=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ff/cfa0b5-e1a1-41ff-88cb-029715de4c6f/1/AhfGZs2iPpINFLkK6TY3EzUKrB4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ff/cfa0b5-e1a1-41ff-88cb-029715de4c6f/1/AhfGZs2iPpINFLkK6TY3EzUKrB4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/AhfGZs2iPpINFLkK6TY3EzUKrB4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 09 Aug 2025 20:00:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:8b:ea:d0:09:d4:b9:81:d4:78:81:a5:dc:1b:89:fc:8a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0217c666cda23e920d14b90ae9363713350aac1e
        Validity
            Not Before: Aug  8 23:01:18 2025 GMT
            Not After : Aug  9 23:01:18 2025 GMT
        Subject: CN=22b6f127cd5e9aff6947a5eadb20b2b2cd84dd41
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d1:9e:3d:07:db:97:91:61:7e:a9:58:35:65:7f:
                    b9:db:48:a2:ba:21:a3:b3:13:1a:35:d8:04:9b:11:
                    ad:68:81:83:d2:33:e9:4d:d3:a8:46:c3:10:9d:ae:
                    2e:cd:06:00:d7:2d:43:3f:56:59:51:7b:fb:a7:2a:
                    44:8b:60:92:3e:a5:22:7e:25:93:83:68:6b:2b:9a:
                    be:04:8a:eb:63:71:50:1c:f8:43:7d:d9:30:07:ec:
                    2b:2b:7a:33:65:b7:e7:93:73:5c:b6:a0:e8:b3:3e:
                    5a:35:96:ba:45:c6:db:29:50:bb:37:d9:90:b4:29:
                    4a:bd:ee:01:ce:c0:72:92:1a:21:01:a4:cb:08:61:
                    35:25:13:fe:33:7a:c7:5d:8b:b3:60:a8:95:b8:4e:
                    a7:47:f1:04:81:d0:0f:3b:a1:11:a6:aa:69:d3:61:
                    f8:90:7d:a7:f1:40:50:b4:3c:0b:75:38:79:ab:2c:
                    6d:17:a6:86:55:15:9a:e7:21:c5:9a:15:26:38:8b:
                    02:e2:a0:c1:de:ff:6e:65:d6:88:e4:b2:0d:11:07:
                    ac:a7:f4:24:e3:af:ba:b7:1f:21:66:53:6f:bc:65:
                    60:ff:fe:6a:03:cc:81:a5:37:dd:d9:8c:f6:13:1e:
                    38:fc:6d:5a:16:4e:ad:be:24:91:59:4f:09:c6:c9:
                    0b:53
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                22:B6:F1:27:CD:5E:9A:FF:69:47:A5:EA:DB:20:B2:B2:CD:84:DD:41
            X509v3 Authority Key Identifier:
                keyid:02:17:C6:66:CD:A2:3E:92:0D:14:B9:0A:E9:36:37:13:35:0A:AC:1E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AhfGZs2iPpINFLkK6TY3EzUKrB4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/cfa0b5-e1a1-41ff-88cb-029715de4c6f/1/AhfGZs2iPpINFLkK6TY3EzUKrB4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/cfa0b5-e1a1-41ff-88cb-029715de4c6f/1/AhfGZs2iPpINFLkK6TY3EzUKrB4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6a:0c:ff:82:d4:8d:cd:3f:21:ca:4b:e3:6e:80:4e:19:c0:51:
         7b:50:17:95:b5:21:37:d7:b6:12:80:46:60:a1:b8:d3:53:3e:
         be:ea:0c:a3:b8:ff:44:6a:33:59:c9:77:24:82:24:8e:88:2f:
         f0:f0:33:08:35:5a:a8:3d:3a:52:a8:39:ae:40:64:78:66:b0:
         25:00:a0:27:d1:da:e2:79:8b:9c:d7:d2:a4:53:9d:9d:5f:c7:
         49:be:4c:f7:43:37:d5:23:30:28:e5:2a:cd:1d:b6:dd:19:9d:
         f9:1e:c6:54:88:db:65:9c:dc:18:cd:e2:9a:68:c1:64:b2:97:
         9d:52:27:c5:20:8d:94:26:76:c4:c2:f7:27:e9:80:75:d7:f3:
         6e:b8:3c:1f:8f:cf:f7:d9:38:a3:de:3c:91:3a:ea:23:4c:1b:
         5f:df:51:23:f2:77:68:f5:d3:5b:9b:d7:45:d8:f3:78:cf:ed:
         c5:57:98:21:b0:43:cb:e1:59:50:d4:68:52:27:57:00:07:ff:
         30:d6:17:1e:a8:97:b4:cf:ab:cb:bd:08:00:37:59:1a:df:a6:
         1c:4e:42:1c:5e:41:e9:d9:fc:87:45:9f:30:76:88:a6:d0:f3:
         58:2d:f0:e7:6f:64:5f:ec:c1:b8:6e:e2:2b:8b:c2:34:ed:ed:
         76:97:cd:2a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZiL6tAJ1LmB1HiBpdwbifyKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAyMTdjNjY2Y2RhMjNlOTIwZDE0YjkwYWU5MzYzNzEzMzUw
YWFjMWUwHhcNMjUwODA4MjMwMTE4WhcNMjUwODA5MjMwMTE4WjAzMTEwLwYDVQQD
EygyMmI2ZjEyN2NkNWU5YWZmNjk0N2E1ZWFkYjIwYjJiMmNkODRkZDQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0Z49B9uXkWF+qVg1ZX+520iiuiGj
sxMaNdgEmxGtaIGD0jPpTdOoRsMQna4uzQYA1y1DP1ZZUXv7pypEi2CSPqUifiWT
g2hrK5q+BIrrY3FQHPhDfdkwB+wrK3ozZbfnk3NctqDosz5aNZa6RcbbKVC7N9mQ
tClKve4BzsBykhohAaTLCGE1JRP+M3rHXYuzYKiVuE6nR/EEgdAPO6ERpqpp02H4
kH2n8UBQtDwLdTh5qyxtF6aGVRWa5yHFmhUmOIsC4qDB3v9uZdaI5LINEQesp/Qk
46+6tx8hZlNvvGVg//5qA8yBpTfd2Yz2Ex44/G1aFk6tviSRWU8JxskLUwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCK28SfNXpr/aUel6tsgsrLNhN1BMB8GA1UdIwQY
MBaAFAIXxmbNoj6SDRS5Cuk2NxM1CqweMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQWhmR1pzMmlQcElORkxrSzZUWTNFelVLckI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi9jZmEwYjUtZTFhMS00MWZmLTg4Y2It
MDI5NzE1ZGU0YzZmLzEvQWhmR1pzMmlQcElORkxrSzZUWTNFelVLckI0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi9jZmEwYjUtZTFhMS00MWZmLTg4Y2ItMDI5NzE1ZGU0YzZm
LzEvQWhmR1pzMmlQcElORkxrSzZUWTNFelVLckI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAagz/gtSN
zT8hykvjboBOGcBRe1AXlbUhN9e2EoBGYKG401M+vuoMo7j/RGozWcl3JIIkjogv
8PAzCDVaqD06Uqg5rkBkeGawJQCgJ9Ha4nmLnNfSpFOdnV/HSb5M90M31SMwKOUq
zR223Rmd+R7GVIjbZZzcGM3immjBZLKXnVInxSCNlCZ2xML3J+mAddfzbrg8H4/P
99k4o948kTrqI0wbX99RI/J3aPXTW5vXRdjzeM/txVeYIbBDy+FZUNRoUidXAAf/
MNYXHqiXtM+ry70IADdZGt+mHE5CHF5B6dn8h0WfMHaIptDzWC3w529kX+zBuG7i
K4vCNO3tdpfNKg==
-----END CERTIFICATE-----
Generated at Sat Aug 9 05:52:40 2025 by rpki-client