Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/39294c-ebd1-4ef4-915e-f0dd879ae53a/1/lQPIUJD5zC4inTj96rrmJlCL3rg.mft
File:                     lQPIUJD5zC4inTj96rrmJlCL3rg.mft (raw, json)
Hash identifier:          CyXg6TyxBfEr2BbUAjHNkClZpf5SCxf7V2RTvxPnlLc=
Subject key identifier:   0F:32:F2:76:0E:D2:78:DD:74:0A:16:A0:67:12:6D:91:C3:04:F2:6C
Authority key identifier: 95:03:C8:50:90:F9:CC:2E:22:9D:38:FD:EA:BA:E6:26:50:8B:DE:B8
Certificate issuer:       /CN=9503c85090f9cc2e229d38fdeabae626508bdeb8
Certificate serial:       0198D5F15360F893B041FFC60D84F7BE468F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/lQPIUJD5zC4inTj96rrmJlCL3rg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/03/39294c-ebd1-4ef4-915e-f0dd879ae53a/1/lQPIUJD5zC4inTj96rrmJlCL3rg.mft
Manifest number:          036B
Signing time:             Sat 23 Aug 2025 08:00:19 +0000
Manifest this update:     Sat 23 Aug 2025 08:00:19 +0000
Manifest next update:     Sun 24 Aug 2025 08:00:19 +0000
Files and hashes:         1: lQPIUJD5zC4inTj96rrmJlCL3rg.crl (hash: pd0Oq5ZpCEqR60lp48AA62vwfTuTlonI/tM6bozfAlU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/03/39294c-ebd1-4ef4-915e-f0dd879ae53a/1/lQPIUJD5zC4inTj96rrmJlCL3rg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/03/39294c-ebd1-4ef4-915e-f0dd879ae53a/1/lQPIUJD5zC4inTj96rrmJlCL3rg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/lQPIUJD5zC4inTj96rrmJlCL3rg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 05:01:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d5:f1:53:60:f8:93:b0:41:ff:c6:0d:84:f7:be:46:8f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9503c85090f9cc2e229d38fdeabae626508bdeb8
        Validity
            Not Before: Aug 23 08:00:19 2025 GMT
            Not After : Aug 24 08:00:19 2025 GMT
        Subject: CN=0f32f2760ed278dd740a16a067126d91c304f26c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9e:12:5f:fb:4c:2a:4e:69:72:85:03:83:ee:b5:
                    ad:66:3c:95:b5:9d:83:81:d7:d3:1f:96:bd:16:ca:
                    50:d1:74:0c:19:f4:09:6b:8d:e4:95:dd:6e:ae:31:
                    ef:4f:bf:29:6b:f1:c3:f0:ca:4b:83:d7:75:26:57:
                    70:77:2d:47:6f:bb:db:70:3d:ab:29:66:8d:e3:3c:
                    eb:0a:ca:e5:f9:67:5e:dc:0e:6b:96:57:e0:e2:43:
                    1c:18:9b:bb:bf:53:da:e5:ed:ca:e8:e7:76:c4:f4:
                    66:86:f4:96:26:1d:97:18:fc:72:53:9f:3f:f1:fb:
                    03:c9:ed:8e:c4:c1:ac:b6:ec:6b:a7:8b:f9:6f:1b:
                    44:44:2b:36:b9:e1:5d:3c:20:a8:ef:01:20:7b:25:
                    89:e9:3c:2e:0c:09:9b:4e:0c:72:99:f7:d4:5c:be:
                    ac:69:93:2a:9a:82:69:28:23:70:47:54:a0:a1:05:
                    48:62:70:7b:b1:f1:33:dc:53:47:e7:9d:6d:26:85:
                    f8:b9:dd:3c:1e:ac:94:3f:cb:6f:e5:99:b3:29:70:
                    6c:19:0e:11:27:38:ba:1c:90:96:f4:7c:a6:21:7e:
                    86:62:f7:f0:b4:bd:19:15:1b:79:b8:42:88:ea:71:
                    2c:b6:92:09:4c:d1:be:96:47:7c:ce:b5:8e:e6:8f:
                    ad:85
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0F:32:F2:76:0E:D2:78:DD:74:0A:16:A0:67:12:6D:91:C3:04:F2:6C
            X509v3 Authority Key Identifier:
                keyid:95:03:C8:50:90:F9:CC:2E:22:9D:38:FD:EA:BA:E6:26:50:8B:DE:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lQPIUJD5zC4inTj96rrmJlCL3rg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/39294c-ebd1-4ef4-915e-f0dd879ae53a/1/lQPIUJD5zC4inTj96rrmJlCL3rg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/03/39294c-ebd1-4ef4-915e-f0dd879ae53a/1/lQPIUJD5zC4inTj96rrmJlCL3rg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         31:ac:a2:6a:61:fc:d6:8f:9e:a6:7a:d6:16:bc:8b:20:71:e6:
         6e:ff:59:ad:b8:00:f1:9a:a3:c8:85:dd:cc:35:51:13:ab:80:
         e5:0f:c0:eb:95:34:ac:95:80:3f:f2:9e:c1:16:6b:cb:c1:c2:
         c3:3d:ed:10:b8:1a:3f:8d:07:41:86:96:21:f2:f3:d8:df:e6:
         87:66:5c:98:34:c5:87:ec:58:bf:d0:ce:98:a2:dd:52:52:ee:
         d3:c1:3b:d4:b3:2e:02:bc:8c:55:41:28:09:45:5a:6d:21:9f:
         96:dc:6a:86:3c:c5:9c:0a:07:85:45:47:8a:40:f2:44:e1:b2:
         01:96:c9:5c:18:14:74:5a:71:89:2d:00:44:dc:8e:c8:5b:bd:
         a4:c5:e9:4c:e9:a6:d5:2a:3c:3f:30:55:c6:fc:4b:e8:14:25:
         72:a8:3d:96:0a:aa:ad:e7:2c:65:a1:97:4c:eb:de:b3:6b:db:
         d8:ee:31:6f:49:66:0d:ae:30:b4:ba:80:09:60:17:33:03:ea:
         ab:68:9c:55:a2:66:89:bb:dc:e8:77:60:54:bb:2d:5f:4a:bf:
         da:75:81:e9:52:be:54:4d:72:1a:57:95:0e:4c:a0:85:2d:91:
         a3:e7:de:eb:92:f7:9c:44:ba:c9:27:74:df:37:63:09:9a:8b:
         90:82:73:b2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjV8VNg+JOwQf/GDYT3vkaPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk1MDNjODUwOTBmOWNjMmUyMjlkMzhmZGVhYmFlNjI2NTA4
YmRlYjgwHhcNMjUwODIzMDgwMDE5WhcNMjUwODI0MDgwMDE5WjAzMTEwLwYDVQQD
EygwZjMyZjI3NjBlZDI3OGRkNzQwYTE2YTA2NzEyNmQ5MWMzMDRmMjZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnhJf+0wqTmlyhQOD7rWtZjyVtZ2D
gdfTH5a9FspQ0XQMGfQJa43kld1urjHvT78pa/HD8MpLg9d1Jldwdy1Hb7vbcD2r
KWaN4zzrCsrl+Wde3A5rllfg4kMcGJu7v1Pa5e3K6Od2xPRmhvSWJh2XGPxyU58/
8fsDye2OxMGstuxrp4v5bxtERCs2ueFdPCCo7wEgeyWJ6TwuDAmbTgxymffUXL6s
aZMqmoJpKCNwR1SgoQVIYnB7sfEz3FNH551tJoX4ud08HqyUP8tv5ZmzKXBsGQ4R
Jzi6HJCW9HymIX6GYvfwtL0ZFRt5uEKI6nEstpIJTNG+lkd8zrWO5o+thQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFA8y8nYO0njddAoWoGcSbZHDBPJsMB8GA1UdIwQY
MBaAFJUDyFCQ+cwuIp04/eq65iZQi964MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbFFQSVVKRDV6QzRpblRqOTZycm1KbENMM3JnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy8zOTI5NGMtZWJkMS00ZWY0LTkxNWUt
ZjBkZDg3OWFlNTNhLzEvbFFQSVVKRDV6QzRpblRqOTZycm1KbENMM3JnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy8zOTI5NGMtZWJkMS00ZWY0LTkxNWUtZjBkZDg3OWFlNTNh
LzEvbFFQSVVKRDV6QzRpblRqOTZycm1KbENMM3JnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMayiamH8
1o+epnrWFryLIHHmbv9ZrbgA8ZqjyIXdzDVRE6uA5Q/A65U0rJWAP/KewRZry8HC
wz3tELgaP40HQYaWIfLz2N/mh2ZcmDTFh+xYv9DOmKLdUlLu08E71LMuAryMVUEo
CUVabSGfltxqhjzFnAoHhUVHikDyROGyAZbJXBgUdFpxiS0ARNyOyFu9pMXpTOmm
1So8PzBVxvxL6BQlcqg9lgqqrecsZaGXTOves2vb2O4xb0lmDa4wtLqACWAXMwPq
q2icVaJmibvc6HdgVLstX0q/2nWB6VK+VE1yGleVDkyghS2Ro+fe65L3nES6ySd0
3zdjCZqLkIJzsg==
-----END CERTIFICATE-----
Generated at Sat Aug 23 14:00:32 2025 by rpki-client