Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/18/996da3-9f8c-475b-8bf6-c7467da2db60/1/mNtTOItvp7HlovTGhjq3Hxz7VRI.mft
File:                     mNtTOItvp7HlovTGhjq3Hxz7VRI.mft (raw, json)
Hash identifier:          cKygtdwWFOwVAVju9jva2Srt/0Hel/WVp9vZ4z5W1Is=
Subject key identifier:   66:62:0A:5C:46:8A:4D:03:9E:FA:92:F9:02:08:19:B2:35:81:23:24
Authority key identifier: 98:DB:53:38:8B:6F:A7:B1:E5:A2:F4:C6:86:3A:B7:1F:1C:FB:55:12
Certificate issuer:       /CN=98db53388b6fa7b1e5a2f4c6863ab71f1cfb5512
Certificate serial:       0198D660C52C784A73089DF01112B3DDE4F2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/mNtTOItvp7HlovTGhjq3Hxz7VRI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/18/996da3-9f8c-475b-8bf6-c7467da2db60/1/mNtTOItvp7HlovTGhjq3Hxz7VRI.mft
Manifest number:          0350
Signing time:             Sat 23 Aug 2025 10:02:02 +0000
Manifest this update:     Sat 23 Aug 2025 10:02:02 +0000
Manifest next update:     Sun 24 Aug 2025 10:02:02 +0000
Files and hashes:         1: mNtTOItvp7HlovTGhjq3Hxz7VRI.crl (hash: RgF5lDGRhoite1ccPszOxktWmqmm08C56ylBcR093zk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/18/996da3-9f8c-475b-8bf6-c7467da2db60/1/mNtTOItvp7HlovTGhjq3Hxz7VRI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/18/996da3-9f8c-475b-8bf6-c7467da2db60/1/mNtTOItvp7HlovTGhjq3Hxz7VRI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/mNtTOItvp7HlovTGhjq3Hxz7VRI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 05:01:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d6:60:c5:2c:78:4a:73:08:9d:f0:11:12:b3:dd:e4:f2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=98db53388b6fa7b1e5a2f4c6863ab71f1cfb5512
        Validity
            Not Before: Aug 23 10:02:02 2025 GMT
            Not After : Aug 24 10:02:02 2025 GMT
        Subject: CN=66620a5c468a4d039efa92f9020819b235812324
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:91:c6:14:7d:53:82:8e:a6:f9:aa:8b:09:83:3e:
                    3b:d2:b3:2a:90:e5:e5:b8:ef:e0:5a:25:85:57:6e:
                    8e:2f:69:cf:5f:3c:66:c9:80:68:87:44:1a:87:c0:
                    c5:a4:fc:1c:4b:55:36:42:49:00:00:43:10:cf:e7:
                    7c:32:62:c8:d3:41:19:dc:2f:df:1e:e0:ab:1f:8d:
                    18:a9:d3:69:23:a3:b7:a2:1e:2f:8a:5a:ed:99:dc:
                    2a:dd:ba:18:1f:a6:87:02:f7:68:b1:cf:13:e6:f9:
                    ae:24:f6:ad:ee:d0:b4:df:2c:cc:9f:bc:67:e7:0e:
                    f4:82:23:12:59:d8:81:1d:5f:f0:68:7c:9a:72:a3:
                    3c:f4:93:eb:ed:7a:50:d9:b2:e4:fc:a0:22:eb:08:
                    5a:53:9d:70:9e:08:01:f8:87:aa:de:c5:21:ed:b5:
                    e2:0c:fc:43:1f:8f:02:aa:a1:a5:6a:ff:d5:d7:82:
                    8b:07:b2:ec:f7:73:fe:3c:36:be:56:44:ac:f0:d1:
                    91:16:43:fb:53:c3:8c:d4:16:4d:d2:a7:51:44:2c:
                    9e:cf:c6:0b:6a:51:13:83:60:17:f6:35:b1:90:26:
                    60:54:a3:1f:c6:7c:77:8c:a9:a1:f1:30:28:54:86:
                    02:a7:7d:5b:9d:42:7f:47:7d:db:78:ed:16:7e:7a:
                    e6:13
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                66:62:0A:5C:46:8A:4D:03:9E:FA:92:F9:02:08:19:B2:35:81:23:24
            X509v3 Authority Key Identifier:
                keyid:98:DB:53:38:8B:6F:A7:B1:E5:A2:F4:C6:86:3A:B7:1F:1C:FB:55:12

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mNtTOItvp7HlovTGhjq3Hxz7VRI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/18/996da3-9f8c-475b-8bf6-c7467da2db60/1/mNtTOItvp7HlovTGhjq3Hxz7VRI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/18/996da3-9f8c-475b-8bf6-c7467da2db60/1/mNtTOItvp7HlovTGhjq3Hxz7VRI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5d:e9:76:ac:bc:fc:b2:2b:44:a1:6c:9e:1f:0b:fa:f8:3b:57:
         7e:cf:2c:fe:25:ae:93:79:a1:d7:19:bf:81:44:2e:4e:1f:f4:
         31:e8:1a:3c:5b:af:87:b6:32:d2:95:b6:1f:af:79:fd:7f:f5:
         09:f1:da:64:80:fc:59:08:70:47:b5:2a:f5:e6:48:d1:90:1e:
         86:51:4e:4a:8d:57:fa:c4:7f:b2:30:eb:37:68:7a:81:4e:c7:
         24:a9:6f:4c:b1:e2:44:fe:ee:6b:2c:db:3d:f9:f3:ae:d6:f8:
         bd:2a:59:de:7b:7e:55:37:67:08:95:ec:87:37:de:99:20:f1:
         49:68:94:1f:2f:c1:13:6c:b0:ea:aa:37:d5:f5:19:ce:42:3b:
         83:33:e7:58:c1:0a:04:9e:a7:71:b2:7c:dd:9a:2d:6d:44:4d:
         e9:e4:32:92:b0:64:6b:82:a9:84:c4:6a:e9:55:8c:c5:4a:45:
         a0:5f:37:f2:0d:33:2a:59:7b:9f:0a:36:f3:81:a3:2b:e4:08:
         7a:5c:4f:2a:dc:63:d0:bf:91:33:c9:bc:ee:66:af:ff:6a:12:
         f1:e2:e8:a2:09:31:73:aa:9e:e3:32:d0:25:d3:19:7f:65:6d:
         1f:64:39:cb:3f:bb:49:7d:e1:e5:1c:26:0e:3f:60:17:0d:67:
         3e:ce:50:f2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjWYMUseEpzCJ3wERKz3eTyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4ZGI1MzM4OGI2ZmE3YjFlNWEyZjRjNjg2M2FiNzFmMWNm
YjU1MTIwHhcNMjUwODIzMTAwMjAyWhcNMjUwODI0MTAwMjAyWjAzMTEwLwYDVQQD
Eyg2NjYyMGE1YzQ2OGE0ZDAzOWVmYTkyZjkwMjA4MTliMjM1ODEyMzI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkcYUfVOCjqb5qosJgz470rMqkOXl
uO/gWiWFV26OL2nPXzxmyYBoh0Qah8DFpPwcS1U2QkkAAEMQz+d8MmLI00EZ3C/f
HuCrH40YqdNpI6O3oh4vilrtmdwq3boYH6aHAvdosc8T5vmuJPat7tC03yzMn7xn
5w70giMSWdiBHV/waHyacqM89JPr7XpQ2bLk/KAi6whaU51wnggB+Ieq3sUh7bXi
DPxDH48CqqGlav/V14KLB7Ls93P+PDa+VkSs8NGRFkP7U8OM1BZN0qdRRCyez8YL
alETg2AX9jWxkCZgVKMfxnx3jKmh8TAoVIYCp31bnUJ/R33beO0WfnrmEwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGZiClxGik0DnvqS+QIIGbI1gSMkMB8GA1UdIwQY
MBaAFJjbUziLb6ex5aL0xoY6tx8c+1USMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbU50VE9JdHZwN0hsb3ZUR2hqcTNIeHo3VlJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOC85OTZkYTMtOWY4Yy00NzViLThiZjYt
Yzc0NjdkYTJkYjYwLzEvbU50VE9JdHZwN0hsb3ZUR2hqcTNIeHo3VlJJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOC85OTZkYTMtOWY4Yy00NzViLThiZjYtYzc0NjdkYTJkYjYw
LzEvbU50VE9JdHZwN0hsb3ZUR2hqcTNIeHo3VlJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXel2rLz8
sitEoWyeHwv6+DtXfs8s/iWuk3mh1xm/gUQuTh/0MegaPFuvh7Yy0pW2H695/X/1
CfHaZID8WQhwR7Uq9eZI0ZAehlFOSo1X+sR/sjDrN2h6gU7HJKlvTLHiRP7uayzb
Pfnzrtb4vSpZ3nt+VTdnCJXshzfemSDxSWiUHy/BE2yw6qo31fUZzkI7gzPnWMEK
BJ6ncbJ83ZotbURN6eQykrBka4KphMRq6VWMxUpFoF838g0zKll7nwo284GjK+QI
elxPKtxj0L+RM8m87mav/2oS8eLoogkxc6qe4zLQJdMZf2VtH2Q5yz+7SX3h5Rwm
Dj9gFw1nPs5Q8g==
-----END CERTIFICATE-----
Generated at Sat Aug 23 14:02:00 2025 by rpki-client