Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/20602c-8de4-4dec-8b24-6614632723b9/1/MbFiHOKMu_7wOKvXVJ_Gy1DnEWs.mft
File:                     MbFiHOKMu_7wOKvXVJ_Gy1DnEWs.mft (raw, json)
Hash identifier:          djP9rRkGEKqJaURjpp0A1EBm2wbxf3TJTPI7YlaVIE0=
Subject key identifier:   40:B0:2C:24:00:12:FA:08:58:E9:5D:66:36:83:11:58:24:26:AC:1C
Authority key identifier: 31:B1:62:1C:E2:8C:BB:FE:F0:38:AB:D7:54:9F:C6:CB:50:E7:11:6B
Certificate issuer:       /CN=31b1621ce28cbbfef038abd7549fc6cb50e7116b
Certificate serial:       0198D6CD6B7C79C5B7DDB91C5B89D0D0B3F0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/MbFiHOKMu_7wOKvXVJ_Gy1DnEWs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2b/20602c-8de4-4dec-8b24-6614632723b9/1/MbFiHOKMu_7wOKvXVJ_Gy1DnEWs.mft
Manifest number:          093B
Signing time:             Sat 23 Aug 2025 12:00:43 +0000
Manifest this update:     Sat 23 Aug 2025 12:00:43 +0000
Manifest next update:     Sun 24 Aug 2025 12:00:43 +0000
Files and hashes:         1: MbFiHOKMu_7wOKvXVJ_Gy1DnEWs.crl (hash: pCQG8SJgXdnchjMWMYtnojXpmVuMcwRwZbUUllhxD0A=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/2b/20602c-8de4-4dec-8b24-6614632723b9/1/MbFiHOKMu_7wOKvXVJ_Gy1DnEWs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/2b/20602c-8de4-4dec-8b24-6614632723b9/1/MbFiHOKMu_7wOKvXVJ_Gy1DnEWs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/MbFiHOKMu_7wOKvXVJ_Gy1DnEWs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 05:01:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d6:cd:6b:7c:79:c5:b7:dd:b9:1c:5b:89:d0:d0:b3:f0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=31b1621ce28cbbfef038abd7549fc6cb50e7116b
        Validity
            Not Before: Aug 23 12:00:43 2025 GMT
            Not After : Aug 24 12:00:43 2025 GMT
        Subject: CN=40b02c240012fa0858e95d66368311582426ac1c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:e0:94:d3:cf:16:a2:81:12:c7:2c:92:45:97:
                    76:83:d6:3a:2e:f3:48:fa:18:46:e0:13:4b:01:04:
                    86:7c:62:25:4b:f5:c9:0c:6c:91:58:0f:6d:aa:a9:
                    3a:ae:65:0d:b8:9d:03:f1:d8:a3:3e:80:20:83:1b:
                    0a:3e:e5:f8:5f:e0:1d:66:a5:89:eb:67:5b:98:f8:
                    af:f5:2e:f9:92:8c:1a:49:96:b3:82:8b:76:88:75:
                    a5:e4:0f:9c:f6:16:4d:06:13:32:b8:4a:01:dd:07:
                    04:d9:ef:3e:60:22:7b:4a:49:ba:93:ae:d4:69:3a:
                    62:23:5d:0b:7f:b2:35:1d:5a:47:37:fe:1d:db:80:
                    6d:e8:ef:45:e2:48:2d:11:9d:7f:68:ad:5c:52:9e:
                    28:95:e1:ad:ab:71:e8:7a:0c:f9:d6:b6:50:14:b9:
                    55:88:5a:95:32:6f:25:56:91:68:b8:29:7f:39:48:
                    fa:b8:9a:4c:b5:28:13:4b:7f:34:84:81:16:03:00:
                    04:e1:9d:ff:d3:63:ed:06:40:e8:90:4a:f0:39:2e:
                    7a:2f:72:36:be:81:59:6e:fb:d8:10:14:ec:f4:ab:
                    75:c9:e3:69:ac:da:fd:2c:8d:e6:78:87:4f:51:8d:
                    81:60:d4:34:48:5d:90:1e:98:41:4a:ab:ee:23:c5:
                    ac:eb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                40:B0:2C:24:00:12:FA:08:58:E9:5D:66:36:83:11:58:24:26:AC:1C
            X509v3 Authority Key Identifier:
                keyid:31:B1:62:1C:E2:8C:BB:FE:F0:38:AB:D7:54:9F:C6:CB:50:E7:11:6B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MbFiHOKMu_7wOKvXVJ_Gy1DnEWs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/20602c-8de4-4dec-8b24-6614632723b9/1/MbFiHOKMu_7wOKvXVJ_Gy1DnEWs.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/20602c-8de4-4dec-8b24-6614632723b9/1/MbFiHOKMu_7wOKvXVJ_Gy1DnEWs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a0:6f:ed:10:b3:db:76:c4:9d:61:9c:70:d0:f9:62:6e:5a:4c:
         01:79:3a:0c:67:00:f1:f7:f0:4f:8b:6a:43:a7:73:e0:b3:71:
         44:1e:1c:a0:67:3d:8e:8f:71:22:79:9c:a5:2d:55:08:46:e6:
         b7:8f:2e:16:93:1d:a0:a0:f1:08:a8:e5:53:3c:a2:9d:0f:32:
         2b:1c:af:25:4c:5e:c0:6e:1f:01:dd:6d:62:8e:70:19:ca:56:
         bc:48:8c:57:42:cf:01:28:43:20:1b:11:fa:f6:bb:97:b1:f9:
         9a:0a:56:a3:63:9e:12:f4:ef:77:08:ac:a9:e3:ce:02:48:06:
         4e:59:c2:1d:47:40:d1:23:7d:87:dd:ca:b1:b4:18:d8:ec:75:
         f6:20:7e:cb:57:3b:81:d1:5b:80:b0:f0:e4:b5:0e:6a:34:ca:
         0c:b4:ad:d0:d1:02:5e:bf:88:2f:a7:fd:b0:4c:5e:84:c2:c4:
         ba:05:5c:84:58:54:6a:5f:8f:33:1a:40:09:9a:16:6c:49:c6:
         e8:9c:d0:61:61:b1:0e:b2:78:8b:34:9c:43:24:66:1e:26:de:
         e2:e1:4e:45:a8:ed:44:44:28:50:83:86:f1:2c:8d:56:f8:c9:
         43:12:d8:1f:93:b4:da:eb:29:e8:a1:32:09:8a:38:e2:95:95:
         37:f2:36:2d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjWzWt8ecW33bkcW4nQ0LPwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMxYjE2MjFjZTI4Y2JiZmVmMDM4YWJkNzU0OWZjNmNiNTBl
NzExNmIwHhcNMjUwODIzMTIwMDQzWhcNMjUwODI0MTIwMDQzWjAzMTEwLwYDVQQD
Eyg0MGIwMmMyNDAwMTJmYTA4NThlOTVkNjYzNjgzMTE1ODI0MjZhYzFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw+CU088WooESxyySRZd2g9Y6LvNI
+hhG4BNLAQSGfGIlS/XJDGyRWA9tqqk6rmUNuJ0D8dijPoAggxsKPuX4X+AdZqWJ
62dbmPiv9S75kowaSZazgot2iHWl5A+c9hZNBhMyuEoB3QcE2e8+YCJ7Skm6k67U
aTpiI10Lf7I1HVpHN/4d24Bt6O9F4kgtEZ1/aK1cUp4oleGtq3Hoegz51rZQFLlV
iFqVMm8lVpFouCl/OUj6uJpMtSgTS380hIEWAwAE4Z3/02PtBkDokErwOS56L3I2
voFZbvvYEBTs9Kt1yeNprNr9LI3meIdPUY2BYNQ0SF2QHphBSqvuI8Ws6wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFECwLCQAEvoIWOldZjaDEVgkJqwcMB8GA1UdIwQY
MBaAFDGxYhzijLv+8Dir11SfxstQ5xFrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTWJGaUhPS011Xzd3T0t2WFZKX0d5MURuRVdzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi8yMDYwMmMtOGRlNC00ZGVjLThiMjQt
NjYxNDYzMjcyM2I5LzEvTWJGaUhPS011Xzd3T0t2WFZKX0d5MURuRVdzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi8yMDYwMmMtOGRlNC00ZGVjLThiMjQtNjYxNDYzMjcyM2I5
LzEvTWJGaUhPS011Xzd3T0t2WFZKX0d5MURuRVdzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAoG/tELPb
dsSdYZxw0PliblpMAXk6DGcA8ffwT4tqQ6dz4LNxRB4coGc9jo9xInmcpS1VCEbm
t48uFpMdoKDxCKjlUzyinQ8yKxyvJUxewG4fAd1tYo5wGcpWvEiMV0LPAShDIBsR
+va7l7H5mgpWo2OeEvTvdwisqePOAkgGTlnCHUdA0SN9h93KsbQY2Ox19iB+y1c7
gdFbgLDw5LUOajTKDLSt0NECXr+IL6f9sExehMLEugVchFhUal+PMxpACZoWbEnG
6JzQYWGxDrJ4izScQyRmHibe4uFORajtREQoUIOG8SyNVvjJQxLYH5O02usp6KEy
CYo44pWVN/I2LQ==
-----END CERTIFICATE-----
Generated at Sat Aug 23 15:57:21 2025 by rpki-client