Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3d/045c4b-c0d7-4778-9f44-823ad2c2f5f1/1/BGelYhGyHprHzcj7Y58xCpLCEEw.mft
File:                     BGelYhGyHprHzcj7Y58xCpLCEEw.mft (raw, json)
Hash identifier:          trSoYT+hcBddj+wUCCIuXcApyEX1rMc/oR81Elg9hUk=
Subject key identifier:   06:32:F7:09:C9:D9:45:25:D1:FF:FE:59:4D:47:B0:5E:F6:47:42:49
Authority key identifier: 04:67:A5:62:11:B2:1E:9A:C7:CD:C8:FB:63:9F:31:0A:92:C2:10:4C
Certificate issuer:       /CN=0467a56211b21e9ac7cdc8fb639f310a92c2104c
Certificate serial:       0198D697F24FF6B3D870126B82FAFAEBFD3C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/BGelYhGyHprHzcj7Y58xCpLCEEw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3d/045c4b-c0d7-4778-9f44-823ad2c2f5f1/1/BGelYhGyHprHzcj7Y58xCpLCEEw.mft
Manifest number:          0D2B
Signing time:             Sat 23 Aug 2025 11:02:18 +0000
Manifest this update:     Sat 23 Aug 2025 11:02:18 +0000
Manifest next update:     Sun 24 Aug 2025 11:02:18 +0000
Files and hashes:         1: BGelYhGyHprHzcj7Y58xCpLCEEw.crl (hash: pQ3m3s9fevQjujy5jFltp+Vd6108+xKQC621ypstJrA=)
                          2: vBbw-4MxcReP3ao6MqHjBCu3GcI.roa (hash: W28uSnDMlGVkrCQsXwIvXwkvC/TrS+441MfK9XqL5Zo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3d/045c4b-c0d7-4778-9f44-823ad2c2f5f1/1/BGelYhGyHprHzcj7Y58xCpLCEEw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3d/045c4b-c0d7-4778-9f44-823ad2c2f5f1/1/BGelYhGyHprHzcj7Y58xCpLCEEw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/BGelYhGyHprHzcj7Y58xCpLCEEw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 05:01:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d6:97:f2:4f:f6:b3:d8:70:12:6b:82:fa:fa:eb:fd:3c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0467a56211b21e9ac7cdc8fb639f310a92c2104c
        Validity
            Not Before: Aug 23 11:02:18 2025 GMT
            Not After : Aug 24 11:02:18 2025 GMT
        Subject: CN=0632f709c9d94525d1fffe594d47b05ef6474249
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:46:14:e5:d4:e8:0d:3b:46:18:fb:a4:2b:5b:
                    8d:32:cb:9b:a4:6d:1e:4c:85:f2:fa:16:6d:ea:39:
                    62:82:1e:84:f8:c8:44:db:30:51:6e:26:10:d0:dd:
                    25:22:5a:ff:11:99:8f:c1:fb:fc:26:6c:2b:80:9c:
                    ac:32:e3:99:e6:ec:a4:dd:cb:2a:86:b5:f0:73:28:
                    f2:41:83:8e:77:c1:8b:40:7e:84:48:8b:23:92:c6:
                    44:77:07:cc:99:48:a5:ad:8f:59:ca:34:4c:1d:45:
                    1a:fc:f4:6f:27:43:4c:ca:3e:91:f3:58:65:f3:0e:
                    66:bb:de:30:53:33:66:17:6a:4e:12:e0:88:b5:37:
                    7f:e0:1d:66:d1:40:9f:61:5c:0b:4a:3f:3d:99:ff:
                    96:65:5c:d0:48:02:7d:c5:15:33:ec:e1:68:ff:38:
                    b8:f4:fd:be:1a:e0:40:02:2b:0a:e2:5f:b7:87:42:
                    12:50:68:6e:15:fb:cb:97:cf:55:b3:a3:5c:54:07:
                    47:2f:80:40:18:93:18:3a:ca:3f:82:ef:90:35:b3:
                    90:cf:3e:f6:ad:1c:b0:9b:20:24:f9:ac:2a:bd:73:
                    b7:b0:4a:c6:b4:2f:41:ca:98:a6:70:91:d4:9e:2d:
                    dc:25:d4:f4:82:c6:eb:d8:6a:e2:54:6d:e4:0b:de:
                    e6:6d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                06:32:F7:09:C9:D9:45:25:D1:FF:FE:59:4D:47:B0:5E:F6:47:42:49
            X509v3 Authority Key Identifier:
                keyid:04:67:A5:62:11:B2:1E:9A:C7:CD:C8:FB:63:9F:31:0A:92:C2:10:4C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BGelYhGyHprHzcj7Y58xCpLCEEw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/045c4b-c0d7-4778-9f44-823ad2c2f5f1/1/BGelYhGyHprHzcj7Y58xCpLCEEw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/045c4b-c0d7-4778-9f44-823ad2c2f5f1/1/BGelYhGyHprHzcj7Y58xCpLCEEw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         c9:6d:67:f4:9d:28:03:e6:b7:cb:c6:2c:9a:3b:cf:d5:da:82:
         57:43:2b:77:da:fb:6f:3d:b6:4b:08:1b:bf:04:ed:ae:72:6d:
         a0:29:81:ab:ee:10:c3:24:bd:0f:d4:b6:c6:cc:f7:db:1c:97:
         8c:d2:1e:b2:89:75:83:c9:33:31:9c:dd:ca:8b:1c:ac:2c:f0:
         90:a2:3d:0a:52:5c:8b:8f:0b:80:97:69:4f:1f:21:c4:6c:d9:
         fa:ac:81:5d:5f:83:b9:28:26:75:d8:7b:d0:01:e7:3b:d3:6c:
         34:3e:28:4e:ff:e7:ab:66:5c:cc:31:43:05:3c:34:5c:5d:cd:
         6b:80:a9:11:d4:7f:eb:a8:99:41:c2:dd:bb:cc:0d:b6:9b:63:
         f1:8f:ea:da:74:e5:d4:62:19:9d:42:42:ce:e5:b1:05:e3:a4:
         10:18:c4:1f:42:19:f4:7e:57:36:c5:c4:ac:05:26:65:f7:65:
         28:40:54:fb:46:62:ff:65:b5:90:fd:9b:5f:76:9a:3d:ef:47:
         fb:85:43:fe:d8:2f:95:01:f1:fe:9c:35:ad:ea:0c:26:c1:78:
         65:06:1f:e0:0f:3f:1a:9e:26:72:2a:fc:1d:dd:88:49:63:44:
         14:38:79:97:0a:15:05:38:52:bb:db:29:c2:df:85:56:25:a8:
         99:06:c7:36
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjWl/JP9rPYcBJrgvr66/08MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA0NjdhNTYyMTFiMjFlOWFjN2NkYzhmYjYzOWYzMTBhOTJj
MjEwNGMwHhcNMjUwODIzMTEwMjE4WhcNMjUwODI0MTEwMjE4WjAzMTEwLwYDVQQD
EygwNjMyZjcwOWM5ZDk0NTI1ZDFmZmZlNTk0ZDQ3YjA1ZWY2NDc0MjQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAukYU5dToDTtGGPukK1uNMsubpG0e
TIXy+hZt6jligh6E+MhE2zBRbiYQ0N0lIlr/EZmPwfv8JmwrgJysMuOZ5uyk3csq
hrXwcyjyQYOOd8GLQH6ESIsjksZEdwfMmUilrY9ZyjRMHUUa/PRvJ0NMyj6R81hl
8w5mu94wUzNmF2pOEuCItTd/4B1m0UCfYVwLSj89mf+WZVzQSAJ9xRUz7OFo/zi4
9P2+GuBAAisK4l+3h0ISUGhuFfvLl89Vs6NcVAdHL4BAGJMYOso/gu+QNbOQzz72
rRywmyAk+awqvXO3sErGtC9BypimcJHUni3cJdT0gsbr2GriVG3kC97mbQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAYy9wnJ2UUl0f/+WU1HsF72R0JJMB8GA1UdIwQY
MBaAFARnpWIRsh6ax83I+2OfMQqSwhBMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQkdlbFloR3lIcHJIemNqN1k1OHhDcExDRUV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZC8wNDVjNGItYzBkNy00Nzc4LTlmNDQt
ODIzYWQyYzJmNWYxLzEvQkdlbFloR3lIcHJIemNqN1k1OHhDcExDRUV3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZC8wNDVjNGItYzBkNy00Nzc4LTlmNDQtODIzYWQyYzJmNWYx
LzEvQkdlbFloR3lIcHJIemNqN1k1OHhDcExDRUV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAyW1n9J0o
A+a3y8YsmjvP1dqCV0Mrd9r7bz22SwgbvwTtrnJtoCmBq+4QwyS9D9S2xsz32xyX
jNIesol1g8kzMZzdyoscrCzwkKI9ClJci48LgJdpTx8hxGzZ+qyBXV+DuSgmddh7
0AHnO9NsND4oTv/nq2ZczDFDBTw0XF3Na4CpEdR/66iZQcLdu8wNtptj8Y/q2nTl
1GIZnUJCzuWxBeOkEBjEH0IZ9H5XNsXErAUmZfdlKEBU+0Zi/2W1kP2bX3aaPe9H
+4VD/tgvlQHx/pw1reoMJsF4ZQYf4A8/Gp4mcir8Hd2ISWNEFDh5lwoVBThSu9sp
wt+FViWomQbHNg==
-----END CERTIFICATE-----
Generated at Sat Aug 23 14:01:07 2025 by rpki-client