Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/54/dc64f4-cfba-4efd-b4ed-676bedb17473/1/0-2n3wX226CeOefUvex7rg7_urA.mft
File:                     0-2n3wX226CeOefUvex7rg7_urA.mft (raw, json)
Hash identifier:          VqOmeLCTnLRDkWJPJVngi1cYs9TqdMQr2o4ZN7fm0EA=
Subject key identifier:   F3:C3:9E:A4:52:63:28:2A:39:62:5C:59:6E:F5:78:B4:9D:5B:4C:D6
Authority key identifier: D3:ED:A7:DF:05:F6:DB:A0:9E:39:E7:D4:BD:EC:7B:AE:0E:FF:BA:B0
Certificate issuer:       /CN=d3eda7df05f6dba09e39e7d4bdec7bae0effbab0
Certificate serial:       0198D54EA65467999404B98342F03464259E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/0-2n3wX226CeOefUvex7rg7_urA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/54/dc64f4-cfba-4efd-b4ed-676bedb17473/1/0-2n3wX226CeOefUvex7rg7_urA.mft
Manifest number:          0352
Signing time:             Sat 23 Aug 2025 05:02:38 +0000
Manifest this update:     Sat 23 Aug 2025 05:02:38 +0000
Manifest next update:     Sun 24 Aug 2025 05:02:38 +0000
Files and hashes:         1: 0-2n3wX226CeOefUvex7rg7_urA.crl (hash: 0gCck0Pe51km3oe8r67bi2tqlXcY8UF7pPbeRFDvMNk=)
                          2: mFUkKUV2j8Fct1DGbVQJTzcA0ig.roa (hash: bNr/zF64vk+SVTrKPbIdCfqu6Sowa5lS9V4LG/Ns2g0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/54/dc64f4-cfba-4efd-b4ed-676bedb17473/1/0-2n3wX226CeOefUvex7rg7_urA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/54/dc64f4-cfba-4efd-b4ed-676bedb17473/1/0-2n3wX226CeOefUvex7rg7_urA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/0-2n3wX226CeOefUvex7rg7_urA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 05:01:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d5:4e:a6:54:67:99:94:04:b9:83:42:f0:34:64:25:9e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d3eda7df05f6dba09e39e7d4bdec7bae0effbab0
        Validity
            Not Before: Aug 23 05:02:38 2025 GMT
            Not After : Aug 24 05:02:38 2025 GMT
        Subject: CN=f3c39ea45263282a39625c596ef578b49d5b4cd6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ea:28:8c:73:f8:f7:07:98:e4:c5:d2:24:e2:44:
                    f7:49:7d:b0:e0:ec:e1:37:fe:53:da:33:e5:6e:0f:
                    61:ba:c5:50:43:ce:20:34:e7:1b:54:a1:99:0a:46:
                    3e:59:3d:10:2b:01:22:f8:41:03:5e:7b:6a:8a:0c:
                    3c:7a:f5:65:02:31:d5:68:6a:bf:03:5f:43:de:76:
                    22:90:4b:de:48:a4:ce:3a:0f:d7:dc:b5:11:61:c0:
                    96:d3:f7:36:51:89:8a:9d:3a:94:72:e1:2c:5a:dd:
                    f7:1e:f0:bf:d8:39:cf:f4:a9:7f:28:46:01:20:86:
                    7a:1f:12:9c:71:bf:91:26:2b:ff:0d:ee:33:ec:58:
                    a4:96:39:40:53:a8:99:91:d2:0b:85:d8:ca:76:54:
                    be:1e:b9:27:75:16:25:f6:55:a2:fd:37:7a:23:6e:
                    e1:2f:ef:96:b4:20:79:dc:ce:23:22:d1:16:73:d2:
                    99:b9:30:59:b0:b5:c6:2d:28:e7:a9:5e:13:79:cd:
                    0d:eb:35:34:a9:c5:05:40:94:95:a8:21:97:f1:3b:
                    de:06:d9:37:b5:2d:e1:aa:99:63:22:8e:7e:8f:43:
                    bb:ca:73:39:1a:cf:1c:f2:e8:33:63:52:16:62:c3:
                    76:79:d3:15:04:d8:95:9b:97:f1:9c:da:26:f2:54:
                    99:51
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F3:C3:9E:A4:52:63:28:2A:39:62:5C:59:6E:F5:78:B4:9D:5B:4C:D6
            X509v3 Authority Key Identifier:
                keyid:D3:ED:A7:DF:05:F6:DB:A0:9E:39:E7:D4:BD:EC:7B:AE:0E:FF:BA:B0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0-2n3wX226CeOefUvex7rg7_urA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/54/dc64f4-cfba-4efd-b4ed-676bedb17473/1/0-2n3wX226CeOefUvex7rg7_urA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/54/dc64f4-cfba-4efd-b4ed-676bedb17473/1/0-2n3wX226CeOefUvex7rg7_urA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         51:a6:9a:b6:9c:f4:25:77:e6:50:74:12:a9:61:34:17:8c:3c:
         f3:df:f8:05:dc:e7:c3:da:4d:89:92:c4:9e:59:a4:61:5e:0f:
         0a:b4:fa:fe:2f:09:90:aa:ae:0b:2b:86:0f:eb:66:ee:29:f9:
         1f:1b:84:20:d8:3c:1d:1b:af:57:06:6a:7d:58:ee:d6:3f:33:
         08:32:a5:45:19:90:60:4d:18:b2:e6:69:78:13:b2:01:60:3f:
         64:e2:d2:86:f5:12:58:f3:19:5d:8b:cb:2d:ea:85:7f:69:c3:
         6b:e2:ef:e6:35:a4:e4:52:48:51:30:83:50:e8:45:05:26:af:
         4b:4f:58:a6:f4:01:24:8d:ed:d6:f4:ed:3c:38:2b:82:c1:43:
         de:f5:b2:d7:e6:29:4a:42:d8:ce:3f:39:a8:aa:07:81:de:10:
         9b:62:1d:7a:8d:3c:b7:90:61:0b:c5:b2:3b:5c:e9:39:dc:59:
         b6:da:df:8d:22:2f:ec:92:b8:97:87:ab:f0:db:87:20:c8:39:
         71:0e:61:5f:d4:21:ae:cd:95:b3:88:da:2f:f0:eb:6a:eb:3b:
         87:1b:21:2b:27:72:41:68:f0:c2:8b:8a:58:1b:64:1b:8a:d0:
         d2:ff:7f:d8:1c:fb:81:c6:fd:1f:1d:46:78:09:90:ef:ce:bb:
         6b:73:3d:9f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjVTqZUZ5mUBLmDQvA0ZCWeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzZWRhN2RmMDVmNmRiYTA5ZTM5ZTdkNGJkZWM3YmFlMGVm
ZmJhYjAwHhcNMjUwODIzMDUwMjM4WhcNMjUwODI0MDUwMjM4WjAzMTEwLwYDVQQD
EyhmM2MzOWVhNDUyNjMyODJhMzk2MjVjNTk2ZWY1NzhiNDlkNWI0Y2Q2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6iiMc/j3B5jkxdIk4kT3SX2w4Ozh
N/5T2jPlbg9husVQQ84gNOcbVKGZCkY+WT0QKwEi+EEDXntqigw8evVlAjHVaGq/
A19D3nYikEveSKTOOg/X3LURYcCW0/c2UYmKnTqUcuEsWt33HvC/2DnP9Kl/KEYB
IIZ6HxKccb+RJiv/De4z7FikljlAU6iZkdILhdjKdlS+HrkndRYl9lWi/Td6I27h
L++WtCB53M4jItEWc9KZuTBZsLXGLSjnqV4Tec0N6zU0qcUFQJSVqCGX8TveBtk3
tS3hqpljIo5+j0O7ynM5Gs8c8ugzY1IWYsN2edMVBNiVm5fxnNom8lSZUQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPPDnqRSYygqOWJcWW71eLSdW0zWMB8GA1UdIwQY
MBaAFNPtp98F9tugnjnn1L3se64O/7qwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMC0ybjN3WDIyNkNlT2VmVXZleDdyZzdfdXJBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NC9kYzY0ZjQtY2ZiYS00ZWZkLWI0ZWQt
Njc2YmVkYjE3NDczLzEvMC0ybjN3WDIyNkNlT2VmVXZleDdyZzdfdXJBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NC9kYzY0ZjQtY2ZiYS00ZWZkLWI0ZWQtNjc2YmVkYjE3NDcz
LzEvMC0ybjN3WDIyNkNlT2VmVXZleDdyZzdfdXJBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAUaaatpz0
JXfmUHQSqWE0F4w889/4Bdznw9pNiZLEnlmkYV4PCrT6/i8JkKquCyuGD+tm7in5
HxuEINg8HRuvVwZqfVju1j8zCDKlRRmQYE0YsuZpeBOyAWA/ZOLShvUSWPMZXYvL
LeqFf2nDa+Lv5jWk5FJIUTCDUOhFBSavS09YpvQBJI3t1vTtPDgrgsFD3vWy1+Yp
SkLYzj85qKoHgd4Qm2Ideo08t5BhC8WyO1zpOdxZttrfjSIv7JK4l4er8NuHIMg5
cQ5hX9Qhrs2Vs4jaL/Draus7hxshKydyQWjwwouKWBtkG4rQ0v9/2Bz7gcb9Hx1G
eAmQ7867a3M9nw==
-----END CERTIFICATE-----
Generated at Sat Aug 23 14:02:37 2025 by rpki-client