Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/68/97d09b-e5e1-47f8-b25f-8a92e09bfe1b/1/R3BGWvTHI2RwAFnnll08iepGPNc.mft
File:                     R3BGWvTHI2RwAFnnll08iepGPNc.mft (raw, json)
Hash identifier:          733D7xk+4WD0p4qcJM30nZOAxNqvqGYETa7D3bktES0=
Subject key identifier:   E0:7E:C6:BE:5C:76:ED:AA:14:E9:65:8A:28:9E:71:E3:DA:A8:AF:CF
Authority key identifier: 47:70:46:5A:F4:C7:23:64:70:00:59:E7:96:5D:3C:89:EA:46:3C:D7
Certificate issuer:       /CN=4770465af4c72364700059e7965d3c89ea463cd7
Certificate serial:       0198D65F034D3D985FA1ECF65C4C4E83AC1F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/R3BGWvTHI2RwAFnnll08iepGPNc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/68/97d09b-e5e1-47f8-b25f-8a92e09bfe1b/1/R3BGWvTHI2RwAFnnll08iepGPNc.mft
Manifest number:          1000
Signing time:             Sat 23 Aug 2025 10:00:07 +0000
Manifest this update:     Sat 23 Aug 2025 10:00:07 +0000
Manifest next update:     Sun 24 Aug 2025 10:00:07 +0000
Files and hashes:         1: R3BGWvTHI2RwAFnnll08iepGPNc.crl (hash: hvtNQmmHdK8NboJcEXuYlsj0OD9FVzoxnmn04AZznCA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/68/97d09b-e5e1-47f8-b25f-8a92e09bfe1b/1/R3BGWvTHI2RwAFnnll08iepGPNc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/68/97d09b-e5e1-47f8-b25f-8a92e09bfe1b/1/R3BGWvTHI2RwAFnnll08iepGPNc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/R3BGWvTHI2RwAFnnll08iepGPNc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 05:01:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d6:5f:03:4d:3d:98:5f:a1:ec:f6:5c:4c:4e:83:ac:1f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4770465af4c72364700059e7965d3c89ea463cd7
        Validity
            Not Before: Aug 23 10:00:07 2025 GMT
            Not After : Aug 24 10:00:07 2025 GMT
        Subject: CN=e07ec6be5c76edaa14e9658a289e71e3daa8afcf
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:3a:2b:c4:a9:d1:e0:fc:48:fd:df:79:01:58:
                    9b:92:04:74:32:72:6f:07:f1:6c:7d:77:05:ff:08:
                    50:75:3e:00:59:e0:75:17:43:f2:c3:1b:b3:aa:7c:
                    20:e7:60:6e:0b:ac:f6:85:66:70:50:e9:8a:fd:88:
                    c9:3b:66:63:45:b1:b1:33:a4:40:b6:e1:44:5e:0b:
                    46:62:13:53:86:ac:85:ad:8f:1d:14:8f:a7:59:e0:
                    14:49:25:bb:55:64:8b:da:a7:21:8b:71:4a:f5:55:
                    d4:9a:11:63:f3:ec:91:9f:ef:7c:84:8e:b0:36:6c:
                    0f:6a:ab:28:f4:ab:65:4d:37:86:61:1f:a2:26:f1:
                    c6:86:1e:17:c5:64:49:11:ba:a3:40:61:61:c4:2b:
                    7e:c8:45:6d:bf:0f:e9:82:4a:8c:b2:fd:d8:4e:ae:
                    5c:19:fa:dd:bc:2b:c2:3d:9d:9f:b8:7a:c7:15:89:
                    67:21:41:2b:6f:03:23:4b:f9:1d:02:58:14:84:41:
                    d2:86:0d:18:14:1a:05:bf:b5:77:46:60:51:7c:29:
                    28:2a:31:17:23:68:a7:41:0c:9d:b6:c9:3e:6c:d8:
                    c2:d7:51:55:c4:3a:04:35:e1:87:7e:ca:7c:4b:9d:
                    a7:ac:55:cd:0c:17:6e:7a:2b:bc:37:3e:ea:95:c2:
                    98:8d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E0:7E:C6:BE:5C:76:ED:AA:14:E9:65:8A:28:9E:71:E3:DA:A8:AF:CF
            X509v3 Authority Key Identifier:
                keyid:47:70:46:5A:F4:C7:23:64:70:00:59:E7:96:5D:3C:89:EA:46:3C:D7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/R3BGWvTHI2RwAFnnll08iepGPNc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/68/97d09b-e5e1-47f8-b25f-8a92e09bfe1b/1/R3BGWvTHI2RwAFnnll08iepGPNc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/68/97d09b-e5e1-47f8-b25f-8a92e09bfe1b/1/R3BGWvTHI2RwAFnnll08iepGPNc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         23:39:ce:27:c3:ae:d7:0e:15:f1:97:4a:4b:a3:3b:0a:d9:01:
         38:7d:dd:63:a8:6a:f2:93:f4:41:be:3e:7a:80:69:d2:6a:f4:
         4e:a4:e1:ac:cb:7a:f6:0f:d6:78:d8:52:8b:13:d3:7d:97:b8:
         52:a0:ae:71:d8:16:ed:a3:be:14:af:c8:af:4a:58:ce:15:65:
         99:79:9b:15:4d:cf:93:91:d1:fb:d3:f9:80:f3:53:cc:0f:f5:
         f4:b7:f4:8d:4d:6b:a7:b5:db:b9:e7:54:0d:68:f0:ed:a3:3c:
         7b:ac:b6:7e:ea:79:95:bf:f4:2d:d7:b8:cc:69:09:e2:b3:94:
         fa:23:5d:95:fe:f3:41:c8:30:b7:3f:f3:cc:04:de:04:64:99:
         dd:8b:90:48:c3:15:c1:91:1c:07:e3:47:d2:c5:ac:4a:3f:09:
         03:8b:ce:46:8c:cf:6f:04:5b:d3:da:7a:e5:64:8f:0c:a8:b7:
         f9:6e:21:7c:ee:41:67:da:73:d5:cf:ae:68:a9:a1:e4:3e:e7:
         e6:da:30:7b:87:a2:51:de:b3:87:4a:71:e9:cd:cb:43:9f:41:
         04:a0:4f:d7:0b:4c:92:9e:b9:b6:1d:8e:99:ec:c9:ab:d2:45:
         83:3a:2a:8a:bb:6c:49:01:88:6b:9b:99:e0:9d:32:f4:2f:01:
         dc:a7:94:6c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjWXwNNPZhfoez2XExOg6wfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ3NzA0NjVhZjRjNzIzNjQ3MDAwNTllNzk2NWQzYzg5ZWE0
NjNjZDcwHhcNMjUwODIzMTAwMDA3WhcNMjUwODI0MTAwMDA3WjAzMTEwLwYDVQQD
EyhlMDdlYzZiZTVjNzZlZGFhMTRlOTY1OGEyODllNzFlM2RhYThhZmNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtjorxKnR4PxI/d95AVibkgR0MnJv
B/FsfXcF/whQdT4AWeB1F0Pywxuzqnwg52BuC6z2hWZwUOmK/YjJO2ZjRbGxM6RA
tuFEXgtGYhNThqyFrY8dFI+nWeAUSSW7VWSL2qchi3FK9VXUmhFj8+yRn+98hI6w
NmwPaqso9KtlTTeGYR+iJvHGhh4XxWRJEbqjQGFhxCt+yEVtvw/pgkqMsv3YTq5c
GfrdvCvCPZ2fuHrHFYlnIUErbwMjS/kdAlgUhEHShg0YFBoFv7V3RmBRfCkoKjEX
I2inQQydtsk+bNjC11FVxDoENeGHfsp8S52nrFXNDBdueiu8Nz7qlcKYjQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOB+xr5cdu2qFOlliiiecePaqK/PMB8GA1UdIwQY
MBaAFEdwRlr0xyNkcABZ55ZdPInqRjzXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUjNCR1d2VEhJMlJ3QUZubmxsMDhpZXBHUE5jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OC85N2QwOWItZTVlMS00N2Y4LWIyNWYt
OGE5MmUwOWJmZTFiLzEvUjNCR1d2VEhJMlJ3QUZubmxsMDhpZXBHUE5jLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OC85N2QwOWItZTVlMS00N2Y4LWIyNWYtOGE5MmUwOWJmZTFi
LzEvUjNCR1d2VEhJMlJ3QUZubmxsMDhpZXBHUE5jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAIznOJ8Ou
1w4V8ZdKS6M7CtkBOH3dY6hq8pP0Qb4+eoBp0mr0TqThrMt69g/WeNhSixPTfZe4
UqCucdgW7aO+FK/Ir0pYzhVlmXmbFU3Pk5HR+9P5gPNTzA/19Lf0jU1rp7XbuedU
DWjw7aM8e6y2fup5lb/0Lde4zGkJ4rOU+iNdlf7zQcgwtz/zzATeBGSZ3YuQSMMV
wZEcB+NH0sWsSj8JA4vORozPbwRb09p65WSPDKi3+W4hfO5BZ9pz1c+uaKmh5D7n
5towe4eiUd6zh0px6c3LQ59BBKBP1wtMkp65th2OmezJq9JFgzoqirtsSQGIa5uZ
4J0y9C8B3KeUbA==
-----END CERTIFICATE-----
Generated at Sat Aug 23 14:02:15 2025 by rpki-client