Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6f/8d9bb5-b4e5-4344-891b-0807f96ca4a2/1/yyDpqru2GRVGEQI1z3bEg4S0UdA.mft
File:                     yyDpqru2GRVGEQI1z3bEg4S0UdA.mft (raw, json)
Hash identifier:          erYH2rFv0veEVzR7NqSTOS/TeaG+kNugs9A+JmpixCc=
Subject key identifier:   95:06:BC:D6:8C:2B:52:36:56:80:DE:AB:9E:5B:0C:A9:5B:69:3C:D7
Authority key identifier: CB:20:E9:AA:BB:B6:19:15:46:11:02:35:CF:76:C4:83:84:B4:51:D0
Certificate issuer:       /CN=cb20e9aabbb6191546110235cf76c48384b451d0
Certificate serial:       0198D660BF9181B10C76510E3361E3143E9D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/yyDpqru2GRVGEQI1z3bEg4S0UdA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/6f/8d9bb5-b4e5-4344-891b-0807f96ca4a2/1/yyDpqru2GRVGEQI1z3bEg4S0UdA.mft
Manifest number:          0597
Signing time:             Sat 23 Aug 2025 10:02:01 +0000
Manifest this update:     Sat 23 Aug 2025 10:02:01 +0000
Manifest next update:     Sun 24 Aug 2025 10:02:01 +0000
Files and hashes:         1: yyDpqru2GRVGEQI1z3bEg4S0UdA.crl (hash: Dtl5FRqww50HJR4Oqz2MTx4mhBVpY23Er8at+/QtyLI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/6f/8d9bb5-b4e5-4344-891b-0807f96ca4a2/1/yyDpqru2GRVGEQI1z3bEg4S0UdA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/6f/8d9bb5-b4e5-4344-891b-0807f96ca4a2/1/yyDpqru2GRVGEQI1z3bEg4S0UdA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/yyDpqru2GRVGEQI1z3bEg4S0UdA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 05:01:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d6:60:bf:91:81:b1:0c:76:51:0e:33:61:e3:14:3e:9d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cb20e9aabbb6191546110235cf76c48384b451d0
        Validity
            Not Before: Aug 23 10:02:01 2025 GMT
            Not After : Aug 24 10:02:01 2025 GMT
        Subject: CN=9506bcd68c2b52365680deab9e5b0ca95b693cd7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:78:63:c3:31:62:ab:80:37:3d:c3:fe:97:29:
                    53:ff:06:55:2d:fb:cc:af:d3:bd:6c:e9:f8:54:90:
                    61:e7:d8:07:89:e4:3c:21:71:a6:13:ab:14:14:af:
                    63:a7:56:24:3a:2a:97:2b:bb:27:8d:03:9e:a3:85:
                    7b:eb:94:c6:96:0b:fc:f8:26:fc:5a:1c:3e:9d:e2:
                    92:02:ea:c4:57:17:94:5b:68:ac:c3:88:f4:c1:d0:
                    2c:16:bd:10:6b:ec:11:35:1d:09:b7:f2:0f:20:7a:
                    41:c5:c8:59:9d:06:59:1a:bc:1e:f3:d3:6a:f2:e5:
                    43:1e:5d:28:5f:47:07:2d:0a:52:d7:22:3d:15:c8:
                    aa:39:34:31:90:7c:8c:60:e8:b7:32:25:cb:f8:b5:
                    02:32:05:ff:aa:61:49:41:0b:36:8b:ac:81:37:37:
                    01:2b:73:d0:b5:d4:b6:0e:ec:df:78:a1:5f:b6:eb:
                    06:f9:06:d9:09:39:f4:9a:04:5a:24:f5:60:83:95:
                    e9:45:6a:6f:e9:76:58:d5:6b:56:c8:f9:b4:d2:cf:
                    6f:de:c0:aa:bc:1b:74:33:f1:a7:fd:e5:26:ac:b8:
                    98:34:59:14:fd:43:24:9f:c3:77:57:1d:38:8d:41:
                    ed:05:a6:22:6c:5d:dd:6e:1b:3d:68:23:86:57:92:
                    94:93
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                95:06:BC:D6:8C:2B:52:36:56:80:DE:AB:9E:5B:0C:A9:5B:69:3C:D7
            X509v3 Authority Key Identifier:
                keyid:CB:20:E9:AA:BB:B6:19:15:46:11:02:35:CF:76:C4:83:84:B4:51:D0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yyDpqru2GRVGEQI1z3bEg4S0UdA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/8d9bb5-b4e5-4344-891b-0807f96ca4a2/1/yyDpqru2GRVGEQI1z3bEg4S0UdA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/8d9bb5-b4e5-4344-891b-0807f96ca4a2/1/yyDpqru2GRVGEQI1z3bEg4S0UdA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         bc:16:06:28:a5:8c:9c:47:ec:12:d7:45:8a:c0:d9:28:8a:b8:
         0e:a9:fe:f5:76:a6:f3:96:e2:ba:50:28:12:29:d8:4c:84:8e:
         ef:d6:35:34:b1:d3:c0:10:cc:c5:6a:05:0a:bd:ae:43:1e:ca:
         55:fb:69:db:dc:5c:69:53:83:00:1d:2c:f4:f0:96:4a:35:44:
         eb:dd:b6:82:74:6a:e7:14:7d:c8:95:4f:78:41:a0:fd:87:bb:
         c2:91:b3:78:5f:49:cd:4e:6d:ac:d8:81:29:ae:3f:bc:e2:7e:
         bd:f8:e3:b8:a5:0d:57:cb:59:7b:0f:33:96:f3:2c:3d:67:1b:
         30:db:dc:1b:e6:4f:b2:a8:46:31:29:f6:05:77:57:04:a2:3f:
         02:2d:98:07:d4:c8:31:46:bd:65:72:61:ba:a2:6a:52:f5:36:
         30:07:b2:83:be:ab:b0:fe:8b:dc:64:3a:b7:89:4d:f7:72:f3:
         bd:76:01:72:23:79:83:3c:55:ef:36:67:4a:68:7d:85:78:20:
         1d:b0:1c:c3:5f:59:68:01:9a:4f:6a:17:c5:90:5c:f9:bb:6d:
         eb:a3:cd:8e:8c:c7:3e:12:b9:00:59:be:52:cc:10:2b:c8:d5:
         7c:c2:9f:69:5c:81:61:dd:b7:c8:b0:fd:e2:5b:42:7b:79:61:
         f3:09:60:1b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjWYL+RgbEMdlEOM2HjFD6dMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNiMjBlOWFhYmJiNjE5MTU0NjExMDIzNWNmNzZjNDgzODRi
NDUxZDAwHhcNMjUwODIzMTAwMjAxWhcNMjUwODI0MTAwMjAxWjAzMTEwLwYDVQQD
Eyg5NTA2YmNkNjhjMmI1MjM2NTY4MGRlYWI5ZTViMGNhOTViNjkzY2Q3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAunhjwzFiq4A3PcP+lylT/wZVLfvM
r9O9bOn4VJBh59gHieQ8IXGmE6sUFK9jp1YkOiqXK7snjQOeo4V765TGlgv8+Cb8
Whw+neKSAurEVxeUW2isw4j0wdAsFr0Qa+wRNR0Jt/IPIHpBxchZnQZZGrwe89Nq
8uVDHl0oX0cHLQpS1yI9FciqOTQxkHyMYOi3MiXL+LUCMgX/qmFJQQs2i6yBNzcB
K3PQtdS2DuzfeKFftusG+QbZCTn0mgRaJPVgg5XpRWpv6XZY1WtWyPm00s9v3sCq
vBt0M/Gn/eUmrLiYNFkU/UMkn8N3Vx04jUHtBaYibF3dbhs9aCOGV5KUkwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJUGvNaMK1I2VoDeq55bDKlbaTzXMB8GA1UdIwQY
MBaAFMsg6aq7thkVRhECNc92xIOEtFHQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveXlEcHFydTJHUlZHRVFJMXozYkVnNFMwVWRBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Zi84ZDliYjUtYjRlNS00MzQ0LTg5MWIt
MDgwN2Y5NmNhNGEyLzEveXlEcHFydTJHUlZHRVFJMXozYkVnNFMwVWRBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Zi84ZDliYjUtYjRlNS00MzQ0LTg5MWItMDgwN2Y5NmNhNGEy
LzEveXlEcHFydTJHUlZHRVFJMXozYkVnNFMwVWRBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAvBYGKKWM
nEfsEtdFisDZKIq4Dqn+9Xam85biulAoEinYTISO79Y1NLHTwBDMxWoFCr2uQx7K
Vftp29xcaVODAB0s9PCWSjVE6922gnRq5xR9yJVPeEGg/Ye7wpGzeF9JzU5trNiB
Ka4/vOJ+vfjjuKUNV8tZew8zlvMsPWcbMNvcG+ZPsqhGMSn2BXdXBKI/Ai2YB9TI
MUa9ZXJhuqJqUvU2MAeyg76rsP6L3GQ6t4lN93LzvXYBciN5gzxV7zZnSmh9hXgg
HbAcw19ZaAGaT2oXxZBc+btt66PNjozHPhK5AFm+UswQK8jVfMKfaVyBYd23yLD9
4ltCe3lh8wlgGw==
-----END CERTIFICATE-----
Generated at Sat Aug 23 14:00:12 2025 by rpki-client