Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/83/c3e03d-a4db-4050-906c-56294c708faf/1/GhgxUqZBpAN71soKarQcukbaV9s.mft
File:                     GhgxUqZBpAN71soKarQcukbaV9s.mft (raw, json)
Hash identifier:          e8yyAUjQ1/nNr3dH8MvK+Su3fanV5DIGFFHiLlkKrxI=
Subject key identifier:   F9:90:8F:EB:4C:BB:ED:D9:09:CA:B0:7E:F5:09:58:39:14:C1:64:E3
Authority key identifier: 1A:18:31:52:A6:41:A4:03:7B:D6:CA:0A:6A:B4:1C:BA:46:DA:57:DB
Certificate issuer:       /CN=1a183152a641a4037bd6ca0a6ab41cba46da57db
Certificate serial:       0198D65F34CF7F863AA5130C20F12C34AFB1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/GhgxUqZBpAN71soKarQcukbaV9s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/83/c3e03d-a4db-4050-906c-56294c708faf/1/GhgxUqZBpAN71soKarQcukbaV9s.mft
Manifest number:          0F6C
Signing time:             Sat 23 Aug 2025 10:00:20 +0000
Manifest this update:     Sat 23 Aug 2025 10:00:20 +0000
Manifest next update:     Sun 24 Aug 2025 10:00:20 +0000
Files and hashes:         1: GhgxUqZBpAN71soKarQcukbaV9s.crl (hash: skHM9S7dHFHFQykTxZR/heJCZEGqf1yq0sNC3hv/Fu4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/83/c3e03d-a4db-4050-906c-56294c708faf/1/GhgxUqZBpAN71soKarQcukbaV9s.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/83/c3e03d-a4db-4050-906c-56294c708faf/1/GhgxUqZBpAN71soKarQcukbaV9s.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/GhgxUqZBpAN71soKarQcukbaV9s.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 05:01:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d6:5f:34:cf:7f:86:3a:a5:13:0c:20:f1:2c:34:af:b1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1a183152a641a4037bd6ca0a6ab41cba46da57db
        Validity
            Not Before: Aug 23 10:00:20 2025 GMT
            Not After : Aug 24 10:00:20 2025 GMT
        Subject: CN=f9908feb4cbbedd909cab07ef509583914c164e3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cb:95:62:40:d7:8b:db:7f:74:2b:7b:10:3b:15:
                    ff:93:4c:aa:f7:14:87:69:47:ee:d0:84:6b:6e:3b:
                    6f:c1:9f:f0:b2:ee:2a:a9:a5:13:9d:a1:26:58:b5:
                    ad:c1:c2:61:95:07:33:fe:72:9a:e8:4b:27:ad:7f:
                    9b:34:94:e8:75:81:ca:8b:0e:2c:25:63:c2:db:b8:
                    d1:23:bd:f1:7f:8c:d2:81:d5:b1:64:50:fe:de:3d:
                    27:bf:87:6d:7d:14:be:6a:79:f8:4b:7b:dc:8c:f8:
                    7e:56:26:b1:b1:c7:84:cb:27:fe:9f:7f:0c:b6:7f:
                    e0:c2:d7:2b:83:3e:28:4e:ef:1b:f3:1e:ae:3a:fc:
                    9d:40:a3:86:b0:e5:20:17:c5:b8:2d:85:be:a8:fb:
                    58:54:63:a5:35:6f:85:d1:4c:b3:49:e6:82:52:e6:
                    37:9f:7f:e3:dc:94:9b:30:eb:6f:0d:90:e5:ec:b2:
                    9d:9a:d5:ea:a8:ac:26:3e:96:13:b6:02:b4:5b:18:
                    ab:95:f8:ac:a6:8b:f9:c5:22:0b:5d:03:06:b2:34:
                    18:e3:71:5e:f2:4c:81:8b:ec:9e:9c:e7:36:6b:0d:
                    44:cd:47:67:d1:e1:32:26:6e:0a:42:70:b9:81:6c:
                    12:3d:42:92:79:a5:1e:27:da:e8:42:8d:c4:da:3d:
                    44:53
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F9:90:8F:EB:4C:BB:ED:D9:09:CA:B0:7E:F5:09:58:39:14:C1:64:E3
            X509v3 Authority Key Identifier:
                keyid:1A:18:31:52:A6:41:A4:03:7B:D6:CA:0A:6A:B4:1C:BA:46:DA:57:DB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GhgxUqZBpAN71soKarQcukbaV9s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/83/c3e03d-a4db-4050-906c-56294c708faf/1/GhgxUqZBpAN71soKarQcukbaV9s.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/83/c3e03d-a4db-4050-906c-56294c708faf/1/GhgxUqZBpAN71soKarQcukbaV9s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         41:30:74:0d:75:78:fb:64:3c:65:90:bd:ea:67:46:67:50:0b:
         bb:0a:0f:50:ed:24:c2:5b:d5:bd:ac:b3:bd:16:6c:20:80:b7:
         85:75:84:d6:93:dd:79:1c:08:2c:1d:18:89:df:bf:f9:b5:84:
         78:c8:c0:b0:b9:c8:76:ea:88:c0:1b:1e:05:6d:4d:85:00:74:
         ba:ac:82:24:9d:79:49:4c:99:8d:25:4c:56:35:93:85:75:2d:
         0e:01:80:b9:c4:71:aa:25:58:b9:22:23:2c:33:07:d6:2b:f5:
         13:ae:94:34:3d:d3:d6:1f:c8:3e:a3:a1:35:fd:63:c1:88:2f:
         3e:ca:fe:10:fe:98:8a:3a:2e:ab:65:71:66:b2:99:d0:28:ac:
         56:64:df:98:98:c6:a7:d0:c0:ce:25:ea:2c:47:15:ac:fd:78:
         57:63:f1:97:ba:3a:e0:ba:f3:50:86:91:e7:78:09:14:68:6c:
         e0:e5:3a:6e:e7:4b:20:f8:fa:32:9c:ae:ca:7c:f7:88:21:13:
         f5:2a:ea:84:94:53:97:3d:22:a9:2a:cd:c4:12:36:51:a9:13:
         e6:5f:8e:f5:9c:3a:70:bd:fd:fb:27:48:4f:56:91:ad:7a:35:
         f7:4b:58:9b:98:ed:af:5c:0a:82:93:8d:fb:22:3a:35:84:16:
         90:44:1f:9d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjWXzTPf4Y6pRMMIPEsNK+xMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFhMTgzMTUyYTY0MWE0MDM3YmQ2Y2EwYTZhYjQxY2JhNDZk
YTU3ZGIwHhcNMjUwODIzMTAwMDIwWhcNMjUwODI0MTAwMDIwWjAzMTEwLwYDVQQD
EyhmOTkwOGZlYjRjYmJlZGQ5MDljYWIwN2VmNTA5NTgzOTE0YzE2NGUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy5ViQNeL2390K3sQOxX/k0yq9xSH
aUfu0IRrbjtvwZ/wsu4qqaUTnaEmWLWtwcJhlQcz/nKa6EsnrX+bNJTodYHKiw4s
JWPC27jRI73xf4zSgdWxZFD+3j0nv4dtfRS+ann4S3vcjPh+ViaxsceEyyf+n38M
tn/gwtcrgz4oTu8b8x6uOvydQKOGsOUgF8W4LYW+qPtYVGOlNW+F0UyzSeaCUuY3
n3/j3JSbMOtvDZDl7LKdmtXqqKwmPpYTtgK0Wxirlfispov5xSILXQMGsjQY43Fe
8kyBi+yenOc2aw1EzUdn0eEyJm4KQnC5gWwSPUKSeaUeJ9roQo3E2j1EUwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPmQj+tMu+3ZCcqwfvUJWDkUwWTjMB8GA1UdIwQY
MBaAFBoYMVKmQaQDe9bKCmq0HLpG2lfbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR2hneFVxWkJwQU43MXNvS2FyUWN1a2JhVjlzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84My9jM2UwM2QtYTRkYi00MDUwLTkwNmMt
NTYyOTRjNzA4ZmFmLzEvR2hneFVxWkJwQU43MXNvS2FyUWN1a2JhVjlzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84My9jM2UwM2QtYTRkYi00MDUwLTkwNmMtNTYyOTRjNzA4ZmFm
LzEvR2hneFVxWkJwQU43MXNvS2FyUWN1a2JhVjlzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQTB0DXV4
+2Q8ZZC96mdGZ1ALuwoPUO0kwlvVvayzvRZsIIC3hXWE1pPdeRwILB0Yid+/+bWE
eMjAsLnIduqIwBseBW1NhQB0uqyCJJ15SUyZjSVMVjWThXUtDgGAucRxqiVYuSIj
LDMH1iv1E66UND3T1h/IPqOhNf1jwYgvPsr+EP6Yijouq2VxZrKZ0CisVmTfmJjG
p9DAziXqLEcVrP14V2Pxl7o64LrzUIaR53gJFGhs4OU6budLIPj6Mpyuynz3iCET
9SrqhJRTlz0iqSrNxBI2UakT5l+O9Zw6cL39+ydIT1aRrXo190tYm5jtr1wKgpON
+yI6NYQWkEQfnQ==
-----END CERTIFICATE-----
Generated at Sat Aug 23 14:03:16 2025 by rpki-client