Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/85/5cc4d6-42fd-4406-84ae-480fd84a841f/1/3W2WGgYrcca_r9m6jqaf3R-mOAI.mft
File:                     3W2WGgYrcca_r9m6jqaf3R-mOAI.mft (raw, json)
Hash identifier:          DlcgrN+vEvmLZ4YoQFnDX4XdsPm3cXBTKXS+aIJjsqk=
Subject key identifier:   D8:F8:81:C5:F1:20:30:35:6D:05:94:E8:B9:57:8C:B2:71:36:33:A8
Authority key identifier: DD:6D:96:1A:06:2B:71:C6:BF:AF:D9:BA:8E:A6:9F:DD:1F:A6:38:02
Certificate issuer:       /CN=dd6d961a062b71c6bfafd9ba8ea69fdd1fa63802
Certificate serial:       0198D5F17EE4662441563DB373A1A8C2D6B7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3W2WGgYrcca_r9m6jqaf3R-mOAI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/85/5cc4d6-42fd-4406-84ae-480fd84a841f/1/3W2WGgYrcca_r9m6jqaf3R-mOAI.mft
Manifest number:          0223
Signing time:             Sat 23 Aug 2025 08:00:30 +0000
Manifest this update:     Sat 23 Aug 2025 08:00:30 +0000
Manifest next update:     Sun 24 Aug 2025 08:00:30 +0000
Files and hashes:         1: 3W2WGgYrcca_r9m6jqaf3R-mOAI.crl (hash: YVgQlEGeXrXGS5/EDViTunA5N4z2VssjbBN/sX31tzA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/85/5cc4d6-42fd-4406-84ae-480fd84a841f/1/3W2WGgYrcca_r9m6jqaf3R-mOAI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/85/5cc4d6-42fd-4406-84ae-480fd84a841f/1/3W2WGgYrcca_r9m6jqaf3R-mOAI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3W2WGgYrcca_r9m6jqaf3R-mOAI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 05:01:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d5:f1:7e:e4:66:24:41:56:3d:b3:73:a1:a8:c2:d6:b7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dd6d961a062b71c6bfafd9ba8ea69fdd1fa63802
        Validity
            Not Before: Aug 23 08:00:30 2025 GMT
            Not After : Aug 24 08:00:30 2025 GMT
        Subject: CN=d8f881c5f12030356d0594e8b9578cb2713633a8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:13:15:2b:e4:9d:00:95:88:9b:d4:91:ab:fc:
                    d2:bb:d6:cd:be:ff:c9:71:6d:45:32:06:a6:54:23:
                    a6:fc:35:93:56:aa:ed:d2:4c:84:11:e5:7e:26:ea:
                    e6:e9:4b:90:53:e5:5d:04:b4:43:95:7f:44:3f:d9:
                    92:59:72:45:bc:c8:fb:b1:ea:8d:34:a4:08:f5:21:
                    d8:f3:cd:66:fb:62:a2:78:3d:2d:09:f0:2d:01:39:
                    a2:73:e9:34:ff:cb:58:1a:65:10:f4:ca:d0:06:e9:
                    52:40:54:c2:14:0e:a8:c9:5b:f6:d7:d8:ab:5d:64:
                    21:c6:fd:1c:01:02:f6:46:0a:88:4f:36:a2:f1:af:
                    f0:4c:fd:55:88:85:33:f2:3f:c7:8e:5d:48:ae:7c:
                    5b:a8:6f:75:a1:36:73:fe:4b:8d:ae:e4:39:1e:b8:
                    27:2f:28:0a:bd:ff:12:68:83:63:5c:c7:89:62:2f:
                    54:e0:fa:04:85:19:d0:3e:4d:92:7b:5d:49:76:15:
                    04:f0:f6:91:af:ff:a6:c5:bd:18:03:8a:b7:22:bf:
                    3f:be:7d:ba:94:4f:88:ac:8d:ac:14:0c:c5:70:77:
                    02:0a:90:e5:3c:79:e1:bc:98:ab:f1:62:fa:33:01:
                    c9:aa:9b:b3:fe:c0:34:2f:c5:86:40:df:e8:5a:b0:
                    66:7d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D8:F8:81:C5:F1:20:30:35:6D:05:94:E8:B9:57:8C:B2:71:36:33:A8
            X509v3 Authority Key Identifier:
                keyid:DD:6D:96:1A:06:2B:71:C6:BF:AF:D9:BA:8E:A6:9F:DD:1F:A6:38:02

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3W2WGgYrcca_r9m6jqaf3R-mOAI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/85/5cc4d6-42fd-4406-84ae-480fd84a841f/1/3W2WGgYrcca_r9m6jqaf3R-mOAI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/85/5cc4d6-42fd-4406-84ae-480fd84a841f/1/3W2WGgYrcca_r9m6jqaf3R-mOAI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         b1:2e:8f:7a:c2:8c:fa:ba:60:dc:85:70:8c:6f:ae:02:be:87:
         ed:98:c9:21:b5:4b:a6:37:6c:04:21:9e:3e:dc:e6:ab:bd:e2:
         3c:cb:4d:7f:12:8f:91:85:04:d7:10:42:3e:75:62:08:eb:3b:
         6e:79:b9:0f:43:69:1d:24:d6:22:d6:0f:1d:8c:e7:c7:0a:a4:
         7d:79:8f:19:84:8c:ae:f8:8d:41:3f:39:a8:5b:b2:09:19:76:
         7e:21:48:95:fb:f4:39:ae:9e:bb:65:01:8e:f1:02:69:4e:f4:
         93:a1:0a:66:55:2c:3b:a3:b8:53:aa:63:73:ab:05:fc:3f:67:
         ba:81:1e:12:70:bc:41:73:53:84:59:c8:2d:89:89:b4:ca:59:
         e6:73:88:01:4e:eb:96:ca:8f:0c:03:31:1a:5c:60:b3:be:f1:
         a6:6e:71:63:f5:02:62:49:79:0c:be:f3:5b:c3:14:33:d7:64:
         92:4c:ba:06:fc:96:86:8a:96:56:9e:af:c9:f4:0f:09:75:6a:
         5f:9d:a7:08:23:ca:c7:10:cf:13:fe:37:e3:d5:1d:3c:89:40:
         a3:23:0a:18:4c:32:82:ab:2e:36:90:81:00:87:54:31:31:87:
         33:f6:9f:cf:aa:38:e4:40:c3:8e:aa:1b:66:14:c8:2b:80:80:
         f7:a9:72:4c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjV8X7kZiRBVj2zc6Gowta3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkNmQ5NjFhMDYyYjcxYzZiZmFmZDliYThlYTY5ZmRkMWZh
NjM4MDIwHhcNMjUwODIzMDgwMDMwWhcNMjUwODI0MDgwMDMwWjAzMTEwLwYDVQQD
EyhkOGY4ODFjNWYxMjAzMDM1NmQwNTk0ZThiOTU3OGNiMjcxMzYzM2E4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuhMVK+SdAJWIm9SRq/zSu9bNvv/J
cW1FMgamVCOm/DWTVqrt0kyEEeV+Jurm6UuQU+VdBLRDlX9EP9mSWXJFvMj7seqN
NKQI9SHY881m+2KieD0tCfAtATmic+k0/8tYGmUQ9MrQBulSQFTCFA6oyVv219ir
XWQhxv0cAQL2RgqITzai8a/wTP1ViIUz8j/Hjl1IrnxbqG91oTZz/kuNruQ5Hrgn
LygKvf8SaINjXMeJYi9U4PoEhRnQPk2Se11JdhUE8PaRr/+mxb0YA4q3Ir8/vn26
lE+IrI2sFAzFcHcCCpDlPHnhvJir8WL6MwHJqpuz/sA0L8WGQN/oWrBmfQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNj4gcXxIDA1bQWU6LlXjLJxNjOoMB8GA1UdIwQY
MBaAFN1tlhoGK3HGv6/Zuo6mn90fpjgCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM1cyV0dnWXJjY2FfcjltNmpxYWYzUi1tT0FJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NS81Y2M0ZDYtNDJmZC00NDA2LTg0YWUt
NDgwZmQ4NGE4NDFmLzEvM1cyV0dnWXJjY2FfcjltNmpxYWYzUi1tT0FJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NS81Y2M0ZDYtNDJmZC00NDA2LTg0YWUtNDgwZmQ4NGE4NDFm
LzEvM1cyV0dnWXJjY2FfcjltNmpxYWYzUi1tT0FJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAsS6PesKM
+rpg3IVwjG+uAr6H7ZjJIbVLpjdsBCGePtzmq73iPMtNfxKPkYUE1xBCPnViCOs7
bnm5D0NpHSTWItYPHYznxwqkfXmPGYSMrviNQT85qFuyCRl2fiFIlfv0Oa6eu2UB
jvECaU70k6EKZlUsO6O4U6pjc6sF/D9nuoEeEnC8QXNThFnILYmJtMpZ5nOIAU7r
lsqPDAMxGlxgs77xpm5xY/UCYkl5DL7zW8MUM9dkkky6BvyWhoqWVp6vyfQPCXVq
X52nCCPKxxDPE/4349UdPIlAoyMKGEwygqsuNpCBAIdUMTGHM/afz6o45EDDjqob
ZhTIK4CA96lyTA==
-----END CERTIFICATE-----
Generated at Sat Aug 23 15:58:08 2025 by rpki-client