Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9a/492bd0-993b-476e-8fac-9de48d43b1db/1/xorAnHI17TE4Ph_ThzkY3RgzNCo.mft
File:                     xorAnHI17TE4Ph_ThzkY3RgzNCo.mft (raw, json)
Hash identifier:          3r2jRoMWNB+Fdq28iU/fE7xS9Jwv1Pw7pWJn/LpZe+c=
Subject key identifier:   49:86:D9:C2:E7:77:57:1C:11:7F:C8:1F:22:32:FA:37:A3:D9:F1:2B
Authority key identifier: C6:8A:C0:9C:72:35:ED:31:38:3E:1F:D3:87:39:18:DD:18:33:34:2A
Certificate issuer:       /CN=c68ac09c7235ed31383e1fd3873918dd1833342a
Certificate serial:       0198D583F5CBE1688EA7CA4452863C445B1F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/xorAnHI17TE4Ph_ThzkY3RgzNCo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/9a/492bd0-993b-476e-8fac-9de48d43b1db/1/xorAnHI17TE4Ph_ThzkY3RgzNCo.mft
Manifest number:          0619
Signing time:             Sat 23 Aug 2025 06:00:51 +0000
Manifest this update:     Sat 23 Aug 2025 06:00:51 +0000
Manifest next update:     Sun 24 Aug 2025 06:00:51 +0000
Files and hashes:         1: xorAnHI17TE4Ph_ThzkY3RgzNCo.crl (hash: Ion2MB8MRpTrYzTD3laVBkkvLgDtH5C0b5vn/3nYy20=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/9a/492bd0-993b-476e-8fac-9de48d43b1db/1/xorAnHI17TE4Ph_ThzkY3RgzNCo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/9a/492bd0-993b-476e-8fac-9de48d43b1db/1/xorAnHI17TE4Ph_ThzkY3RgzNCo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/xorAnHI17TE4Ph_ThzkY3RgzNCo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 05:01:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d5:83:f5:cb:e1:68:8e:a7:ca:44:52:86:3c:44:5b:1f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c68ac09c7235ed31383e1fd3873918dd1833342a
        Validity
            Not Before: Aug 23 06:00:51 2025 GMT
            Not After : Aug 24 06:00:51 2025 GMT
        Subject: CN=4986d9c2e777571c117fc81f2232fa37a3d9f12b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:47:0d:a8:03:a2:be:48:43:94:d7:e8:8e:ce:
                    c8:a9:59:8b:15:0d:c3:47:db:bd:94:34:5a:d9:d5:
                    7e:11:c6:5e:7c:ba:2d:d7:9d:53:bf:6d:4b:99:96:
                    8a:2d:5c:1e:d1:c9:be:00:25:f8:c1:74:27:cf:92:
                    ae:f8:02:a3:dd:fb:20:57:49:58:4f:d0:bc:eb:af:
                    ec:fb:18:fb:ea:68:81:bf:2e:36:07:7d:79:29:4c:
                    97:32:b2:88:30:38:18:8e:15:3f:6f:bb:62:43:10:
                    1c:b3:2e:2f:f5:88:5c:26:d7:39:c1:7f:d5:f6:44:
                    50:41:5c:9a:52:d8:fc:03:9b:37:35:0c:88:ad:e1:
                    78:30:6a:e3:b0:b4:a3:5d:90:d4:2e:c0:12:bf:3a:
                    90:80:01:d4:62:00:d7:8d:b9:84:9a:d9:d2:a3:53:
                    74:c6:e8:76:dd:50:eb:c2:d5:47:c4:83:75:b8:4c:
                    2a:cf:c6:97:c2:bb:b9:5b:1c:e6:eb:36:1f:44:0e:
                    a0:8a:99:4c:0a:9a:04:f5:82:42:e2:cd:ee:ec:7a:
                    10:67:6a:8a:f5:47:84:a3:aa:a4:3b:38:98:51:d9:
                    b0:9f:0f:ba:13:ee:25:c7:e4:23:dc:90:db:a4:94:
                    70:e7:e1:45:6f:d4:e7:0c:34:38:2b:bb:7c:54:76:
                    6f:1b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                49:86:D9:C2:E7:77:57:1C:11:7F:C8:1F:22:32:FA:37:A3:D9:F1:2B
            X509v3 Authority Key Identifier:
                keyid:C6:8A:C0:9C:72:35:ED:31:38:3E:1F:D3:87:39:18:DD:18:33:34:2A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xorAnHI17TE4Ph_ThzkY3RgzNCo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/492bd0-993b-476e-8fac-9de48d43b1db/1/xorAnHI17TE4Ph_ThzkY3RgzNCo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/492bd0-993b-476e-8fac-9de48d43b1db/1/xorAnHI17TE4Ph_ThzkY3RgzNCo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         57:91:61:58:c1:aa:88:f8:38:c5:96:2a:e8:19:67:dd:09:a8:
         84:15:32:11:15:fa:a6:5f:84:7b:4a:4f:08:1a:02:a5:1b:1b:
         bd:79:09:21:55:48:26:34:db:9d:53:94:23:48:5f:d0:f9:b1:
         4e:a3:a8:49:15:69:72:af:e8:c6:b1:f1:b1:02:8e:3f:5f:4e:
         fa:58:ab:43:6b:91:aa:22:1b:77:ff:b2:7b:a2:f9:39:44:97:
         ac:ce:12:a8:b0:85:17:f2:67:5c:b7:32:b0:15:73:28:93:bd:
         ca:3e:34:db:66:e7:e5:89:a7:c9:1e:ff:4b:5b:5f:75:25:6f:
         b7:3c:8a:c1:99:4a:e5:4b:8b:79:64:c1:90:8c:a1:0c:f8:8f:
         0d:f9:49:4f:4c:9e:4b:f3:b4:52:06:d6:f8:c7:5a:0b:fb:7a:
         fa:9b:5a:20:06:c7:37:17:8a:82:b5:34:d3:b6:ff:00:57:22:
         11:01:0b:81:68:17:c6:40:f8:c0:2b:2a:03:2b:a0:44:e3:13:
         2b:6e:21:a3:0c:20:c6:44:95:c9:79:7c:6c:34:ca:b0:1e:f3:
         c4:24:68:63:aa:05:bd:75:14:5e:c0:e8:58:09:49:0f:7a:45:
         90:3f:64:3f:87:51:32:59:5a:33:56:83:8e:78:27:bc:43:c1:
         e8:9a:26:85
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjVg/XL4WiOp8pEUoY8RFsfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2OGFjMDljNzIzNWVkMzEzODNlMWZkMzg3MzkxOGRkMTgz
MzM0MmEwHhcNMjUwODIzMDYwMDUxWhcNMjUwODI0MDYwMDUxWjAzMTEwLwYDVQQD
Eyg0OTg2ZDljMmU3Nzc1NzFjMTE3ZmM4MWYyMjMyZmEzN2EzZDlmMTJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArEcNqAOivkhDlNfojs7IqVmLFQ3D
R9u9lDRa2dV+EcZefLot151Tv21LmZaKLVwe0cm+ACX4wXQnz5Ku+AKj3fsgV0lY
T9C866/s+xj76miBvy42B315KUyXMrKIMDgYjhU/b7tiQxAcsy4v9YhcJtc5wX/V
9kRQQVyaUtj8A5s3NQyIreF4MGrjsLSjXZDULsASvzqQgAHUYgDXjbmEmtnSo1N0
xuh23VDrwtVHxIN1uEwqz8aXwru5Wxzm6zYfRA6giplMCpoE9YJC4s3u7HoQZ2qK
9UeEo6qkOziYUdmwnw+6E+4lx+Qj3JDbpJRw5+FFb9TnDDQ4K7t8VHZvGwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEmG2cLnd1ccEX/IHyIy+jej2fErMB8GA1UdIwQY
MBaAFMaKwJxyNe0xOD4f04c5GN0YMzQqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG9yQW5ISTE3VEU0UGhfVGh6a1kzUmd6TkNvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85YS80OTJiZDAtOTkzYi00NzZlLThmYWMt
OWRlNDhkNDNiMWRiLzEveG9yQW5ISTE3VEU0UGhfVGh6a1kzUmd6TkNvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85YS80OTJiZDAtOTkzYi00NzZlLThmYWMtOWRlNDhkNDNiMWRi
LzEveG9yQW5ISTE3VEU0UGhfVGh6a1kzUmd6TkNvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAV5FhWMGq
iPg4xZYq6Bln3QmohBUyERX6pl+Ee0pPCBoCpRsbvXkJIVVIJjTbnVOUI0hf0Pmx
TqOoSRVpcq/oxrHxsQKOP19O+lirQ2uRqiIbd/+ye6L5OUSXrM4SqLCFF/JnXLcy
sBVzKJO9yj4022bn5YmnyR7/S1tfdSVvtzyKwZlK5UuLeWTBkIyhDPiPDflJT0ye
S/O0UgbW+MdaC/t6+ptaIAbHNxeKgrU007b/AFciEQELgWgXxkD4wCsqAyugROMT
K24howwgxkSVyXl8bDTKsB7zxCRoY6oFvXUUXsDoWAlJD3pFkD9kP4dRMllaM1aD
jngnvEPB6JomhQ==
-----END CERTIFICATE-----
Generated at Sat Aug 23 14:01:13 2025 by rpki-client