Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d8/39e0d9-52a2-437c-895f-4c582c28fba3/1/z6XOwUOirx7RwtmWlvHxaH9Fhkk.mft
File:                     z6XOwUOirx7RwtmWlvHxaH9Fhkk.mft (raw, json)
Hash identifier:          G727Eo5RnkJpKKU+KrMn3Qou9pXTxeEqWjr/xvqi1/I=
Subject key identifier:   D0:98:DC:A7:BB:12:13:85:5E:09:53:A3:42:8B:07:9A:54:45:1A:AB
Authority key identifier: CF:A5:CE:C1:43:A2:AF:1E:D1:C2:D9:96:96:F1:F1:68:7F:45:86:49
Certificate issuer:       /CN=cfa5cec143a2af1ed1c2d99696f1f1687f458649
Certificate serial:       0198D6600FC26DEA171FFD8D20C998C1229B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/z6XOwUOirx7RwtmWlvHxaH9Fhkk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d8/39e0d9-52a2-437c-895f-4c582c28fba3/1/z6XOwUOirx7RwtmWlvHxaH9Fhkk.mft
Manifest number:          1647
Signing time:             Sat 23 Aug 2025 10:01:16 +0000
Manifest this update:     Sat 23 Aug 2025 10:01:16 +0000
Manifest next update:     Sun 24 Aug 2025 10:01:16 +0000
Files and hashes:         1: z6XOwUOirx7RwtmWlvHxaH9Fhkk.crl (hash: RBUpF5OPVMhNAKjQxhQnwgz3VLm0BMAaVtJGouUUymo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d8/39e0d9-52a2-437c-895f-4c582c28fba3/1/z6XOwUOirx7RwtmWlvHxaH9Fhkk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d8/39e0d9-52a2-437c-895f-4c582c28fba3/1/z6XOwUOirx7RwtmWlvHxaH9Fhkk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/z6XOwUOirx7RwtmWlvHxaH9Fhkk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 05:01:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d6:60:0f:c2:6d:ea:17:1f:fd:8d:20:c9:98:c1:22:9b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cfa5cec143a2af1ed1c2d99696f1f1687f458649
        Validity
            Not Before: Aug 23 10:01:16 2025 GMT
            Not After : Aug 24 10:01:16 2025 GMT
        Subject: CN=d098dca7bb1213855e0953a3428b079a54451aab
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:ca:32:8e:74:e0:86:6d:4f:77:67:60:7a:50:
                    08:f8:ee:ac:16:7c:5c:8b:ae:cb:45:f5:8e:56:d9:
                    6f:17:c2:d8:0d:ea:32:9d:81:7d:92:8e:ea:d6:39:
                    34:13:55:c0:38:a4:8d:0e:1c:c5:e4:aa:b8:ad:db:
                    f1:ca:30:63:44:fd:7b:df:cc:26:26:7b:89:94:ff:
                    b7:98:a6:fe:a2:89:fe:83:01:3b:2f:6c:25:cc:a3:
                    5f:42:1d:54:e2:9b:7a:da:8e:b6:91:75:53:be:92:
                    b4:bf:a1:14:1d:ac:a8:23:23:aa:91:f2:4a:e7:a8:
                    4e:07:63:50:c3:be:a9:98:60:4c:e0:83:12:f3:81:
                    78:19:c4:ee:51:3e:5f:65:53:90:f4:57:cc:b2:99:
                    a7:63:9a:17:e7:11:55:e4:6a:fd:5c:a1:43:1a:fe:
                    19:5e:d8:b6:f8:08:78:d6:40:22:47:4d:a6:0f:eb:
                    9f:76:6a:33:61:ad:13:55:b5:ff:d3:e7:1a:d0:95:
                    e4:a6:16:27:6e:0f:c6:74:a2:ab:b5:96:0d:9d:ed:
                    6e:da:89:1b:1e:b4:99:bd:2d:5c:aa:07:0d:bc:d7:
                    47:26:f4:d8:20:ed:9b:15:3f:af:8b:dd:b1:49:0d:
                    38:24:4f:da:08:e5:c2:ec:4c:bd:d1:d9:9b:98:80:
                    ef:47
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D0:98:DC:A7:BB:12:13:85:5E:09:53:A3:42:8B:07:9A:54:45:1A:AB
            X509v3 Authority Key Identifier:
                keyid:CF:A5:CE:C1:43:A2:AF:1E:D1:C2:D9:96:96:F1:F1:68:7F:45:86:49

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/z6XOwUOirx7RwtmWlvHxaH9Fhkk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/39e0d9-52a2-437c-895f-4c582c28fba3/1/z6XOwUOirx7RwtmWlvHxaH9Fhkk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/39e0d9-52a2-437c-895f-4c582c28fba3/1/z6XOwUOirx7RwtmWlvHxaH9Fhkk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         71:84:3a:53:d4:7c:de:5c:1b:cf:0a:f2:98:5a:6a:1b:a2:17:
         80:17:9d:03:34:a6:10:fa:e1:c3:96:ca:97:e2:c8:63:b9:90:
         f8:43:87:9d:ba:24:bc:f1:63:ad:5c:60:c5:a2:6b:51:9b:3e:
         2a:a9:dd:ef:cc:9e:90:e4:6a:8f:6d:23:cc:d9:74:dd:bc:16:
         b9:72:57:8f:c8:5c:24:28:5c:8d:48:ef:6d:4f:44:12:8e:10:
         6b:e6:cb:bb:c4:17:3b:ff:cf:bd:68:87:e3:ec:52:d6:d7:34:
         50:16:20:78:65:e7:9e:aa:59:9b:f9:29:e3:66:76:32:16:cf:
         8a:35:16:c8:a1:01:d4:46:27:ec:20:76:3d:b5:c1:49:7e:67:
         64:87:bf:5f:3f:d1:27:1e:ad:3f:58:13:ec:91:3a:0e:55:aa:
         7a:48:44:cf:8a:10:00:af:cd:7e:ac:54:55:93:92:8b:dc:43:
         80:46:1d:06:5f:80:59:5d:eb:2a:8d:b3:e0:3f:08:c9:08:1f:
         cd:5f:38:98:f9:03:d3:10:fd:6e:d2:09:94:18:ad:17:92:8a:
         78:61:ce:65:34:3a:15:6a:2e:22:4a:c5:fe:e0:11:3f:b2:43:
         7b:90:1c:ff:fa:fc:2b:6a:de:b4:5b:b0:d2:ed:b7:4e:8c:79:
         53:8e:a8:01
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjWYA/CbeoXH/2NIMmYwSKbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNmYTVjZWMxNDNhMmFmMWVkMWMyZDk5Njk2ZjFmMTY4N2Y0
NTg2NDkwHhcNMjUwODIzMTAwMTE2WhcNMjUwODI0MTAwMTE2WjAzMTEwLwYDVQQD
EyhkMDk4ZGNhN2JiMTIxMzg1NWUwOTUzYTM0MjhiMDc5YTU0NDUxYWFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvMoyjnTghm1Pd2dgelAI+O6sFnxc
i67LRfWOVtlvF8LYDeoynYF9ko7q1jk0E1XAOKSNDhzF5Kq4rdvxyjBjRP1738wm
JnuJlP+3mKb+oon+gwE7L2wlzKNfQh1U4pt62o62kXVTvpK0v6EUHayoIyOqkfJK
56hOB2NQw76pmGBM4IMS84F4GcTuUT5fZVOQ9FfMspmnY5oX5xFV5Gr9XKFDGv4Z
Xti2+Ah41kAiR02mD+ufdmozYa0TVbX/0+ca0JXkphYnbg/GdKKrtZYNne1u2okb
HrSZvS1cqgcNvNdHJvTYIO2bFT+vi92xSQ04JE/aCOXC7Ey90dmbmIDvRwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNCY3Ke7EhOFXglTo0KLB5pURRqrMB8GA1UdIwQY
MBaAFM+lzsFDoq8e0cLZlpbx8Wh/RYZJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvejZYT3dVT2lyeDdSd3RtV2x2SHhhSDlGaGtrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOC8zOWUwZDktNTJhMi00MzdjLTg5NWYt
NGM1ODJjMjhmYmEzLzEvejZYT3dVT2lyeDdSd3RtV2x2SHhhSDlGaGtrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOC8zOWUwZDktNTJhMi00MzdjLTg5NWYtNGM1ODJjMjhmYmEz
LzEvejZYT3dVT2lyeDdSd3RtV2x2SHhhSDlGaGtrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAcYQ6U9R8
3lwbzwrymFpqG6IXgBedAzSmEPrhw5bKl+LIY7mQ+EOHnbokvPFjrVxgxaJrUZs+
Kqnd78yekORqj20jzNl03bwWuXJXj8hcJChcjUjvbU9EEo4Qa+bLu8QXO//PvWiH
4+xS1tc0UBYgeGXnnqpZm/kp42Z2MhbPijUWyKEB1EYn7CB2PbXBSX5nZIe/Xz/R
Jx6tP1gT7JE6DlWqekhEz4oQAK/NfqxUVZOSi9xDgEYdBl+AWV3rKo2z4D8IyQgf
zV84mPkD0xD9btIJlBitF5KKeGHOZTQ6FWouIkrF/uARP7JDe5Ac//r8K2retFuw
0u23Tox5U46oAQ==
-----END CERTIFICATE-----
Generated at Sat Aug 23 14:02:50 2025 by rpki-client