Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fb/b92d9d-21a8-4522-97de-0fbe2de0636d/1/97FD9k1RC6MSl8uuVoL9QbLIEZY.mft
File:                     97FD9k1RC6MSl8uuVoL9QbLIEZY.mft (raw, json)
Hash identifier:          KtSp7cq+Ka7tpQlqSPMUcS/M+Dy26CCf+48BU4832aA=
Subject key identifier:   1B:16:87:7C:5D:28:10:D3:0B:AB:E4:77:32:9E:90:6F:88:1E:85:42
Authority key identifier: F7:B1:43:F6:4D:51:0B:A3:12:97:CB:AE:56:82:FD:41:B2:C8:11:96
Certificate issuer:       /CN=f7b143f64d510ba31297cbae5682fd41b2c81196
Certificate serial:       0198D65FF12DED2B8EA9F71D87E050DBDEBC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/97FD9k1RC6MSl8uuVoL9QbLIEZY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/fb/b92d9d-21a8-4522-97de-0fbe2de0636d/1/97FD9k1RC6MSl8uuVoL9QbLIEZY.mft
Manifest number:          09E6
Signing time:             Sat 23 Aug 2025 10:01:08 +0000
Manifest this update:     Sat 23 Aug 2025 10:01:08 +0000
Manifest next update:     Sun 24 Aug 2025 10:01:08 +0000
Files and hashes:         1: 97FD9k1RC6MSl8uuVoL9QbLIEZY.crl (hash: Cmk9H7UzapQE7yvGwV9AF86sIliMmRzDv2eIqRF3RoE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/fb/b92d9d-21a8-4522-97de-0fbe2de0636d/1/97FD9k1RC6MSl8uuVoL9QbLIEZY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/fb/b92d9d-21a8-4522-97de-0fbe2de0636d/1/97FD9k1RC6MSl8uuVoL9QbLIEZY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/97FD9k1RC6MSl8uuVoL9QbLIEZY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 05:01:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d6:5f:f1:2d:ed:2b:8e:a9:f7:1d:87:e0:50:db:de:bc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f7b143f64d510ba31297cbae5682fd41b2c81196
        Validity
            Not Before: Aug 23 10:01:08 2025 GMT
            Not After : Aug 24 10:01:08 2025 GMT
        Subject: CN=1b16877c5d2810d30babe477329e906f881e8542
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d0:3a:f9:4c:c8:4a:82:d2:27:7c:31:82:fb:e4:
                    90:c7:48:41:36:e0:d8:61:97:76:5a:98:48:34:ed:
                    5f:47:8b:14:92:ce:0e:c3:80:fd:0f:e0:ef:d2:78:
                    16:52:b9:a2:bf:54:1c:b9:0e:34:62:99:e3:b3:ab:
                    df:48:55:29:b5:df:4e:95:e6:63:6d:c8:ad:26:1c:
                    3e:64:a4:d5:09:d9:e5:0e:7e:0b:b7:56:55:45:7c:
                    71:1c:7b:f3:33:e4:16:83:a9:53:9a:32:25:d4:c3:
                    2b:8f:1d:a7:13:13:de:8e:68:9c:ac:09:ce:93:2f:
                    cf:e8:7f:5f:ef:9b:0b:79:c2:cb:8c:b7:8f:eb:a2:
                    40:37:fa:ed:bd:72:34:c6:0a:4c:60:cf:d9:3e:4a:
                    fb:c8:c3:7a:58:07:f8:73:e7:a4:75:80:16:9a:e2:
                    d4:16:72:73:e5:c9:85:97:67:65:fc:b1:0c:3f:9a:
                    e6:64:6d:04:01:31:f2:0c:60:98:5d:d2:0a:1e:12:
                    9a:0d:80:41:c5:96:67:c9:30:02:84:c1:11:46:97:
                    c2:cb:75:b3:51:99:be:47:ca:db:bf:1c:fe:89:41:
                    75:f2:2c:35:7c:b4:0e:dd:f4:1f:9c:f1:ae:12:c3:
                    4b:45:1b:67:81:b1:12:74:52:76:7b:c9:dc:a8:c4:
                    b3:71
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1B:16:87:7C:5D:28:10:D3:0B:AB:E4:77:32:9E:90:6F:88:1E:85:42
            X509v3 Authority Key Identifier:
                keyid:F7:B1:43:F6:4D:51:0B:A3:12:97:CB:AE:56:82:FD:41:B2:C8:11:96

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/97FD9k1RC6MSl8uuVoL9QbLIEZY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/b92d9d-21a8-4522-97de-0fbe2de0636d/1/97FD9k1RC6MSl8uuVoL9QbLIEZY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/b92d9d-21a8-4522-97de-0fbe2de0636d/1/97FD9k1RC6MSl8uuVoL9QbLIEZY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         31:10:5a:5a:7a:e5:3c:ef:80:d4:2f:63:c7:5d:5f:61:8b:4f:
         4b:a2:3e:e7:9e:64:83:97:16:42:e2:db:f3:5d:b5:3b:d8:e6:
         77:7c:8f:b5:b1:6e:13:6d:a0:47:05:17:82:16:ae:da:95:e7:
         40:a1:3f:8d:93:a3:f0:52:70:d7:85:34:6b:51:af:27:85:10:
         ee:74:4e:89:42:f9:14:0a:c4:b0:fc:71:89:4b:8e:64:7e:c5:
         e8:5b:81:3b:8b:0d:9d:d4:83:8c:77:7a:89:7f:aa:59:e8:ac:
         2b:c4:c5:51:dd:9e:9a:3e:8e:5c:79:86:4a:55:37:08:82:08:
         79:d8:bb:ed:ee:1e:c9:bc:44:7e:04:c5:8c:5b:af:8d:15:d0:
         21:8f:ba:70:63:91:37:9a:3c:2b:f2:e7:da:c7:24:29:19:44:
         71:97:e6:5b:25:28:fa:8b:52:1c:f2:e0:33:3e:84:40:6f:36:
         3e:c8:fe:6a:03:94:c5:db:ea:cf:da:b7:c6:f7:15:b3:69:40:
         34:65:58:15:00:0f:35:81:29:bc:a6:71:1a:b6:5c:16:9b:8a:
         c4:f0:e5:5a:89:8a:af:cd:2f:66:0c:53:fa:a8:d8:bc:e0:06:
         fb:fd:37:67:bb:a1:37:38:01:db:f9:42:f7:0d:13:c9:72:fe:
         35:a4:60:96
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjWX/Et7SuOqfcdh+BQ2968MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY3YjE0M2Y2NGQ1MTBiYTMxMjk3Y2JhZTU2ODJmZDQxYjJj
ODExOTYwHhcNMjUwODIzMTAwMTA4WhcNMjUwODI0MTAwMTA4WjAzMTEwLwYDVQQD
EygxYjE2ODc3YzVkMjgxMGQzMGJhYmU0NzczMjllOTA2Zjg4MWU4NTQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0Dr5TMhKgtInfDGC++SQx0hBNuDY
YZd2WphINO1fR4sUks4Ow4D9D+Dv0ngWUrmiv1QcuQ40Ypnjs6vfSFUptd9OleZj
bcitJhw+ZKTVCdnlDn4Lt1ZVRXxxHHvzM+QWg6lTmjIl1MMrjx2nExPejmicrAnO
ky/P6H9f75sLecLLjLeP66JAN/rtvXI0xgpMYM/ZPkr7yMN6WAf4c+ekdYAWmuLU
FnJz5cmFl2dl/LEMP5rmZG0EATHyDGCYXdIKHhKaDYBBxZZnyTAChMERRpfCy3Wz
UZm+R8rbvxz+iUF18iw1fLQO3fQfnPGuEsNLRRtngbESdFJ2e8ncqMSzcQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBsWh3xdKBDTC6vkdzKekG+IHoVCMB8GA1UdIwQY
MBaAFPexQ/ZNUQujEpfLrlaC/UGyyBGWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOTdGRDlrMVJDNk1TbDh1dVZvTDlRYkxJRVpZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYi9iOTJkOWQtMjFhOC00NTIyLTk3ZGUt
MGZiZTJkZTA2MzZkLzEvOTdGRDlrMVJDNk1TbDh1dVZvTDlRYkxJRVpZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYi9iOTJkOWQtMjFhOC00NTIyLTk3ZGUtMGZiZTJkZTA2MzZk
LzEvOTdGRDlrMVJDNk1TbDh1dVZvTDlRYkxJRVpZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMRBaWnrl
PO+A1C9jx11fYYtPS6I+555kg5cWQuLb8121O9jmd3yPtbFuE22gRwUXghau2pXn
QKE/jZOj8FJw14U0a1GvJ4UQ7nROiUL5FArEsPxxiUuOZH7F6FuBO4sNndSDjHd6
iX+qWeisK8TFUd2emj6OXHmGSlU3CIIIedi77e4eybxEfgTFjFuvjRXQIY+6cGOR
N5o8K/Ln2sckKRlEcZfmWyUo+otSHPLgMz6EQG82Psj+agOUxdvqz9q3xvcVs2lA
NGVYFQAPNYEpvKZxGrZcFpuKxPDlWomKr80vZgxT+qjYvOAG+/03Z7uhNzgB2/lC
9w0TyXL+NaRglg==
-----END CERTIFICATE-----
Generated at Sat Aug 23 14:01:16 2025 by rpki-client