Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/7900fd-84e2-4a7c-8d8e-e5afbb936c3a/1/iGueLpgWv6rZz8yAbo39KCT1A0Q.mft
File:                     iGueLpgWv6rZz8yAbo39KCT1A0Q.mft (raw, json)
Hash identifier:          kgM+8v15+8EAcobFUTv6PUUiiIUfqKVEpiABNDt2z60=
Subject key identifier:   27:0D:15:D3:25:29:C0:75:91:DD:89:6B:2F:75:29:EC:50:5B:13:8D
Authority key identifier: 88:6B:9E:2E:98:16:BF:AA:D9:CF:CC:80:6E:8D:FD:28:24:F5:03:44
Certificate issuer:       /CN=886b9e2e9816bfaad9cfcc806e8dfd2824f50344
Certificate serial:       0197CA5E8461E43ACE91F4C3DD5C215FD3DD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/iGueLpgWv6rZz8yAbo39KCT1A0Q.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/52/7900fd-84e2-4a7c-8d8e-e5afbb936c3a/1/iGueLpgWv6rZz8yAbo39KCT1A0Q.mft
Manifest number:          0D1C
Signing time:             Wed 02 Jul 2025 09:01:21 +0000
Manifest this update:     Wed 02 Jul 2025 09:01:21 +0000
Manifest next update:     Thu 03 Jul 2025 09:01:21 +0000
Files and hashes:         1: iGueLpgWv6rZz8yAbo39KCT1A0Q.crl (hash: 0N6Y5w/h2PmZRYL9wxZqonbLUyziTgb3rVD9c4ZxTg8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/52/7900fd-84e2-4a7c-8d8e-e5afbb936c3a/1/iGueLpgWv6rZz8yAbo39KCT1A0Q.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/52/7900fd-84e2-4a7c-8d8e-e5afbb936c3a/1/iGueLpgWv6rZz8yAbo39KCT1A0Q.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/iGueLpgWv6rZz8yAbo39KCT1A0Q.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 03 Jul 2025 09:01:21 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:ca:5e:84:61:e4:3a:ce:91:f4:c3:dd:5c:21:5f:d3:dd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=886b9e2e9816bfaad9cfcc806e8dfd2824f50344
        Validity
            Not Before: Jul  2 09:01:21 2025 GMT
            Not After : Jul  3 09:01:21 2025 GMT
        Subject: CN=270d15d32529c07591dd896b2f7529ec505b138d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:f5:07:c7:b2:b7:ae:f9:00:2c:eb:e2:2a:19:
                    87:19:9f:be:67:98:4a:de:63:38:5e:9c:a0:b7:47:
                    99:84:d5:19:e5:f1:38:31:a3:68:64:f1:80:a6:51:
                    4a:f7:d6:dd:a2:16:08:0a:51:84:d4:c3:9b:ff:22:
                    0b:3e:60:72:8f:d3:97:f7:e1:e7:9e:13:63:88:3b:
                    d2:c9:fd:68:55:aa:6c:e6:c6:ba:b9:4c:45:74:28:
                    ae:f5:58:58:b8:bf:f7:cf:75:27:0a:1b:c8:49:66:
                    1d:28:1c:49:6d:44:16:9c:25:23:fd:9d:e1:86:a1:
                    76:9e:c5:43:3f:70:7a:39:00:f3:89:9f:c0:ae:80:
                    89:83:0f:cd:16:90:7c:a2:18:db:76:4c:54:f5:d2:
                    0c:d8:93:0c:76:9a:ab:d9:be:cb:e4:06:a6:d3:db:
                    0e:75:22:49:97:17:a3:f9:7c:96:77:cf:0c:73:e1:
                    7e:2d:da:52:31:65:05:6d:a5:a3:2c:d1:3c:3e:be:
                    cb:bd:e1:65:bc:13:ca:75:eb:56:39:70:d8:bf:b0:
                    5f:a5:0c:67:85:31:55:d9:6c:08:c3:cd:f3:0b:72:
                    25:f1:a2:b4:69:8c:17:6c:24:7e:a1:1f:95:ee:30:
                    bd:4f:26:11:5d:9c:48:dc:8f:96:22:b0:ed:28:65:
                    b3:79
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                27:0D:15:D3:25:29:C0:75:91:DD:89:6B:2F:75:29:EC:50:5B:13:8D
            X509v3 Authority Key Identifier:
                keyid:88:6B:9E:2E:98:16:BF:AA:D9:CF:CC:80:6E:8D:FD:28:24:F5:03:44

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iGueLpgWv6rZz8yAbo39KCT1A0Q.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/7900fd-84e2-4a7c-8d8e-e5afbb936c3a/1/iGueLpgWv6rZz8yAbo39KCT1A0Q.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/52/7900fd-84e2-4a7c-8d8e-e5afbb936c3a/1/iGueLpgWv6rZz8yAbo39KCT1A0Q.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2a:2a:f0:89:ff:b5:81:74:6f:b5:f4:8a:73:12:fc:e1:53:3a:
         a2:20:96:e4:a3:4f:48:50:df:ef:77:3e:eb:f8:12:b4:50:01:
         e7:42:29:4e:f4:88:61:b4:c9:08:09:d8:46:4c:52:47:10:6c:
         7a:50:f3:4b:52:90:0c:11:88:e4:ad:37:7c:8c:ef:49:0b:6a:
         f7:d5:70:07:55:5c:60:cd:a9:2f:2c:78:f4:a7:97:90:56:93:
         15:16:2d:21:8b:c7:de:fa:b8:76:f7:29:36:a6:2b:02:df:be:
         7f:52:f1:d9:39:60:ee:89:55:dd:e5:75:83:81:02:cb:7a:75:
         33:14:4f:c8:15:cd:8a:45:b1:9f:3b:5c:ed:29:9c:70:e6:4f:
         a7:69:19:90:04:d3:f9:22:70:47:eb:21:46:73:4f:ef:f8:2d:
         04:10:17:50:56:e2:5e:0e:84:55:f2:2e:6f:f0:ef:28:cc:06:
         32:98:fe:7d:01:68:2a:af:e7:0c:20:51:e1:65:17:33:11:e9:
         61:62:dc:11:ee:b2:6d:e1:6d:4c:86:7d:d0:f8:f1:93:bf:8e:
         5a:05:43:81:d2:fd:ec:34:11:14:cf:06:ea:20:2b:b3:fd:12:
         9e:94:2a:12:b4:c4:18:55:1f:42:0c:f3:fb:f1:db:ea:15:ce:
         06:4e:77:22
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZfKXoRh5DrOkfTD3VwhX9PdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4NmI5ZTJlOTgxNmJmYWFkOWNmY2M4MDZlOGRmZDI4MjRm
NTAzNDQwHhcNMjUwNzAyMDkwMTIxWhcNMjUwNzAzMDkwMTIxWjAzMTEwLwYDVQQD
EygyNzBkMTVkMzI1MjljMDc1OTFkZDg5NmIyZjc1MjllYzUwNWIxMzhkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvvUHx7K3rvkALOviKhmHGZ++Z5hK
3mM4Xpygt0eZhNUZ5fE4MaNoZPGAplFK99bdohYIClGE1MOb/yILPmByj9OX9+Hn
nhNjiDvSyf1oVaps5sa6uUxFdCiu9VhYuL/3z3UnChvISWYdKBxJbUQWnCUj/Z3h
hqF2nsVDP3B6OQDziZ/AroCJgw/NFpB8ohjbdkxU9dIM2JMMdpqr2b7L5Aam09sO
dSJJlxej+XyWd88Mc+F+LdpSMWUFbaWjLNE8Pr7LveFlvBPKdetWOXDYv7BfpQxn
hTFV2WwIw83zC3Il8aK0aYwXbCR+oR+V7jC9TyYRXZxI3I+WIrDtKGWzeQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCcNFdMlKcB1kd2Jay91KexQWxONMB8GA1UdIwQY
MBaAFIhrni6YFr+q2c/MgG6N/Sgk9QNEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaUd1ZUxwZ1d2NnJaejh5QWJvMzlLQ1QxQTBRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi83OTAwZmQtODRlMi00YTdjLThkOGUt
ZTVhZmJiOTM2YzNhLzEvaUd1ZUxwZ1d2NnJaejh5QWJvMzlLQ1QxQTBRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi83OTAwZmQtODRlMi00YTdjLThkOGUtZTVhZmJiOTM2YzNh
LzEvaUd1ZUxwZ1d2NnJaejh5QWJvMzlLQ1QxQTBRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKirwif+1
gXRvtfSKcxL84VM6oiCW5KNPSFDf73c+6/gStFAB50IpTvSIYbTJCAnYRkxSRxBs
elDzS1KQDBGI5K03fIzvSQtq99VwB1VcYM2pLyx49KeXkFaTFRYtIYvH3vq4dvcp
NqYrAt++f1Lx2Tlg7olV3eV1g4ECy3p1MxRPyBXNikWxnztc7SmccOZPp2kZkATT
+SJwR+shRnNP7/gtBBAXUFbiXg6EVfIub/DvKMwGMpj+fQFoKq/nDCBR4WUXMxHp
YWLcEe6ybeFtTIZ90Pjxk7+OWgVDgdL97DQRFM8G6iArs/0SnpQqErTEGFUfQgzz
+/Hb6hXOBk53Ig==
-----END CERTIFICATE-----
Generated at Wed Jul 2 13:03:06 2025 by rpki-client