Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/85fc11-e23a-4942-b0de-22f8d4a027ae/1/Xl5k_r-lZnT03hZCn13eSdnOk2g.mft
File:                     Xl5k_r-lZnT03hZCn13eSdnOk2g.mft (raw, json)
Hash identifier:          jtMnfry6B8npzkv//DmtjKqS18FAsN0IB+duEZ93iZg=
Subject key identifier:   5D:2E:22:EF:CD:92:80:91:2B:7D:4A:E6:37:FA:EE:B2:BC:41:85:CC
Authority key identifier: 5E:5E:64:FE:BF:A5:66:74:F4:DE:16:42:9F:5D:DE:49:D9:CE:93:68
Certificate issuer:       /CN=5e5e64febfa56674f4de16429f5dde49d9ce9368
Certificate serial:       0199FB45DE89D025422A38E500B1176DB33C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Xl5k_r-lZnT03hZCn13eSdnOk2g.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/00/85fc11-e23a-4942-b0de-22f8d4a027ae/1/Xl5k_r-lZnT03hZCn13eSdnOk2g.mft
Manifest number:          1373
Signing time:             Sun 19 Oct 2025 07:01:24 +0000
Manifest this update:     Sun 19 Oct 2025 07:01:24 +0000
Manifest next update:     Mon 20 Oct 2025 07:01:24 +0000
Files and hashes:         1: Xl5k_r-lZnT03hZCn13eSdnOk2g.crl (hash: SkC0mYXCRh8f/hHD3sd98mJuh2a8bS1hBX5WJTm1LCQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/00/85fc11-e23a-4942-b0de-22f8d4a027ae/1/Xl5k_r-lZnT03hZCn13eSdnOk2g.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/00/85fc11-e23a-4942-b0de-22f8d4a027ae/1/Xl5k_r-lZnT03hZCn13eSdnOk2g.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Xl5k_r-lZnT03hZCn13eSdnOk2g.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 06:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fb:45:de:89:d0:25:42:2a:38:e5:00:b1:17:6d:b3:3c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5e5e64febfa56674f4de16429f5dde49d9ce9368
        Validity
            Not Before: Oct 19 07:01:24 2025 GMT
            Not After : Oct 20 07:01:24 2025 GMT
        Subject: CN=5d2e22efcd9280912b7d4ae637faeeb2bc4185cc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cd:d4:6a:a5:6b:bf:e2:23:71:0d:4f:2a:eb:ff:
                    ce:86:9a:e9:79:bd:60:d7:d0:c3:b7:f6:15:f0:2b:
                    6d:8f:4f:19:cb:f5:5a:95:15:2f:7b:c4:ae:54:09:
                    d9:8c:28:4c:16:91:61:3e:b2:78:49:1c:e7:0a:5d:
                    a7:e7:d6:65:50:e0:b8:76:e0:83:19:13:d8:b2:df:
                    b6:84:94:0f:c4:c9:da:f2:b4:35:b6:56:7f:7a:df:
                    93:24:8a:c3:b8:6a:b7:ee:ef:a6:9d:0f:74:ca:89:
                    c7:62:54:a0:d6:a4:4e:50:63:31:65:8e:85:e3:29:
                    cd:b8:7e:46:44:55:5e:b8:66:37:25:63:23:99:8c:
                    ed:26:e2:51:39:b0:67:f9:65:66:24:2d:32:41:c1:
                    41:a8:9f:9d:a7:67:1c:04:4a:1d:c8:bf:af:0f:9b:
                    e0:c1:32:cc:20:ab:1d:11:3e:81:14:82:7f:94:b0:
                    cf:3c:ab:5d:40:b0:8d:82:ef:05:22:76:26:e0:9b:
                    8e:9f:45:e1:44:0f:7e:0d:ba:eb:dc:fa:9d:ab:26:
                    88:ff:f9:68:3e:ce:9e:11:35:ec:a2:96:13:70:69:
                    60:1e:64:c6:9b:71:ad:55:b9:7a:e7:de:3e:82:1b:
                    f0:e0:0a:d2:c0:15:98:c3:e2:f6:92:fd:20:0b:69:
                    71:db
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5D:2E:22:EF:CD:92:80:91:2B:7D:4A:E6:37:FA:EE:B2:BC:41:85:CC
            X509v3 Authority Key Identifier:
                keyid:5E:5E:64:FE:BF:A5:66:74:F4:DE:16:42:9F:5D:DE:49:D9:CE:93:68

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Xl5k_r-lZnT03hZCn13eSdnOk2g.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/85fc11-e23a-4942-b0de-22f8d4a027ae/1/Xl5k_r-lZnT03hZCn13eSdnOk2g.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/00/85fc11-e23a-4942-b0de-22f8d4a027ae/1/Xl5k_r-lZnT03hZCn13eSdnOk2g.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         34:11:45:3d:4a:b6:a9:51:9d:f2:50:c4:96:ce:20:5b:c0:59:
         32:c8:1d:c2:f4:fc:57:01:33:df:bc:a0:50:e9:72:52:45:64:
         32:fc:17:4a:fb:23:4c:d1:60:53:f1:3c:ad:a2:7f:a0:4e:da:
         ee:f9:ce:aa:86:d8:75:50:5c:17:a6:d0:32:ac:e1:85:fe:42:
         53:3d:35:99:a0:39:0b:00:dc:48:91:33:a4:73:63:a5:2d:d0:
         62:9a:6e:0b:94:fa:e2:82:08:b0:90:7b:c4:20:0a:47:55:2b:
         14:2c:20:63:d6:f3:b4:1c:9f:04:3a:0b:72:fe:4b:be:1b:00:
         6f:f5:bb:e3:4f:d5:3a:23:2b:cb:50:df:81:6a:50:7d:96:de:
         a3:9a:b8:98:5b:c5:26:3a:5a:3b:81:f0:9a:f1:13:c2:ac:92:
         dc:eb:69:93:35:9b:30:84:76:22:5f:13:31:00:27:c3:5e:96:
         a3:54:21:80:88:c5:17:16:55:35:be:67:5c:c7:23:97:2d:3c:
         2b:de:c5:39:12:c1:0b:04:c8:6c:cd:36:a5:3c:5a:18:6a:61:
         9b:fb:c0:25:40:8f:81:08:5c:fa:cd:70:4c:a1:13:f8:ee:84:
         39:5b:a1:6d:d3:e7:5d:cc:c4:d6:70:2e:42:5b:9d:5d:ad:64:
         b0:fc:64:82
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn7Rd6J0CVCKjjlALEXbbM8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlNWU2NGZlYmZhNTY2NzRmNGRlMTY0MjlmNWRkZTQ5ZDlj
ZTkzNjgwHhcNMjUxMDE5MDcwMTI0WhcNMjUxMDIwMDcwMTI0WjAzMTEwLwYDVQQD
Eyg1ZDJlMjJlZmNkOTI4MDkxMmI3ZDRhZTYzN2ZhZWViMmJjNDE4NWNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzdRqpWu/4iNxDU8q6//Ohprpeb1g
19DDt/YV8Cttj08Zy/ValRUve8SuVAnZjChMFpFhPrJ4SRznCl2n59ZlUOC4duCD
GRPYst+2hJQPxMna8rQ1tlZ/et+TJIrDuGq37u+mnQ90yonHYlSg1qROUGMxZY6F
4ynNuH5GRFVeuGY3JWMjmYztJuJRObBn+WVmJC0yQcFBqJ+dp2ccBEodyL+vD5vg
wTLMIKsdET6BFIJ/lLDPPKtdQLCNgu8FInYm4JuOn0XhRA9+Dbrr3PqdqyaI//lo
Ps6eETXsopYTcGlgHmTGm3GtVbl6594+ghvw4ArSwBWYw+L2kv0gC2lx2wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFF0uIu/NkoCRK31K5jf67rK8QYXMMB8GA1UdIwQY
MBaAFF5eZP6/pWZ09N4WQp9d3knZzpNoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGw1a19yLWxablQwM2haQ24xM2VTZG5PazJnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC84NWZjMTEtZTIzYS00OTQyLWIwZGUt
MjJmOGQ0YTAyN2FlLzEvWGw1a19yLWxablQwM2haQ24xM2VTZG5PazJnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC84NWZjMTEtZTIzYS00OTQyLWIwZGUtMjJmOGQ0YTAyN2Fl
LzEvWGw1a19yLWxablQwM2haQ24xM2VTZG5PazJnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANBFFPUq2
qVGd8lDEls4gW8BZMsgdwvT8VwEz37ygUOlyUkVkMvwXSvsjTNFgU/E8raJ/oE7a
7vnOqobYdVBcF6bQMqzhhf5CUz01maA5CwDcSJEzpHNjpS3QYppuC5T64oIIsJB7
xCAKR1UrFCwgY9bztByfBDoLcv5LvhsAb/W740/VOiMry1DfgWpQfZbeo5q4mFvF
JjpaO4HwmvETwqyS3OtpkzWbMIR2Il8TMQAnw16Wo1QhgIjFFxZVNb5nXMcjly08
K97FORLBCwTIbM02pTxaGGphm/vAJUCPgQhc+s1wTKET+O6EOVuhbdPnXczE1nAu
QludXa1ksPxkgg==
-----END CERTIFICATE-----
Generated at Sun Oct 19 15:15:13 2025 by rpki-client