Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/0ddbdc-5e22-4945-bdcd-a09854ab65a2/1/yhoaYsgLDzM0xdwY3GS3v5eIkBM.mft
File:                     yhoaYsgLDzM0xdwY3GS3v5eIkBM.mft (raw, json)
Hash identifier:          12fZ1q1xCAYqNEIIhAP+Ihi/bIRUj4mJOsMuEULYSJY=
Subject key identifier:   78:B5:6F:0C:B5:11:C3:6B:DD:33:62:93:EB:54:07:03:C5:6E:35:14
Authority key identifier: CA:1A:1A:62:C8:0B:0F:33:34:C5:DC:18:DC:64:B7:BF:97:88:90:13
Certificate issuer:       /CN=ca1a1a62c80b0f3334c5dc18dc64b7bf97889013
Certificate serial:       0199FAD7E8E6D91889D5C1AB9AEAFD95A2E8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/yhoaYsgLDzM0xdwY3GS3v5eIkBM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/01/0ddbdc-5e22-4945-bdcd-a09854ab65a2/1/yhoaYsgLDzM0xdwY3GS3v5eIkBM.mft
Manifest number:          09F9
Signing time:             Sun 19 Oct 2025 05:01:17 +0000
Manifest this update:     Sun 19 Oct 2025 05:01:17 +0000
Manifest next update:     Mon 20 Oct 2025 05:01:17 +0000
Files and hashes:         1: yhoaYsgLDzM0xdwY3GS3v5eIkBM.crl (hash: 96d/ILn055sSk01g/bzNliEtG5xk3wtdUXwl0qZBmfg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/01/0ddbdc-5e22-4945-bdcd-a09854ab65a2/1/yhoaYsgLDzM0xdwY3GS3v5eIkBM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/01/0ddbdc-5e22-4945-bdcd-a09854ab65a2/1/yhoaYsgLDzM0xdwY3GS3v5eIkBM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/yhoaYsgLDzM0xdwY3GS3v5eIkBM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 05:01:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fa:d7:e8:e6:d9:18:89:d5:c1:ab:9a:ea:fd:95:a2:e8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ca1a1a62c80b0f3334c5dc18dc64b7bf97889013
        Validity
            Not Before: Oct 19 05:01:17 2025 GMT
            Not After : Oct 20 05:01:17 2025 GMT
        Subject: CN=78b56f0cb511c36bdd336293eb540703c56e3514
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:b7:67:61:5a:40:c0:e4:9b:e7:0b:38:23:ca:
                    b2:9d:7d:4e:9a:43:93:05:63:5b:2d:ff:d1:41:d6:
                    9c:53:36:8a:4a:2a:66:ea:f2:4a:12:e7:46:58:7b:
                    1c:24:d2:dd:da:fb:31:a3:22:03:aa:d7:f9:bc:e9:
                    31:95:8c:42:1f:69:4e:29:a6:b7:29:60:31:ce:4b:
                    2d:02:38:84:cd:3f:c2:07:93:d9:22:c4:10:8d:d5:
                    0b:26:25:c7:f8:c1:9f:5a:6f:d7:19:49:f1:4a:0a:
                    83:35:21:d8:02:b4:a1:36:22:29:40:00:d3:62:95:
                    c2:5e:d4:30:8a:8a:54:da:ae:fd:39:bd:4d:7c:2c:
                    3e:0d:73:ca:9f:01:a6:44:c9:7a:57:26:ee:09:be:
                    53:c7:53:c1:53:af:63:08:10:64:ef:76:1b:13:bc:
                    da:f5:07:b9:30:88:8d:29:7a:06:43:1e:6f:01:7b:
                    b6:e7:26:84:e4:75:01:d2:79:1a:d3:d6:66:9f:32:
                    35:fe:93:54:90:8b:d1:09:05:97:51:99:03:3f:5e:
                    89:27:6b:77:9c:b4:46:47:78:44:23:96:b6:5b:92:
                    d5:61:01:ae:00:41:e4:c7:d2:c9:8c:25:94:01:f9:
                    b0:b1:8c:de:fe:42:54:3e:73:9c:7e:f4:3b:96:5e:
                    46:9b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                78:B5:6F:0C:B5:11:C3:6B:DD:33:62:93:EB:54:07:03:C5:6E:35:14
            X509v3 Authority Key Identifier:
                keyid:CA:1A:1A:62:C8:0B:0F:33:34:C5:DC:18:DC:64:B7:BF:97:88:90:13

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yhoaYsgLDzM0xdwY3GS3v5eIkBM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/0ddbdc-5e22-4945-bdcd-a09854ab65a2/1/yhoaYsgLDzM0xdwY3GS3v5eIkBM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/01/0ddbdc-5e22-4945-bdcd-a09854ab65a2/1/yhoaYsgLDzM0xdwY3GS3v5eIkBM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a0:7e:e4:83:0e:9f:f3:47:a6:c3:0a:c8:48:48:d7:fa:75:58:
         8f:e6:af:e4:a2:51:fd:30:f9:f9:f3:9c:1d:2e:63:3d:77:91:
         8e:1f:f4:7e:f6:14:27:c9:95:0f:db:25:9f:2a:6f:15:f4:5c:
         09:f1:2c:f0:53:76:d2:e0:e9:96:96:7e:af:12:b1:6c:fb:74:
         85:e3:2f:df:d9:d0:38:a3:79:64:2b:36:9d:e2:4a:06:70:1c:
         8a:49:35:6c:d0:d2:53:11:bb:89:88:ff:53:c0:5c:58:45:91:
         09:29:9b:b3:65:6f:e3:e2:47:ed:95:18:6a:16:86:f7:7f:bc:
         30:cb:e9:7b:94:c4:0e:df:5f:58:aa:a9:d8:23:df:ba:9e:e5:
         eb:e5:cd:61:68:5a:36:a3:02:56:81:27:94:1d:1b:72:d6:8b:
         29:bc:f6:ef:69:64:2c:b5:6c:26:10:a1:b8:b2:01:d1:2c:5c:
         dc:4e:ec:0e:4f:ce:1c:38:61:d5:03:d3:ea:84:89:a1:69:64:
         7f:a3:7f:7c:b1:11:c4:69:d5:e1:7f:d1:65:41:2d:87:e6:f5:
         b6:a6:4e:8b:f8:5b:36:fc:3f:49:44:c6:c8:6c:91:2f:43:30:
         5e:5d:dd:02:e3:a4:3c:72:5d:65:9e:5b:43:ec:ca:c4:fc:00:
         3f:57:45:12
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn61+jm2RiJ1cGrmur9laLoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNhMWExYTYyYzgwYjBmMzMzNGM1ZGMxOGRjNjRiN2JmOTc4
ODkwMTMwHhcNMjUxMDE5MDUwMTE3WhcNMjUxMDIwMDUwMTE3WjAzMTEwLwYDVQQD
Eyg3OGI1NmYwY2I1MTFjMzZiZGQzMzYyOTNlYjU0MDcwM2M1NmUzNTE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt7dnYVpAwOSb5ws4I8qynX1OmkOT
BWNbLf/RQdacUzaKSipm6vJKEudGWHscJNLd2vsxoyIDqtf5vOkxlYxCH2lOKaa3
KWAxzkstAjiEzT/CB5PZIsQQjdULJiXH+MGfWm/XGUnxSgqDNSHYArShNiIpQADT
YpXCXtQwiopU2q79Ob1NfCw+DXPKnwGmRMl6VybuCb5Tx1PBU69jCBBk73YbE7za
9Qe5MIiNKXoGQx5vAXu25yaE5HUB0nka09ZmnzI1/pNUkIvRCQWXUZkDP16JJ2t3
nLRGR3hEI5a2W5LVYQGuAEHkx9LJjCWUAfmwsYze/kJUPnOcfvQ7ll5GmwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHi1bwy1EcNr3TNik+tUBwPFbjUUMB8GA1UdIwQY
MBaAFMoaGmLICw8zNMXcGNxkt7+XiJATMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWhvYVlzZ0xEek0weGR3WTNHUzN2NWVJa0JNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMS8wZGRiZGMtNWUyMi00OTQ1LWJkY2Qt
YTA5ODU0YWI2NWEyLzEveWhvYVlzZ0xEek0weGR3WTNHUzN2NWVJa0JNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMS8wZGRiZGMtNWUyMi00OTQ1LWJkY2QtYTA5ODU0YWI2NWEy
LzEveWhvYVlzZ0xEek0weGR3WTNHUzN2NWVJa0JNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAoH7kgw6f
80emwwrISEjX+nVYj+av5KJR/TD5+fOcHS5jPXeRjh/0fvYUJ8mVD9slnypvFfRc
CfEs8FN20uDplpZ+rxKxbPt0heMv39nQOKN5ZCs2neJKBnAcikk1bNDSUxG7iYj/
U8BcWEWRCSmbs2Vv4+JH7ZUYahaG93+8MMvpe5TEDt9fWKqp2CPfup7l6+XNYWha
NqMCVoEnlB0bctaLKbz272lkLLVsJhChuLIB0Sxc3E7sDk/OHDhh1QPT6oSJoWlk
f6N/fLERxGnV4X/RZUEth+b1tqZOi/hbNvw/SUTGyGyRL0MwXl3dAuOkPHJdZZ5b
Q+zKxPwAP1dFEg==
-----END CERTIFICATE-----
Generated at Sun Oct 19 15:14:59 2025 by rpki-client