Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/2fabf5-e3ed-4d9a-9cd8-2f4eb9c06035/1/AlH2q-C7Jr_khZ5U3uD9yaW3igU.mft
File:                     AlH2q-C7Jr_khZ5U3uD9yaW3igU.mft (raw, json)
Hash identifier:          NmKnNPrrue3JL7tjbLlUW5Yx9h0tbtfGZ5lyR0kjktc=
Subject key identifier:   CC:3C:01:40:59:33:56:4B:7D:74:32:DC:2A:A6:2B:8D:7B:D3:93:ED
Authority key identifier: 02:51:F6:AB:E0:BB:26:BF:E4:85:9E:54:DE:E0:FD:C9:A5:B7:8A:05
Certificate issuer:       /CN=0251f6abe0bb26bfe4859e54dee0fdc9a5b78a05
Certificate serial:       0199FBEB82F6204AC7A5BF153196EE784295
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/AlH2q-C7Jr_khZ5U3uD9yaW3igU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/01/2fabf5-e3ed-4d9a-9cd8-2f4eb9c06035/1/AlH2q-C7Jr_khZ5U3uD9yaW3igU.mft
Manifest number:          16DE
Signing time:             Sun 19 Oct 2025 10:02:19 +0000
Manifest this update:     Sun 19 Oct 2025 10:02:19 +0000
Manifest next update:     Mon 20 Oct 2025 10:02:19 +0000
Files and hashes:         1: AlH2q-C7Jr_khZ5U3uD9yaW3igU.crl (hash: VAdfn3tItxDiHRKes3P8q1pdsvy1EFb7/q78msQNK5Q=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/01/2fabf5-e3ed-4d9a-9cd8-2f4eb9c06035/1/AlH2q-C7Jr_khZ5U3uD9yaW3igU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/01/2fabf5-e3ed-4d9a-9cd8-2f4eb9c06035/1/AlH2q-C7Jr_khZ5U3uD9yaW3igU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/AlH2q-C7Jr_khZ5U3uD9yaW3igU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 06:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fb:eb:82:f6:20:4a:c7:a5:bf:15:31:96:ee:78:42:95
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0251f6abe0bb26bfe4859e54dee0fdc9a5b78a05
        Validity
            Not Before: Oct 19 10:02:19 2025 GMT
            Not After : Oct 20 10:02:19 2025 GMT
        Subject: CN=cc3c01405933564b7d7432dc2aa62b8d7bd393ed
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:21:d8:2f:f1:ab:78:99:e7:bc:5b:3e:7a:02:
                    3d:45:6d:18:20:74:5b:a9:17:3a:e9:ce:1c:f6:69:
                    db:eb:66:d9:a2:26:bf:67:15:35:8d:46:6f:23:d5:
                    be:b9:04:88:08:f0:b9:4d:84:57:9d:8d:ce:9e:00:
                    00:10:c8:2d:54:5a:90:30:f9:6a:ff:7c:4c:b4:f1:
                    78:94:95:29:01:15:44:99:7b:21:43:6b:fa:14:1d:
                    4e:d4:07:d6:36:5e:d7:a4:2b:ed:e4:bc:83:9a:99:
                    35:24:be:09:41:0a:77:34:5b:c6:08:96:23:3f:84:
                    e7:85:91:fc:8c:c6:46:3c:83:27:1b:5c:ba:ec:0a:
                    d5:e7:9d:fc:d0:e3:f6:41:d4:b0:b1:91:c6:b6:62:
                    62:92:73:e6:d9:7e:82:5f:0e:96:21:8f:70:0e:79:
                    db:19:56:c0:56:8b:01:ad:13:5d:b2:75:cd:8e:3a:
                    7d:af:1d:f8:16:53:0d:88:bb:57:b5:fe:67:e1:04:
                    c4:31:55:b2:7c:3a:9c:bd:fb:26:6f:e5:d1:84:d5:
                    c8:9b:25:d7:8a:dc:27:85:af:dc:b6:54:e8:8a:13:
                    36:26:7f:f4:e3:5d:d3:2d:28:84:b0:f4:f6:53:a1:
                    c6:56:60:bc:21:b3:b4:b7:57:60:4d:59:ef:0e:f2:
                    d2:8b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CC:3C:01:40:59:33:56:4B:7D:74:32:DC:2A:A6:2B:8D:7B:D3:93:ED
            X509v3 Authority Key Identifier:
                keyid:02:51:F6:AB:E0:BB:26:BF:E4:85:9E:54:DE:E0:FD:C9:A5:B7:8A:05

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AlH2q-C7Jr_khZ5U3uD9yaW3igU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/2fabf5-e3ed-4d9a-9cd8-2f4eb9c06035/1/AlH2q-C7Jr_khZ5U3uD9yaW3igU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/01/2fabf5-e3ed-4d9a-9cd8-2f4eb9c06035/1/AlH2q-C7Jr_khZ5U3uD9yaW3igU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         22:85:cd:a6:c2:e2:b3:c9:b2:e8:ab:79:4d:88:21:74:d5:e9:
         1d:f8:f7:87:72:0b:f9:e5:06:30:2a:c1:7a:07:d5:28:8c:2e:
         9b:82:fe:b4:36:2d:ae:9f:cf:73:1b:1e:53:93:d9:d8:6c:48:
         88:41:be:03:5f:c2:66:61:a2:2b:a9:f3:ae:af:fc:9d:30:7d:
         44:8a:c9:45:a0:51:bd:d1:e0:c5:eb:b7:24:57:61:21:d3:bd:
         2d:5a:fa:13:88:09:42:ab:01:a4:13:9c:6c:3d:9a:0a:5a:f4:
         5f:5a:3a:f7:61:b3:a4:80:c2:c3:d1:01:ba:ca:04:d4:f4:2e:
         7c:c3:9d:b6:6d:4a:a7:e3:de:ef:88:39:a8:2a:84:f6:1b:b5:
         a7:76:5b:b3:f1:d4:2e:ee:0c:f0:de:23:ce:65:d4:50:d6:78:
         d0:e0:19:df:4c:65:f4:e9:43:69:22:98:13:63:d1:60:1a:f4:
         3b:84:3c:32:e0:04:b6:59:95:d7:3b:da:39:f6:1b:25:fd:1c:
         13:1f:c0:a9:fa:65:46:91:0b:ba:a1:98:c3:58:6f:f9:c1:62:
         85:77:de:0d:d8:17:32:db:d3:83:9a:46:68:61:f5:c2:f3:b1:
         20:ed:5d:97:41:06:76:07:98:c6:8d:13:19:3e:84:4a:b9:8b:
         5a:42:e0:09
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn764L2IErHpb8VMZbueEKVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAyNTFmNmFiZTBiYjI2YmZlNDg1OWU1NGRlZTBmZGM5YTVi
NzhhMDUwHhcNMjUxMDE5MTAwMjE5WhcNMjUxMDIwMTAwMjE5WjAzMTEwLwYDVQQD
EyhjYzNjMDE0MDU5MzM1NjRiN2Q3NDMyZGMyYWE2MmI4ZDdiZDM5M2VkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsyHYL/GreJnnvFs+egI9RW0YIHRb
qRc66c4c9mnb62bZoia/ZxU1jUZvI9W+uQSICPC5TYRXnY3OngAAEMgtVFqQMPlq
/3xMtPF4lJUpARVEmXshQ2v6FB1O1AfWNl7XpCvt5LyDmpk1JL4JQQp3NFvGCJYj
P4TnhZH8jMZGPIMnG1y67ArV55380OP2QdSwsZHGtmJiknPm2X6CXw6WIY9wDnnb
GVbAVosBrRNdsnXNjjp9rx34FlMNiLtXtf5n4QTEMVWyfDqcvfsmb+XRhNXImyXX
itwnha/ctlToihM2Jn/0413TLSiEsPT2U6HGVmC8IbO0t1dgTVnvDvLSiwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMw8AUBZM1ZLfXQy3CqmK41705PtMB8GA1UdIwQY
MBaAFAJR9qvguya/5IWeVN7g/cmlt4oFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQWxIMnEtQzdKcl9raFo1VTN1RDl5YVczaWdVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMS8yZmFiZjUtZTNlZC00ZDlhLTljZDgt
MmY0ZWI5YzA2MDM1LzEvQWxIMnEtQzdKcl9raFo1VTN1RDl5YVczaWdVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMS8yZmFiZjUtZTNlZC00ZDlhLTljZDgtMmY0ZWI5YzA2MDM1
LzEvQWxIMnEtQzdKcl9raFo1VTN1RDl5YVczaWdVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAIoXNpsLi
s8my6Kt5TYghdNXpHfj3h3IL+eUGMCrBegfVKIwum4L+tDYtrp/PcxseU5PZ2GxI
iEG+A1/CZmGiK6nzrq/8nTB9RIrJRaBRvdHgxeu3JFdhIdO9LVr6E4gJQqsBpBOc
bD2aClr0X1o692GzpIDCw9EBusoE1PQufMOdtm1Kp+Pe74g5qCqE9hu1p3Zbs/HU
Lu4M8N4jzmXUUNZ40OAZ30xl9OlDaSKYE2PRYBr0O4Q8MuAEtlmV1zvaOfYbJf0c
Ex/AqfplRpELuqGYw1hv+cFihXfeDdgXMtvTg5pGaGH1wvOxIO1dl0EGdgeYxo0T
GT6ESrmLWkLgCQ==
-----END CERTIFICATE-----
Generated at Sun Oct 19 13:06:02 2025 by rpki-client