Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/ccfb64-2ec9-4d86-aace-846e1f41fc62/1/_hEX6Xaz4zlTuTYbtLseui9Ane0.mft
File:                     _hEX6Xaz4zlTuTYbtLseui9Ane0.mft (raw, json)
Hash identifier:          90MYLqhoQJJkMbESt5Cj53nyCutgUJFkm67/TfGWrkc=
Subject key identifier:   44:6F:48:34:E8:86:90:39:D4:B8:13:F1:5A:2C:6A:C3:89:07:68:EE
Authority key identifier: FE:11:17:E9:76:B3:E3:39:53:B9:36:1B:B4:BB:1E:BA:2F:40:9D:ED
Certificate issuer:       /CN=fe1117e976b3e33953b9361bb4bb1eba2f409ded
Certificate serial:       0199FAD7C36645C228EDEDABAA778ADF5757
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/_hEX6Xaz4zlTuTYbtLseui9Ane0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/02/ccfb64-2ec9-4d86-aace-846e1f41fc62/1/_hEX6Xaz4zlTuTYbtLseui9Ane0.mft
Manifest number:          07FE
Signing time:             Sun 19 Oct 2025 05:01:08 +0000
Manifest this update:     Sun 19 Oct 2025 05:01:08 +0000
Manifest next update:     Mon 20 Oct 2025 05:01:08 +0000
Files and hashes:         1: _hEX6Xaz4zlTuTYbtLseui9Ane0.crl (hash: ubklMnxyYy2SqEPOa9T9i3pnHbVtEisFF22LpTF6/wI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/02/ccfb64-2ec9-4d86-aace-846e1f41fc62/1/_hEX6Xaz4zlTuTYbtLseui9Ane0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/02/ccfb64-2ec9-4d86-aace-846e1f41fc62/1/_hEX6Xaz4zlTuTYbtLseui9Ane0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/_hEX6Xaz4zlTuTYbtLseui9Ane0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 05:01:08 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fa:d7:c3:66:45:c2:28:ed:ed:ab:aa:77:8a:df:57:57
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=fe1117e976b3e33953b9361bb4bb1eba2f409ded
        Validity
            Not Before: Oct 19 05:01:08 2025 GMT
            Not After : Oct 20 05:01:08 2025 GMT
        Subject: CN=446f4834e8869039d4b813f15a2c6ac3890768ee
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a4:06:04:6c:47:4a:f7:e2:4b:42:f8:5a:e7:7c:
                    4c:99:11:1e:49:53:e1:9a:b6:47:72:d3:52:96:f3:
                    a4:ad:27:ee:5f:07:31:1f:58:7c:ef:8d:e2:b4:72:
                    5e:3e:9d:d2:24:df:8c:a0:87:1c:e2:98:dc:01:d2:
                    28:fd:da:0d:e6:9f:47:aa:f2:27:fb:8a:be:b9:d2:
                    8a:5d:c9:a1:2b:4e:c9:9e:a0:06:f6:58:d9:6f:b7:
                    1a:9c:6c:01:a2:bb:f5:5e:89:5a:1f:48:a9:b1:18:
                    50:92:94:ec:77:ea:00:e1:54:7e:d1:db:3a:e9:de:
                    bf:8c:1b:93:e2:2c:37:4e:f3:b6:13:9b:9e:cb:bf:
                    c1:76:9f:7d:57:de:b3:4e:6f:c8:3d:5b:8b:7d:ef:
                    e0:04:4e:2e:7b:8d:67:cb:92:c7:a4:51:69:e5:a4:
                    b0:cd:5d:b0:1b:36:fb:fe:0e:a5:73:e9:ec:24:85:
                    63:9f:5f:6c:a1:87:60:98:e4:aa:91:d6:88:0d:ec:
                    b7:e5:2a:b3:05:e6:be:05:8c:32:50:e2:99:31:cf:
                    16:67:08:80:bb:7a:81:cd:25:d4:ad:8f:d3:dc:a5:
                    9b:46:dc:cf:8e:1d:da:35:ac:3c:1b:fb:00:46:fa:
                    0b:94:0a:00:0b:44:6f:64:62:63:19:a9:02:2c:d5:
                    2e:25
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                44:6F:48:34:E8:86:90:39:D4:B8:13:F1:5A:2C:6A:C3:89:07:68:EE
            X509v3 Authority Key Identifier:
                keyid:FE:11:17:E9:76:B3:E3:39:53:B9:36:1B:B4:BB:1E:BA:2F:40:9D:ED

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_hEX6Xaz4zlTuTYbtLseui9Ane0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/ccfb64-2ec9-4d86-aace-846e1f41fc62/1/_hEX6Xaz4zlTuTYbtLseui9Ane0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/02/ccfb64-2ec9-4d86-aace-846e1f41fc62/1/_hEX6Xaz4zlTuTYbtLseui9Ane0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a0:d0:30:90:fa:db:fb:a8:b8:0a:14:c4:fc:88:4f:a9:21:95:
         f9:4b:6a:35:15:3a:b4:73:38:73:57:ba:f3:4e:8a:20:4c:57:
         2f:be:70:82:41:5a:c9:ce:0e:95:96:9b:d5:2a:93:92:c7:96:
         ac:40:1c:6b:37:9d:e7:9b:6b:54:5d:da:0e:c3:36:40:58:a3:
         97:c8:e2:98:36:7f:8c:09:04:ee:68:a6:19:b9:18:67:6d:f0:
         8e:48:f9:fc:d2:2e:da:88:1c:6d:f1:74:07:94:e5:8f:6b:96:
         7f:78:09:fa:e4:bf:cc:90:9f:6e:56:95:45:86:da:95:40:3a:
         9f:21:ff:6f:e7:a6:4f:31:51:a2:70:d1:01:14:10:64:de:c4:
         52:2b:24:97:49:c7:e2:b7:46:0e:1b:27:0b:6b:26:42:34:41:
         a4:02:08:5f:cd:58:d8:ee:a1:a7:e6:07:91:76:bb:3a:33:2f:
         b0:c8:d7:1a:3f:58:60:c1:7a:3c:18:52:b6:60:fb:52:10:ce:
         52:5e:b3:84:da:91:a5:1c:be:76:ce:37:68:f3:1d:ef:42:8a:
         f5:ad:22:af:de:a0:37:d6:d2:be:c6:18:3e:cf:96:40:f3:a9:
         86:02:4a:eb:64:ef:ad:ca:3e:1e:29:30:0f:f9:05:b7:c7:16:
         0c:12:88:d7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn618NmRcIo7e2rqneK31dXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZlMTExN2U5NzZiM2UzMzk1M2I5MzYxYmI0YmIxZWJhMmY0
MDlkZWQwHhcNMjUxMDE5MDUwMTA4WhcNMjUxMDIwMDUwMTA4WjAzMTEwLwYDVQQD
Eyg0NDZmNDgzNGU4ODY5MDM5ZDRiODEzZjE1YTJjNmFjMzg5MDc2OGVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApAYEbEdK9+JLQvha53xMmREeSVPh
mrZHctNSlvOkrSfuXwcxH1h8743itHJePp3SJN+MoIcc4pjcAdIo/doN5p9HqvIn
+4q+udKKXcmhK07JnqAG9ljZb7canGwBorv1XolaH0ipsRhQkpTsd+oA4VR+0ds6
6d6/jBuT4iw3TvO2E5uey7/Bdp99V96zTm/IPVuLfe/gBE4ue41ny5LHpFFp5aSw
zV2wGzb7/g6lc+nsJIVjn19soYdgmOSqkdaIDey35SqzBea+BYwyUOKZMc8WZwiA
u3qBzSXUrY/T3KWbRtzPjh3aNaw8G/sARvoLlAoAC0RvZGJjGakCLNUuJQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFERvSDTohpA51LgT8VosasOJB2juMB8GA1UdIwQY
MBaAFP4RF+l2s+M5U7k2G7S7HrovQJ3tMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX2hFWDZYYXo0emxUdVRZYnRMc2V1aTlBbmUwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi9jY2ZiNjQtMmVjOS00ZDg2LWFhY2Ut
ODQ2ZTFmNDFmYzYyLzEvX2hFWDZYYXo0emxUdVRZYnRMc2V1aTlBbmUwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi9jY2ZiNjQtMmVjOS00ZDg2LWFhY2UtODQ2ZTFmNDFmYzYy
LzEvX2hFWDZYYXo0emxUdVRZYnRMc2V1aTlBbmUwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAoNAwkPrb
+6i4ChTE/IhPqSGV+UtqNRU6tHM4c1e6806KIExXL75wgkFayc4OlZab1SqTkseW
rEAcazed55trVF3aDsM2QFijl8jimDZ/jAkE7mimGbkYZ23wjkj5/NIu2ogcbfF0
B5Tlj2uWf3gJ+uS/zJCfblaVRYbalUA6nyH/b+emTzFRonDRARQQZN7EUiskl0nH
4rdGDhsnC2smQjRBpAIIX81Y2O6hp+YHkXa7OjMvsMjXGj9YYMF6PBhStmD7UhDO
Ul6zhNqRpRy+ds43aPMd70KK9a0ir96gN9bSvsYYPs+WQPOphgJK62Tvrco+Hikw
D/kFt8cWDBKI1w==
-----END CERTIFICATE-----
Generated at Sun Oct 19 15:21:53 2025 by rpki-client