Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/06/690409-019d-4812-930c-f926fabf7afa/1/aYLwUTKpmJUH6_bumJUYdTuizbU.mft
File:                     aYLwUTKpmJUH6_bumJUYdTuizbU.mft (raw, json)
Hash identifier:          2RIHMKLR9cgPqzJfubjqLadh5GIS/FukOB4hIhGGxro=
Subject key identifier:   16:99:DB:42:EF:C6:AB:1E:FD:5F:A6:E4:3B:F3:7A:6B:22:6D:B0:C3
Authority key identifier: 69:82:F0:51:32:A9:98:95:07:EB:F6:EE:98:95:18:75:3B:A2:CD:B5
Certificate issuer:       /CN=6982f05132a9989507ebf6ee989518753ba2cdb5
Certificate serial:       019A02906C04BB0A7F12C2A65C89A2FAA76A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/aYLwUTKpmJUH6_bumJUYdTuizbU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/06/690409-019d-4812-930c-f926fabf7afa/1/aYLwUTKpmJUH6_bumJUYdTuizbU.mft
Manifest number:          0B97
Signing time:             Mon 20 Oct 2025 17:00:10 +0000
Manifest this update:     Mon 20 Oct 2025 17:00:10 +0000
Manifest next update:     Tue 21 Oct 2025 17:00:10 +0000
Files and hashes:         1: aYLwUTKpmJUH6_bumJUYdTuizbU.crl (hash: 0Y+/Y4o1Vah7UlsOFFlcNwuEFrYK4h6lBdnlHOUvIoU=)
                          2: fAKnpTzt0oxsrzvaA1bygJJ8CWQ.roa (hash: cdf+GHG9jpY7S3hS2aX03Crb7b2Au3gPgbB6NvaxmuA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/06/690409-019d-4812-930c-f926fabf7afa/1/aYLwUTKpmJUH6_bumJUYdTuizbU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/06/690409-019d-4812-930c-f926fabf7afa/1/aYLwUTKpmJUH6_bumJUYdTuizbU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/aYLwUTKpmJUH6_bumJUYdTuizbU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 21 Oct 2025 13:42:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:02:90:6c:04:bb:0a:7f:12:c2:a6:5c:89:a2:fa:a7:6a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6982f05132a9989507ebf6ee989518753ba2cdb5
        Validity
            Not Before: Oct 20 17:00:10 2025 GMT
            Not After : Oct 21 17:00:10 2025 GMT
        Subject: CN=1699db42efc6ab1efd5fa6e43bf37a6b226db0c3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ce:16:a7:69:82:6c:85:cf:8a:31:79:fa:bb:84:
                    35:4a:59:1c:52:7e:c3:12:34:ff:57:57:ad:82:7b:
                    ce:0f:85:c0:e0:f6:c1:7f:31:b6:23:06:a3:4d:35:
                    dc:a6:f3:eb:a2:d4:cf:f9:e2:33:01:1e:2f:25:f4:
                    e3:bd:fd:d8:72:54:df:8f:e5:26:e0:21:1e:71:2a:
                    ec:0d:c0:fb:cf:4c:55:5a:7b:41:df:bb:77:bb:13:
                    3a:39:ad:03:88:53:8f:47:1d:3a:59:e8:37:b2:48:
                    53:f3:46:ef:5a:0f:2c:de:c2:fb:8f:a7:7d:54:72:
                    67:fd:16:a2:0a:48:a4:9a:da:89:26:aa:6e:b2:d2:
                    ec:03:7c:11:02:58:71:46:d0:0c:c5:16:06:6e:41:
                    ab:1d:eb:70:87:2c:41:c6:47:80:92:b8:90:35:3c:
                    91:10:dd:9b:1a:8f:16:88:e1:54:bc:34:5f:8e:9f:
                    f3:ee:ed:26:68:cc:2f:d9:7d:64:4b:43:08:aa:c1:
                    37:f4:ca:8d:c5:7e:a1:87:5e:70:ea:79:ee:a5:91:
                    2b:b2:cb:5b:37:44:50:e5:ca:db:35:b5:17:37:72:
                    c3:34:4e:f6:6a:35:4d:df:4f:f7:07:96:ad:23:a7:
                    bf:ff:23:a5:83:27:de:45:40:e7:6e:2a:21:bf:f4:
                    b5:93
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                16:99:DB:42:EF:C6:AB:1E:FD:5F:A6:E4:3B:F3:7A:6B:22:6D:B0:C3
            X509v3 Authority Key Identifier:
                keyid:69:82:F0:51:32:A9:98:95:07:EB:F6:EE:98:95:18:75:3B:A2:CD:B5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aYLwUTKpmJUH6_bumJUYdTuizbU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/06/690409-019d-4812-930c-f926fabf7afa/1/aYLwUTKpmJUH6_bumJUYdTuizbU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/06/690409-019d-4812-930c-f926fabf7afa/1/aYLwUTKpmJUH6_bumJUYdTuizbU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         9d:d2:2c:b2:39:f5:34:3b:d7:9f:7d:26:85:ac:b7:40:47:9c:
         c8:4e:a3:d1:ca:04:33:3c:7b:f4:5d:27:23:23:42:1c:60:ca:
         00:f5:45:59:78:e4:00:73:55:d8:49:9b:74:96:6f:27:15:63:
         ed:ba:2a:ac:7b:10:e7:d7:98:62:0a:72:c5:2f:0d:84:59:7f:
         7d:50:fc:b3:98:00:3f:d2:48:a1:fa:6e:9b:c7:32:65:84:d0:
         04:70:aa:91:b4:58:bd:5e:1c:31:39:31:33:d4:8b:fc:bd:7a:
         e7:66:e4:0a:65:c0:b3:7e:e3:82:9c:f0:9e:79:c7:fa:35:a8:
         1f:9d:ea:be:1e:a1:51:11:7a:ef:d5:33:23:aa:62:24:79:ba:
         54:7c:8c:7e:d4:ec:c3:fd:32:68:83:db:97:97:3a:e5:9d:b5:
         7a:49:8c:38:44:7e:7c:45:8b:81:ff:7b:3c:f3:01:46:4a:42:
         a7:85:c5:89:19:2c:f8:75:2e:46:94:f2:47:cb:15:c0:c7:e7:
         b0:68:8d:70:1c:40:06:f6:0c:d3:3e:db:d0:a9:c2:4e:c4:4f:
         22:37:10:5b:1c:7b:fa:b7:6f:8f:bd:ac:cc:3c:b1:f5:e2:61:
         ef:12:2b:08:93:2f:8a:0a:4b:94:5a:8e:b2:e4:c0:b4:7c:68:
         68:dd:31:fc
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZoCkGwEuwp/EsKmXImi+qdqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY5ODJmMDUxMzJhOTk4OTUwN2ViZjZlZTk4OTUxODc1M2Jh
MmNkYjUwHhcNMjUxMDIwMTcwMDEwWhcNMjUxMDIxMTcwMDEwWjAzMTEwLwYDVQQD
EygxNjk5ZGI0MmVmYzZhYjFlZmQ1ZmE2ZTQzYmYzN2E2YjIyNmRiMGMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzhanaYJshc+KMXn6u4Q1SlkcUn7D
EjT/V1etgnvOD4XA4PbBfzG2IwajTTXcpvProtTP+eIzAR4vJfTjvf3YclTfj+Um
4CEecSrsDcD7z0xVWntB37t3uxM6Oa0DiFOPRx06Weg3skhT80bvWg8s3sL7j6d9
VHJn/RaiCkikmtqJJqpustLsA3wRAlhxRtAMxRYGbkGrHetwhyxBxkeAkriQNTyR
EN2bGo8WiOFUvDRfjp/z7u0maMwv2X1kS0MIqsE39MqNxX6hh15w6nnupZErsstb
N0RQ5crbNbUXN3LDNE72ajVN30/3B5atI6e//yOlgyfeRUDnbiohv/S1kwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBaZ20Lvxqse/V+m5DvzemsibbDDMB8GA1UdIwQY
MBaAFGmC8FEyqZiVB+v27piVGHU7os21MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYVlMd1VUS3BtSlVINl9idW1KVVlkVHVpemJVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNi82OTA0MDktMDE5ZC00ODEyLTkzMGMt
ZjkyNmZhYmY3YWZhLzEvYVlMd1VUS3BtSlVINl9idW1KVVlkVHVpemJVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNi82OTA0MDktMDE5ZC00ODEyLTkzMGMtZjkyNmZhYmY3YWZh
LzEvYVlMd1VUS3BtSlVINl9idW1KVVlkVHVpemJVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAndIssjn1
NDvXn30mhay3QEecyE6j0coEMzx79F0nIyNCHGDKAPVFWXjkAHNV2EmbdJZvJxVj
7boqrHsQ59eYYgpyxS8NhFl/fVD8s5gAP9JIofpum8cyZYTQBHCqkbRYvV4cMTkx
M9SL/L1652bkCmXAs37jgpzwnnnH+jWoH53qvh6hURF679UzI6piJHm6VHyMftTs
w/0yaIPbl5c65Z21ekmMOER+fEWLgf97PPMBRkpCp4XFiRks+HUuRpTyR8sVwMfn
sGiNcBxABvYM0z7b0KnCTsRPIjcQWxx7+rdvj72szDyx9eJh7xIrCJMvigpLlFqO
suTAtHxoaN0x/A==
-----END CERTIFICATE-----
Generated at Tue Oct 21 00:00:21 2025 by rpki-client