Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/5ce86e-27d2-48c2-88b5-f181b6e80a62/1/2axioKJWftFz3CqtN25FXIW8trs.mft
File:                     2axioKJWftFz3CqtN25FXIW8trs.mft (raw, json)
Hash identifier:          wcvvQggxbfWjuVcfq1NxQl33/QPNR33HWSOeggw3Rzo=
Subject key identifier:   DD:B6:CF:B1:38:0C:9D:73:34:9C:A2:F0:00:C6:74:F0:FD:D1:68:6D
Authority key identifier: D9:AC:62:A0:A2:56:7E:D1:73:DC:2A:AD:37:6E:45:5C:85:BC:B6:BB
Certificate issuer:       /CN=d9ac62a0a2567ed173dc2aad376e455c85bcb6bb
Certificate serial:       0199FBEAA93C4A6D21044AF9D2DA62D480BA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2axioKJWftFz3CqtN25FXIW8trs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0b/5ce86e-27d2-48c2-88b5-f181b6e80a62/1/2axioKJWftFz3CqtN25FXIW8trs.mft
Manifest number:          16DE
Signing time:             Sun 19 Oct 2025 10:01:23 +0000
Manifest this update:     Sun 19 Oct 2025 10:01:23 +0000
Manifest next update:     Mon 20 Oct 2025 10:01:23 +0000
Files and hashes:         1: 2axioKJWftFz3CqtN25FXIW8trs.crl (hash: 1CvfjVWDMaol+TDbSE2JVW+0UH+fEDqS1ZXtqxhAWlE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0b/5ce86e-27d2-48c2-88b5-f181b6e80a62/1/2axioKJWftFz3CqtN25FXIW8trs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0b/5ce86e-27d2-48c2-88b5-f181b6e80a62/1/2axioKJWftFz3CqtN25FXIW8trs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2axioKJWftFz3CqtN25FXIW8trs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 06:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fb:ea:a9:3c:4a:6d:21:04:4a:f9:d2:da:62:d4:80:ba
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d9ac62a0a2567ed173dc2aad376e455c85bcb6bb
        Validity
            Not Before: Oct 19 10:01:23 2025 GMT
            Not After : Oct 20 10:01:23 2025 GMT
        Subject: CN=ddb6cfb1380c9d73349ca2f000c674f0fdd1686d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cd:38:c1:07:c7:63:90:34:3d:ab:59:e7:23:59:
                    5e:7d:3b:5e:4f:40:29:b9:05:de:0f:17:2f:b0:5c:
                    ae:e6:9a:5c:b8:2d:ac:b0:ac:05:ae:2a:58:17:dd:
                    cc:01:95:38:f4:b8:40:30:93:4a:b7:d4:c2:b1:4a:
                    86:69:c6:8d:ab:a6:46:cb:38:23:e4:d4:a1:d9:ee:
                    6f:73:22:0a:da:7f:a1:29:ec:4a:81:da:65:cf:10:
                    9e:b8:50:7f:de:5b:0b:87:b7:54:cb:27:b0:e9:eb:
                    0a:d4:2e:13:a5:8f:6e:13:20:98:ce:69:51:d8:88:
                    1c:a3:c9:2c:9e:42:7e:60:7e:dc:2a:3a:0c:03:5d:
                    6b:90:c2:31:ef:ee:f8:dc:fc:74:d0:b3:a6:6e:f8:
                    73:bc:61:87:89:1e:44:e2:a0:a7:96:3b:16:49:d0:
                    da:4e:23:ae:f8:bd:ae:22:c0:29:13:48:b8:28:f9:
                    82:b6:9f:55:3e:c8:02:60:e1:92:d2:bc:9b:29:28:
                    c0:68:56:f5:aa:f2:46:e2:7a:40:42:44:0b:9b:cb:
                    ff:86:6f:95:b2:14:eb:44:87:a3:ae:38:7a:20:0d:
                    44:7e:f8:f3:c4:1e:59:5d:c2:7e:9e:a2:8f:b8:22:
                    f0:3b:8d:b7:df:9e:c0:dc:29:7b:94:b5:df:88:b4:
                    bc:f5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DD:B6:CF:B1:38:0C:9D:73:34:9C:A2:F0:00:C6:74:F0:FD:D1:68:6D
            X509v3 Authority Key Identifier:
                keyid:D9:AC:62:A0:A2:56:7E:D1:73:DC:2A:AD:37:6E:45:5C:85:BC:B6:BB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2axioKJWftFz3CqtN25FXIW8trs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/5ce86e-27d2-48c2-88b5-f181b6e80a62/1/2axioKJWftFz3CqtN25FXIW8trs.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/5ce86e-27d2-48c2-88b5-f181b6e80a62/1/2axioKJWftFz3CqtN25FXIW8trs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         8c:3a:79:50:83:95:40:49:13:91:31:f9:6d:a1:a2:88:77:00:
         55:73:81:e9:07:67:78:dd:13:6f:09:65:b7:87:34:e6:f2:df:
         8f:47:55:a0:4a:6e:73:1d:3b:c2:c8:de:e5:0b:2c:0a:f4:10:
         d5:43:fc:4a:48:6c:8b:eb:46:c1:22:59:0a:22:ef:3b:fc:e6:
         e6:65:26:71:80:d8:14:25:39:47:e7:ce:ca:b4:ce:f8:3d:f4:
         27:65:67:ef:d1:8f:8b:fe:a8:6e:bb:2c:40:55:6e:34:a2:90:
         fb:76:52:ad:16:5e:83:62:fb:3d:60:f3:b0:a7:6e:85:1b:43:
         70:db:bc:d2:0a:30:df:08:35:6a:d6:bf:26:c6:cc:f3:49:7b:
         35:6f:69:dd:01:d5:d4:73:84:30:f8:b7:dc:31:1a:75:e3:3f:
         6c:dc:cd:5f:15:d3:8d:00:9f:27:43:27:15:0c:a0:c0:82:9f:
         63:ad:4d:a3:94:cf:e4:02:66:19:2e:e5:1e:f6:d9:12:6e:29:
         7c:27:50:52:43:59:13:b4:d5:8f:fe:ed:53:58:84:73:2d:f5:
         f7:6e:76:fc:9e:7d:45:bf:df:88:21:bc:19:ad:f4:0e:9e:d4:
         1c:d1:51:f1:40:85:b4:47:21:cf:6e:2a:73:66:3b:6a:a9:24:
         74:51:c6:dd
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn76qk8Sm0hBEr50tpi1IC6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5YWM2MmEwYTI1NjdlZDE3M2RjMmFhZDM3NmU0NTVjODVi
Y2I2YmIwHhcNMjUxMDE5MTAwMTIzWhcNMjUxMDIwMTAwMTIzWjAzMTEwLwYDVQQD
EyhkZGI2Y2ZiMTM4MGM5ZDczMzQ5Y2EyZjAwMGM2NzRmMGZkZDE2ODZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzTjBB8djkDQ9q1nnI1lefTteT0Ap
uQXeDxcvsFyu5ppcuC2ssKwFripYF93MAZU49LhAMJNKt9TCsUqGacaNq6ZGyzgj
5NSh2e5vcyIK2n+hKexKgdplzxCeuFB/3lsLh7dUyyew6esK1C4TpY9uEyCYzmlR
2Igco8ksnkJ+YH7cKjoMA11rkMIx7+743Px00LOmbvhzvGGHiR5E4qCnljsWSdDa
TiOu+L2uIsApE0i4KPmCtp9VPsgCYOGS0rybKSjAaFb1qvJG4npAQkQLm8v/hm+V
shTrRIejrjh6IA1EfvjzxB5ZXcJ+nqKPuCLwO423357A3Cl7lLXfiLS89QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFN22z7E4DJ1zNJyi8ADGdPD90WhtMB8GA1UdIwQY
MBaAFNmsYqCiVn7Rc9wqrTduRVyFvLa7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmF4aW9LSldmdEZ6M0NxdE4yNUZYSVc4dHJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYi81Y2U4NmUtMjdkMi00OGMyLTg4YjUt
ZjE4MWI2ZTgwYTYyLzEvMmF4aW9LSldmdEZ6M0NxdE4yNUZYSVc4dHJzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYi81Y2U4NmUtMjdkMi00OGMyLTg4YjUtZjE4MWI2ZTgwYTYy
LzEvMmF4aW9LSldmdEZ6M0NxdE4yNUZYSVc4dHJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAjDp5UIOV
QEkTkTH5baGiiHcAVXOB6QdneN0Tbwllt4c05vLfj0dVoEpucx07wsje5QssCvQQ
1UP8Skhsi+tGwSJZCiLvO/zm5mUmcYDYFCU5R+fOyrTO+D30J2Vn79GPi/6obrss
QFVuNKKQ+3ZSrRZeg2L7PWDzsKduhRtDcNu80gow3wg1ata/JsbM80l7NW9p3QHV
1HOEMPi33DEadeM/bNzNXxXTjQCfJ0MnFQygwIKfY61No5TP5AJmGS7lHvbZEm4p
fCdQUkNZE7TVj/7tU1iEcy319252/J59Rb/fiCG8Ga30Dp7UHNFR8UCFtEchz24q
c2Y7aqkkdFHG3Q==
-----END CERTIFICATE-----
Generated at Sun Oct 19 15:13:01 2025 by rpki-client