Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/a1f0a0-439d-4266-a3db-e6b1e986f95f/1/iqR9CPyFIT30_aLPlWG45ovCc9w.mft
File:                     iqR9CPyFIT30_aLPlWG45ovCc9w.mft (raw, json)
Hash identifier:          Jc1yOzZuzXnTqeP24jL1cVNVp0DGWvVlkgER74FmDCs=
Subject key identifier:   D9:FF:0C:8B:73:39:F9:57:5E:8D:D9:D4:F2:54:B1:D3:6F:48:86:45
Authority key identifier: 8A:A4:7D:08:FC:85:21:3D:F4:FD:A2:CF:95:61:B8:E6:8B:C2:73:DC
Certificate issuer:       /CN=8aa47d08fc85213df4fda2cf9561b8e68bc273dc
Certificate serial:       0199FC21A6DCED715F7D6184B47CE6ACDCE2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/iqR9CPyFIT30_aLPlWG45ovCc9w.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0b/a1f0a0-439d-4266-a3db-e6b1e986f95f/1/iqR9CPyFIT30_aLPlWG45ovCc9w.mft
Manifest number:          0B72
Signing time:             Sun 19 Oct 2025 11:01:27 +0000
Manifest this update:     Sun 19 Oct 2025 11:01:27 +0000
Manifest next update:     Mon 20 Oct 2025 11:01:27 +0000
Files and hashes:         1: iqR9CPyFIT30_aLPlWG45ovCc9w.crl (hash: ByJ2BDJnXxURMvFBgvqpuAPG0D/hjBtvSelMnXTpdgs=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0b/a1f0a0-439d-4266-a3db-e6b1e986f95f/1/iqR9CPyFIT30_aLPlWG45ovCc9w.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0b/a1f0a0-439d-4266-a3db-e6b1e986f95f/1/iqR9CPyFIT30_aLPlWG45ovCc9w.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/iqR9CPyFIT30_aLPlWG45ovCc9w.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 06:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fc:21:a6:dc:ed:71:5f:7d:61:84:b4:7c:e6:ac:dc:e2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8aa47d08fc85213df4fda2cf9561b8e68bc273dc
        Validity
            Not Before: Oct 19 11:01:27 2025 GMT
            Not After : Oct 20 11:01:27 2025 GMT
        Subject: CN=d9ff0c8b7339f9575e8dd9d4f254b1d36f488645
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a4:78:ca:12:6a:c8:38:ed:a7:86:a7:a5:e2:27:
                    5e:d0:25:d3:fe:a6:ac:47:23:00:b1:57:7c:86:26:
                    9b:84:c9:97:ba:9f:04:52:4f:39:b2:33:34:9c:e2:
                    b5:b1:70:9a:61:e9:ed:cf:76:81:e3:da:c7:32:68:
                    2c:db:dc:a5:ae:b6:5f:ed:5d:df:53:90:24:c5:14:
                    75:58:7a:d2:2b:0c:3e:72:68:1e:4e:2c:1d:39:f3:
                    b1:a1:bd:07:33:5f:da:a3:f1:df:20:e4:f8:d9:93:
                    45:6c:ce:ea:51:28:d6:e1:f3:a3:4d:07:a2:cc:d3:
                    14:f4:ff:83:9a:11:40:fb:56:6d:f3:71:d4:fc:76:
                    8c:d9:d6:ec:a5:00:97:0c:8b:4d:62:65:ee:08:3f:
                    36:4a:48:9f:4b:3c:66:7c:55:0e:15:23:0b:de:80:
                    cf:38:f0:2f:c3:5e:8e:e8:26:61:f0:14:43:b8:d8:
                    e3:9e:3e:79:01:c2:5e:2c:aa:24:df:a2:d9:c4:7f:
                    87:df:04:9c:86:1d:a1:3a:14:e5:a5:53:ea:61:60:
                    98:44:3b:e6:68:0a:e1:7e:09:83:52:3c:8d:d3:d8:
                    48:cb:c2:1b:d0:d2:c7:6c:67:d7:71:4f:cb:41:f5:
                    60:96:70:0f:11:2f:36:c7:6a:d5:f7:ce:86:f2:9a:
                    ae:7d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D9:FF:0C:8B:73:39:F9:57:5E:8D:D9:D4:F2:54:B1:D3:6F:48:86:45
            X509v3 Authority Key Identifier:
                keyid:8A:A4:7D:08:FC:85:21:3D:F4:FD:A2:CF:95:61:B8:E6:8B:C2:73:DC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iqR9CPyFIT30_aLPlWG45ovCc9w.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/a1f0a0-439d-4266-a3db-e6b1e986f95f/1/iqR9CPyFIT30_aLPlWG45ovCc9w.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/a1f0a0-439d-4266-a3db-e6b1e986f95f/1/iqR9CPyFIT30_aLPlWG45ovCc9w.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         8a:40:ba:ef:be:42:06:8f:5f:54:a0:d1:86:be:01:ef:4e:54:
         b2:36:ac:f6:75:3f:7f:eb:20:cf:d4:f7:ff:7f:fb:be:35:fc:
         ef:46:6c:8b:bf:b2:84:93:b8:24:ed:c7:ee:0e:1d:32:fe:9e:
         fd:51:7f:6e:d9:04:f7:c4:8d:7b:98:ab:27:65:02:49:9a:15:
         e0:f8:3d:e8:ef:8f:97:a0:13:d1:02:48:d6:e5:e2:de:fd:1a:
         ea:8b:4e:69:49:27:47:b3:fe:15:2b:e3:36:9d:c4:64:19:88:
         6e:5e:bf:89:7a:6e:ac:dc:ed:ed:ad:a7:b5:d6:d7:b9:53:37:
         8c:2f:b6:a0:bf:b5:d3:fd:47:d3:a1:7d:21:27:15:e8:b9:1b:
         bc:5d:95:6c:75:4b:01:8b:e6:64:8f:2c:c6:2a:9a:1b:b5:7d:
         ef:0e:72:d5:18:ff:ad:25:9c:d7:c7:b0:3f:fc:95:33:13:2d:
         48:cf:83:0a:f9:cc:de:28:52:ee:84:c4:06:62:e0:95:e1:48:
         44:00:ea:ab:77:a1:25:9d:e6:ba:05:bb:ce:e6:d2:24:25:f7:
         06:d5:93:74:79:0e:65:da:bd:32:18:c8:2b:7b:67:ac:3e:f7:
         99:07:f9:fb:89:d2:a9:62:8c:f6:fd:56:48:56:c6:55:99:91:
         c9:54:9e:61
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn8Iabc7XFffWGEtHzmrNziMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhhYTQ3ZDA4ZmM4NTIxM2RmNGZkYTJjZjk1NjFiOGU2OGJj
MjczZGMwHhcNMjUxMDE5MTEwMTI3WhcNMjUxMDIwMTEwMTI3WjAzMTEwLwYDVQQD
EyhkOWZmMGM4YjczMzlmOTU3NWU4ZGQ5ZDRmMjU0YjFkMzZmNDg4NjQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApHjKEmrIOO2nhqel4ide0CXT/qas
RyMAsVd8hiabhMmXup8EUk85sjM0nOK1sXCaYentz3aB49rHMmgs29ylrrZf7V3f
U5AkxRR1WHrSKww+cmgeTiwdOfOxob0HM1/ao/HfIOT42ZNFbM7qUSjW4fOjTQei
zNMU9P+DmhFA+1Zt83HU/HaM2dbspQCXDItNYmXuCD82SkifSzxmfFUOFSML3oDP
OPAvw16O6CZh8BRDuNjjnj55AcJeLKok36LZxH+H3wSchh2hOhTlpVPqYWCYRDvm
aArhfgmDUjyN09hIy8Ib0NLHbGfXcU/LQfVglnAPES82x2rV986G8pqufQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNn/DItzOflXXo3Z1PJUsdNvSIZFMB8GA1UdIwQY
MBaAFIqkfQj8hSE99P2iz5VhuOaLwnPcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaXFSOUNQeUZJVDMwX2FMUGxXRzQ1b3ZDYzl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYi9hMWYwYTAtNDM5ZC00MjY2LWEzZGIt
ZTZiMWU5ODZmOTVmLzEvaXFSOUNQeUZJVDMwX2FMUGxXRzQ1b3ZDYzl3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYi9hMWYwYTAtNDM5ZC00MjY2LWEzZGItZTZiMWU5ODZmOTVm
LzEvaXFSOUNQeUZJVDMwX2FMUGxXRzQ1b3ZDYzl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAikC6775C
Bo9fVKDRhr4B705Usjas9nU/f+sgz9T3/3/7vjX870Zsi7+yhJO4JO3H7g4dMv6e
/VF/btkE98SNe5irJ2UCSZoV4Pg96O+Pl6AT0QJI1uXi3v0a6otOaUknR7P+FSvj
Np3EZBmIbl6/iXpurNzt7a2ntdbXuVM3jC+2oL+10/1H06F9IScV6LkbvF2VbHVL
AYvmZI8sxiqaG7V97w5y1Rj/rSWc18ewP/yVMxMtSM+DCvnM3ihS7oTEBmLgleFI
RADqq3ehJZ3mugW7zubSJCX3BtWTdHkOZdq9MhjIK3tnrD73mQf5+4nSqWKM9v1W
SFbGVZmRyVSeYQ==
-----END CERTIFICATE-----
Generated at Sun Oct 19 13:07:27 2025 by rpki-client