Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/f2ccc0-3732-4351-b770-6b0da9e4fb10/1/IClZ7xuVPXmKoPVkMafxG2vhltY.mft
File:                     IClZ7xuVPXmKoPVkMafxG2vhltY.mft (raw, json)
Hash identifier:          1uyn6zKUhDgZ8+jvvN/zsmuqmUZ7atrNbLikmR40rxE=
Subject key identifier:   DD:E1:57:5E:05:23:27:9B:78:1C:69:FD:05:3F:6B:83:FF:A1:72:D0
Authority key identifier: 20:29:59:EF:1B:95:3D:79:8A:A0:F5:64:31:A7:F1:1B:6B:E1:96:D6
Certificate issuer:       /CN=202959ef1b953d798aa0f56431a7f11b6be196d6
Certificate serial:       0199FEB505F097B80129D7C94F11B5D40450
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IClZ7xuVPXmKoPVkMafxG2vhltY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0d/f2ccc0-3732-4351-b770-6b0da9e4fb10/1/IClZ7xuVPXmKoPVkMafxG2vhltY.mft
Manifest number:          12DC
Signing time:             Sun 19 Oct 2025 23:01:40 +0000
Manifest this update:     Sun 19 Oct 2025 23:01:40 +0000
Manifest next update:     Mon 20 Oct 2025 23:01:40 +0000
Files and hashes:         1: IClZ7xuVPXmKoPVkMafxG2vhltY.crl (hash: LAEkxyJNcCZ4QGKUkH/J/qnQIecAeCFUM55JOUsovK0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0d/f2ccc0-3732-4351-b770-6b0da9e4fb10/1/IClZ7xuVPXmKoPVkMafxG2vhltY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0d/f2ccc0-3732-4351-b770-6b0da9e4fb10/1/IClZ7xuVPXmKoPVkMafxG2vhltY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/IClZ7xuVPXmKoPVkMafxG2vhltY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 20:00:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fe:b5:05:f0:97:b8:01:29:d7:c9:4f:11:b5:d4:04:50
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=202959ef1b953d798aa0f56431a7f11b6be196d6
        Validity
            Not Before: Oct 19 23:01:40 2025 GMT
            Not After : Oct 20 23:01:40 2025 GMT
        Subject: CN=dde1575e0523279b781c69fd053f6b83ffa172d0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:95:63:e6:6f:7b:f5:30:8d:28:ec:2d:9b:10:f9:
                    8d:15:bf:17:9d:b2:56:73:4c:ee:a8:e1:c2:42:91:
                    b6:85:c1:9a:43:33:17:4f:c3:ac:ac:b3:ac:57:90:
                    9e:0d:36:36:7b:1c:a0:05:73:3c:59:f3:0a:87:51:
                    c2:1c:48:47:dd:32:9a:b5:89:0c:51:34:33:a2:c7:
                    85:9b:31:35:29:bd:d9:2d:8e:b6:c2:f4:a6:fe:86:
                    b6:16:39:a2:9f:3a:35:bf:41:e1:fd:16:27:28:77:
                    a4:7e:39:27:94:cf:ac:00:e6:1e:ed:e8:46:b1:82:
                    ce:96:e6:22:7b:37:20:42:82:74:db:65:f6:84:18:
                    a3:75:aa:9f:38:78:24:7e:83:2a:84:c3:00:16:87:
                    eb:db:78:62:1a:62:4d:b2:9e:d6:3a:88:84:70:d7:
                    04:fa:48:d2:93:a8:ec:48:6c:7d:75:27:af:cd:48:
                    c8:67:f8:90:1c:ba:76:eb:04:38:a3:63:3c:85:09:
                    8e:2c:58:57:97:65:92:61:29:32:e8:92:8f:85:0c:
                    78:9b:61:4a:08:69:ca:47:b5:f0:89:9e:73:9f:6f:
                    d5:ec:3d:f0:25:38:85:26:ea:7d:af:ea:25:5c:98:
                    30:96:60:35:f7:a7:ff:78:34:3b:80:a6:4d:ae:a8:
                    1e:09
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DD:E1:57:5E:05:23:27:9B:78:1C:69:FD:05:3F:6B:83:FF:A1:72:D0
            X509v3 Authority Key Identifier:
                keyid:20:29:59:EF:1B:95:3D:79:8A:A0:F5:64:31:A7:F1:1B:6B:E1:96:D6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IClZ7xuVPXmKoPVkMafxG2vhltY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/f2ccc0-3732-4351-b770-6b0da9e4fb10/1/IClZ7xuVPXmKoPVkMafxG2vhltY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/f2ccc0-3732-4351-b770-6b0da9e4fb10/1/IClZ7xuVPXmKoPVkMafxG2vhltY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7e:f8:05:26:1b:32:e3:06:f1:e7:78:db:4e:8a:98:24:0b:aa:
         ae:46:d5:f5:0e:c4:06:92:70:a7:bd:c0:15:b8:17:2c:af:52:
         6a:ba:74:25:b7:5c:e2:c7:04:57:4f:bd:cc:4c:65:d6:24:e0:
         93:3d:34:33:e4:64:97:b4:b4:7b:09:9e:f9:26:ab:cd:f7:54:
         ac:78:40:5c:63:48:81:e0:3e:c1:ff:df:1f:43:a1:07:70:58:
         e2:4f:2d:ee:0d:a4:ae:76:57:bb:48:25:e3:a6:4e:5f:43:15:
         df:bf:ab:f1:f2:4e:f1:7d:2f:df:d8:f6:91:0c:a0:1f:30:a2:
         4c:c5:59:b6:30:e5:1d:b5:f1:69:25:20:1f:55:6b:49:66:30:
         a8:e4:1f:b0:a3:c9:84:10:44:af:54:75:cf:2f:93:8b:25:c9:
         3f:3d:7f:c1:84:f1:37:91:6c:1a:c4:8e:59:68:33:65:ab:fd:
         07:ba:55:90:eb:48:ea:ba:ab:a5:b9:fe:b5:e2:69:d7:65:b9:
         b1:0d:b2:99:51:ed:8a:4c:c6:05:38:14:ce:15:34:6a:19:46:
         7d:7b:45:11:96:e9:4c:7e:d1:a6:e9:15:b8:4c:0a:2e:bb:a6:
         1e:10:bb:54:fc:ac:43:b2:02:d7:d7:cf:4f:48:c0:1e:82:32:
         cf:3a:5a:23
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn+tQXwl7gBKdfJTxG11ARQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIwMjk1OWVmMWI5NTNkNzk4YWEwZjU2NDMxYTdmMTFiNmJl
MTk2ZDYwHhcNMjUxMDE5MjMwMTQwWhcNMjUxMDIwMjMwMTQwWjAzMTEwLwYDVQQD
EyhkZGUxNTc1ZTA1MjMyNzliNzgxYzY5ZmQwNTNmNmI4M2ZmYTE3MmQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlWPmb3v1MI0o7C2bEPmNFb8XnbJW
c0zuqOHCQpG2hcGaQzMXT8OsrLOsV5CeDTY2exygBXM8WfMKh1HCHEhH3TKatYkM
UTQzoseFmzE1Kb3ZLY62wvSm/oa2Fjminzo1v0Hh/RYnKHekfjknlM+sAOYe7ehG
sYLOluYiezcgQoJ022X2hBijdaqfOHgkfoMqhMMAFofr23hiGmJNsp7WOoiEcNcE
+kjSk6jsSGx9dSevzUjIZ/iQHLp26wQ4o2M8hQmOLFhXl2WSYSky6JKPhQx4m2FK
CGnKR7XwiZ5zn2/V7D3wJTiFJup9r+olXJgwlmA196f/eDQ7gKZNrqgeCQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFN3hV14FIyebeBxp/QU/a4P/oXLQMB8GA1UdIwQY
MBaAFCApWe8blT15iqD1ZDGn8Rtr4ZbWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSUNsWjd4dVZQWG1Lb1BWa01hZnhHMnZobHRZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZC9mMmNjYzAtMzczMi00MzUxLWI3NzAt
NmIwZGE5ZTRmYjEwLzEvSUNsWjd4dVZQWG1Lb1BWa01hZnhHMnZobHRZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZC9mMmNjYzAtMzczMi00MzUxLWI3NzAtNmIwZGE5ZTRmYjEw
LzEvSUNsWjd4dVZQWG1Lb1BWa01hZnhHMnZobHRZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAfvgFJhsy
4wbx53jbToqYJAuqrkbV9Q7EBpJwp73AFbgXLK9Sarp0Jbdc4scEV0+9zExl1iTg
kz00M+Rkl7S0ewme+SarzfdUrHhAXGNIgeA+wf/fH0OhB3BY4k8t7g2krnZXu0gl
46ZOX0MV37+r8fJO8X0v39j2kQygHzCiTMVZtjDlHbXxaSUgH1VrSWYwqOQfsKPJ
hBBEr1R1zy+TiyXJPz1/wYTxN5FsGsSOWWgzZav9B7pVkOtI6rqrpbn+teJp12W5
sQ2ymVHtikzGBTgUzhU0ahlGfXtFEZbpTH7RpukVuEwKLrumHhC7VPysQ7IC19fP
T0jAHoIyzzpaIw==
-----END CERTIFICATE-----
Generated at Mon Oct 20 04:43:49 2025 by rpki-client