Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/4781ea-0a32-43f9-9890-de97bcd40368/1/VFjdpvrZNtqJUgABqigr-syLguM.mft
File:                     VFjdpvrZNtqJUgABqigr-syLguM.mft (raw, json)
Hash identifier:          jUuNMzsLP2YFjOA8DfPA15hlgsX+wBIpzTZg+fEEnBM=
Subject key identifier:   F3:05:91:53:D6:EA:81:8C:AF:04:03:01:94:4B:5B:EE:35:7F:31:D4
Authority key identifier: 54:58:DD:A6:FA:D9:36:DA:89:52:00:01:AA:28:2B:FA:CC:8B:82:E3
Certificate issuer:       /CN=5458dda6fad936da89520001aa282bfacc8b82e3
Certificate serial:       0199FBEAFAB87879DA736322FE93BB6B16C1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/VFjdpvrZNtqJUgABqigr-syLguM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/14/4781ea-0a32-43f9-9890-de97bcd40368/1/VFjdpvrZNtqJUgABqigr-syLguM.mft
Manifest number:          11C9
Signing time:             Sun 19 Oct 2025 10:01:44 +0000
Manifest this update:     Sun 19 Oct 2025 10:01:44 +0000
Manifest next update:     Mon 20 Oct 2025 10:01:44 +0000
Files and hashes:         1: VFjdpvrZNtqJUgABqigr-syLguM.crl (hash: Cw8tH+Pgmp0TtSnqcaC0B4tDzK6hyfERVP9Xn0o/Ojw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/14/4781ea-0a32-43f9-9890-de97bcd40368/1/VFjdpvrZNtqJUgABqigr-syLguM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/14/4781ea-0a32-43f9-9890-de97bcd40368/1/VFjdpvrZNtqJUgABqigr-syLguM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/VFjdpvrZNtqJUgABqigr-syLguM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 06:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fb:ea:fa:b8:78:79:da:73:63:22:fe:93:bb:6b:16:c1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5458dda6fad936da89520001aa282bfacc8b82e3
        Validity
            Not Before: Oct 19 10:01:44 2025 GMT
            Not After : Oct 20 10:01:44 2025 GMT
        Subject: CN=f3059153d6ea818caf040301944b5bee357f31d4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dc:f9:aa:d4:ea:26:32:73:da:10:08:68:06:d4:
                    be:63:22:d2:2a:ff:7d:ef:40:87:10:4c:16:86:8d:
                    2f:4a:72:f1:eb:5f:98:80:01:15:df:1d:5c:88:bb:
                    c3:27:54:53:99:31:55:50:d7:78:fc:80:7e:a7:cd:
                    b7:03:a0:52:b9:f5:75:ff:d3:7d:e3:eb:af:b3:06:
                    2e:4c:8a:5b:41:2f:dd:e5:ee:74:7d:5f:d8:9a:a1:
                    fa:bb:eb:45:49:70:bc:88:49:2c:f5:00:50:9e:4f:
                    b1:14:b3:ac:ea:e1:17:f7:fe:ca:85:db:a5:42:96:
                    37:1d:e6:4b:0a:22:90:fa:86:3b:46:c3:82:be:68:
                    ea:8e:8b:49:2f:11:f8:fd:cc:b6:34:68:d0:24:4e:
                    93:33:25:dc:d5:00:65:8c:55:c2:05:37:5b:5d:48:
                    41:dd:af:61:55:82:09:26:56:e8:2f:06:a8:b1:ee:
                    7a:07:57:12:4c:20:43:e3:39:0b:4b:e1:35:e5:ff:
                    96:2d:f5:1c:70:c6:73:12:fb:75:91:ff:6b:35:3e:
                    c2:82:65:8f:10:e2:80:b1:8a:15:af:4b:d0:0d:fb:
                    21:36:3b:14:9c:12:be:4c:2e:52:9f:34:3f:fb:8d:
                    e2:0b:4b:c5:cf:a6:94:c2:f2:db:ae:73:01:69:81:
                    62:83
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F3:05:91:53:D6:EA:81:8C:AF:04:03:01:94:4B:5B:EE:35:7F:31:D4
            X509v3 Authority Key Identifier:
                keyid:54:58:DD:A6:FA:D9:36:DA:89:52:00:01:AA:28:2B:FA:CC:8B:82:E3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VFjdpvrZNtqJUgABqigr-syLguM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/4781ea-0a32-43f9-9890-de97bcd40368/1/VFjdpvrZNtqJUgABqigr-syLguM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/14/4781ea-0a32-43f9-9890-de97bcd40368/1/VFjdpvrZNtqJUgABqigr-syLguM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         91:cf:b4:3a:e0:ee:88:5e:95:9a:b9:a7:93:f6:b1:d1:53:1f:
         d1:35:a3:9a:d0:13:91:e2:2d:cb:ef:72:88:b3:2e:91:d2:15:
         ba:61:19:54:e2:65:ba:2b:d6:c8:72:9d:76:14:a2:da:59:62:
         2a:48:5f:35:1d:28:11:e6:84:d1:b7:c4:79:c1:99:f1:d0:23:
         37:56:73:2d:42:53:0f:36:26:80:c6:9a:f4:21:8d:69:fb:f1:
         da:73:72:31:1c:7e:04:95:f6:43:fb:c0:5e:04:2f:c0:ef:2d:
         6a:99:f1:23:15:a9:68:af:ef:19:72:d9:cd:d8:a4:33:dd:3d:
         5b:3b:e0:b4:45:ed:fb:b4:3d:71:6d:8b:63:8f:3a:f4:6b:cc:
         52:a0:38:d8:48:b9:58:eb:0e:ed:cd:e3:88:b7:65:fb:a3:1d:
         de:1d:bc:62:27:f3:57:b2:dc:92:55:1d:31:81:ba:18:bb:23:
         dd:5b:c4:f4:ec:bf:a2:51:83:99:57:d7:05:4b:5b:cc:09:4a:
         bf:0a:3c:d3:76:a6:f8:de:72:75:11:6e:30:2a:b7:15:0d:21:
         f9:11:ba:6c:c2:18:bd:86:a5:8b:ce:6f:41:66:33:4c:19:75:
         c5:29:a7:63:d0:93:09:0c:e3:f3:c1:ad:f3:48:87:77:50:ee:
         41:85:d4:85
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn76vq4eHnac2Mi/pO7axbBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU0NThkZGE2ZmFkOTM2ZGE4OTUyMDAwMWFhMjgyYmZhY2M4
YjgyZTMwHhcNMjUxMDE5MTAwMTQ0WhcNMjUxMDIwMTAwMTQ0WjAzMTEwLwYDVQQD
EyhmMzA1OTE1M2Q2ZWE4MThjYWYwNDAzMDE5NDRiNWJlZTM1N2YzMWQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3Pmq1OomMnPaEAhoBtS+YyLSKv99
70CHEEwWho0vSnLx61+YgAEV3x1ciLvDJ1RTmTFVUNd4/IB+p823A6BSufV1/9N9
4+uvswYuTIpbQS/d5e50fV/YmqH6u+tFSXC8iEks9QBQnk+xFLOs6uEX9/7Khdul
QpY3HeZLCiKQ+oY7RsOCvmjqjotJLxH4/cy2NGjQJE6TMyXc1QBljFXCBTdbXUhB
3a9hVYIJJlboLwaose56B1cSTCBD4zkLS+E15f+WLfUccMZzEvt1kf9rNT7CgmWP
EOKAsYoVr0vQDfshNjsUnBK+TC5SnzQ/+43iC0vFz6aUwvLbrnMBaYFigwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPMFkVPW6oGMrwQDAZRLW+41fzHUMB8GA1UdIwQY
MBaAFFRY3ab62TbaiVIAAaooK/rMi4LjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVkZqZHB2clpOdHFKVWdBQnFpZ3Itc3lMZ3VNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNC80NzgxZWEtMGEzMi00M2Y5LTk4OTAt
ZGU5N2JjZDQwMzY4LzEvVkZqZHB2clpOdHFKVWdBQnFpZ3Itc3lMZ3VNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNC80NzgxZWEtMGEzMi00M2Y5LTk4OTAtZGU5N2JjZDQwMzY4
LzEvVkZqZHB2clpOdHFKVWdBQnFpZ3Itc3lMZ3VNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAkc+0OuDu
iF6Vmrmnk/ax0VMf0TWjmtATkeIty+9yiLMukdIVumEZVOJluivWyHKddhSi2lli
KkhfNR0oEeaE0bfEecGZ8dAjN1ZzLUJTDzYmgMaa9CGNafvx2nNyMRx+BJX2Q/vA
XgQvwO8tapnxIxWpaK/vGXLZzdikM909WzvgtEXt+7Q9cW2LY4869GvMUqA42Ei5
WOsO7c3jiLdl+6Md3h28YifzV7LcklUdMYG6GLsj3VvE9Oy/olGDmVfXBUtbzAlK
vwo803am+N5ydRFuMCq3FQ0h+RG6bMIYvYali85vQWYzTBl1xSmnY9CTCQzj88Gt
80iHd1DuQYXUhQ==
-----END CERTIFICATE-----
Generated at Sun Oct 19 15:18:50 2025 by rpki-client