Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/8b768c-0e0a-4ad3-9100-a441e24be036/1/O1Xn_rkHE3KZ9XksNjle-6mzS2I.mft
File:                     O1Xn_rkHE3KZ9XksNjle-6mzS2I.mft (raw, json)
Hash identifier:          msWvG/XZZpRFmcSFelnGIcEqLLUuMVD9QR8ed1pWDwo=
Subject key identifier:   95:2B:5A:40:EA:98:BE:9C:D8:5C:A1:FB:17:00:7A:9F:6E:AB:CA:73
Authority key identifier: 3B:55:E7:FE:B9:07:13:72:99:F5:79:2C:36:39:5E:FB:A9:B3:4B:62
Certificate issuer:       /CN=3b55e7feb907137299f5792c36395efba9b34b62
Certificate serial:       0199FC8F19E24AF7460ACB33BE311BAAEBE2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/O1Xn_rkHE3KZ9XksNjle-6mzS2I.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/16/8b768c-0e0a-4ad3-9100-a441e24be036/1/O1Xn_rkHE3KZ9XksNjle-6mzS2I.mft
Manifest number:          0F89
Signing time:             Sun 19 Oct 2025 13:01:00 +0000
Manifest this update:     Sun 19 Oct 2025 13:01:00 +0000
Manifest next update:     Mon 20 Oct 2025 13:01:00 +0000
Files and hashes:         1: O1Xn_rkHE3KZ9XksNjle-6mzS2I.crl (hash: ik7DnhMBfKm9+5qamg5M9XwSwnzH27B7uHT+eLbVekM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/16/8b768c-0e0a-4ad3-9100-a441e24be036/1/O1Xn_rkHE3KZ9XksNjle-6mzS2I.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/16/8b768c-0e0a-4ad3-9100-a441e24be036/1/O1Xn_rkHE3KZ9XksNjle-6mzS2I.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/O1Xn_rkHE3KZ9XksNjle-6mzS2I.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 06:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fc:8f:19:e2:4a:f7:46:0a:cb:33:be:31:1b:aa:eb:e2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3b55e7feb907137299f5792c36395efba9b34b62
        Validity
            Not Before: Oct 19 13:01:00 2025 GMT
            Not After : Oct 20 13:01:00 2025 GMT
        Subject: CN=952b5a40ea98be9cd85ca1fb17007a9f6eabca73
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:86:84:08:36:de:03:72:d0:ab:27:58:49:f5:
                    65:e1:64:e3:6a:72:69:37:c8:d3:21:d3:fc:52:ff:
                    63:67:bd:d3:5e:e6:b4:aa:c7:1a:84:98:60:be:1a:
                    07:1f:31:87:32:0b:02:96:6b:e7:ba:4f:29:6a:f4:
                    bc:77:a0:21:4b:e6:d3:53:79:49:07:0d:1e:41:f6:
                    80:36:a7:e6:e6:b0:df:18:94:08:da:d2:1e:ae:1c:
                    ab:e3:2b:cf:2a:04:f8:1d:e6:f5:10:a2:b4:7c:f8:
                    9a:48:97:8e:8a:7c:4c:c5:68:7f:5d:af:1d:e0:76:
                    86:ec:c9:bb:df:74:da:9f:d2:79:6c:14:76:04:88:
                    c7:5d:e7:78:bd:94:22:ce:0c:56:68:ac:15:cd:31:
                    d3:c3:68:78:e6:3c:18:56:a8:4c:05:20:77:7a:16:
                    1e:b5:12:99:6f:11:0d:12:4a:28:db:3e:9f:35:27:
                    13:a7:5b:26:f9:2c:54:64:7c:9d:57:fa:cf:d8:59:
                    ef:a6:4f:b5:66:8c:b0:7e:f7:3f:16:76:28:b1:a8:
                    b1:a6:a6:60:39:26:3f:f3:25:d7:11:d9:a3:df:a2:
                    59:55:15:cd:24:6f:80:c2:e3:0a:36:2a:3b:93:c3:
                    ad:fa:11:8d:dc:ed:27:e2:6e:6f:9f:ea:f8:fd:63:
                    54:f1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                95:2B:5A:40:EA:98:BE:9C:D8:5C:A1:FB:17:00:7A:9F:6E:AB:CA:73
            X509v3 Authority Key Identifier:
                keyid:3B:55:E7:FE:B9:07:13:72:99:F5:79:2C:36:39:5E:FB:A9:B3:4B:62

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O1Xn_rkHE3KZ9XksNjle-6mzS2I.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/8b768c-0e0a-4ad3-9100-a441e24be036/1/O1Xn_rkHE3KZ9XksNjle-6mzS2I.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/16/8b768c-0e0a-4ad3-9100-a441e24be036/1/O1Xn_rkHE3KZ9XksNjle-6mzS2I.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4c:b1:43:0b:65:b4:93:17:e9:a2:fb:dd:0c:59:fb:21:5e:77:
         85:31:b2:b9:65:43:d3:e3:fa:6b:9f:75:45:4a:57:09:8a:cc:
         77:00:7a:7b:bb:86:e7:54:39:db:2a:db:6c:56:63:75:e0:69:
         f7:50:e9:bb:c5:43:57:48:b5:0b:45:3b:c1:ae:bd:4a:5c:a8:
         55:ef:a2:ea:06:a1:69:c6:ef:be:7d:09:bc:ef:b5:e9:59:c1:
         6e:c9:6b:10:0b:86:4b:2e:27:ca:d7:69:11:32:fc:0a:c4:24:
         da:9e:71:96:cc:a8:61:3f:1c:90:75:91:df:bd:7a:4d:e1:bf:
         01:e6:80:55:d0:6b:5a:a1:d8:f0:b5:1b:15:19:9b:6c:9e:e2:
         11:9c:53:22:a7:b3:93:c9:c3:82:bf:19:0b:6d:1a:8b:16:2b:
         1d:1f:07:e1:87:21:e7:b5:95:aa:73:22:c3:26:f5:b1:f9:e1:
         20:3b:39:6f:7e:47:a3:f9:c0:a6:34:17:7c:b9:d6:94:1c:e9:
         4d:66:64:d5:3a:8e:2d:be:ea:68:0e:25:b9:e9:e2:c1:47:fb:
         2c:77:40:48:59:37:8d:f0:36:22:f2:15:aa:10:f9:21:a4:eb:
         f7:df:aa:59:76:8f:81:3a:80:3d:35:5c:b1:84:87:fc:b6:5a:
         f6:48:23:29
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn8jxniSvdGCsszvjEbquviMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiNTVlN2ZlYjkwNzEzNzI5OWY1NzkyYzM2Mzk1ZWZiYTli
MzRiNjIwHhcNMjUxMDE5MTMwMTAwWhcNMjUxMDIwMTMwMTAwWjAzMTEwLwYDVQQD
Eyg5NTJiNWE0MGVhOThiZTljZDg1Y2ExZmIxNzAwN2E5ZjZlYWJjYTczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApYaECDbeA3LQqydYSfVl4WTjanJp
N8jTIdP8Uv9jZ73TXua0qscahJhgvhoHHzGHMgsClmvnuk8pavS8d6AhS+bTU3lJ
Bw0eQfaANqfm5rDfGJQI2tIerhyr4yvPKgT4Heb1EKK0fPiaSJeOinxMxWh/Xa8d
4HaG7Mm733Tan9J5bBR2BIjHXed4vZQizgxWaKwVzTHTw2h45jwYVqhMBSB3ehYe
tRKZbxENEkoo2z6fNScTp1sm+SxUZHydV/rP2Fnvpk+1Zoywfvc/FnYosaixpqZg
OSY/8yXXEdmj36JZVRXNJG+AwuMKNio7k8Ot+hGN3O0n4m5vn+r4/WNU8QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJUrWkDqmL6c2Fyh+xcAep9uq8pzMB8GA1UdIwQY
MBaAFDtV5/65BxNymfV5LDY5Xvups0tiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzFYbl9ya0hFM0taOVhrc05qbGUtNm16UzJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi84Yjc2OGMtMGUwYS00YWQzLTkxMDAt
YTQ0MWUyNGJlMDM2LzEvTzFYbl9ya0hFM0taOVhrc05qbGUtNm16UzJJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi84Yjc2OGMtMGUwYS00YWQzLTkxMDAtYTQ0MWUyNGJlMDM2
LzEvTzFYbl9ya0hFM0taOVhrc05qbGUtNm16UzJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATLFDC2W0
kxfpovvdDFn7IV53hTGyuWVD0+P6a591RUpXCYrMdwB6e7uG51Q52yrbbFZjdeBp
91Dpu8VDV0i1C0U7wa69SlyoVe+i6gahacbvvn0JvO+16VnBbslrEAuGSy4nytdp
ETL8CsQk2p5xlsyoYT8ckHWR3716TeG/AeaAVdBrWqHY8LUbFRmbbJ7iEZxTIqez
k8nDgr8ZC20aixYrHR8H4Ych57WVqnMiwyb1sfnhIDs5b35Ho/nApjQXfLnWlBzp
TWZk1TqOLb7qaA4lueniwUf7LHdASFk3jfA2IvIVqhD5IaTr99+qWXaPgTqAPTVc
sYSH/LZa9kgjKQ==
-----END CERTIFICATE-----
Generated at Sun Oct 19 15:18:40 2025 by rpki-client