Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/211b2e-4e3c-4482-a279-9f0f33532ea3/1/Xojs8KFK0YVzWdLOW9BCuflsfN0.mft
File:                     Xojs8KFK0YVzWdLOW9BCuflsfN0.mft (raw, json)
Hash identifier:          u4ve2NI44+D0KtIt46rriw4XqLNeQqY4C91/7Hj2QXE=
Subject key identifier:   DD:47:A1:9C:F6:8F:24:99:66:15:07:F1:EC:CA:DB:99:EC:1C:7B:92
Authority key identifier: 5E:88:EC:F0:A1:4A:D1:85:73:59:D2:CE:5B:D0:42:B9:F9:6C:7C:DD
Certificate issuer:       /CN=5e88ecf0a14ad1857359d2ce5bd042b9f96c7cdd
Certificate serial:       0199FEEBF2BC38AFE43DD794658A647DF8B8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Xojs8KFK0YVzWdLOW9BCuflsfN0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/19/211b2e-4e3c-4482-a279-9f0f33532ea3/1/Xojs8KFK0YVzWdLOW9BCuflsfN0.mft
Manifest number:          0862
Signing time:             Mon 20 Oct 2025 00:01:39 +0000
Manifest this update:     Mon 20 Oct 2025 00:01:39 +0000
Manifest next update:     Tue 21 Oct 2025 00:01:39 +0000
Files and hashes:         1: Xojs8KFK0YVzWdLOW9BCuflsfN0.crl (hash: bSXT8nfaVy02wKRqhSTe9jvQjahaCt6i7D+W3KKNX9g=)
                          2: oNaxj3U73YsxY2SMYd62wSvMB4E.roa (hash: +NOpZAlgmwl+h9fy4R1kVxAQ1d7pxMvgMiKewHh1e4g=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/19/211b2e-4e3c-4482-a279-9f0f33532ea3/1/Xojs8KFK0YVzWdLOW9BCuflsfN0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/19/211b2e-4e3c-4482-a279-9f0f33532ea3/1/Xojs8KFK0YVzWdLOW9BCuflsfN0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Xojs8KFK0YVzWdLOW9BCuflsfN0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 20:00:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fe:eb:f2:bc:38:af:e4:3d:d7:94:65:8a:64:7d:f8:b8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5e88ecf0a14ad1857359d2ce5bd042b9f96c7cdd
        Validity
            Not Before: Oct 20 00:01:39 2025 GMT
            Not After : Oct 21 00:01:39 2025 GMT
        Subject: CN=dd47a19cf68f2499661507f1eccadb99ec1c7b92
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d8:8d:ab:5b:5d:64:80:a9:35:a1:c8:6c:27:01:
                    71:1f:dd:aa:22:0d:d5:56:d8:9f:51:09:9d:ce:69:
                    4c:b8:ab:50:0d:eb:f1:9f:1b:b1:3c:82:35:d4:f4:
                    b4:db:45:13:4a:2f:6c:f9:e3:f4:06:23:31:c3:51:
                    5e:c8:bc:ba:52:fb:a6:f9:d8:ce:02:43:a9:d5:7f:
                    de:d7:eb:81:88:e7:15:1a:64:fc:dd:b1:82:7e:f4:
                    76:38:0a:72:80:f3:41:78:dd:b8:f4:d4:2b:80:41:
                    46:74:6f:0b:ce:c6:bd:78:81:71:f4:8e:ac:3f:2c:
                    38:21:ef:c8:9b:a4:34:aa:c5:b5:42:55:eb:82:82:
                    77:9a:d1:39:11:1d:22:d7:e8:29:f3:35:1c:72:c7:
                    01:11:30:1f:ab:50:b2:44:90:f1:e0:bd:8a:d1:f8:
                    23:e0:b6:cf:34:02:62:92:5b:45:dd:1c:7d:40:e5:
                    7d:4a:44:bd:63:43:29:cd:8a:a7:b5:a0:7e:d3:d6:
                    50:9c:87:b0:95:ab:4f:d1:2d:a0:c6:c2:82:70:20:
                    53:b8:37:18:c5:45:f4:5f:76:4b:86:20:56:99:9d:
                    ad:d5:68:a7:47:7a:73:87:61:80:b3:78:8e:17:cf:
                    50:b4:d5:d8:b6:7b:fa:5b:88:36:f4:e7:28:1e:24:
                    29:33
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DD:47:A1:9C:F6:8F:24:99:66:15:07:F1:EC:CA:DB:99:EC:1C:7B:92
            X509v3 Authority Key Identifier:
                keyid:5E:88:EC:F0:A1:4A:D1:85:73:59:D2:CE:5B:D0:42:B9:F9:6C:7C:DD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Xojs8KFK0YVzWdLOW9BCuflsfN0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/211b2e-4e3c-4482-a279-9f0f33532ea3/1/Xojs8KFK0YVzWdLOW9BCuflsfN0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/19/211b2e-4e3c-4482-a279-9f0f33532ea3/1/Xojs8KFK0YVzWdLOW9BCuflsfN0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         96:92:cd:fb:5d:2c:66:e4:85:16:64:1d:0d:4f:8b:1d:6c:3d:
         2b:56:0b:3d:19:1c:55:81:bf:c9:aa:94:35:8b:d2:a6:fb:be:
         8c:23:99:97:e1:0b:24:91:f4:3d:6b:ec:c5:34:7f:2a:8d:3c:
         d3:33:7f:c0:7b:b3:03:46:2d:de:a7:23:e5:a8:22:d1:5c:d9:
         dd:73:c7:ad:e7:17:a4:73:1a:5d:64:98:d9:47:da:ae:88:25:
         c8:1e:f0:18:69:82:ee:af:34:86:40:00:9b:64:dd:20:8e:40:
         aa:d5:47:3a:5f:81:7e:62:ec:9c:59:45:fa:61:82:9c:7a:16:
         5a:6b:f3:0f:df:18:0e:fa:68:04:ab:0d:91:2c:54:e3:3f:d9:
         9f:d7:ef:e6:ea:80:7f:0d:76:47:ca:6c:f2:e6:30:c3:66:72:
         86:b4:70:15:4f:38:ff:9f:10:ae:74:ec:80:8a:7f:16:96:3d:
         23:c5:7b:c1:4d:b1:33:dc:65:51:57:5a:60:3a:b9:7c:48:60:
         b8:b9:3c:50:d8:89:1c:f1:97:60:22:bc:68:8f:a6:d7:51:2e:
         71:52:15:47:b5:a7:74:43:9e:ec:a1:88:b4:6d:33:04:e3:61:
         80:7c:10:9e:40:62:e5:e7:84:0d:b9:1f:a7:a5:c1:c9:05:a6:
         d8:ad:ac:96
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn+6/K8OK/kPdeUZYpkffi4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlODhlY2YwYTE0YWQxODU3MzU5ZDJjZTViZDA0MmI5Zjk2
YzdjZGQwHhcNMjUxMDIwMDAwMTM5WhcNMjUxMDIxMDAwMTM5WjAzMTEwLwYDVQQD
EyhkZDQ3YTE5Y2Y2OGYyNDk5NjYxNTA3ZjFlY2NhZGI5OWVjMWM3YjkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2I2rW11kgKk1ochsJwFxH92qIg3V
VtifUQmdzmlMuKtQDevxnxuxPII11PS020UTSi9s+eP0BiMxw1FeyLy6Uvum+djO
AkOp1X/e1+uBiOcVGmT83bGCfvR2OApygPNBeN249NQrgEFGdG8Lzsa9eIFx9I6s
Pyw4Ie/Im6Q0qsW1QlXrgoJ3mtE5ER0i1+gp8zUccscBETAfq1CyRJDx4L2K0fgj
4LbPNAJikltF3Rx9QOV9SkS9Y0MpzYqntaB+09ZQnIewlatP0S2gxsKCcCBTuDcY
xUX0X3ZLhiBWmZ2t1WinR3pzh2GAs3iOF89QtNXYtnv6W4g29OcoHiQpMwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFN1HoZz2jySZZhUH8ezK25nsHHuSMB8GA1UdIwQY
MBaAFF6I7PChStGFc1nSzlvQQrn5bHzdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWG9qczhLRkswWVZ6V2RMT1c5QkN1ZmxzZk4wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOS8yMTFiMmUtNGUzYy00NDgyLWEyNzkt
OWYwZjMzNTMyZWEzLzEvWG9qczhLRkswWVZ6V2RMT1c5QkN1ZmxzZk4wLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOS8yMTFiMmUtNGUzYy00NDgyLWEyNzktOWYwZjMzNTMyZWEz
LzEvWG9qczhLRkswWVZ6V2RMT1c5QkN1ZmxzZk4wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAlpLN+10s
ZuSFFmQdDU+LHWw9K1YLPRkcVYG/yaqUNYvSpvu+jCOZl+ELJJH0PWvsxTR/Ko08
0zN/wHuzA0Yt3qcj5agi0VzZ3XPHrecXpHMaXWSY2UfaroglyB7wGGmC7q80hkAA
m2TdII5AqtVHOl+BfmLsnFlF+mGCnHoWWmvzD98YDvpoBKsNkSxU4z/Zn9fv5uqA
fw12R8ps8uYww2ZyhrRwFU84/58QrnTsgIp/FpY9I8V7wU2xM9xlUVdaYDq5fEhg
uLk8UNiJHPGXYCK8aI+m11EucVIVR7WndEOe7KGItG0zBONhgHwQnkBi5eeEDbkf
p6XByQWm2K2slg==
-----END CERTIFICATE-----
Generated at Mon Oct 20 06:59:09 2025 by rpki-client