Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/522cf1-0b5c-4d62-b36c-9fbe8919db90/1/X2KPBcyoyH1ZPnHp3SGw5_idWJM.mft
File:                     X2KPBcyoyH1ZPnHp3SGw5_idWJM.mft (raw, json)
Hash identifier:          rF86eH+wp/viFd2krxH2/Yu5/py1R0yCFte+QrznvdE=
Subject key identifier:   02:91:0F:7C:37:1C:0D:8B:BD:BA:BC:A8:6E:DD:63:13:63:3A:E7:EC
Authority key identifier: 5F:62:8F:05:CC:A8:C8:7D:59:3E:71:E9:DD:21:B0:E7:F8:9D:58:93
Certificate issuer:       /CN=5f628f05cca8c87d593e71e9dd21b0e7f89d5893
Certificate serial:       0199FFC80DA90AADBB62084A89EC2E588016
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/X2KPBcyoyH1ZPnHp3SGw5_idWJM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/22/522cf1-0b5c-4d62-b36c-9fbe8919db90/1/X2KPBcyoyH1ZPnHp3SGw5_idWJM.mft
Manifest number:          16DF
Signing time:             Mon 20 Oct 2025 04:02:04 +0000
Manifest this update:     Mon 20 Oct 2025 04:02:04 +0000
Manifest next update:     Tue 21 Oct 2025 04:02:04 +0000
Files and hashes:         1: X2KPBcyoyH1ZPnHp3SGw5_idWJM.crl (hash: VIA4TQtDYj9e/oUyb06pBn3NAae0VzpBJtyooeDtcn0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/22/522cf1-0b5c-4d62-b36c-9fbe8919db90/1/X2KPBcyoyH1ZPnHp3SGw5_idWJM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/22/522cf1-0b5c-4d62-b36c-9fbe8919db90/1/X2KPBcyoyH1ZPnHp3SGw5_idWJM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/X2KPBcyoyH1ZPnHp3SGw5_idWJM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 21 Oct 2025 04:02:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:ff:c8:0d:a9:0a:ad:bb:62:08:4a:89:ec:2e:58:80:16
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5f628f05cca8c87d593e71e9dd21b0e7f89d5893
        Validity
            Not Before: Oct 20 04:02:04 2025 GMT
            Not After : Oct 21 04:02:04 2025 GMT
        Subject: CN=02910f7c371c0d8bbdbabca86edd6313633ae7ec
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:6f:75:a1:af:16:fa:97:ec:11:f0:a8:0d:70:
                    6e:33:6e:1e:15:82:45:c6:95:d6:73:40:ca:ef:91:
                    df:46:2c:85:86:b4:20:31:c2:01:8e:5b:b6:ae:5f:
                    5c:02:c3:a3:df:5c:13:e2:e4:aa:be:c8:27:66:da:
                    bb:f6:38:2c:ba:b5:64:d7:c3:34:9e:2d:d5:0e:49:
                    62:05:a6:30:c3:ca:85:cb:af:c2:16:b9:ab:72:13:
                    59:0e:ad:fb:7b:52:85:12:a2:da:86:e3:20:58:33:
                    0d:95:55:50:cc:1b:94:b5:95:a7:f6:8b:a0:3c:e3:
                    87:f2:8f:5b:40:32:ed:b1:8f:4c:03:06:ee:de:68:
                    7d:f7:09:f1:62:eb:0f:fc:89:f2:65:f8:39:26:0e:
                    85:15:95:ed:bb:1f:60:44:1b:1c:df:d9:1e:1c:07:
                    e6:32:35:a4:ee:7d:0e:b5:e0:bd:39:0c:50:9d:17:
                    e6:00:7f:8b:36:9c:f3:a8:f3:0b:d1:4d:2f:33:37:
                    db:09:65:e7:a8:f6:44:b7:e9:0b:f5:69:e1:24:86:
                    a6:dc:91:78:2b:05:92:fd:f9:b5:c9:e0:2a:42:f0:
                    c9:00:ec:09:85:60:ac:df:4d:29:b1:f4:4f:12:e2:
                    e3:87:7b:9f:52:f2:4b:02:1f:df:7c:ea:1d:85:5d:
                    ec:77
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                02:91:0F:7C:37:1C:0D:8B:BD:BA:BC:A8:6E:DD:63:13:63:3A:E7:EC
            X509v3 Authority Key Identifier:
                keyid:5F:62:8F:05:CC:A8:C8:7D:59:3E:71:E9:DD:21:B0:E7:F8:9D:58:93

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/X2KPBcyoyH1ZPnHp3SGw5_idWJM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/522cf1-0b5c-4d62-b36c-9fbe8919db90/1/X2KPBcyoyH1ZPnHp3SGw5_idWJM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/22/522cf1-0b5c-4d62-b36c-9fbe8919db90/1/X2KPBcyoyH1ZPnHp3SGw5_idWJM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         8d:88:72:e7:d2:69:1a:c6:b9:6f:4a:c7:5f:f3:82:8a:10:81:
         ef:43:af:7c:d7:f8:77:f6:99:da:06:d2:60:f1:5b:39:4e:b9:
         83:f5:f5:9d:56:44:9a:a5:c2:a6:d6:e1:42:da:ac:3c:7f:b8:
         b1:8d:dd:da:b6:1b:56:11:6b:8d:e4:8a:5b:ec:f5:16:a4:20:
         63:35:b2:ba:f3:8c:c3:f5:75:03:41:b3:4f:1e:74:8c:60:38:
         91:a5:45:63:d8:70:3f:de:44:0a:c1:a6:07:d4:01:69:48:5a:
         ae:b5:6d:db:15:90:7f:99:52:e3:ca:20:a2:dc:3b:b9:63:95:
         84:66:ce:c5:3d:4d:7d:1e:83:8a:d8:0b:4f:cf:f6:76:74:b9:
         60:08:f4:bc:79:93:35:52:d4:4a:ef:e0:ca:f7:4b:20:a3:e2:
         ec:28:f1:5f:0f:3b:75:b4:d3:a7:ff:25:2e:90:96:08:d3:1a:
         3a:06:35:d8:e9:90:cc:43:4d:33:da:40:56:b3:82:95:a2:49:
         3b:35:89:ad:54:40:d1:31:ec:cd:dd:75:74:f4:b0:ef:ed:8d:
         ab:00:fb:2e:b0:89:64:37:21:3a:10:e4:e1:cf:6c:b9:fd:d3:
         20:46:cd:cc:b4:bb:90:62:91:04:91:ca:56:58:c4:a4:db:b1:
         de:82:d5:99
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn/yA2pCq27YghKiewuWIAWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVmNjI4ZjA1Y2NhOGM4N2Q1OTNlNzFlOWRkMjFiMGU3Zjg5
ZDU4OTMwHhcNMjUxMDIwMDQwMjA0WhcNMjUxMDIxMDQwMjA0WjAzMTEwLwYDVQQD
EygwMjkxMGY3YzM3MWMwZDhiYmRiYWJjYTg2ZWRkNjMxMzYzM2FlN2VjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw291oa8W+pfsEfCoDXBuM24eFYJF
xpXWc0DK75HfRiyFhrQgMcIBjlu2rl9cAsOj31wT4uSqvsgnZtq79jgsurVk18M0
ni3VDkliBaYww8qFy6/CFrmrchNZDq37e1KFEqLahuMgWDMNlVVQzBuUtZWn9oug
POOH8o9bQDLtsY9MAwbu3mh99wnxYusP/InyZfg5Jg6FFZXtux9gRBsc39keHAfm
MjWk7n0OteC9OQxQnRfmAH+LNpzzqPML0U0vMzfbCWXnqPZEt+kL9WnhJIam3JF4
KwWS/fm1yeAqQvDJAOwJhWCs300psfRPEuLjh3ufUvJLAh/ffOodhV3sdwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAKRD3w3HA2Lvbq8qG7dYxNjOufsMB8GA1UdIwQY
MBaAFF9ijwXMqMh9WT5x6d0hsOf4nViTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWDJLUEJjeW95SDFaUG5IcDNTR3c1X2lkV0pNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMi81MjJjZjEtMGI1Yy00ZDYyLWIzNmMt
OWZiZTg5MTlkYjkwLzEvWDJLUEJjeW95SDFaUG5IcDNTR3c1X2lkV0pNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMi81MjJjZjEtMGI1Yy00ZDYyLWIzNmMtOWZiZTg5MTlkYjkw
LzEvWDJLUEJjeW95SDFaUG5IcDNTR3c1X2lkV0pNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAjYhy59Jp
Gsa5b0rHX/OCihCB70OvfNf4d/aZ2gbSYPFbOU65g/X1nVZEmqXCptbhQtqsPH+4
sY3d2rYbVhFrjeSKW+z1FqQgYzWyuvOMw/V1A0GzTx50jGA4kaVFY9hwP95ECsGm
B9QBaUharrVt2xWQf5lS48ogotw7uWOVhGbOxT1NfR6DitgLT8/2dnS5YAj0vHmT
NVLUSu/gyvdLIKPi7CjxXw87dbTTp/8lLpCWCNMaOgY12OmQzENNM9pAVrOClaJJ
OzWJrVRA0THszd11dPSw7+2NqwD7LrCJZDchOhDk4c9suf3TIEbNzLS7kGKRBJHK
VljEpNux3oLVmQ==
-----END CERTIFICATE-----
Generated at Mon Oct 20 12:40:54 2025 by rpki-client