Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/73c8f0-7a5a-4adb-a12d-b7daf2e60f6f/1/ap2Z4esn7Hq76TViechBGkEw_co.mft
File:                     ap2Z4esn7Hq76TViechBGkEw_co.mft (raw, json)
Hash identifier:          te/wF/LXX056FRHLlv80ehIhdUFCrwihheCbDW5zYFA=
Subject key identifier:   1B:B3:E1:7E:67:2E:6F:C8:9E:71:F3:36:E3:98:DC:F3:FB:03:9F:E6
Authority key identifier: 6A:9D:99:E1:EB:27:EC:7A:BB:E9:35:62:79:C8:41:1A:41:30:FD:CA
Certificate issuer:       /CN=6a9d99e1eb27ec7abbe9356279c8411a4130fdca
Certificate serial:       0199FC583517E6AC20B252E5ED4306DA3964
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ap2Z4esn7Hq76TViechBGkEw_co.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2a/73c8f0-7a5a-4adb-a12d-b7daf2e60f6f/1/ap2Z4esn7Hq76TViechBGkEw_co.mft
Manifest number:          0D58
Signing time:             Sun 19 Oct 2025 12:01:03 +0000
Manifest this update:     Sun 19 Oct 2025 12:01:03 +0000
Manifest next update:     Mon 20 Oct 2025 12:01:03 +0000
Files and hashes:         1: ap2Z4esn7Hq76TViechBGkEw_co.crl (hash: hIKP7garNdWXVRhwsdH2g48DmmcXovVgxqsgWRZOmWY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/2a/73c8f0-7a5a-4adb-a12d-b7daf2e60f6f/1/ap2Z4esn7Hq76TViechBGkEw_co.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/2a/73c8f0-7a5a-4adb-a12d-b7daf2e60f6f/1/ap2Z4esn7Hq76TViechBGkEw_co.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ap2Z4esn7Hq76TViechBGkEw_co.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 06:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fc:58:35:17:e6:ac:20:b2:52:e5:ed:43:06:da:39:64
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6a9d99e1eb27ec7abbe9356279c8411a4130fdca
        Validity
            Not Before: Oct 19 12:01:03 2025 GMT
            Not After : Oct 20 12:01:03 2025 GMT
        Subject: CN=1bb3e17e672e6fc89e71f336e398dcf3fb039fe6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:72:9c:4e:d4:d7:00:7e:27:2f:16:af:6a:49:
                    35:23:17:ca:c9:31:80:33:84:bd:d7:59:ff:42:52:
                    bc:95:a8:e6:06:c9:ae:55:95:1d:03:b2:eb:8e:53:
                    1a:6a:0b:80:a2:11:55:7d:5a:a2:bf:84:62:4b:72:
                    26:4c:28:ff:27:55:25:33:cc:ed:15:9a:ff:29:bd:
                    51:f4:82:77:64:0f:93:7e:ee:76:bc:7c:72:a7:3e:
                    83:22:e4:d0:04:2e:c2:36:87:6d:59:d0:9a:5a:82:
                    98:78:16:99:7a:97:5d:f7:3d:93:16:1d:04:07:64:
                    d2:83:35:69:33:1c:bc:af:67:a3:93:08:13:bb:9e:
                    00:86:d0:05:82:e6:1d:2b:65:97:16:cb:cf:66:e9:
                    4f:2d:7f:0e:46:9c:42:f3:fd:78:f5:10:ba:69:4e:
                    da:dd:68:c3:66:0d:e9:2a:74:04:30:ab:3e:b9:58:
                    5b:f9:b3:7d:97:bb:29:91:6b:fa:5c:55:dd:2c:79:
                    d1:6a:e0:46:d1:92:c3:77:67:6f:5f:dc:08:42:8d:
                    51:a9:65:ef:e9:be:20:93:08:f6:d3:d1:7a:75:d6:
                    3e:13:04:89:c0:db:1c:3a:57:fc:54:a9:d1:aa:76:
                    73:7f:94:33:8e:50:49:34:94:de:e1:e3:b6:b0:13:
                    0d:51
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1B:B3:E1:7E:67:2E:6F:C8:9E:71:F3:36:E3:98:DC:F3:FB:03:9F:E6
            X509v3 Authority Key Identifier:
                keyid:6A:9D:99:E1:EB:27:EC:7A:BB:E9:35:62:79:C8:41:1A:41:30:FD:CA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ap2Z4esn7Hq76TViechBGkEw_co.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/73c8f0-7a5a-4adb-a12d-b7daf2e60f6f/1/ap2Z4esn7Hq76TViechBGkEw_co.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/73c8f0-7a5a-4adb-a12d-b7daf2e60f6f/1/ap2Z4esn7Hq76TViechBGkEw_co.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         01:89:4d:7e:4c:fc:92:37:15:23:25:0f:83:99:cc:da:ac:29:
         46:47:07:61:c9:bc:29:7d:34:72:bc:d8:56:23:c1:5f:3d:ed:
         a9:e6:4a:53:c5:d4:ff:1c:ca:e6:72:8a:1d:1f:d7:94:75:f9:
         a5:21:3d:b4:68:45:43:39:b9:81:f3:b9:d9:b3:7e:b7:09:52:
         8a:51:df:60:98:d9:8f:d3:c1:be:fc:86:b4:98:e9:e7:da:4d:
         2d:82:2d:b6:17:52:ed:ca:ce:55:af:27:f2:49:94:17:8f:60:
         5e:8a:66:0e:ae:6a:20:61:69:82:f2:11:ff:d6:4f:c5:7c:49:
         6c:49:4f:b5:95:53:19:60:dc:e3:5d:8d:50:87:06:63:7d:a1:
         8a:a8:f1:95:ca:d5:87:8e:6d:f9:9f:93:f5:04:12:cd:03:37:
         4c:11:74:f6:58:ab:c4:0a:9f:ad:51:54:56:85:ee:11:52:02:
         a1:94:07:65:ef:ca:0f:ea:5d:8a:9f:1f:19:a4:9f:90:b7:a6:
         43:62:80:20:38:0a:32:b6:92:07:8b:8a:f6:3d:1a:04:44:29:
         ac:b0:c3:4f:36:7c:78:9f:1d:71:0d:20:86:d5:c4:d1:7d:05:
         44:98:a2:cb:3b:20:10:92:06:73:f9:32:b4:3d:8c:63:73:4f:
         4d:b8:ee:69
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn8WDUX5qwgslLl7UMG2jlkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZhOWQ5OWUxZWIyN2VjN2FiYmU5MzU2Mjc5Yzg0MTFhNDEz
MGZkY2EwHhcNMjUxMDE5MTIwMTAzWhcNMjUxMDIwMTIwMTAzWjAzMTEwLwYDVQQD
EygxYmIzZTE3ZTY3MmU2ZmM4OWU3MWYzMzZlMzk4ZGNmM2ZiMDM5ZmU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqnKcTtTXAH4nLxavakk1IxfKyTGA
M4S911n/QlK8lajmBsmuVZUdA7LrjlMaaguAohFVfVqiv4RiS3ImTCj/J1UlM8zt
FZr/Kb1R9IJ3ZA+Tfu52vHxypz6DIuTQBC7CNodtWdCaWoKYeBaZepdd9z2TFh0E
B2TSgzVpMxy8r2ejkwgTu54AhtAFguYdK2WXFsvPZulPLX8ORpxC8/149RC6aU7a
3WjDZg3pKnQEMKs+uVhb+bN9l7spkWv6XFXdLHnRauBG0ZLDd2dvX9wIQo1RqWXv
6b4gkwj209F6ddY+EwSJwNscOlf8VKnRqnZzf5QzjlBJNJTe4eO2sBMNUQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBuz4X5nLm/InnHzNuOY3PP7A5/mMB8GA1UdIwQY
MBaAFGqdmeHrJ+x6u+k1YnnIQRpBMP3KMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYXAyWjRlc243SHE3NlRWaWVjaEJHa0V3X2NvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS83M2M4ZjAtN2E1YS00YWRiLWExMmQt
YjdkYWYyZTYwZjZmLzEvYXAyWjRlc243SHE3NlRWaWVjaEJHa0V3X2NvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS83M2M4ZjAtN2E1YS00YWRiLWExMmQtYjdkYWYyZTYwZjZm
LzEvYXAyWjRlc243SHE3NlRWaWVjaEJHa0V3X2NvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAAYlNfkz8
kjcVIyUPg5nM2qwpRkcHYcm8KX00crzYViPBXz3tqeZKU8XU/xzK5nKKHR/XlHX5
pSE9tGhFQzm5gfO52bN+twlSilHfYJjZj9PBvvyGtJjp59pNLYItthdS7crOVa8n
8kmUF49gXopmDq5qIGFpgvIR/9ZPxXxJbElPtZVTGWDc412NUIcGY32hiqjxlcrV
h45t+Z+T9QQSzQM3TBF09lirxAqfrVFUVoXuEVICoZQHZe/KD+pdip8fGaSfkLem
Q2KAIDgKMraSB4uK9j0aBEQprLDDTzZ8eJ8dcQ0ghtXE0X0FRJiiyzsgEJIGc/ky
tD2MY3NPTbjuaQ==
-----END CERTIFICATE-----
Generated at Sun Oct 19 15:23:09 2025 by rpki-client