Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/b254bd-145c-4019-88a4-d5a177178f4a/1/xFz9uYA84FcULRh_hrxPVnHX63s.mft
File:                     xFz9uYA84FcULRh_hrxPVnHX63s.mft (raw, json)
Hash identifier:          mDTn6yh2RsQWwDKCzx75s5QRuHaryEs93jgg9YgjRUU=
Subject key identifier:   76:84:FE:34:78:6D:5D:4A:0B:4C:52:A1:DD:7C:0E:C4:7B:D2:2F:C1
Authority key identifier: C4:5C:FD:B9:80:3C:E0:57:14:2D:18:7F:86:BC:4F:56:71:D7:EB:7B
Certificate issuer:       /CN=c45cfdb9803ce057142d187f86bc4f5671d7eb7b
Certificate serial:       0199FDD9530B7158690B2E9384064561E339
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/xFz9uYA84FcULRh_hrxPVnHX63s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2d/b254bd-145c-4019-88a4-d5a177178f4a/1/xFz9uYA84FcULRh_hrxPVnHX63s.mft
Manifest number:          16DD
Signing time:             Sun 19 Oct 2025 19:01:42 +0000
Manifest this update:     Sun 19 Oct 2025 19:01:42 +0000
Manifest next update:     Mon 20 Oct 2025 19:01:42 +0000
Files and hashes:         1: xFz9uYA84FcULRh_hrxPVnHX63s.crl (hash: T8nlaWB7QqRlWtcLWzyE/88w31GB0yPd7ZA8ckkj0tA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/2d/b254bd-145c-4019-88a4-d5a177178f4a/1/xFz9uYA84FcULRh_hrxPVnHX63s.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/2d/b254bd-145c-4019-88a4-d5a177178f4a/1/xFz9uYA84FcULRh_hrxPVnHX63s.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/xFz9uYA84FcULRh_hrxPVnHX63s.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 19:01:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fd:d9:53:0b:71:58:69:0b:2e:93:84:06:45:61:e3:39
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c45cfdb9803ce057142d187f86bc4f5671d7eb7b
        Validity
            Not Before: Oct 19 19:01:42 2025 GMT
            Not After : Oct 20 19:01:42 2025 GMT
        Subject: CN=7684fe34786d5d4a0b4c52a1dd7c0ec47bd22fc1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c5:6b:3a:11:6a:f4:fb:bf:c0:4b:20:56:f7:e1:
                    dd:ed:79:94:9f:ce:1b:48:dd:71:29:29:82:11:e9:
                    8d:3a:a8:02:3f:07:76:4c:1b:e6:3f:f4:a3:bd:32:
                    5e:28:b9:34:a1:48:a5:fc:a2:e2:9f:7c:11:10:b9:
                    a6:6d:15:cb:21:3f:20:da:09:36:4b:24:23:1b:9b:
                    54:eb:b6:e0:fa:32:3c:72:ea:f2:eb:39:61:0e:26:
                    81:f8:c5:83:80:5a:1e:b2:1a:8c:44:41:c2:3b:0c:
                    f8:7d:13:11:4c:71:db:7e:e7:e7:29:dd:ca:5a:b9:
                    55:8c:82:d5:18:af:46:ee:22:68:0b:75:0f:b2:b7:
                    96:e2:7e:92:22:0d:e9:e1:6a:e4:0c:a9:f3:dd:5f:
                    a5:9a:1f:e2:fa:8e:27:a9:77:50:fb:c4:50:4b:86:
                    c4:c1:8b:c3:af:a7:69:3c:ce:ef:e7:29:7d:2d:b5:
                    10:d4:7b:3e:f3:f1:4a:6e:e0:26:3b:1d:f9:42:a7:
                    26:8c:37:b2:47:85:45:2c:27:ed:8b:b5:6e:f1:ab:
                    e9:55:da:6c:8d:a6:a6:20:f0:62:9b:3b:bb:49:b6:
                    dc:77:33:5e:11:a0:0d:b4:b4:55:47:7e:14:a0:43:
                    78:ed:43:b1:5d:78:9e:6c:cb:4c:01:6c:53:a8:18:
                    6b:ff
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                76:84:FE:34:78:6D:5D:4A:0B:4C:52:A1:DD:7C:0E:C4:7B:D2:2F:C1
            X509v3 Authority Key Identifier:
                keyid:C4:5C:FD:B9:80:3C:E0:57:14:2D:18:7F:86:BC:4F:56:71:D7:EB:7B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xFz9uYA84FcULRh_hrxPVnHX63s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/b254bd-145c-4019-88a4-d5a177178f4a/1/xFz9uYA84FcULRh_hrxPVnHX63s.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/b254bd-145c-4019-88a4-d5a177178f4a/1/xFz9uYA84FcULRh_hrxPVnHX63s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6b:b0:64:4f:fa:c8:5e:f4:c7:4f:32:8d:92:9e:94:15:ca:a8:
         50:18:e0:84:40:e1:92:f2:2b:15:04:d5:c5:e7:f0:ff:47:52:
         9a:be:d9:5e:b3:65:b0:43:04:ce:92:ec:88:19:42:e4:24:11:
         b3:5e:1e:3f:76:39:63:2f:e2:90:b9:47:b8:38:37:33:da:74:
         e7:85:54:a4:14:96:3f:96:ea:97:93:eb:24:f4:4e:4d:eb:7b:
         e4:05:c2:42:c4:2d:d7:c6:b0:22:c7:90:9d:54:2d:94:e2:23:
         56:ee:26:a0:e4:56:24:72:7b:4d:16:f3:8d:1e:08:fa:2c:6f:
         60:2a:41:33:cd:d3:48:6d:c1:cc:88:ae:44:76:fa:66:60:7f:
         95:97:85:f0:2c:c6:34:24:d1:3d:f6:87:57:01:60:d4:2c:b8:
         2a:5a:6e:f8:4e:3f:8f:28:ca:73:dd:a0:70:97:48:df:bb:54:
         c4:69:14:0c:7f:f3:e7:2d:5c:ad:5e:1e:ee:b2:a7:73:61:19:
         c0:6a:2c:f6:a9:cf:01:a6:5b:f6:7f:2d:49:71:b3:48:2f:ef:
         b7:ea:5b:d5:7d:c8:43:e1:5f:c7:ad:c3:e2:de:aa:d1:4c:76:
         84:6f:e5:3b:16:f7:65:06:7d:7b:85:e3:d1:0f:7f:89:58:03:
         51:6e:84:9c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn92VMLcVhpCy6ThAZFYeM5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0NWNmZGI5ODAzY2UwNTcxNDJkMTg3Zjg2YmM0ZjU2NzFk
N2ViN2IwHhcNMjUxMDE5MTkwMTQyWhcNMjUxMDIwMTkwMTQyWjAzMTEwLwYDVQQD
Eyg3Njg0ZmUzNDc4NmQ1ZDRhMGI0YzUyYTFkZDdjMGVjNDdiZDIyZmMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxWs6EWr0+7/ASyBW9+Hd7XmUn84b
SN1xKSmCEemNOqgCPwd2TBvmP/SjvTJeKLk0oUil/KLin3wRELmmbRXLIT8g2gk2
SyQjG5tU67bg+jI8cury6zlhDiaB+MWDgFoeshqMREHCOwz4fRMRTHHbfufnKd3K
WrlVjILVGK9G7iJoC3UPsreW4n6SIg3p4WrkDKnz3V+lmh/i+o4nqXdQ+8RQS4bE
wYvDr6dpPM7v5yl9LbUQ1Hs+8/FKbuAmOx35QqcmjDeyR4VFLCfti7Vu8avpVdps
jaamIPBimzu7SbbcdzNeEaANtLRVR34UoEN47UOxXXiebMtMAWxTqBhr/wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHaE/jR4bV1KC0xSod18DsR70i/BMB8GA1UdIwQY
MBaAFMRc/bmAPOBXFC0Yf4a8T1Zx1+t7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveEZ6OXVZQTg0RmNVTFJoX2hyeFBWbkhYNjNzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9iMjU0YmQtMTQ1Yy00MDE5LTg4YTQt
ZDVhMTc3MTc4ZjRhLzEveEZ6OXVZQTg0RmNVTFJoX2hyeFBWbkhYNjNzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9iMjU0YmQtMTQ1Yy00MDE5LTg4YTQtZDVhMTc3MTc4ZjRh
LzEveEZ6OXVZQTg0RmNVTFJoX2hyeFBWbkhYNjNzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAa7BkT/rI
XvTHTzKNkp6UFcqoUBjghEDhkvIrFQTVxefw/0dSmr7ZXrNlsEMEzpLsiBlC5CQR
s14eP3Y5Yy/ikLlHuDg3M9p054VUpBSWP5bql5PrJPROTet75AXCQsQt18awIseQ
nVQtlOIjVu4moORWJHJ7TRbzjR4I+ixvYCpBM83TSG3BzIiuRHb6ZmB/lZeF8CzG
NCTRPfaHVwFg1Cy4Klpu+E4/jyjKc92gcJdI37tUxGkUDH/z5y1crV4e7rKnc2EZ
wGos9qnPAaZb9n8tSXGzSC/vt+pb1X3IQ+Ffx63D4t6q0Ux2hG/lOxb3ZQZ9e4Xj
0Q9/iVgDUW6EnA==
-----END CERTIFICATE-----
Generated at Mon Oct 20 04:42:31 2025 by rpki-client