Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/220cae-8459-4870-a6a2-30a16485f5c4/1/giKx_lqaAWNQKFrAeI08yrPrORk.mft
File:                     giKx_lqaAWNQKFrAeI08yrPrORk.mft (raw, json)
Hash identifier:          q0Y8kRi4TPeiYg5WTPmXlkGfxLZdwR7cQjpHsaG6rBw=
Subject key identifier:   D9:CF:DB:CD:82:E2:DF:D1:10:B9:E1:6C:12:F6:9B:C5:D9:9C:9E:65
Authority key identifier: 82:22:B1:FE:5A:9A:01:63:50:28:5A:C0:78:8D:3C:CA:B3:EB:39:19
Certificate issuer:       /CN=8222b1fe5a9a016350285ac0788d3ccab3eb3919
Certificate serial:       0199FC21B9FFC56DF60926B51F4FA803E99F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/giKx_lqaAWNQKFrAeI08yrPrORk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3a/220cae-8459-4870-a6a2-30a16485f5c4/1/giKx_lqaAWNQKFrAeI08yrPrORk.mft
Manifest number:          082A
Signing time:             Sun 19 Oct 2025 11:01:32 +0000
Manifest this update:     Sun 19 Oct 2025 11:01:32 +0000
Manifest next update:     Mon 20 Oct 2025 11:01:32 +0000
Files and hashes:         1: giKx_lqaAWNQKFrAeI08yrPrORk.crl (hash: CEiuIVYw9wpovy98pW6O0ebW6Z5ulQYragt9jcDsxMA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3a/220cae-8459-4870-a6a2-30a16485f5c4/1/giKx_lqaAWNQKFrAeI08yrPrORk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3a/220cae-8459-4870-a6a2-30a16485f5c4/1/giKx_lqaAWNQKFrAeI08yrPrORk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/giKx_lqaAWNQKFrAeI08yrPrORk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 06:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fc:21:b9:ff:c5:6d:f6:09:26:b5:1f:4f:a8:03:e9:9f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8222b1fe5a9a016350285ac0788d3ccab3eb3919
        Validity
            Not Before: Oct 19 11:01:32 2025 GMT
            Not After : Oct 20 11:01:32 2025 GMT
        Subject: CN=d9cfdbcd82e2dfd110b9e16c12f69bc5d99c9e65
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ef:53:6a:bb:1a:d9:a5:76:21:44:c1:5e:6e:bc:
                    88:21:fb:e7:00:d1:c0:2e:5e:57:cb:5e:82:07:12:
                    74:1f:0c:3f:97:4a:d6:89:93:61:3c:94:2f:fc:8e:
                    08:20:79:3d:73:48:72:ac:c8:8c:b7:ce:56:95:06:
                    cd:ae:48:b9:0a:bd:1d:26:99:dd:eb:4b:f9:fb:d1:
                    9f:9c:1f:31:f1:79:b7:3e:3b:76:27:6f:96:d2:49:
                    63:c2:7d:a3:56:16:4b:8f:83:a5:20:1b:9d:35:c1:
                    91:9e:bf:98:5a:25:5e:6f:70:08:36:5c:c3:b5:80:
                    9b:44:77:82:04:c3:98:56:2a:a4:15:23:4c:4e:d9:
                    23:4d:4c:9b:b9:62:37:fe:09:b5:8e:1a:de:16:67:
                    23:6b:7c:c1:28:6f:31:3d:24:a3:20:83:bb:7e:5d:
                    9d:e8:22:cd:a5:e0:78:7a:eb:77:5b:37:2f:f2:ad:
                    61:a1:63:e0:bb:58:55:39:af:e2:f6:9d:20:a8:9c:
                    1a:d3:ea:1b:ff:a9:d6:36:f6:a8:89:ff:7c:40:f0:
                    9a:a7:f2:f0:85:ab:14:3f:52:29:5c:e2:8b:1b:e6:
                    34:c5:d5:72:50:24:06:f6:2a:62:71:c0:3a:64:e8:
                    ac:c8:67:6b:46:82:2d:cb:9e:ca:1e:25:91:04:e8:
                    26:35
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D9:CF:DB:CD:82:E2:DF:D1:10:B9:E1:6C:12:F6:9B:C5:D9:9C:9E:65
            X509v3 Authority Key Identifier:
                keyid:82:22:B1:FE:5A:9A:01:63:50:28:5A:C0:78:8D:3C:CA:B3:EB:39:19

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/giKx_lqaAWNQKFrAeI08yrPrORk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/220cae-8459-4870-a6a2-30a16485f5c4/1/giKx_lqaAWNQKFrAeI08yrPrORk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/220cae-8459-4870-a6a2-30a16485f5c4/1/giKx_lqaAWNQKFrAeI08yrPrORk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         77:fc:c6:68:26:c4:71:1c:58:c9:cc:5c:1d:a8:4d:3c:fe:3b:
         cb:87:b9:f7:75:bb:36:79:bb:5c:de:76:da:d1:21:4a:4f:c4:
         b4:59:6e:c1:fa:0a:fd:5f:b6:59:4c:da:9b:10:6c:b8:6d:6a:
         59:6b:04:a4:2e:ef:10:d1:eb:cd:b6:c9:fa:1a:b0:1c:5c:ce:
         fc:f8:ea:a7:bb:2d:a5:34:2f:c5:a2:8f:e1:f8:01:a2:40:a8:
         03:06:53:7a:88:b1:0b:9c:f3:2b:12:f4:ba:a2:45:2e:24:74:
         07:e3:d8:28:c5:9f:69:33:86:bd:60:51:17:a8:07:af:fd:a8:
         80:c3:29:5b:d5:32:dd:81:a8:84:2d:48:5d:15:b1:ee:86:1a:
         49:94:b1:e3:65:2e:f0:54:a5:d0:99:1d:3c:04:16:99:5d:63:
         d2:03:10:7d:17:83:db:b4:e7:cd:1b:f7:3e:74:ef:cd:e3:26:
         d3:2e:c2:3d:97:85:ee:5d:5e:04:1e:40:7a:40:a8:7c:7e:33:
         f1:d3:f8:9c:c1:56:8b:d4:e8:95:ad:f2:7f:cd:ba:b9:0a:93:
         d6:14:87:56:33:d4:54:cb:dc:28:40:f7:88:62:a4:c4:c4:8d:
         ff:26:1f:89:e5:cd:0d:4d:2b:16:50:ae:5e:28:1f:43:0e:98:
         e2:ef:dd:85
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn8Ibn/xW32CSa1H0+oA+mfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgyMjJiMWZlNWE5YTAxNjM1MDI4NWFjMDc4OGQzY2NhYjNl
YjM5MTkwHhcNMjUxMDE5MTEwMTMyWhcNMjUxMDIwMTEwMTMyWjAzMTEwLwYDVQQD
EyhkOWNmZGJjZDgyZTJkZmQxMTBiOWUxNmMxMmY2OWJjNWQ5OWM5ZTY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA71NquxrZpXYhRMFebryIIfvnANHA
Ll5Xy16CBxJ0Hww/l0rWiZNhPJQv/I4IIHk9c0hyrMiMt85WlQbNrki5Cr0dJpnd
60v5+9GfnB8x8Xm3Pjt2J2+W0kljwn2jVhZLj4OlIBudNcGRnr+YWiVeb3AINlzD
tYCbRHeCBMOYViqkFSNMTtkjTUybuWI3/gm1jhreFmcja3zBKG8xPSSjIIO7fl2d
6CLNpeB4eut3Wzcv8q1hoWPgu1hVOa/i9p0gqJwa0+ob/6nWNvaoif98QPCap/Lw
hasUP1IpXOKLG+Y0xdVyUCQG9ipiccA6ZOisyGdrRoIty57KHiWRBOgmNQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNnP282C4t/RELnhbBL2m8XZnJ5lMB8GA1UdIwQY
MBaAFIIisf5amgFjUChawHiNPMqz6zkZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ2lLeF9scWFBV05RS0ZyQWVJMDh5clByT1JrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS8yMjBjYWUtODQ1OS00ODcwLWE2YTIt
MzBhMTY0ODVmNWM0LzEvZ2lLeF9scWFBV05RS0ZyQWVJMDh5clByT1JrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS8yMjBjYWUtODQ1OS00ODcwLWE2YTItMzBhMTY0ODVmNWM0
LzEvZ2lLeF9scWFBV05RS0ZyQWVJMDh5clByT1JrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAd/zGaCbE
cRxYycxcHahNPP47y4e593W7Nnm7XN522tEhSk/EtFluwfoK/V+2WUzamxBsuG1q
WWsEpC7vENHrzbbJ+hqwHFzO/Pjqp7stpTQvxaKP4fgBokCoAwZTeoixC5zzKxL0
uqJFLiR0B+PYKMWfaTOGvWBRF6gHr/2ogMMpW9Uy3YGohC1IXRWx7oYaSZSx42Uu
8FSl0JkdPAQWmV1j0gMQfReD27TnzRv3PnTvzeMm0y7CPZeF7l1eBB5AekCofH4z
8dP4nMFWi9Tola3yf826uQqT1hSHVjPUVMvcKED3iGKkxMSN/yYfieXNDU0rFlCu
XigfQw6Y4u/dhQ==
-----END CERTIFICATE-----
Generated at Sun Oct 19 15:14:46 2025 by rpki-client