Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3d/8d0b05-263f-403a-abf4-238bde0e1ef7/1/lER-sxl6ox5-aEnxavVaslMB-oI.mft
File:                     lER-sxl6ox5-aEnxavVaslMB-oI.mft (raw, json)
Hash identifier:          0vrUUjoPdgRU1Mv0bv+Q6UTDFhpNNvQrnr91VDH/uDc=
Subject key identifier:   51:BC:64:9F:97:99:26:C6:4C:DA:C8:6D:DB:2C:51:EE:AC:D7:75:3C
Authority key identifier: 94:44:7E:B3:19:7A:A3:1E:7E:68:49:F1:6A:F5:5A:B2:53:01:FA:82
Certificate issuer:       /CN=94447eb3197aa31e7e6849f16af55ab25301fa82
Certificate serial:       0199FD3463E5879E6277331C45C8FAFE19B4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/lER-sxl6ox5-aEnxavVaslMB-oI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3d/8d0b05-263f-403a-abf4-238bde0e1ef7/1/lER-sxl6ox5-aEnxavVaslMB-oI.mft
Manifest number:          065B
Signing time:             Sun 19 Oct 2025 16:01:32 +0000
Manifest this update:     Sun 19 Oct 2025 16:01:32 +0000
Manifest next update:     Mon 20 Oct 2025 16:01:32 +0000
Files and hashes:         1: lER-sxl6ox5-aEnxavVaslMB-oI.crl (hash: HRcD8O+vxGlwUae7H52KTzASvfSxsgJg8T7176K5lgY=)
                          2: o3HDa5Hn0JXB7VWawD3Vzcdyd5k.roa (hash: di4+72seaNK8FCueSsPtQY60+2j8OsXpOCEk2d98xmo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3d/8d0b05-263f-403a-abf4-238bde0e1ef7/1/lER-sxl6ox5-aEnxavVaslMB-oI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3d/8d0b05-263f-403a-abf4-238bde0e1ef7/1/lER-sxl6ox5-aEnxavVaslMB-oI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/lER-sxl6ox5-aEnxavVaslMB-oI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 11:18:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fd:34:63:e5:87:9e:62:77:33:1c:45:c8:fa:fe:19:b4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=94447eb3197aa31e7e6849f16af55ab25301fa82
        Validity
            Not Before: Oct 19 16:01:32 2025 GMT
            Not After : Oct 20 16:01:32 2025 GMT
        Subject: CN=51bc649f979926c64cdac86ddb2c51eeacd7753c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:db:c3:58:c5:ac:95:32:95:30:21:00:12:3e:7f:
                    a6:5c:2d:1b:80:a6:80:75:5e:ad:90:ac:a6:f9:b5:
                    a6:db:8d:2f:40:1c:4f:bc:28:53:0d:41:b5:80:ec:
                    a6:d3:a5:fc:ef:3e:aa:bb:e2:4b:44:ad:c1:2b:b8:
                    41:fd:98:3c:53:d7:f1:83:88:cd:1d:92:0b:3d:e7:
                    50:3c:de:8d:6a:f4:04:0b:f6:78:87:ca:12:bf:49:
                    07:56:2a:23:bf:2c:3c:85:64:80:e7:d0:60:3d:73:
                    fe:4b:aa:f7:ad:a8:5f:02:3d:bc:8a:c5:fd:52:12:
                    5a:a2:88:30:32:c2:22:63:8e:ae:c4:c3:ca:20:02:
                    92:c8:0c:9f:d5:d8:d9:6b:fa:99:2b:1f:58:3d:74:
                    63:2a:68:c3:9c:9a:67:42:b4:ed:d0:84:67:88:59:
                    f8:56:82:97:d3:cb:eb:36:5c:d3:7c:37:df:2f:40:
                    75:05:1a:17:21:29:64:be:ab:e4:91:26:62:1e:24:
                    fb:2a:25:7a:ee:1c:ed:e1:b5:24:96:77:a8:42:50:
                    23:ee:7a:02:aa:74:b8:f7:d0:d3:51:c2:50:35:90:
                    f9:b3:e3:da:68:64:2d:ea:35:8c:47:11:ba:16:c6:
                    05:c5:30:a3:97:c2:d8:e2:2e:9c:f1:c8:e5:92:60:
                    0d:41
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                51:BC:64:9F:97:99:26:C6:4C:DA:C8:6D:DB:2C:51:EE:AC:D7:75:3C
            X509v3 Authority Key Identifier:
                keyid:94:44:7E:B3:19:7A:A3:1E:7E:68:49:F1:6A:F5:5A:B2:53:01:FA:82

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lER-sxl6ox5-aEnxavVaslMB-oI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/8d0b05-263f-403a-abf4-238bde0e1ef7/1/lER-sxl6ox5-aEnxavVaslMB-oI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/8d0b05-263f-403a-abf4-238bde0e1ef7/1/lER-sxl6ox5-aEnxavVaslMB-oI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         d7:be:87:03:ae:8d:ab:66:4a:f6:6c:17:e3:a4:0d:a0:1c:fc:
         2c:99:3b:f4:6a:a2:d7:b2:7c:16:43:36:cc:ab:b5:df:e7:91:
         e5:62:dc:5e:ea:27:9e:89:c2:93:ea:b5:2c:98:08:2d:04:04:
         0f:19:60:a6:2a:01:4f:dc:51:96:e4:20:ea:e3:7e:f6:9a:68:
         af:c0:61:40:3d:a2:da:d5:4b:3a:e1:65:29:56:6a:58:b9:b1:
         41:81:85:25:36:06:be:64:ab:26:c2:db:f5:4e:e5:14:a8:5f:
         44:83:8f:79:19:e9:f9:87:e1:b3:6a:8e:20:e4:c9:d9:96:10:
         27:62:f7:e9:9d:1e:9a:21:ee:0d:44:43:d7:52:40:fc:e0:de:
         fd:1d:5c:7f:03:46:b3:81:bf:e4:b8:99:04:50:68:bc:cf:3a:
         88:cd:b0:8d:11:e4:e6:2f:c5:bb:5a:4c:33:51:da:58:9d:d2:
         e8:07:60:51:01:d7:36:c7:16:3a:a0:5d:55:6d:f6:46:3c:70:
         68:68:b8:92:be:3c:b5:3f:39:83:2b:62:a7:8b:90:6a:6a:a3:
         e4:3c:21:ec:9f:74:0c:d8:1c:8e:8d:a4:ac:5e:e2:52:87:97:
         53:27:0c:83:79:a8:93:87:bc:85:c9:18:0f:17:24:5e:a4:04:
         19:de:d2:f7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn9NGPlh55idzMcRcj6/hm0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk0NDQ3ZWIzMTk3YWEzMWU3ZTY4NDlmMTZhZjU1YWIyNTMw
MWZhODIwHhcNMjUxMDE5MTYwMTMyWhcNMjUxMDIwMTYwMTMyWjAzMTEwLwYDVQQD
Eyg1MWJjNjQ5Zjk3OTkyNmM2NGNkYWM4NmRkYjJjNTFlZWFjZDc3NTNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA28NYxayVMpUwIQASPn+mXC0bgKaA
dV6tkKym+bWm240vQBxPvChTDUG1gOym06X87z6qu+JLRK3BK7hB/Zg8U9fxg4jN
HZILPedQPN6NavQEC/Z4h8oSv0kHViojvyw8hWSA59BgPXP+S6r3rahfAj28isX9
UhJaoogwMsIiY46uxMPKIAKSyAyf1djZa/qZKx9YPXRjKmjDnJpnQrTt0IRniFn4
VoKX08vrNlzTfDffL0B1BRoXISlkvqvkkSZiHiT7KiV67hzt4bUklneoQlAj7noC
qnS499DTUcJQNZD5s+PaaGQt6jWMRxG6FsYFxTCjl8LY4i6c8cjlkmANQQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFG8ZJ+XmSbGTNrIbdssUe6s13U8MB8GA1UdIwQY
MBaAFJREfrMZeqMefmhJ8Wr1WrJTAfqCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbEVSLXN4bDZveDUtYUVueGF2VmFzbE1CLW9JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZC84ZDBiMDUtMjYzZi00MDNhLWFiZjQt
MjM4YmRlMGUxZWY3LzEvbEVSLXN4bDZveDUtYUVueGF2VmFzbE1CLW9JLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZC84ZDBiMDUtMjYzZi00MDNhLWFiZjQtMjM4YmRlMGUxZWY3
LzEvbEVSLXN4bDZveDUtYUVueGF2VmFzbE1CLW9JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEA176HA66N
q2ZK9mwX46QNoBz8LJk79Gqi17J8FkM2zKu13+eR5WLcXuonnonCk+q1LJgILQQE
DxlgpioBT9xRluQg6uN+9ppor8BhQD2i2tVLOuFlKVZqWLmxQYGFJTYGvmSrJsLb
9U7lFKhfRIOPeRnp+Yfhs2qOIOTJ2ZYQJ2L36Z0emiHuDURD11JA/ODe/R1cfwNG
s4G/5LiZBFBovM86iM2wjRHk5i/Fu1pMM1HaWJ3S6AdgUQHXNscWOqBdVW32Rjxw
aGi4kr48tT85gytip4uQamqj5Dwh7J90DNgcjo2krF7iUoeXUycMg3mok4e8hckY
DxckXqQEGd7S9w==
-----END CERTIFICATE-----
Generated at Sun Oct 19 20:11:50 2025 by rpki-client