Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/7672e2-1c7f-4d2e-8961-c26c3e23baf6/1/0wUa-GYelCUtF1k103l-nsos2Aw.mft
File:                     0wUa-GYelCUtF1k103l-nsos2Aw.mft (raw, json)
Hash identifier:          tIeFLJ5uRUc91gKJCSlyRsYxN6sOdHVLRltTzFvdzBE=
Subject key identifier:   DC:1A:FD:92:08:A6:03:79:3C:F9:35:F7:F4:C0:E5:5E:79:ED:7F:20
Authority key identifier: D3:05:1A:F8:66:1E:94:25:2D:17:59:35:D3:79:7E:9E:CA:2C:D8:0C
Certificate issuer:       /CN=d3051af8661e94252d175935d3797e9eca2cd80c
Certificate serial:       0199FC58F52A287A059AA814D570CA739F86
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/0wUa-GYelCUtF1k103l-nsos2Aw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/42/7672e2-1c7f-4d2e-8961-c26c3e23baf6/1/0wUa-GYelCUtF1k103l-nsos2Aw.mft
Manifest number:          104A
Signing time:             Sun 19 Oct 2025 12:01:52 +0000
Manifest this update:     Sun 19 Oct 2025 12:01:52 +0000
Manifest next update:     Mon 20 Oct 2025 12:01:52 +0000
Files and hashes:         1: 0wUa-GYelCUtF1k103l-nsos2Aw.crl (hash: UzpS0fiKhKNB4f9RXLfxPRhVWksr4SLMrKg4oYIfPbQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/42/7672e2-1c7f-4d2e-8961-c26c3e23baf6/1/0wUa-GYelCUtF1k103l-nsos2Aw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/42/7672e2-1c7f-4d2e-8961-c26c3e23baf6/1/0wUa-GYelCUtF1k103l-nsos2Aw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/0wUa-GYelCUtF1k103l-nsos2Aw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 06:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fc:58:f5:2a:28:7a:05:9a:a8:14:d5:70:ca:73:9f:86
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d3051af8661e94252d175935d3797e9eca2cd80c
        Validity
            Not Before: Oct 19 12:01:52 2025 GMT
            Not After : Oct 20 12:01:52 2025 GMT
        Subject: CN=dc1afd9208a603793cf935f7f4c0e55e79ed7f20
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:97:29:f8:d0:59:ce:39:cd:85:4f:4a:29:a1:66:
                    8e:6b:43:12:71:6d:8c:bf:9a:61:03:4c:60:36:e3:
                    69:7e:f2:28:cc:9f:8a:c2:12:bd:1d:15:4b:95:8c:
                    92:39:1e:45:15:5b:4e:e0:f2:07:ff:4a:17:e6:ab:
                    62:7e:b8:2c:16:44:73:63:32:8a:f1:dd:06:f4:0c:
                    f0:8f:9c:27:c4:48:84:bf:37:5f:4e:4b:75:25:78:
                    e6:18:24:95:aa:21:4e:fb:3a:7f:3b:e2:3d:42:97:
                    95:58:e8:08:eb:25:de:c3:89:24:1f:92:7c:dc:cd:
                    a0:bf:aa:1b:1c:e6:9d:20:5c:38:28:55:a7:63:c6:
                    fb:17:f1:45:e6:46:12:60:e1:d3:42:e3:99:10:42:
                    90:9e:53:5e:98:9a:72:93:7c:84:5e:fa:61:24:cb:
                    b0:7c:67:82:9e:86:f2:4c:62:e8:06:1c:c8:59:30:
                    0f:6f:a5:8a:fe:6a:0d:71:d2:f7:01:2c:92:91:89:
                    b1:64:06:b2:8b:8b:b3:36:40:3e:10:53:86:9a:68:
                    c7:71:b7:8e:08:78:70:8a:08:f0:64:02:68:68:e5:
                    84:30:3a:aa:48:fd:85:ea:81:a3:55:dc:72:55:bc:
                    8e:ca:94:3a:f4:1a:c9:f4:1f:d3:46:f2:71:4c:7e:
                    b1:2b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DC:1A:FD:92:08:A6:03:79:3C:F9:35:F7:F4:C0:E5:5E:79:ED:7F:20
            X509v3 Authority Key Identifier:
                keyid:D3:05:1A:F8:66:1E:94:25:2D:17:59:35:D3:79:7E:9E:CA:2C:D8:0C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0wUa-GYelCUtF1k103l-nsos2Aw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/7672e2-1c7f-4d2e-8961-c26c3e23baf6/1/0wUa-GYelCUtF1k103l-nsos2Aw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/42/7672e2-1c7f-4d2e-8961-c26c3e23baf6/1/0wUa-GYelCUtF1k103l-nsos2Aw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         e7:2b:23:95:e1:fb:5f:52:a0:86:e9:c4:10:3b:e3:19:38:47:
         14:7c:b6:79:1f:69:07:c1:91:11:5f:4d:02:d7:8e:16:f0:21:
         be:3d:14:07:2f:74:be:82:0b:39:70:f3:13:1f:f3:31:70:d5:
         f2:7f:19:41:4d:26:ef:9e:95:d3:c5:0e:79:77:39:24:17:f1:
         21:36:a0:bc:5d:90:b3:55:b5:9c:e2:31:f2:e6:ab:c2:af:81:
         ee:94:08:76:9e:c6:8c:c2:54:92:2d:d8:a8:11:ba:0c:41:34:
         a6:29:7b:b4:1f:9e:23:16:9d:fa:8c:4d:47:6e:1d:10:21:60:
         c4:a5:4c:69:a6:ed:df:9a:ef:c1:b4:8a:13:b9:d7:d4:de:54:
         7d:fb:27:58:b4:30:69:e0:4c:10:39:35:cb:97:e6:ee:5f:2a:
         05:51:17:17:92:37:4d:e1:48:27:55:6e:76:5f:ff:12:7f:1b:
         17:63:76:3e:57:f6:0c:8e:ee:ca:c7:6c:17:15:6d:2d:32:b8:
         48:54:d4:f4:dd:bc:7c:0c:5b:6e:a7:48:05:17:cc:f1:df:8b:
         0c:d1:f8:35:31:6b:a8:b9:1a:3d:5d:6e:16:bf:f9:f2:e8:08:
         79:d7:ad:e5:3d:2d:64:c7:46:69:ce:96:60:8e:47:6e:d6:59:
         f4:db:ce:4b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn8WPUqKHoFmqgU1XDKc5+GMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzMDUxYWY4NjYxZTk0MjUyZDE3NTkzNWQzNzk3ZTllY2Ey
Y2Q4MGMwHhcNMjUxMDE5MTIwMTUyWhcNMjUxMDIwMTIwMTUyWjAzMTEwLwYDVQQD
EyhkYzFhZmQ5MjA4YTYwMzc5M2NmOTM1ZjdmNGMwZTU1ZTc5ZWQ3ZjIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlyn40FnOOc2FT0opoWaOa0MScW2M
v5phA0xgNuNpfvIozJ+KwhK9HRVLlYySOR5FFVtO4PIH/0oX5qtifrgsFkRzYzKK
8d0G9Azwj5wnxEiEvzdfTkt1JXjmGCSVqiFO+zp/O+I9QpeVWOgI6yXew4kkH5J8
3M2gv6obHOadIFw4KFWnY8b7F/FF5kYSYOHTQuOZEEKQnlNemJpyk3yEXvphJMuw
fGeCnobyTGLoBhzIWTAPb6WK/moNcdL3ASySkYmxZAayi4uzNkA+EFOGmmjHcbeO
CHhwigjwZAJoaOWEMDqqSP2F6oGjVdxyVbyOypQ69BrJ9B/TRvJxTH6xKwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNwa/ZIIpgN5PPk19/TA5V557X8gMB8GA1UdIwQY
MBaAFNMFGvhmHpQlLRdZNdN5fp7KLNgMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMHdVYS1HWWVsQ1V0RjFrMTAzbC1uc29zMkF3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi83NjcyZTItMWM3Zi00ZDJlLTg5NjEt
YzI2YzNlMjNiYWY2LzEvMHdVYS1HWWVsQ1V0RjFrMTAzbC1uc29zMkF3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi83NjcyZTItMWM3Zi00ZDJlLTg5NjEtYzI2YzNlMjNiYWY2
LzEvMHdVYS1HWWVsQ1V0RjFrMTAzbC1uc29zMkF3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEA5ysjleH7
X1KghunEEDvjGThHFHy2eR9pB8GREV9NAteOFvAhvj0UBy90voILOXDzEx/zMXDV
8n8ZQU0m756V08UOeXc5JBfxITagvF2Qs1W1nOIx8uarwq+B7pQIdp7GjMJUki3Y
qBG6DEE0pil7tB+eIxad+oxNR24dECFgxKVMaabt35rvwbSKE7nX1N5UffsnWLQw
aeBMEDk1y5fm7l8qBVEXF5I3TeFIJ1Vudl//En8bF2N2Plf2DI7uysdsFxVtLTK4
SFTU9N28fAxbbqdIBRfM8d+LDNH4NTFrqLkaPV1uFr/58ugIedet5T0tZMdGac6W
YI5HbtZZ9NvOSw==
-----END CERTIFICATE-----
Generated at Sun Oct 19 15:23:08 2025 by rpki-client