Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/7e30e8-b835-44af-a44b-903e4f5e1225/1/Pn1HTATkiliTr3HDWnfN1oJv0zk.mft
File:                     Pn1HTATkiliTr3HDWnfN1oJv0zk.mft (raw, json)
Hash identifier:          YBaJLmjge0FTs8Ri/vPzs8BHGmQjht1bcfPPdy9AZ9E=
Subject key identifier:   97:E0:D5:EE:25:8F:98:7C:AA:72:9C:B9:07:EC:76:17:A8:B4:42:D0
Authority key identifier: 3E:7D:47:4C:04:E4:8A:58:93:AF:71:C3:5A:77:CD:D6:82:6F:D3:39
Certificate issuer:       /CN=3e7d474c04e48a5893af71c35a77cdd6826fd339
Certificate serial:       0199FB7CFCFF3D26E1C01763D684DD9FBFBC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Pn1HTATkiliTr3HDWnfN1oJv0zk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/42/7e30e8-b835-44af-a44b-903e4f5e1225/1/Pn1HTATkiliTr3HDWnfN1oJv0zk.mft
Manifest number:          058D
Signing time:             Sun 19 Oct 2025 08:01:36 +0000
Manifest this update:     Sun 19 Oct 2025 08:01:36 +0000
Manifest next update:     Mon 20 Oct 2025 08:01:36 +0000
Files and hashes:         1: Pn1HTATkiliTr3HDWnfN1oJv0zk.crl (hash: +U46t3Zghjlirs8Nz22WRgsaB+AfwlJm3WKQhzFTuXw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/42/7e30e8-b835-44af-a44b-903e4f5e1225/1/Pn1HTATkiliTr3HDWnfN1oJv0zk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/42/7e30e8-b835-44af-a44b-903e4f5e1225/1/Pn1HTATkiliTr3HDWnfN1oJv0zk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Pn1HTATkiliTr3HDWnfN1oJv0zk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 06:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fb:7c:fc:ff:3d:26:e1:c0:17:63:d6:84:dd:9f:bf:bc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3e7d474c04e48a5893af71c35a77cdd6826fd339
        Validity
            Not Before: Oct 19 08:01:36 2025 GMT
            Not After : Oct 20 08:01:36 2025 GMT
        Subject: CN=97e0d5ee258f987caa729cb907ec7617a8b442d0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d6:9c:70:31:1e:b8:50:71:b1:64:84:aa:55:a9:
                    35:98:d9:19:7c:9d:1c:f7:ec:c8:72:13:43:55:71:
                    28:ed:73:7b:b1:75:91:b4:b3:8d:94:ab:15:59:e5:
                    0e:22:07:88:93:eb:ce:8f:ed:fe:59:96:96:d3:85:
                    51:e0:1e:ee:49:cc:cd:24:25:f2:13:ae:bc:b2:31:
                    aa:db:59:65:9b:66:c6:ae:42:9c:c2:d5:f3:e6:0b:
                    d5:95:a8:8f:aa:8d:e4:e5:11:32:24:27:03:0d:b2:
                    31:d4:c8:41:0c:15:87:2b:2c:74:d7:7e:7c:a0:4f:
                    65:3d:f4:a3:b6:40:0e:07:a8:ce:82:91:f0:a8:7a:
                    c5:9d:07:ef:69:69:2a:41:7f:79:ab:5d:5f:b9:87:
                    fd:a4:e9:82:1d:5b:51:d3:d2:05:7f:fb:50:23:c1:
                    da:79:48:c8:fb:43:a9:e1:37:82:45:fc:1b:2c:0c:
                    4a:4b:b4:ff:b0:da:25:35:5e:cb:6b:95:c1:c7:11:
                    a8:14:51:4a:99:ab:2c:c6:7e:2d:eb:d6:29:75:4e:
                    e8:16:c3:49:a3:cb:8d:5c:87:98:53:81:59:d5:66:
                    95:82:38:7c:de:7b:9b:04:af:04:b2:0f:03:6e:3d:
                    fb:57:36:cc:89:ba:cd:67:1e:9b:06:d7:bc:88:32:
                    8f:83
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                97:E0:D5:EE:25:8F:98:7C:AA:72:9C:B9:07:EC:76:17:A8:B4:42:D0
            X509v3 Authority Key Identifier:
                keyid:3E:7D:47:4C:04:E4:8A:58:93:AF:71:C3:5A:77:CD:D6:82:6F:D3:39

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Pn1HTATkiliTr3HDWnfN1oJv0zk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/7e30e8-b835-44af-a44b-903e4f5e1225/1/Pn1HTATkiliTr3HDWnfN1oJv0zk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/42/7e30e8-b835-44af-a44b-903e4f5e1225/1/Pn1HTATkiliTr3HDWnfN1oJv0zk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         40:fb:8b:24:c0:98:e3:55:9f:49:c0:a1:94:d6:b5:ed:d2:27:
         4b:34:69:3f:dc:a0:bb:61:eb:d1:03:c9:2b:2b:cf:25:dd:30:
         6e:e5:64:67:1e:1a:f3:e4:81:99:9d:89:62:22:17:fb:b7:dc:
         ea:9d:b5:68:75:ef:b1:57:f7:4f:87:c0:53:b7:3c:31:00:f2:
         00:5d:33:16:a3:a4:f8:c1:1a:16:10:18:b0:b9:0c:77:b4:ee:
         61:75:13:12:a3:1a:6e:8b:b4:c9:08:6f:ef:79:52:d5:39:ca:
         31:50:b5:b1:29:7f:9d:8f:4f:9f:19:6c:00:0d:fb:9b:5d:e6:
         f9:05:b8:67:10:07:31:a6:e9:b9:16:f7:5c:c9:43:42:f5:82:
         e0:8d:92:6c:24:13:8c:6b:c0:32:4c:97:b1:dd:e0:6b:5b:8b:
         c7:ec:36:3f:cc:74:f9:2f:d7:6d:12:84:66:d9:1e:7d:40:eb:
         c3:60:2f:da:a1:8d:ce:e6:c4:9f:ee:28:e8:bc:8c:ec:c8:63:
         69:3d:02:23:9c:dd:da:b8:4d:a9:71:50:a4:35:24:c9:6d:d0:
         5c:9b:a6:dd:25:5a:34:f0:5b:c1:3c:77:c0:e3:16:da:48:14:
         9b:f8:6d:5f:2b:bb:f5:65:02:6e:11:e0:55:7e:0a:71:05:a7:
         ea:c3:63:ec
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn7fPz/PSbhwBdj1oTdn7+8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlN2Q0NzRjMDRlNDhhNTg5M2FmNzFjMzVhNzdjZGQ2ODI2
ZmQzMzkwHhcNMjUxMDE5MDgwMTM2WhcNMjUxMDIwMDgwMTM2WjAzMTEwLwYDVQQD
Eyg5N2UwZDVlZTI1OGY5ODdjYWE3MjljYjkwN2VjNzYxN2E4YjQ0MmQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1pxwMR64UHGxZISqVak1mNkZfJ0c
9+zIchNDVXEo7XN7sXWRtLONlKsVWeUOIgeIk+vOj+3+WZaW04VR4B7uSczNJCXy
E668sjGq21llm2bGrkKcwtXz5gvVlaiPqo3k5REyJCcDDbIx1MhBDBWHKyx01358
oE9lPfSjtkAOB6jOgpHwqHrFnQfvaWkqQX95q11fuYf9pOmCHVtR09IFf/tQI8Ha
eUjI+0Op4TeCRfwbLAxKS7T/sNolNV7La5XBxxGoFFFKmassxn4t69YpdU7oFsNJ
o8uNXIeYU4FZ1WaVgjh83nubBK8Esg8Dbj37VzbMibrNZx6bBte8iDKPgwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJfg1e4lj5h8qnKcuQfsdheotELQMB8GA1UdIwQY
MBaAFD59R0wE5IpYk69xw1p3zdaCb9M5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUG4xSFRBVGtpbGlUcjNIRFduZk4xb0p2MHprLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi83ZTMwZTgtYjgzNS00NGFmLWE0NGIt
OTAzZTRmNWUxMjI1LzEvUG4xSFRBVGtpbGlUcjNIRFduZk4xb0p2MHprLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi83ZTMwZTgtYjgzNS00NGFmLWE0NGItOTAzZTRmNWUxMjI1
LzEvUG4xSFRBVGtpbGlUcjNIRFduZk4xb0p2MHprLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQPuLJMCY
41WfScChlNa17dInSzRpP9ygu2Hr0QPJKyvPJd0wbuVkZx4a8+SBmZ2JYiIX+7fc
6p21aHXvsVf3T4fAU7c8MQDyAF0zFqOk+MEaFhAYsLkMd7TuYXUTEqMabou0yQhv
73lS1TnKMVC1sSl/nY9PnxlsAA37m13m+QW4ZxAHMabpuRb3XMlDQvWC4I2SbCQT
jGvAMkyXsd3ga1uLx+w2P8x0+S/XbRKEZtkefUDrw2Av2qGNzubEn+4o6LyM7Mhj
aT0CI5zd2rhNqXFQpDUkyW3QXJum3SVaNPBbwTx3wOMW2kgUm/htXyu79WUCbhHg
VX4KcQWn6sNj7A==
-----END CERTIFICATE-----
Generated at Sun Oct 19 15:19:19 2025 by rpki-client