Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/879c02-dbf4-4e40-a4ed-313754e64e13/1/bZYBl_5YkhTCJZ9q6olsThAH6YY.mft
File:                     bZYBl_5YkhTCJZ9q6olsThAH6YY.mft (raw, json)
Hash identifier:          Szb5SMdMtmOeaghWwf930fHhxRz+5jJDdVf0zmabauY=
Subject key identifier:   B3:38:A5:BB:D7:DE:6C:B5:DE:71:4E:AF:EE:AE:E5:4B:95:54:35:1C
Authority key identifier: 6D:96:01:97:FE:58:92:14:C2:25:9F:6A:EA:89:6C:4E:10:07:E9:86
Certificate issuer:       /CN=6d960197fe589214c2259f6aea896c4e1007e986
Certificate serial:       0199FBEB756AC313C019D9D9744D907574F2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/bZYBl_5YkhTCJZ9q6olsThAH6YY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/42/879c02-dbf4-4e40-a4ed-313754e64e13/1/bZYBl_5YkhTCJZ9q6olsThAH6YY.mft
Manifest number:          097F
Signing time:             Sun 19 Oct 2025 10:02:16 +0000
Manifest this update:     Sun 19 Oct 2025 10:02:16 +0000
Manifest next update:     Mon 20 Oct 2025 10:02:16 +0000
Files and hashes:         1: bZYBl_5YkhTCJZ9q6olsThAH6YY.crl (hash: oWZpY32N4jwvzvB2moaJk4i2glDFBpVDe2MEGDYNJmE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/42/879c02-dbf4-4e40-a4ed-313754e64e13/1/bZYBl_5YkhTCJZ9q6olsThAH6YY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/42/879c02-dbf4-4e40-a4ed-313754e64e13/1/bZYBl_5YkhTCJZ9q6olsThAH6YY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/bZYBl_5YkhTCJZ9q6olsThAH6YY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 06:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fb:eb:75:6a:c3:13:c0:19:d9:d9:74:4d:90:75:74:f2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6d960197fe589214c2259f6aea896c4e1007e986
        Validity
            Not Before: Oct 19 10:02:16 2025 GMT
            Not After : Oct 20 10:02:16 2025 GMT
        Subject: CN=b338a5bbd7de6cb5de714eafeeaee54b9554351c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cd:55:7d:ce:a5:85:b4:10:73:81:0d:e3:89:52:
                    f7:54:d7:d7:b6:00:e6:45:6a:13:d8:df:02:d4:1c:
                    68:8e:10:14:b4:b8:ce:e1:68:a9:fc:95:9d:bb:ed:
                    65:73:d6:49:c2:cc:0e:9f:3c:68:04:a7:d4:a6:50:
                    a1:9c:f4:6c:4a:25:51:7d:16:c1:a6:fc:6b:cb:6e:
                    f3:92:c6:20:47:52:6c:b8:84:cc:1a:26:af:0d:1b:
                    99:98:61:d8:53:20:07:8f:7f:1c:eb:dd:92:c3:e5:
                    15:4e:b4:ea:4a:08:38:43:1d:56:72:d5:84:92:34:
                    57:29:fc:b0:c0:a5:14:5e:46:a1:f5:92:5f:18:42:
                    a8:34:23:1a:c2:f8:9e:61:62:98:8f:68:c2:1d:8b:
                    d3:7c:59:91:f9:f9:bc:ca:79:77:86:14:d1:8a:78:
                    64:ed:a1:21:21:21:39:a6:d4:ba:fb:c5:4c:6a:27:
                    e4:e7:b5:77:b3:3f:b0:e5:42:c2:d6:7b:5b:58:79:
                    41:d1:d9:c1:b7:4b:52:a7:a3:3f:93:01:66:ef:aa:
                    85:88:96:8d:c0:cd:21:a4:30:60:e7:0d:0f:9e:df:
                    72:83:bf:b0:05:7a:58:bb:c5:0c:43:77:39:49:16:
                    fc:e7:07:3f:8e:9b:c3:52:ac:77:db:79:28:26:48:
                    c7:af
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B3:38:A5:BB:D7:DE:6C:B5:DE:71:4E:AF:EE:AE:E5:4B:95:54:35:1C
            X509v3 Authority Key Identifier:
                keyid:6D:96:01:97:FE:58:92:14:C2:25:9F:6A:EA:89:6C:4E:10:07:E9:86

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bZYBl_5YkhTCJZ9q6olsThAH6YY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/879c02-dbf4-4e40-a4ed-313754e64e13/1/bZYBl_5YkhTCJZ9q6olsThAH6YY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/42/879c02-dbf4-4e40-a4ed-313754e64e13/1/bZYBl_5YkhTCJZ9q6olsThAH6YY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         ae:a9:d8:8f:94:28:2d:b5:0d:ea:e5:fa:ff:e7:59:8d:2d:e0:
         8a:40:f4:3e:b3:77:83:86:9d:5b:88:54:c7:bd:d9:de:97:f9:
         08:d6:ed:50:e1:28:a4:3a:21:29:e0:b2:76:54:a7:9a:89:79:
         e5:cf:5d:c1:fc:0c:80:6e:92:3e:73:a3:7b:9a:62:01:41:71:
         4f:18:71:4e:96:13:b5:83:af:90:c4:f5:dc:c1:fc:c0:05:46:
         a5:f2:95:9c:73:a1:8d:78:8e:e7:60:a0:b7:14:a2:5b:fa:60:
         1f:5e:c2:d3:5e:44:79:c1:1b:8c:62:a1:a8:9f:8e:13:2b:33:
         7e:77:67:dd:ba:b4:89:5d:b8:f7:98:e4:73:d4:d3:f9:0d:b4:
         ef:56:fb:4a:31:c4:f7:d5:f4:04:b2:67:25:65:48:3e:9d:03:
         26:0e:96:4f:09:07:e6:20:a9:e6:72:2c:a9:5f:36:47:1d:e4:
         75:68:da:b9:fa:6b:56:5a:45:69:ff:cf:26:1c:1e:a1:d0:0e:
         3f:61:07:b7:8a:1d:a9:7a:fb:49:63:a4:fe:fc:ac:3c:59:62:
         a2:55:b7:21:3b:8f:e2:ca:09:8d:06:17:2e:3c:09:9d:b5:79:
         15:d0:c1:2a:9b:13:2a:aa:a9:be:c7:20:2c:f3:a2:64:cd:c3:
         f5:17:19:82
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn763VqwxPAGdnZdE2QdXTyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkOTYwMTk3ZmU1ODkyMTRjMjI1OWY2YWVhODk2YzRlMTAw
N2U5ODYwHhcNMjUxMDE5MTAwMjE2WhcNMjUxMDIwMTAwMjE2WjAzMTEwLwYDVQQD
EyhiMzM4YTViYmQ3ZGU2Y2I1ZGU3MTRlYWZlZWFlZTU0Yjk1NTQzNTFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzVV9zqWFtBBzgQ3jiVL3VNfXtgDm
RWoT2N8C1BxojhAUtLjO4Wip/JWdu+1lc9ZJwswOnzxoBKfUplChnPRsSiVRfRbB
pvxry27zksYgR1JsuITMGiavDRuZmGHYUyAHj38c692Sw+UVTrTqSgg4Qx1WctWE
kjRXKfywwKUUXkah9ZJfGEKoNCMawvieYWKYj2jCHYvTfFmR+fm8ynl3hhTRinhk
7aEhISE5ptS6+8VMaifk57V3sz+w5ULC1ntbWHlB0dnBt0tSp6M/kwFm76qFiJaN
wM0hpDBg5w0Pnt9yg7+wBXpYu8UMQ3c5SRb85wc/jpvDUqx323koJkjHrwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLM4pbvX3my13nFOr+6u5UuVVDUcMB8GA1UdIwQY
MBaAFG2WAZf+WJIUwiWfauqJbE4QB+mGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYlpZQmxfNVlraFRDSlo5cTZvbHNUaEFINllZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi84NzljMDItZGJmNC00ZTQwLWE0ZWQt
MzEzNzU0ZTY0ZTEzLzEvYlpZQmxfNVlraFRDSlo5cTZvbHNUaEFINllZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi84NzljMDItZGJmNC00ZTQwLWE0ZWQtMzEzNzU0ZTY0ZTEz
LzEvYlpZQmxfNVlraFRDSlo5cTZvbHNUaEFINllZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEArqnYj5Qo
LbUN6uX6/+dZjS3gikD0PrN3g4adW4hUx73Z3pf5CNbtUOEopDohKeCydlSnmol5
5c9dwfwMgG6SPnOje5piAUFxTxhxTpYTtYOvkMT13MH8wAVGpfKVnHOhjXiO52Cg
txSiW/pgH17C015EecEbjGKhqJ+OEyszfndn3bq0iV2495jkc9TT+Q2071b7SjHE
99X0BLJnJWVIPp0DJg6WTwkH5iCp5nIsqV82Rx3kdWjaufprVlpFaf/PJhweodAO
P2EHt4odqXr7SWOk/vysPFliolW3ITuP4soJjQYXLjwJnbV5FdDBKpsTKqqpvscg
LPOiZM3D9RcZgg==
-----END CERTIFICATE-----
Generated at Sun Oct 19 15:14:48 2025 by rpki-client