Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4b/c8d78f-c28c-4116-a3a2-5bf998e27fc0/1/Hn19JBnxEYqsXJktKt_2l7A-mns.mft
File:                     Hn19JBnxEYqsXJktKt_2l7A-mns.mft (raw, json)
Hash identifier:          d4ctWI1UPZQFUfzb8WxOOO7r1L4eXSAH1uSpXzl82Ys=
Subject key identifier:   5F:05:4A:0F:2C:04:9D:58:21:3A:C0:29:1D:38:3A:93:CE:5A:E3:C3
Authority key identifier: 1E:7D:7D:24:19:F1:11:8A:AC:5C:99:2D:2A:DF:F6:97:B0:3E:9A:7B
Certificate issuer:       /CN=1e7d7d2419f1118aac5c992d2adff697b03e9a7b
Certificate serial:       0199FB458ACF95C1CF515537BBB67414EE61
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Hn19JBnxEYqsXJktKt_2l7A-mns.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4b/c8d78f-c28c-4116-a3a2-5bf998e27fc0/1/Hn19JBnxEYqsXJktKt_2l7A-mns.mft
Manifest number:          08BA
Signing time:             Sun 19 Oct 2025 07:01:02 +0000
Manifest this update:     Sun 19 Oct 2025 07:01:02 +0000
Manifest next update:     Mon 20 Oct 2025 07:01:02 +0000
Files and hashes:         1: Hn19JBnxEYqsXJktKt_2l7A-mns.crl (hash: jIOFP4QwN7W9hAh7EDaoxQ4Oms3D9zrdIkZ0trAwwtw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/4b/c8d78f-c28c-4116-a3a2-5bf998e27fc0/1/Hn19JBnxEYqsXJktKt_2l7A-mns.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/4b/c8d78f-c28c-4116-a3a2-5bf998e27fc0/1/Hn19JBnxEYqsXJktKt_2l7A-mns.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Hn19JBnxEYqsXJktKt_2l7A-mns.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 06:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fb:45:8a:cf:95:c1:cf:51:55:37:bb:b6:74:14:ee:61
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1e7d7d2419f1118aac5c992d2adff697b03e9a7b
        Validity
            Not Before: Oct 19 07:01:02 2025 GMT
            Not After : Oct 20 07:01:02 2025 GMT
        Subject: CN=5f054a0f2c049d58213ac0291d383a93ce5ae3c3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ec:7e:15:4c:1f:b6:f6:3d:3a:77:5f:ac:97:8b:
                    b3:3a:3a:c2:f8:9d:e9:ba:c4:89:93:1e:ee:15:76:
                    40:aa:75:b8:ca:f8:47:93:a1:4b:dd:5e:86:d0:03:
                    b8:e7:0a:c3:52:34:97:5b:af:1e:41:2d:12:07:bd:
                    68:f2:eb:da:ad:8c:52:13:79:78:a5:0a:03:be:cb:
                    6d:3f:1e:c3:6f:cc:e7:a2:05:5a:93:96:0e:0e:8e:
                    78:88:67:02:d4:11:dd:99:27:94:1b:c0:9b:ca:b2:
                    37:8c:7d:d1:25:5c:cc:bf:82:15:d2:55:04:ef:68:
                    9c:26:68:71:cb:aa:fb:d8:89:0e:5b:25:dc:c8:9b:
                    9a:39:8a:69:ad:99:56:7e:f2:80:d0:96:38:61:6d:
                    5a:6b:31:cd:50:2f:45:2e:57:20:63:3c:8b:dc:9b:
                    26:f0:f9:0b:03:fc:5b:b6:02:c3:42:de:cd:2c:47:
                    fe:4a:25:4b:57:a0:93:bc:90:23:e3:52:70:fc:7a:
                    e3:d5:04:92:61:81:97:ed:08:91:52:4e:32:06:47:
                    03:83:b3:23:f8:3f:99:c3:f0:5e:d0:e0:18:d8:8d:
                    8d:34:92:26:35:9b:15:03:10:50:e9:55:7e:66:10:
                    72:b0:bf:06:39:6d:96:e5:5b:d5:fd:38:c0:6e:15:
                    8b:4b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5F:05:4A:0F:2C:04:9D:58:21:3A:C0:29:1D:38:3A:93:CE:5A:E3:C3
            X509v3 Authority Key Identifier:
                keyid:1E:7D:7D:24:19:F1:11:8A:AC:5C:99:2D:2A:DF:F6:97:B0:3E:9A:7B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Hn19JBnxEYqsXJktKt_2l7A-mns.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/c8d78f-c28c-4116-a3a2-5bf998e27fc0/1/Hn19JBnxEYqsXJktKt_2l7A-mns.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/c8d78f-c28c-4116-a3a2-5bf998e27fc0/1/Hn19JBnxEYqsXJktKt_2l7A-mns.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         27:dc:3e:09:64:84:3e:39:5b:fd:a5:3f:45:fe:35:1e:24:dd:
         24:96:db:7e:8c:78:95:28:e9:4a:bc:68:dc:e9:de:b9:c1:ca:
         1b:1c:51:40:3f:9c:56:2c:04:c7:bf:a1:2d:bb:2f:2f:12:7a:
         a6:ad:ba:63:63:84:1f:d7:ab:3f:71:97:9a:22:1c:db:a8:32:
         82:80:bd:4a:12:78:2e:f6:ca:5b:f2:6a:5a:6e:21:7e:4a:8c:
         cb:89:f1:d5:b8:61:5b:4d:3f:1b:36:1a:c4:af:8e:2d:4a:04:
         ea:f0:e6:e8:28:c6:4d:1a:11:43:fe:de:6d:19:72:06:a4:ce:
         84:f0:d1:d1:72:e1:c8:85:7e:7d:9d:09:07:e9:fb:c1:a8:c4:
         52:58:12:1c:d2:b5:c0:2c:81:b2:70:cf:db:78:ed:2a:65:2b:
         86:6d:6b:87:b1:57:66:e4:a5:ca:af:50:9a:6a:71:93:0d:1f:
         bd:5b:98:a2:d9:64:dc:d7:5f:1d:48:32:70:1b:62:83:0a:f5:
         69:57:cd:7a:be:4d:9c:18:7d:e5:55:f2:c8:61:91:35:61:35:
         85:84:31:53:82:84:94:90:9f:e1:12:88:24:33:8f:52:04:a6:
         41:cb:d0:ee:ea:22:0e:97:d5:ca:fd:d2:86:ef:d3:a2:ff:1b:
         43:b4:f2:2b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn7RYrPlcHPUVU3u7Z0FO5hMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFlN2Q3ZDI0MTlmMTExOGFhYzVjOTkyZDJhZGZmNjk3YjAz
ZTlhN2IwHhcNMjUxMDE5MDcwMTAyWhcNMjUxMDIwMDcwMTAyWjAzMTEwLwYDVQQD
Eyg1ZjA1NGEwZjJjMDQ5ZDU4MjEzYWMwMjkxZDM4M2E5M2NlNWFlM2MzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7H4VTB+29j06d1+sl4uzOjrC+J3p
usSJkx7uFXZAqnW4yvhHk6FL3V6G0AO45wrDUjSXW68eQS0SB71o8uvarYxSE3l4
pQoDvsttPx7Db8znogVak5YODo54iGcC1BHdmSeUG8CbyrI3jH3RJVzMv4IV0lUE
72icJmhxy6r72IkOWyXcyJuaOYpprZlWfvKA0JY4YW1aazHNUC9FLlcgYzyL3Jsm
8PkLA/xbtgLDQt7NLEf+SiVLV6CTvJAj41Jw/Hrj1QSSYYGX7QiRUk4yBkcDg7Mj
+D+Zw/Be0OAY2I2NNJImNZsVAxBQ6VV+ZhBysL8GOW2W5VvV/TjAbhWLSwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFF8FSg8sBJ1YITrAKR04OpPOWuPDMB8GA1UdIwQY
MBaAFB59fSQZ8RGKrFyZLSrf9pewPpp7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSG4xOUpCbnhFWXFzWEprdEt0XzJsN0EtbW5zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yi9jOGQ3OGYtYzI4Yy00MTE2LWEzYTIt
NWJmOTk4ZTI3ZmMwLzEvSG4xOUpCbnhFWXFzWEprdEt0XzJsN0EtbW5zLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yi9jOGQ3OGYtYzI4Yy00MTE2LWEzYTItNWJmOTk4ZTI3ZmMw
LzEvSG4xOUpCbnhFWXFzWEprdEt0XzJsN0EtbW5zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJ9w+CWSE
Pjlb/aU/Rf41HiTdJJbbfox4lSjpSrxo3OneucHKGxxRQD+cViwEx7+hLbsvLxJ6
pq26Y2OEH9erP3GXmiIc26gygoC9ShJ4LvbKW/JqWm4hfkqMy4nx1bhhW00/GzYa
xK+OLUoE6vDm6CjGTRoRQ/7ebRlyBqTOhPDR0XLhyIV+fZ0JB+n7wajEUlgSHNK1
wCyBsnDP23jtKmUrhm1rh7FXZuSlyq9Qmmpxkw0fvVuYotlk3NdfHUgycBtigwr1
aVfNer5NnBh95VXyyGGRNWE1hYQxU4KElJCf4RKIJDOPUgSmQcvQ7uoiDpfVyv3S
hu/Tov8bQ7TyKw==
-----END CERTIFICATE-----
Generated at Sun Oct 19 13:06:46 2025 by rpki-client