Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/87cd33-d623-4f11-ac26-71d649c3fd35/1/ogqr6NvAhXg0PCW4xomHpevAOMk.mft
File:                     ogqr6NvAhXg0PCW4xomHpevAOMk.mft (raw, json)
Hash identifier:          1+TLnfX9Zdqf0/bewRUk4GCNypkkeMI1ghetzrhpV+A=
Subject key identifier:   CD:56:B6:5C:96:7C:3B:5F:82:5F:8B:32:B2:F6:FB:AA:65:71:14:0F
Authority key identifier: A2:0A:AB:E8:DB:C0:85:78:34:3C:25:B8:C6:89:87:A5:EB:C0:38:C9
Certificate issuer:       /CN=a20aabe8dbc08578343c25b8c68987a5ebc038c9
Certificate serial:       0199FAA0EE9045178D3C21221ABFC565FB15
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ogqr6NvAhXg0PCW4xomHpevAOMk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/50/87cd33-d623-4f11-ac26-71d649c3fd35/1/ogqr6NvAhXg0PCW4xomHpevAOMk.mft
Manifest number:          0131
Signing time:             Sun 19 Oct 2025 04:01:14 +0000
Manifest this update:     Sun 19 Oct 2025 04:01:14 +0000
Manifest next update:     Mon 20 Oct 2025 04:01:14 +0000
Files and hashes:         1: ogqr6NvAhXg0PCW4xomHpevAOMk.crl (hash: nDhgEYy53pKADMpoxZp3gw3oPBU4uSlTaWEQCE/SUtk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/50/87cd33-d623-4f11-ac26-71d649c3fd35/1/ogqr6NvAhXg0PCW4xomHpevAOMk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/50/87cd33-d623-4f11-ac26-71d649c3fd35/1/ogqr6NvAhXg0PCW4xomHpevAOMk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ogqr6NvAhXg0PCW4xomHpevAOMk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 04:01:14 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fa:a0:ee:90:45:17:8d:3c:21:22:1a:bf:c5:65:fb:15
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a20aabe8dbc08578343c25b8c68987a5ebc038c9
        Validity
            Not Before: Oct 19 04:01:14 2025 GMT
            Not After : Oct 20 04:01:14 2025 GMT
        Subject: CN=cd56b65c967c3b5f825f8b32b2f6fbaa6571140f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:a1:9a:5a:f5:aa:77:a7:f8:2f:41:4a:df:9f:
                    1b:d6:3f:eb:e6:c9:91:e4:93:fc:78:26:98:fd:7e:
                    bf:8b:f8:bc:31:d6:42:8d:aa:3d:30:97:a1:3d:6c:
                    9c:a8:6c:a1:9e:1a:97:ee:69:8e:a1:71:77:d9:41:
                    5b:e8:4a:35:84:f7:29:60:77:b4:d9:aa:59:61:a0:
                    67:05:89:d9:f3:08:75:a8:ba:a5:11:b4:dd:c1:f7:
                    30:87:d9:1e:5f:de:64:67:2f:8f:bc:67:af:73:76:
                    f0:c5:66:0c:0d:8b:7a:2e:2c:c0:35:26:ba:e4:5d:
                    10:75:95:1f:5d:cf:9f:ff:e7:0a:f5:7c:33:d0:42:
                    a6:cf:d6:80:a2:f1:36:00:26:87:cb:11:36:80:fb:
                    13:ad:43:1d:21:c8:ca:fd:81:36:ba:96:5c:c2:aa:
                    5a:da:12:8f:f0:49:57:dd:ba:24:d8:9f:e9:33:98:
                    10:b6:ef:07:1f:26:be:61:94:75:17:6b:84:62:32:
                    4c:a6:3d:62:12:4c:78:1c:17:12:45:4e:ad:49:f9:
                    39:12:01:9e:71:a8:c2:35:fe:d8:f0:9e:ea:32:88:
                    85:4c:ce:4e:61:b6:ec:70:26:b3:90:33:73:4b:7f:
                    a9:c5:94:79:4a:b0:9e:58:80:72:fe:0d:75:62:ea:
                    24:1d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CD:56:B6:5C:96:7C:3B:5F:82:5F:8B:32:B2:F6:FB:AA:65:71:14:0F
            X509v3 Authority Key Identifier:
                keyid:A2:0A:AB:E8:DB:C0:85:78:34:3C:25:B8:C6:89:87:A5:EB:C0:38:C9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ogqr6NvAhXg0PCW4xomHpevAOMk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/87cd33-d623-4f11-ac26-71d649c3fd35/1/ogqr6NvAhXg0PCW4xomHpevAOMk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/50/87cd33-d623-4f11-ac26-71d649c3fd35/1/ogqr6NvAhXg0PCW4xomHpevAOMk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         60:4f:14:6f:ae:29:0a:eb:6c:13:41:a4:68:7c:2b:91:d5:4c:
         63:cf:99:5a:97:15:6d:9d:bf:c4:2c:78:57:5d:1a:fa:1c:4b:
         4d:ab:09:36:fd:1c:9f:df:ba:c9:10:8b:b4:c6:18:49:b3:41:
         6d:df:90:46:79:aa:27:b0:fd:74:d4:54:04:2a:40:1c:38:cb:
         63:f6:5d:ec:37:fb:d6:fd:ed:28:4e:70:02:96:9a:00:72:48:
         b0:03:9e:ff:3a:0b:e9:4b:82:89:ff:27:58:f8:3a:eb:df:8e:
         d0:58:cb:4a:d5:43:60:e2:eb:61:36:42:9e:17:28:6d:8c:14:
         f3:18:fd:0a:8a:f5:01:33:80:5f:4f:21:1d:5c:b9:ce:7d:3d:
         05:e7:f3:1e:ad:7b:71:a4:8d:11:7e:69:63:70:1e:ac:3b:02:
         84:84:40:84:d0:cb:e2:ed:7f:e6:a2:0a:92:ce:f6:84:f4:a1:
         45:ff:c9:09:af:c9:9f:cc:1e:46:e6:58:fb:62:9b:c2:de:52:
         28:c0:bc:e2:dd:28:0b:f2:24:ac:a3:94:29:ac:a0:7e:7e:60:
         80:33:21:4d:30:75:a6:c4:3d:86:24:b6:67:b8:ff:e2:eb:f7:
         90:0f:10:85:90:bf:51:8c:05:7e:5d:2a:54:cd:c3:23:3c:6b:
         fe:6d:4e:cb
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn6oO6QRReNPCEiGr/FZfsVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEyMGFhYmU4ZGJjMDg1NzgzNDNjMjViOGM2ODk4N2E1ZWJj
MDM4YzkwHhcNMjUxMDE5MDQwMTE0WhcNMjUxMDIwMDQwMTE0WjAzMTEwLwYDVQQD
EyhjZDU2YjY1Yzk2N2MzYjVmODI1ZjhiMzJiMmY2ZmJhYTY1NzExNDBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtqGaWvWqd6f4L0FK358b1j/r5smR
5JP8eCaY/X6/i/i8MdZCjao9MJehPWycqGyhnhqX7mmOoXF32UFb6Eo1hPcpYHe0
2apZYaBnBYnZ8wh1qLqlEbTdwfcwh9keX95kZy+PvGevc3bwxWYMDYt6LizANSa6
5F0QdZUfXc+f/+cK9Xwz0EKmz9aAovE2ACaHyxE2gPsTrUMdIcjK/YE2upZcwqpa
2hKP8ElX3bok2J/pM5gQtu8HHya+YZR1F2uEYjJMpj1iEkx4HBcSRU6tSfk5EgGe
cajCNf7Y8J7qMoiFTM5OYbbscCazkDNzS3+pxZR5SrCeWIBy/g11YuokHQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFM1WtlyWfDtfgl+LMrL2+6plcRQPMB8GA1UdIwQY
MBaAFKIKq+jbwIV4NDwluMaJh6XrwDjJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb2dxcjZOdkFoWGcwUENXNHhvbUhwZXZBT01rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MC84N2NkMzMtZDYyMy00ZjExLWFjMjYt
NzFkNjQ5YzNmZDM1LzEvb2dxcjZOdkFoWGcwUENXNHhvbUhwZXZBT01rLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MC84N2NkMzMtZDYyMy00ZjExLWFjMjYtNzFkNjQ5YzNmZDM1
LzEvb2dxcjZOdkFoWGcwUENXNHhvbUhwZXZBT01rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYE8Ub64p
CutsE0GkaHwrkdVMY8+ZWpcVbZ2/xCx4V10a+hxLTasJNv0cn9+6yRCLtMYYSbNB
bd+QRnmqJ7D9dNRUBCpAHDjLY/Zd7Df71v3tKE5wApaaAHJIsAOe/zoL6UuCif8n
WPg669+O0FjLStVDYOLrYTZCnhcobYwU8xj9Cor1ATOAX08hHVy5zn09BefzHq17
caSNEX5pY3AerDsChIRAhNDL4u1/5qIKks72hPShRf/JCa/Jn8weRuZY+2Kbwt5S
KMC84t0oC/IkrKOUKaygfn5ggDMhTTB1psQ9hiS2Z7j/4uv3kA8QhZC/UYwFfl0q
VM3DIzxr/m1Oyw==
-----END CERTIFICATE-----
Generated at Sun Oct 19 13:07:53 2025 by rpki-client