Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/860beb-2edb-4ce0-a55e-8481e6c33e3c/1/aKUCPY4CESaZfXkmpHcBYIqs48c.mft
File:                     aKUCPY4CESaZfXkmpHcBYIqs48c.mft (raw, json)
Hash identifier:          E97/hpAzomQtBSQN9XUVVsxeJFg+7PabrhHZWajBOCs=
Subject key identifier:   81:3E:13:FC:B3:3D:3A:A7:3C:FF:45:46:16:23:8E:4B:92:A9:BF:9C
Authority key identifier: 68:A5:02:3D:8E:02:11:26:99:7D:79:26:A4:77:01:60:8A:AC:E3:C7
Certificate issuer:       /CN=68a5023d8e021126997d7926a47701608aace3c7
Certificate serial:       0199FC5861AD639E8E79857FABB54F92B99C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/aKUCPY4CESaZfXkmpHcBYIqs48c.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/58/860beb-2edb-4ce0-a55e-8481e6c33e3c/1/aKUCPY4CESaZfXkmpHcBYIqs48c.mft
Manifest number:          0853
Signing time:             Sun 19 Oct 2025 12:01:14 +0000
Manifest this update:     Sun 19 Oct 2025 12:01:14 +0000
Manifest next update:     Mon 20 Oct 2025 12:01:14 +0000
Files and hashes:         1: aKUCPY4CESaZfXkmpHcBYIqs48c.crl (hash: Et2IeYI1KcAzUPubyGvuIkos0/20k/1Ro2aWpSKgd/M=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/58/860beb-2edb-4ce0-a55e-8481e6c33e3c/1/aKUCPY4CESaZfXkmpHcBYIqs48c.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/58/860beb-2edb-4ce0-a55e-8481e6c33e3c/1/aKUCPY4CESaZfXkmpHcBYIqs48c.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/aKUCPY4CESaZfXkmpHcBYIqs48c.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 06:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fc:58:61:ad:63:9e:8e:79:85:7f:ab:b5:4f:92:b9:9c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=68a5023d8e021126997d7926a47701608aace3c7
        Validity
            Not Before: Oct 19 12:01:14 2025 GMT
            Not After : Oct 20 12:01:14 2025 GMT
        Subject: CN=813e13fcb33d3aa73cff454616238e4b92a9bf9c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:86:45:47:86:6c:c4:6b:0d:96:e4:9e:88:61:26:
                    36:65:23:aa:0a:11:0b:9a:7a:3d:2d:5e:35:44:c8:
                    f1:57:14:dd:4e:90:12:85:70:43:8a:e0:f4:0c:5c:
                    db:0f:d4:1e:e5:20:3f:cb:c4:ab:e7:51:bf:3b:d1:
                    00:ae:5a:96:bc:35:59:06:6c:5c:f4:b4:01:0d:f0:
                    11:ed:b9:c6:30:b0:e8:b6:c5:43:af:00:c5:8f:14:
                    37:62:64:da:dd:4c:22:9b:33:30:5f:05:ec:24:70:
                    4a:cc:be:da:6a:9e:92:e4:7f:0f:48:03:47:fb:58:
                    4d:6c:2b:c3:27:5f:dd:00:28:f6:95:05:4e:25:91:
                    ec:6c:bf:bd:26:98:72:73:1e:fe:cf:13:b7:05:18:
                    27:37:2e:4c:cd:5f:59:f4:de:c3:e4:5a:49:fc:75:
                    17:ed:fb:00:6c:b5:99:f7:b7:0a:ca:67:65:b1:e4:
                    dd:21:cf:41:52:25:42:a7:12:0e:e3:bc:66:0d:32:
                    6b:2b:6b:37:4b:b9:52:03:08:47:77:19:bd:ec:b0:
                    2a:7f:2c:25:37:7a:01:ff:d1:9f:e8:79:d9:1b:72:
                    a9:7d:fe:b6:38:e8:13:4f:4f:ca:d9:5e:d9:fe:29:
                    95:9e:ff:c5:71:71:83:66:88:9c:13:af:d0:26:b4:
                    29:bf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                81:3E:13:FC:B3:3D:3A:A7:3C:FF:45:46:16:23:8E:4B:92:A9:BF:9C
            X509v3 Authority Key Identifier:
                keyid:68:A5:02:3D:8E:02:11:26:99:7D:79:26:A4:77:01:60:8A:AC:E3:C7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aKUCPY4CESaZfXkmpHcBYIqs48c.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/860beb-2edb-4ce0-a55e-8481e6c33e3c/1/aKUCPY4CESaZfXkmpHcBYIqs48c.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/58/860beb-2edb-4ce0-a55e-8481e6c33e3c/1/aKUCPY4CESaZfXkmpHcBYIqs48c.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a4:f8:fb:aa:01:76:40:bd:1a:7b:1b:71:fb:17:8f:38:da:83:
         f7:2a:83:aa:c4:f4:67:91:27:c1:eb:d5:5c:d2:99:03:d4:08:
         3c:0d:24:4e:a5:c6:db:82:f5:14:3c:74:db:e9:ee:fa:b3:69:
         eb:f5:dc:cd:17:54:8b:aa:ca:73:c0:af:ae:b1:59:1b:51:b7:
         f0:0b:e6:70:35:ec:a5:28:83:b2:93:44:bf:99:38:e8:41:7c:
         04:49:d1:e0:ee:b3:e7:12:81:71:cf:ad:b6:89:1a:96:db:06:
         ff:5c:3f:5f:e5:b0:4a:b6:6f:57:ca:63:72:02:60:b1:55:b2:
         3d:2c:c8:53:24:a7:18:df:9a:39:84:51:6b:9f:02:81:c7:b6:
         03:eb:a5:af:cc:ad:8f:36:25:71:70:d1:88:20:16:ed:f8:31:
         14:3c:94:6a:05:6f:6c:59:ee:8e:a8:da:fc:53:ab:92:20:32:
         79:e5:a5:f8:2e:80:7f:66:78:f8:2d:9a:02:4b:2a:5f:8e:81:
         3b:3a:98:26:06:b5:e2:62:6c:46:f4:cc:1c:e4:65:bc:c1:39:
         b0:05:25:6c:ca:e7:db:9c:ea:10:88:f4:db:b5:85:2e:fc:8c:
         bd:28:5c:be:56:6a:56:4d:83:93:de:04:b6:5e:0b:08:7f:b0:
         dd:fb:3a:21
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn8WGGtY56OeYV/q7VPkrmcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4YTUwMjNkOGUwMjExMjY5OTdkNzkyNmE0NzcwMTYwOGFh
Y2UzYzcwHhcNMjUxMDE5MTIwMTE0WhcNMjUxMDIwMTIwMTE0WjAzMTEwLwYDVQQD
Eyg4MTNlMTNmY2IzM2QzYWE3M2NmZjQ1NDYxNjIzOGU0YjkyYTliZjljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhkVHhmzEaw2W5J6IYSY2ZSOqChEL
mno9LV41RMjxVxTdTpAShXBDiuD0DFzbD9Qe5SA/y8Sr51G/O9EArlqWvDVZBmxc
9LQBDfAR7bnGMLDotsVDrwDFjxQ3YmTa3UwimzMwXwXsJHBKzL7aap6S5H8PSANH
+1hNbCvDJ1/dACj2lQVOJZHsbL+9Jphycx7+zxO3BRgnNy5MzV9Z9N7D5FpJ/HUX
7fsAbLWZ97cKymdlseTdIc9BUiVCpxIO47xmDTJrK2s3S7lSAwhHdxm97LAqfywl
N3oB/9Gf6HnZG3Kpff62OOgTT0/K2V7Z/imVnv/FcXGDZoicE6/QJrQpvwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIE+E/yzPTqnPP9FRhYjjkuSqb+cMB8GA1UdIwQY
MBaAFGilAj2OAhEmmX15JqR3AWCKrOPHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYUtVQ1BZNENFU2FaZlhrbXBIY0JZSXFzNDhjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC84NjBiZWItMmVkYi00Y2UwLWE1NWUt
ODQ4MWU2YzMzZTNjLzEvYUtVQ1BZNENFU2FaZlhrbXBIY0JZSXFzNDhjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC84NjBiZWItMmVkYi00Y2UwLWE1NWUtODQ4MWU2YzMzZTNj
LzEvYUtVQ1BZNENFU2FaZlhrbXBIY0JZSXFzNDhjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEApPj7qgF2
QL0aextx+xePONqD9yqDqsT0Z5EnwevVXNKZA9QIPA0kTqXG24L1FDx02+nu+rNp
6/XczRdUi6rKc8CvrrFZG1G38AvmcDXspSiDspNEv5k46EF8BEnR4O6z5xKBcc+t
tokaltsG/1w/X+WwSrZvV8pjcgJgsVWyPSzIUySnGN+aOYRRa58Cgce2A+ulr8yt
jzYlcXDRiCAW7fgxFDyUagVvbFnujqja/FOrkiAyeeWl+C6Af2Z4+C2aAksqX46B
OzqYJga14mJsRvTMHORlvME5sAUlbMrn25zqEIj027WFLvyMvShcvlZqVk2Dk94E
tl4LCH+w3fs6IQ==
-----END CERTIFICATE-----
Generated at Sun Oct 19 15:14:22 2025 by rpki-client