Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5d/945b53-d788-487b-a982-0903ee7c1902/1/bUmIt5OIS3moT-NFY9A581RsGF8.mft
File:                     bUmIt5OIS3moT-NFY9A581RsGF8.mft (raw, json)
Hash identifier:          6UuMF7I5ue7UaOTaXsr8rakIC0CekMSEIvX3p9sxrQ0=
Subject key identifier:   43:D5:91:CC:1D:DF:51:3D:52:5F:B5:E8:26:93:29:84:F7:AB:C6:B4
Authority key identifier: 6D:49:88:B7:93:88:4B:79:A8:4F:E3:45:63:D0:39:F3:54:6C:18:5F
Certificate issuer:       /CN=6d4988b793884b79a84fe34563d039f3546c185f
Certificate serial:       0199FC58C95A371C9BC10AFF5381C32E4738
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/bUmIt5OIS3moT-NFY9A581RsGF8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5d/945b53-d788-487b-a982-0903ee7c1902/1/bUmIt5OIS3moT-NFY9A581RsGF8.mft
Manifest number:          A6
Signing time:             Sun 19 Oct 2025 12:01:41 +0000
Manifest this update:     Sun 19 Oct 2025 12:01:41 +0000
Manifest next update:     Mon 20 Oct 2025 12:01:41 +0000
Files and hashes:         1: bUmIt5OIS3moT-NFY9A581RsGF8.crl (hash: 3KEShM/iztJmzIDYagRDJiPaq1KdwOdFB50JUSdEw+Y=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5d/945b53-d788-487b-a982-0903ee7c1902/1/bUmIt5OIS3moT-NFY9A581RsGF8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5d/945b53-d788-487b-a982-0903ee7c1902/1/bUmIt5OIS3moT-NFY9A581RsGF8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/bUmIt5OIS3moT-NFY9A581RsGF8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 06:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fc:58:c9:5a:37:1c:9b:c1:0a:ff:53:81:c3:2e:47:38
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6d4988b793884b79a84fe34563d039f3546c185f
        Validity
            Not Before: Oct 19 12:01:41 2025 GMT
            Not After : Oct 20 12:01:41 2025 GMT
        Subject: CN=43d591cc1ddf513d525fb5e826932984f7abc6b4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c9:18:ba:8a:23:2d:0e:df:ed:a4:9a:7c:e9:ac:
                    ec:c2:39:b9:b0:85:84:28:70:f1:40:f1:a3:96:f2:
                    52:a7:fb:42:76:86:d1:c3:30:44:d9:6c:20:a1:2e:
                    5c:2d:a6:e5:09:c1:47:bf:08:15:20:77:21:f2:04:
                    ad:f8:1d:74:d8:27:2a:72:bd:d2:93:0f:0a:a3:56:
                    e3:1c:5b:26:57:e8:7c:05:51:5c:25:a2:b7:5a:84:
                    4f:23:30:d4:9c:6b:5a:8e:af:49:7a:9b:79:8b:4f:
                    e0:1d:57:69:5c:89:8a:4c:5f:e6:08:55:a2:b9:75:
                    6d:5b:6b:03:58:91:89:49:e2:f3:d6:9a:1d:cf:7d:
                    21:e6:44:5e:c2:eb:db:21:89:a5:88:80:65:c8:74:
                    41:53:9c:c0:65:9f:bc:98:05:6c:4e:0e:3e:03:9f:
                    de:2e:4a:32:de:02:0d:7b:dd:72:b1:87:c3:63:f1:
                    18:c1:ae:8e:52:42:c2:2c:d0:fc:f5:0f:da:3a:32:
                    b6:8e:4e:2d:59:de:f4:cf:3a:4e:48:7c:71:e6:80:
                    00:a1:a9:e6:9a:b9:3a:af:fd:f1:9b:ac:24:8a:6c:
                    b0:21:ac:28:91:83:43:2e:56:5f:c4:71:26:61:7e:
                    fe:5a:b1:af:78:6a:82:11:bd:13:4d:84:2d:80:15:
                    21:07
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                43:D5:91:CC:1D:DF:51:3D:52:5F:B5:E8:26:93:29:84:F7:AB:C6:B4
            X509v3 Authority Key Identifier:
                keyid:6D:49:88:B7:93:88:4B:79:A8:4F:E3:45:63:D0:39:F3:54:6C:18:5F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bUmIt5OIS3moT-NFY9A581RsGF8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/945b53-d788-487b-a982-0903ee7c1902/1/bUmIt5OIS3moT-NFY9A581RsGF8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/945b53-d788-487b-a982-0903ee7c1902/1/bUmIt5OIS3moT-NFY9A581RsGF8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         33:21:82:f4:f8:88:d1:3e:f2:57:37:ce:f9:31:ca:6f:91:f6:
         df:60:af:c3:2e:53:99:70:99:f8:4f:5c:da:87:73:b1:fe:1c:
         5b:91:4d:7d:b7:79:8d:8b:d9:f7:95:86:26:41:5f:4f:24:0a:
         18:ac:21:03:06:af:f9:9b:59:22:91:b8:74:94:22:bb:00:00:
         69:8d:2c:51:f9:f9:02:eb:6f:92:d6:64:f5:28:b8:ea:ed:93:
         11:78:3b:2a:33:08:ab:a1:32:36:26:eb:fa:58:a4:a5:d5:b3:
         1b:5a:8b:c9:82:14:d8:c9:19:1b:7c:c2:0f:46:21:bf:ad:b4:
         e3:4f:51:58:9f:e8:05:30:3e:8e:66:be:50:7b:e4:7b:0f:09:
         4e:5f:20:03:3e:72:ce:cf:35:d5:9a:48:99:f4:12:92:0b:05:
         94:bd:65:e7:54:c8:47:51:86:1e:f8:97:99:90:34:65:82:90:
         de:11:66:33:75:a9:22:ef:0e:11:77:43:c7:27:b6:2f:6f:25:
         cb:a8:82:c2:b6:b1:27:f9:e0:69:ef:28:57:29:60:29:60:e7:
         7e:7f:dd:12:ec:03:ee:9f:5c:e5:ca:e7:7d:d3:b2:a0:4a:06:
         ac:53:e7:06:13:9f:02:a4:46:2d:52:45:9f:43:c7:a0:54:5d:
         53:e6:32:cb
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn8WMlaNxybwQr/U4HDLkc4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkNDk4OGI3OTM4ODRiNzlhODRmZTM0NTYzZDAzOWYzNTQ2
YzE4NWYwHhcNMjUxMDE5MTIwMTQxWhcNMjUxMDIwMTIwMTQxWjAzMTEwLwYDVQQD
Eyg0M2Q1OTFjYzFkZGY1MTNkNTI1ZmI1ZTgyNjkzMjk4NGY3YWJjNmI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyRi6iiMtDt/tpJp86azswjm5sIWE
KHDxQPGjlvJSp/tCdobRwzBE2WwgoS5cLablCcFHvwgVIHch8gSt+B102Ccqcr3S
kw8Ko1bjHFsmV+h8BVFcJaK3WoRPIzDUnGtajq9Jept5i0/gHVdpXImKTF/mCFWi
uXVtW2sDWJGJSeLz1podz30h5kRewuvbIYmliIBlyHRBU5zAZZ+8mAVsTg4+A5/e
Lkoy3gINe91ysYfDY/EYwa6OUkLCLND89Q/aOjK2jk4tWd70zzpOSHxx5oAAoanm
mrk6r/3xm6wkimywIawokYNDLlZfxHEmYX7+WrGveGqCEb0TTYQtgBUhBwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEPVkcwd31E9Ul+16CaTKYT3q8a0MB8GA1UdIwQY
MBaAFG1JiLeTiEt5qE/jRWPQOfNUbBhfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYlVtSXQ1T0lTM21vVC1ORlk5QTU4MVJzR0Y4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZC85NDViNTMtZDc4OC00ODdiLWE5ODIt
MDkwM2VlN2MxOTAyLzEvYlVtSXQ1T0lTM21vVC1ORlk5QTU4MVJzR0Y4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZC85NDViNTMtZDc4OC00ODdiLWE5ODItMDkwM2VlN2MxOTAy
LzEvYlVtSXQ1T0lTM21vVC1ORlk5QTU4MVJzR0Y4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMyGC9PiI
0T7yVzfO+THKb5H232Cvwy5TmXCZ+E9c2odzsf4cW5FNfbd5jYvZ95WGJkFfTyQK
GKwhAwav+ZtZIpG4dJQiuwAAaY0sUfn5AutvktZk9Si46u2TEXg7KjMIq6EyNibr
+likpdWzG1qLyYIU2MkZG3zCD0Yhv620409RWJ/oBTA+jma+UHvkew8JTl8gAz5y
zs811ZpImfQSkgsFlL1l51TIR1GGHviXmZA0ZYKQ3hFmM3WpIu8OEXdDxye2L28l
y6iCwraxJ/ngae8oVylgKWDnfn/dEuwD7p9c5crnfdOyoEoGrFPnBhOfAqRGLVJF
n0PHoFRdU+Yyyw==
-----END CERTIFICATE-----
Generated at Sun Oct 19 15:18:26 2025 by rpki-client