Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/2aaf4a-e03f-4d61-b652-435e57fccdc9/1/tNkMTfZ2phH1alrtWAmwV-msV5E.mft
File:                     tNkMTfZ2phH1alrtWAmwV-msV5E.mft (raw, json)
Hash identifier:          i7fk1buKmcw5UU2vhCLtqcyhjgpfC0/BRQv6ENbTSPE=
Subject key identifier:   C1:75:DB:08:B2:90:C2:30:C8:F9:96:CF:BA:04:49:2E:05:A3:91:09
Authority key identifier: B4:D9:0C:4D:F6:76:A6:11:F5:6A:5A:ED:58:09:B0:57:E9:AC:57:91
Certificate issuer:       /CN=b4d90c4df676a611f56a5aed5809b057e9ac5791
Certificate serial:       0199FC21A9FB690CE521FA54EA3B8077A701
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/tNkMTfZ2phH1alrtWAmwV-msV5E.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/60/2aaf4a-e03f-4d61-b652-435e57fccdc9/1/tNkMTfZ2phH1alrtWAmwV-msV5E.mft
Manifest number:          0969
Signing time:             Sun 19 Oct 2025 11:01:28 +0000
Manifest this update:     Sun 19 Oct 2025 11:01:28 +0000
Manifest next update:     Mon 20 Oct 2025 11:01:28 +0000
Files and hashes:         1: tNkMTfZ2phH1alrtWAmwV-msV5E.crl (hash: IGt4l18dLYYC0XD/10OHt2m9RZvvBt1H6JymTtP7+CM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/60/2aaf4a-e03f-4d61-b652-435e57fccdc9/1/tNkMTfZ2phH1alrtWAmwV-msV5E.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/60/2aaf4a-e03f-4d61-b652-435e57fccdc9/1/tNkMTfZ2phH1alrtWAmwV-msV5E.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/tNkMTfZ2phH1alrtWAmwV-msV5E.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 06:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fc:21:a9:fb:69:0c:e5:21:fa:54:ea:3b:80:77:a7:01
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b4d90c4df676a611f56a5aed5809b057e9ac5791
        Validity
            Not Before: Oct 19 11:01:28 2025 GMT
            Not After : Oct 20 11:01:28 2025 GMT
        Subject: CN=c175db08b290c230c8f996cfba04492e05a39109
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ca:0e:76:3b:ad:bb:1c:29:5f:0c:54:c6:6c:b1:
                    66:c4:ff:98:e8:20:78:1e:01:a6:c0:11:fa:7e:de:
                    a0:a8:ea:7c:25:e2:04:b4:75:1f:9d:ae:7f:84:e3:
                    fa:9b:d8:b8:05:8f:74:64:4f:de:ea:f2:43:8c:33:
                    66:be:74:8e:e3:50:de:9c:b9:b7:9f:53:31:54:9b:
                    0e:65:45:f5:83:65:bd:67:31:20:87:a1:26:ec:5d:
                    91:b3:a4:27:c8:f9:a1:72:f9:3c:ba:3d:39:d0:2d:
                    90:7e:41:9b:88:f3:10:4f:9c:b6:0c:29:9a:73:b2:
                    ec:9f:4c:4c:d8:e2:5e:ef:15:31:24:87:f5:39:9c:
                    b1:c0:f2:eb:e2:9f:1b:f1:2f:03:46:9d:01:3f:44:
                    c3:42:4f:2e:17:34:8d:9b:b0:9f:4d:16:a7:7c:0a:
                    e8:3d:98:a8:ff:93:ad:1f:e5:f4:49:63:9b:ea:f0:
                    1e:bb:2e:96:e8:87:8b:b2:4a:53:c1:70:36:cf:e8:
                    9a:d6:22:db:34:34:96:4f:48:d8:27:97:3e:80:54:
                    b5:ec:0e:6b:dc:87:80:76:2a:a4:f6:f4:56:ab:7e:
                    e5:a8:84:59:eb:6a:64:a0:00:37:a5:19:00:fc:f2:
                    16:4c:03:e3:12:61:16:5a:1d:94:a9:4e:15:b2:e8:
                    0a:a3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C1:75:DB:08:B2:90:C2:30:C8:F9:96:CF:BA:04:49:2E:05:A3:91:09
            X509v3 Authority Key Identifier:
                keyid:B4:D9:0C:4D:F6:76:A6:11:F5:6A:5A:ED:58:09:B0:57:E9:AC:57:91

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tNkMTfZ2phH1alrtWAmwV-msV5E.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/2aaf4a-e03f-4d61-b652-435e57fccdc9/1/tNkMTfZ2phH1alrtWAmwV-msV5E.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/60/2aaf4a-e03f-4d61-b652-435e57fccdc9/1/tNkMTfZ2phH1alrtWAmwV-msV5E.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3b:d2:07:40:bc:a0:c8:2a:a3:b6:83:ba:f2:f1:94:d6:8c:4a:
         4b:25:0e:66:9f:6f:58:c0:df:b6:e7:01:1f:61:ba:85:87:50:
         08:62:a4:a4:f5:4f:40:8a:25:57:ec:09:8a:02:3e:15:7b:1d:
         79:1f:49:4a:62:83:10:39:e0:9c:b9:3f:c6:0a:f2:81:43:8f:
         1a:24:71:c7:d0:c1:73:02:e1:6d:a0:8d:e3:c4:0b:7a:6c:5a:
         61:4f:3a:b4:3e:53:bd:ad:34:0b:a2:50:27:6b:d4:a6:ae:09:
         1d:63:b4:b3:bf:a1:1b:39:68:c3:f6:cc:96:b7:19:3c:13:72:
         a4:0c:25:3d:e3:d2:1c:7d:a8:7c:87:fa:39:06:55:ad:20:9f:
         81:04:5a:29:c2:4d:94:39:98:ac:20:85:55:83:a1:ae:cf:a8:
         6e:79:21:67:de:a0:fb:7e:63:d2:b8:e2:20:26:b9:9a:29:81:
         1f:dc:91:5a:44:7d:9c:d6:9a:c4:55:c0:12:30:be:8d:5f:4e:
         37:a9:59:8a:65:59:d1:4b:1b:13:e2:15:e3:99:04:30:22:3e:
         90:2d:bf:8e:e2:64:eb:8d:1c:c9:1f:bb:95:41:57:07:f7:9c:
         a2:78:e3:36:a9:08:9c:24:cc:93:d9:08:33:d3:c8:c0:e8:89:
         1c:7c:c1:58
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn8Ian7aQzlIfpU6juAd6cBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0ZDkwYzRkZjY3NmE2MTFmNTZhNWFlZDU4MDliMDU3ZTlh
YzU3OTEwHhcNMjUxMDE5MTEwMTI4WhcNMjUxMDIwMTEwMTI4WjAzMTEwLwYDVQQD
EyhjMTc1ZGIwOGIyOTBjMjMwYzhmOTk2Y2ZiYTA0NDkyZTA1YTM5MTA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyg52O627HClfDFTGbLFmxP+Y6CB4
HgGmwBH6ft6gqOp8JeIEtHUfna5/hOP6m9i4BY90ZE/e6vJDjDNmvnSO41DenLm3
n1MxVJsOZUX1g2W9ZzEgh6Em7F2Rs6QnyPmhcvk8uj050C2QfkGbiPMQT5y2DCma
c7Lsn0xM2OJe7xUxJIf1OZyxwPLr4p8b8S8DRp0BP0TDQk8uFzSNm7CfTRanfAro
PZio/5OtH+X0SWOb6vAeuy6W6IeLskpTwXA2z+ia1iLbNDSWT0jYJ5c+gFS17A5r
3IeAdiqk9vRWq37lqIRZ62pkoAA3pRkA/PIWTAPjEmEWWh2UqU4VsugKowIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMF12wiykMIwyPmWz7oESS4Fo5EJMB8GA1UdIwQY
MBaAFLTZDE32dqYR9Wpa7VgJsFfprFeRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdE5rTVRmWjJwaEgxYWxydFdBbXdWLW1zVjVFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC8yYWFmNGEtZTAzZi00ZDYxLWI2NTIt
NDM1ZTU3ZmNjZGM5LzEvdE5rTVRmWjJwaEgxYWxydFdBbXdWLW1zVjVFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MC8yYWFmNGEtZTAzZi00ZDYxLWI2NTItNDM1ZTU3ZmNjZGM5
LzEvdE5rTVRmWjJwaEgxYWxydFdBbXdWLW1zVjVFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAO9IHQLyg
yCqjtoO68vGU1oxKSyUOZp9vWMDftucBH2G6hYdQCGKkpPVPQIolV+wJigI+FXsd
eR9JSmKDEDngnLk/xgrygUOPGiRxx9DBcwLhbaCN48QLemxaYU86tD5Tva00C6JQ
J2vUpq4JHWO0s7+hGzlow/bMlrcZPBNypAwlPePSHH2ofIf6OQZVrSCfgQRaKcJN
lDmYrCCFVYOhrs+obnkhZ96g+35j0rjiICa5mimBH9yRWkR9nNaaxFXAEjC+jV9O
N6lZimVZ0UsbE+IV45kEMCI+kC2/juJk640cyR+7lUFXB/econjjNqkInCTMk9kI
M9PIwOiJHHzBWA==
-----END CERTIFICATE-----
Generated at Sun Oct 19 15:14:09 2025 by rpki-client