Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/15c39c-f7d4-4a1f-a49a-4918b02742c7/1/hqSVrmh0HnnVjjiGviqoeMSME7Y.mft
File:                     hqSVrmh0HnnVjjiGviqoeMSME7Y.mft (raw, json)
Hash identifier:          mHoyzULJsg+AgeA7qegF937eqoqDrG8p+V6NoccmECM=
Subject key identifier:   ED:EE:7E:5A:63:58:38:E7:8F:08:E7:A5:97:C8:9F:EF:14:FE:97:37
Authority key identifier: 86:A4:95:AE:68:74:1E:79:D5:8E:38:86:BE:2A:A8:78:C4:8C:13:B6
Certificate issuer:       /CN=86a495ae68741e79d58e3886be2aa878c48c13b6
Certificate serial:       0199FCC638433CF544A0698C7237AA5B9BA9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hqSVrmh0HnnVjjiGviqoeMSME7Y.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/61/15c39c-f7d4-4a1f-a49a-4918b02742c7/1/hqSVrmh0HnnVjjiGviqoeMSME7Y.mft
Manifest number:          16DF
Signing time:             Sun 19 Oct 2025 14:01:12 +0000
Manifest this update:     Sun 19 Oct 2025 14:01:12 +0000
Manifest next update:     Mon 20 Oct 2025 14:01:12 +0000
Files and hashes:         1: hqSVrmh0HnnVjjiGviqoeMSME7Y.crl (hash: VYq0b03FbQN1GLtpGuSh265eRO6EbPtAUJuPJ8iOAJ0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/61/15c39c-f7d4-4a1f-a49a-4918b02742c7/1/hqSVrmh0HnnVjjiGviqoeMSME7Y.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/61/15c39c-f7d4-4a1f-a49a-4918b02742c7/1/hqSVrmh0HnnVjjiGviqoeMSME7Y.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/hqSVrmh0HnnVjjiGviqoeMSME7Y.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 11:18:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fc:c6:38:43:3c:f5:44:a0:69:8c:72:37:aa:5b:9b:a9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=86a495ae68741e79d58e3886be2aa878c48c13b6
        Validity
            Not Before: Oct 19 14:01:12 2025 GMT
            Not After : Oct 20 14:01:12 2025 GMT
        Subject: CN=edee7e5a635838e78f08e7a597c89fef14fe9737
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:06:55:7f:3a:39:c2:b2:63:b6:2f:81:13:d6:
                    6a:b2:e0:ee:38:77:bc:98:87:9a:1e:d3:a3:97:82:
                    49:26:9b:ec:9d:b0:b7:76:b8:92:a2:76:c1:e6:ad:
                    cd:0e:b5:c2:03:6a:f3:78:5d:4f:ba:ae:b8:81:f9:
                    f9:30:63:72:d3:5f:5e:7c:07:b4:cc:5d:fa:15:4c:
                    89:7d:bd:91:9b:35:a7:35:f4:c3:c4:ae:18:90:89:
                    15:a7:d0:4f:c6:d0:9e:ed:d9:66:05:25:1d:72:12:
                    da:30:9c:e8:77:40:83:df:a5:17:b3:81:81:b2:a4:
                    96:13:2e:0e:f6:7f:64:e8:d7:ca:48:fc:ed:50:85:
                    05:6f:67:b8:a5:cc:5a:63:69:ed:f8:75:f5:bb:54:
                    1f:9f:74:7f:4f:1e:84:b5:e5:86:b1:d1:7c:29:a8:
                    a4:77:0e:69:84:a3:8b:61:25:00:19:20:4a:97:85:
                    95:53:75:cf:f9:e9:5c:6c:e4:22:50:9b:25:c5:3d:
                    21:43:c6:dc:a8:b4:67:9e:6a:85:a3:30:c8:ce:2c:
                    ec:5a:71:7a:3d:73:fd:83:2a:d4:9c:f7:37:a5:ba:
                    fc:62:b1:ed:6b:00:d4:44:bb:19:89:36:44:05:29:
                    68:41:e8:2b:75:89:17:de:5a:89:24:4b:54:aa:53:
                    1b:a3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                ED:EE:7E:5A:63:58:38:E7:8F:08:E7:A5:97:C8:9F:EF:14:FE:97:37
            X509v3 Authority Key Identifier:
                keyid:86:A4:95:AE:68:74:1E:79:D5:8E:38:86:BE:2A:A8:78:C4:8C:13:B6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hqSVrmh0HnnVjjiGviqoeMSME7Y.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/15c39c-f7d4-4a1f-a49a-4918b02742c7/1/hqSVrmh0HnnVjjiGviqoeMSME7Y.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/61/15c39c-f7d4-4a1f-a49a-4918b02742c7/1/hqSVrmh0HnnVjjiGviqoeMSME7Y.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         e0:0b:ce:0d:6b:18:18:22:5b:e4:10:41:c9:da:3f:45:6b:7c:
         5e:c2:b4:58:1b:4f:21:fe:9e:76:06:1e:6d:fb:c8:68:05:4b:
         53:61:74:ad:17:cf:fe:59:ef:bf:9c:37:68:9b:72:17:5f:41:
         2c:fa:2c:98:f6:41:d2:2a:a6:f8:75:70:23:4a:18:eb:c9:b2:
         cd:37:d3:37:53:34:bc:37:d0:da:be:3f:0c:90:fd:92:9d:93:
         7d:98:47:12:7b:d7:03:92:69:cc:3e:12:5e:44:1b:b6:44:87:
         aa:57:45:b5:e8:43:3e:d1:a3:45:41:08:0b:0b:58:a0:41:cb:
         8c:1a:e3:05:77:2b:dd:1f:9a:59:0f:67:93:b1:2c:10:6b:72:
         c1:12:4b:91:a9:f5:f9:20:59:cc:57:cb:fa:1b:56:0e:e5:f6:
         e4:ff:1e:a1:f1:02:f1:19:ce:ac:44:c8:cf:5b:73:1d:34:e7:
         ce:0b:c0:8b:00:ad:1f:7d:32:d2:2b:6c:5d:7f:e4:5f:11:5f:
         21:b0:1a:99:f3:e5:b6:46:e9:7c:66:35:a8:06:43:af:01:08:
         df:a8:d6:eb:61:cf:d0:65:28:03:13:11:ac:1c:48:6f:5d:aa:
         ef:cc:c5:eb:70:8c:eb:07:e0:a6:01:a9:12:25:ed:36:4b:7f:
         50:0c:60:3e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn8xjhDPPVEoGmMcjeqW5upMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2YTQ5NWFlNjg3NDFlNzlkNThlMzg4NmJlMmFhODc4YzQ4
YzEzYjYwHhcNMjUxMDE5MTQwMTEyWhcNMjUxMDIwMTQwMTEyWjAzMTEwLwYDVQQD
EyhlZGVlN2U1YTYzNTgzOGU3OGYwOGU3YTU5N2M4OWZlZjE0ZmU5NzM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtwZVfzo5wrJjti+BE9ZqsuDuOHe8
mIeaHtOjl4JJJpvsnbC3driSonbB5q3NDrXCA2rzeF1Puq64gfn5MGNy019efAe0
zF36FUyJfb2RmzWnNfTDxK4YkIkVp9BPxtCe7dlmBSUdchLaMJzod0CD36UXs4GB
sqSWEy4O9n9k6NfKSPztUIUFb2e4pcxaY2nt+HX1u1Qfn3R/Tx6EteWGsdF8Kaik
dw5phKOLYSUAGSBKl4WVU3XP+elcbOQiUJslxT0hQ8bcqLRnnmqFozDIzizsWnF6
PXP9gyrUnPc3pbr8YrHtawDURLsZiTZEBSloQegrdYkX3lqJJEtUqlMbowIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFO3uflpjWDjnjwjnpZfIn+8U/pc3MB8GA1UdIwQY
MBaAFIakla5odB551Y44hr4qqHjEjBO2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHFTVnJtaDBIbm5WamppR3ZpcW9lTVNNRTdZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MS8xNWMzOWMtZjdkNC00YTFmLWE0OWEt
NDkxOGIwMjc0MmM3LzEvaHFTVnJtaDBIbm5WamppR3ZpcW9lTVNNRTdZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MS8xNWMzOWMtZjdkNC00YTFmLWE0OWEtNDkxOGIwMjc0MmM3
LzEvaHFTVnJtaDBIbm5WamppR3ZpcW9lTVNNRTdZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEA4AvODWsY
GCJb5BBBydo/RWt8XsK0WBtPIf6edgYebfvIaAVLU2F0rRfP/lnvv5w3aJtyF19B
LPosmPZB0iqm+HVwI0oY68myzTfTN1M0vDfQ2r4/DJD9kp2TfZhHEnvXA5JpzD4S
XkQbtkSHqldFtehDPtGjRUEICwtYoEHLjBrjBXcr3R+aWQ9nk7EsEGtywRJLkan1
+SBZzFfL+htWDuX25P8eofEC8RnOrETIz1tzHTTnzgvAiwCtH30y0itsXX/kXxFf
IbAamfPltkbpfGY1qAZDrwEI36jW62HP0GUoAxMRrBxIb12q78zF63CM6wfgpgGp
EiXtNkt/UAxgPg==
-----END CERTIFICATE-----
Generated at Sun Oct 19 20:11:44 2025 by rpki-client