Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6d/2135e3-593f-4cdb-af55-c6f4ee872364/1/cVYaucXzkpItp8rhgMMwc2XwI4Y.mft
File:                     cVYaucXzkpItp8rhgMMwc2XwI4Y.mft (raw, json)
Hash identifier:          dkuhgfdrXrIsYP4t5Aj6VwcC5sEovmiYEhXwpiYYHVQ=
Subject key identifier:   D4:FC:97:B4:BB:32:68:EA:B2:0A:2F:95:F0:FE:13:C4:7E:6F:6A:24
Authority key identifier: 71:56:1A:B9:C5:F3:92:92:2D:A7:CA:E1:80:C3:30:73:65:F0:23:86
Certificate issuer:       /CN=71561ab9c5f392922da7cae180c3307365f02386
Certificate serial:       0199FBEBAA49DD2B03E126685FAFF2B5283B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/cVYaucXzkpItp8rhgMMwc2XwI4Y.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/6d/2135e3-593f-4cdb-af55-c6f4ee872364/1/cVYaucXzkpItp8rhgMMwc2XwI4Y.mft
Manifest number:          1013
Signing time:             Sun 19 Oct 2025 10:02:29 +0000
Manifest this update:     Sun 19 Oct 2025 10:02:29 +0000
Manifest next update:     Mon 20 Oct 2025 10:02:29 +0000
Files and hashes:         1: cVYaucXzkpItp8rhgMMwc2XwI4Y.crl (hash: ojd9qW8IXwR9UAmg9GrGVH9IZe2vnHle+b4nIHIJaGg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/6d/2135e3-593f-4cdb-af55-c6f4ee872364/1/cVYaucXzkpItp8rhgMMwc2XwI4Y.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/6d/2135e3-593f-4cdb-af55-c6f4ee872364/1/cVYaucXzkpItp8rhgMMwc2XwI4Y.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/cVYaucXzkpItp8rhgMMwc2XwI4Y.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 10:02:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fb:eb:aa:49:dd:2b:03:e1:26:68:5f:af:f2:b5:28:3b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=71561ab9c5f392922da7cae180c3307365f02386
        Validity
            Not Before: Oct 19 10:02:29 2025 GMT
            Not After : Oct 20 10:02:29 2025 GMT
        Subject: CN=d4fc97b4bb3268eab20a2f95f0fe13c47e6f6a24
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9d:2f:98:bf:46:63:25:22:da:8d:bf:11:af:88:
                    41:d7:4d:8c:b9:91:37:62:4d:ba:b1:65:64:6e:90:
                    58:58:72:4f:8d:7e:b0:09:76:b7:f4:5a:4e:29:c9:
                    e2:ca:44:1d:a8:57:38:6f:a2:dc:27:9f:88:29:9b:
                    8a:65:9c:f5:20:06:1a:5d:6f:e2:a4:af:11:15:b4:
                    df:c5:99:67:7c:d4:e2:f3:c2:d2:32:32:31:b8:2f:
                    1b:56:ef:d4:67:a6:62:fd:eb:87:6f:94:f2:00:6f:
                    e8:a4:18:2d:80:6e:a2:2e:9b:e1:05:bd:23:34:05:
                    45:80:42:1d:85:ec:0b:2b:c2:e1:f8:e3:89:20:8b:
                    fb:5a:2e:0b:8f:6c:24:21:5c:44:0a:ee:0a:89:dd:
                    63:0c:8e:50:b0:d5:d6:70:67:4e:63:11:4a:30:c4:
                    5a:55:c3:11:2f:33:49:ef:a5:de:66:33:93:08:dd:
                    46:32:1c:e6:2c:1b:63:03:98:5f:50:2f:29:79:23:
                    22:a3:c1:59:d1:f7:d7:ca:a1:2c:13:bb:82:f6:2f:
                    43:c0:9d:71:1d:9b:87:7f:cb:cc:75:c2:11:71:47:
                    49:ee:09:38:e4:0c:1f:f3:69:eb:45:a9:2c:fa:8d:
                    43:e5:67:ad:ff:7f:39:e3:dc:e5:63:f9:a7:e3:d0:
                    cb:61
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D4:FC:97:B4:BB:32:68:EA:B2:0A:2F:95:F0:FE:13:C4:7E:6F:6A:24
            X509v3 Authority Key Identifier:
                keyid:71:56:1A:B9:C5:F3:92:92:2D:A7:CA:E1:80:C3:30:73:65:F0:23:86

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cVYaucXzkpItp8rhgMMwc2XwI4Y.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/2135e3-593f-4cdb-af55-c6f4ee872364/1/cVYaucXzkpItp8rhgMMwc2XwI4Y.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/2135e3-593f-4cdb-af55-c6f4ee872364/1/cVYaucXzkpItp8rhgMMwc2XwI4Y.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4a:9b:79:1c:4f:3f:c9:71:e4:8c:d1:36:af:f2:37:e8:c2:27:
         5d:5a:46:6c:83:67:5a:b5:ed:06:20:4b:f3:cf:38:2d:88:d6:
         a8:6c:91:ba:bb:69:f0:ed:ac:7a:90:f0:ec:37:02:c4:b5:dc:
         21:a7:cb:3f:96:c1:20:11:7c:9f:5e:b8:2f:e3:6e:f4:02:ff:
         de:f0:77:32:0a:6f:1d:5f:92:27:cc:22:6d:4e:dc:0e:f5:b6:
         42:e7:a0:44:b7:bd:35:31:22:b6:80:4e:c1:8b:e6:f9:39:e5:
         9d:06:72:4a:14:46:f5:5a:ea:b1:40:96:60:64:ef:0e:04:4a:
         aa:9c:fa:f9:93:05:0f:40:00:c0:13:87:7b:f6:de:0c:f3:eb:
         a5:67:75:ab:f7:12:78:01:cb:65:05:db:6a:05:8c:92:04:20:
         3f:94:f2:c2:15:51:2b:cf:e6:a4:91:02:4f:72:a4:1a:a4:0b:
         25:e9:94:2d:92:44:24:c0:ae:b9:33:2b:94:32:a5:e2:be:44:
         be:ed:80:75:63:2b:d4:79:69:a5:0b:a7:6b:ff:bb:81:80:a3:
         7a:10:7c:77:0f:d0:c4:db:e8:c8:dc:eb:9c:96:36:01:e5:8e:
         19:37:ae:15:7b:82:c7:18:32:8d:1e:1f:fa:42:3f:97:b9:40:
         63:d9:bd:7d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn766pJ3SsD4SZoX6/ytSg7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcxNTYxYWI5YzVmMzkyOTIyZGE3Y2FlMTgwYzMzMDczNjVm
MDIzODYwHhcNMjUxMDE5MTAwMjI5WhcNMjUxMDIwMTAwMjI5WjAzMTEwLwYDVQQD
EyhkNGZjOTdiNGJiMzI2OGVhYjIwYTJmOTVmMGZlMTNjNDdlNmY2YTI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnS+Yv0ZjJSLajb8Rr4hB102MuZE3
Yk26sWVkbpBYWHJPjX6wCXa39FpOKcniykQdqFc4b6LcJ5+IKZuKZZz1IAYaXW/i
pK8RFbTfxZlnfNTi88LSMjIxuC8bVu/UZ6Zi/euHb5TyAG/opBgtgG6iLpvhBb0j
NAVFgEIdhewLK8Lh+OOJIIv7Wi4Lj2wkIVxECu4Kid1jDI5QsNXWcGdOYxFKMMRa
VcMRLzNJ76XeZjOTCN1GMhzmLBtjA5hfUC8peSMio8FZ0ffXyqEsE7uC9i9DwJ1x
HZuHf8vMdcIRcUdJ7gk45Awf82nrRaks+o1D5Wet/38549zlY/mn49DLYQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNT8l7S7MmjqsgovlfD+E8R+b2okMB8GA1UdIwQY
MBaAFHFWGrnF85KSLafK4YDDMHNl8COGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY1ZZYXVjWHprcEl0cDhyaGdNTXdjMlh3STRZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZC8yMTM1ZTMtNTkzZi00Y2RiLWFmNTUt
YzZmNGVlODcyMzY0LzEvY1ZZYXVjWHprcEl0cDhyaGdNTXdjMlh3STRZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZC8yMTM1ZTMtNTkzZi00Y2RiLWFmNTUtYzZmNGVlODcyMzY0
LzEvY1ZZYXVjWHprcEl0cDhyaGdNTXdjMlh3STRZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEASpt5HE8/
yXHkjNE2r/I36MInXVpGbINnWrXtBiBL8884LYjWqGyRurtp8O2sepDw7DcCxLXc
IafLP5bBIBF8n164L+Nu9AL/3vB3MgpvHV+SJ8wibU7cDvW2QuegRLe9NTEitoBO
wYvm+TnlnQZyShRG9VrqsUCWYGTvDgRKqpz6+ZMFD0AAwBOHe/beDPPrpWd1q/cS
eAHLZQXbagWMkgQgP5TywhVRK8/mpJECT3KkGqQLJemULZJEJMCuuTMrlDKl4r5E
vu2AdWMr1HlppQuna/+7gYCjehB8dw/QxNvoyNzrnJY2AeWOGTeuFXuCxxgyjR4f
+kI/l7lAY9m9fQ==
-----END CERTIFICATE-----
Generated at Sun Oct 19 17:45:43 2025 by rpki-client