Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6f/5d9760-e36e-47c2-96e3-6dc510e98b73/1/I6lUuSO6IAjpheuiQdG3AHF_iEM.mft
File:                     I6lUuSO6IAjpheuiQdG3AHF_iEM.mft (raw, json)
Hash identifier:          1ycK7ek1zXcOXEzquQoKoramElYr9vkyFGYhb7Qa3Bo=
Subject key identifier:   A8:D2:64:E5:59:56:66:99:F8:73:38:50:14:79:93:49:A3:EF:DC:E8
Authority key identifier: 23:A9:54:B9:23:BA:20:08:E9:85:EB:A2:41:D1:B7:00:71:7F:88:43
Certificate issuer:       /CN=23a954b923ba2008e985eba241d1b700717f8843
Certificate serial:       0199FBEBE1158FCA18D83BAA0D0100BD620D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/I6lUuSO6IAjpheuiQdG3AHF_iEM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/6f/5d9760-e36e-47c2-96e3-6dc510e98b73/1/I6lUuSO6IAjpheuiQdG3AHF_iEM.mft
Manifest number:          152A
Signing time:             Sun 19 Oct 2025 10:02:43 +0000
Manifest this update:     Sun 19 Oct 2025 10:02:43 +0000
Manifest next update:     Mon 20 Oct 2025 10:02:43 +0000
Files and hashes:         1: I6lUuSO6IAjpheuiQdG3AHF_iEM.crl (hash: KVLp4lmZWvvdUeXr0rrODztBPGEb95k1qSlMqGtsh98=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/6f/5d9760-e36e-47c2-96e3-6dc510e98b73/1/I6lUuSO6IAjpheuiQdG3AHF_iEM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/6f/5d9760-e36e-47c2-96e3-6dc510e98b73/1/I6lUuSO6IAjpheuiQdG3AHF_iEM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/I6lUuSO6IAjpheuiQdG3AHF_iEM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 06:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fb:eb:e1:15:8f:ca:18:d8:3b:aa:0d:01:00:bd:62:0d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=23a954b923ba2008e985eba241d1b700717f8843
        Validity
            Not Before: Oct 19 10:02:43 2025 GMT
            Not After : Oct 20 10:02:43 2025 GMT
        Subject: CN=a8d264e559566699f873385014799349a3efdce8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ef:23:ed:d9:38:6a:60:49:76:38:bb:55:0e:47:
                    bf:76:0e:fc:aa:95:c5:83:90:e6:9a:b8:1c:f9:ec:
                    bb:38:ce:6a:dc:86:05:b4:63:44:cc:9f:05:b7:12:
                    98:e5:80:98:4b:68:1e:c7:82:20:70:70:5e:49:1d:
                    b3:f2:53:40:71:e6:09:c2:76:4c:6d:6e:85:4e:b8:
                    96:6e:bb:c1:d3:61:ee:bc:27:b7:7c:82:2d:6e:4b:
                    84:28:05:cb:6c:7f:01:45:9e:1b:f4:e3:cb:cb:64:
                    8b:db:50:61:f4:94:3a:2f:89:17:ec:7c:d2:d3:d2:
                    55:fe:16:71:2c:9e:1f:e3:b7:21:5b:82:bb:34:8a:
                    4b:8d:a3:e0:4d:5a:ff:ac:33:a9:a9:b9:e3:8a:9e:
                    06:64:3b:d0:26:75:4b:d5:7e:0a:12:2c:80:31:7d:
                    af:ac:7c:2e:9e:1c:b2:a0:60:de:19:0f:ff:df:2c:
                    f8:44:38:5d:ba:91:ef:09:22:3c:ed:52:64:3d:19:
                    c4:b5:81:56:e7:a8:d7:12:23:76:6c:1d:15:43:f0:
                    2b:f7:43:13:14:b8:f4:a6:2f:8d:26:03:75:98:2e:
                    7c:39:cb:b4:a9:58:65:7d:76:71:2d:94:5c:17:c1:
                    bf:7e:63:12:1d:d6:01:89:dd:65:b7:05:5d:af:c2:
                    95:f5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A8:D2:64:E5:59:56:66:99:F8:73:38:50:14:79:93:49:A3:EF:DC:E8
            X509v3 Authority Key Identifier:
                keyid:23:A9:54:B9:23:BA:20:08:E9:85:EB:A2:41:D1:B7:00:71:7F:88:43

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/I6lUuSO6IAjpheuiQdG3AHF_iEM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/5d9760-e36e-47c2-96e3-6dc510e98b73/1/I6lUuSO6IAjpheuiQdG3AHF_iEM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/5d9760-e36e-47c2-96e3-6dc510e98b73/1/I6lUuSO6IAjpheuiQdG3AHF_iEM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1c:51:57:33:35:7e:3f:3b:a4:03:17:09:52:49:53:8d:a8:29:
         78:b1:a5:8a:8b:ff:94:ce:f0:94:c2:29:6c:36:b1:87:d5:8f:
         ff:b5:20:d4:8e:77:44:4e:4d:39:4f:46:e0:9e:8c:92:48:68:
         c7:ae:ac:78:40:3f:c7:58:0a:06:b9:77:18:6a:a2:1b:5a:86:
         b5:61:31:ec:b8:b8:d5:04:4f:28:38:85:26:68:f8:1c:1e:15:
         75:65:c2:10:05:a8:a8:98:0f:0b:ca:90:a6:f3:15:7b:4a:92:
         7c:3a:99:3c:cf:d9:b5:db:59:c8:da:54:29:ee:53:cb:53:43:
         49:b4:85:89:fe:7e:91:fd:c2:de:94:d5:43:e0:b2:00:4a:d3:
         a1:0c:e0:ca:5b:b6:cf:1a:07:99:01:e0:ee:00:da:da:e3:49:
         d8:b6:e5:2b:ae:73:93:65:e8:d1:52:8a:1b:f6:9a:52:61:89:
         0d:14:49:2f:25:1d:77:99:dc:b6:a4:ca:29:66:d3:c9:8a:e6:
         cb:8c:30:94:36:d1:84:88:05:31:e1:71:64:88:c0:77:dd:bb:
         56:51:f7:6c:e2:7d:74:03:e0:05:83:b0:2b:0b:26:1b:cf:7f:
         f3:7b:9a:bf:3b:f3:9e:01:45:cb:d3:fc:dd:f8:6c:84:84:a9:
         50:ff:fa:48
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn76+EVj8oY2DuqDQEAvWINMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIzYTk1NGI5MjNiYTIwMDhlOTg1ZWJhMjQxZDFiNzAwNzE3
Zjg4NDMwHhcNMjUxMDE5MTAwMjQzWhcNMjUxMDIwMTAwMjQzWjAzMTEwLwYDVQQD
EyhhOGQyNjRlNTU5NTY2Njk5Zjg3MzM4NTAxNDc5OTM0OWEzZWZkY2U4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7yPt2ThqYEl2OLtVDke/dg78qpXF
g5Dmmrgc+ey7OM5q3IYFtGNEzJ8FtxKY5YCYS2gex4IgcHBeSR2z8lNAceYJwnZM
bW6FTriWbrvB02HuvCe3fIItbkuEKAXLbH8BRZ4b9OPLy2SL21Bh9JQ6L4kX7HzS
09JV/hZxLJ4f47chW4K7NIpLjaPgTVr/rDOpqbnjip4GZDvQJnVL1X4KEiyAMX2v
rHwunhyyoGDeGQ//3yz4RDhdupHvCSI87VJkPRnEtYFW56jXEiN2bB0VQ/Ar90MT
FLj0pi+NJgN1mC58Ocu0qVhlfXZxLZRcF8G/fmMSHdYBid1ltwVdr8KV9QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKjSZOVZVmaZ+HM4UBR5k0mj79zoMB8GA1UdIwQY
MBaAFCOpVLkjuiAI6YXrokHRtwBxf4hDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSTZsVXVTTzZJQWpwaGV1aVFkRzNBSEZfaUVNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Zi81ZDk3NjAtZTM2ZS00N2MyLTk2ZTMt
NmRjNTEwZTk4YjczLzEvSTZsVXVTTzZJQWpwaGV1aVFkRzNBSEZfaUVNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Zi81ZDk3NjAtZTM2ZS00N2MyLTk2ZTMtNmRjNTEwZTk4Yjcz
LzEvSTZsVXVTTzZJQWpwaGV1aVFkRzNBSEZfaUVNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHFFXMzV+
PzukAxcJUklTjagpeLGliov/lM7wlMIpbDaxh9WP/7Ug1I53RE5NOU9G4J6Mkkho
x66seEA/x1gKBrl3GGqiG1qGtWEx7Li41QRPKDiFJmj4HB4VdWXCEAWoqJgPC8qQ
pvMVe0qSfDqZPM/ZtdtZyNpUKe5Ty1NDSbSFif5+kf3C3pTVQ+CyAErToQzgylu2
zxoHmQHg7gDa2uNJ2LblK65zk2Xo0VKKG/aaUmGJDRRJLyUdd5nctqTKKWbTyYrm
y4wwlDbRhIgFMeFxZIjAd927VlH3bOJ9dAPgBYOwKwsmG89/83uavzvzngFFy9P8
3fhshISpUP/6SA==
-----END CERTIFICATE-----
Generated at Sun Oct 19 15:18:39 2025 by rpki-client