Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7d/0a0c19-023c-40f5-a772-ebd69d7734f0/1/8AI84rpaHU_QpeIn3nTLxB0rucg.mft
File:                     8AI84rpaHU_QpeIn3nTLxB0rucg.mft (raw, json)
Hash identifier:          OLrk6BXtxifMK/sAze8apZdl2Q6euHOCfwCZ/gRELAk=
Subject key identifier:   0F:FF:57:87:A3:F2:FE:C7:E8:7D:41:DC:F5:82:92:F0:80:C5:85:13
Authority key identifier: F0:02:3C:E2:BA:5A:1D:4F:D0:A5:E2:27:DE:74:CB:C4:1D:2B:B9:C8
Certificate issuer:       /CN=f0023ce2ba5a1d4fd0a5e227de74cbc41d2bb9c8
Certificate serial:       0199FC589CE5C576AF401844C0EAF3A31A06
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/8AI84rpaHU_QpeIn3nTLxB0rucg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/7d/0a0c19-023c-40f5-a772-ebd69d7734f0/1/8AI84rpaHU_QpeIn3nTLxB0rucg.mft
Manifest number:          142B
Signing time:             Sun 19 Oct 2025 12:01:29 +0000
Manifest this update:     Sun 19 Oct 2025 12:01:29 +0000
Manifest next update:     Mon 20 Oct 2025 12:01:29 +0000
Files and hashes:         1: 8AI84rpaHU_QpeIn3nTLxB0rucg.crl (hash: CgjfyA4cfUINDuDO2rAXXxn3hxYilQHu2Hzv0/35K1g=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/7d/0a0c19-023c-40f5-a772-ebd69d7734f0/1/8AI84rpaHU_QpeIn3nTLxB0rucg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/7d/0a0c19-023c-40f5-a772-ebd69d7734f0/1/8AI84rpaHU_QpeIn3nTLxB0rucg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/8AI84rpaHU_QpeIn3nTLxB0rucg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 06:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fc:58:9c:e5:c5:76:af:40:18:44:c0:ea:f3:a3:1a:06
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f0023ce2ba5a1d4fd0a5e227de74cbc41d2bb9c8
        Validity
            Not Before: Oct 19 12:01:29 2025 GMT
            Not After : Oct 20 12:01:29 2025 GMT
        Subject: CN=0fff5787a3f2fec7e87d41dcf58292f080c58513
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d2:4e:8d:79:ed:96:90:a3:d1:df:7f:19:3d:94:
                    87:88:68:37:2f:3f:35:63:3f:81:76:fd:fa:67:f3:
                    ad:4d:61:8e:e9:1e:55:20:24:67:91:fb:f7:f5:da:
                    d6:9f:b9:f1:c7:14:47:5b:27:dc:a4:54:6a:18:b3:
                    00:f2:30:26:30:e2:6c:da:38:3a:54:2b:3f:b1:27:
                    97:73:cd:e9:df:26:47:fd:0d:60:72:87:cf:5e:3f:
                    48:15:2d:8c:4c:75:96:78:d6:bf:a9:3d:bb:9f:d8:
                    41:92:09:fe:4a:df:b1:40:6c:cf:1b:91:a6:46:ec:
                    6c:df:11:27:62:60:b6:66:42:10:67:95:e8:34:35:
                    6d:f7:da:ea:88:eb:92:46:c5:d1:15:53:88:d5:e0:
                    be:10:2d:6f:82:39:d3:33:1e:ef:95:d4:c1:0f:7a:
                    7f:12:bb:7a:3d:a5:ab:6a:49:f3:f9:23:52:36:b1:
                    e5:a8:fa:03:50:b3:35:c9:0d:b6:c1:45:5e:51:21:
                    58:83:47:86:0b:47:14:80:10:00:9f:52:c8:74:5d:
                    06:00:61:79:22:13:4b:a7:e4:91:24:ec:c4:0b:4a:
                    7e:3f:b8:e0:ff:c8:c4:fe:2b:31:ce:90:5a:4b:80:
                    a0:c4:1c:3e:fa:f0:31:c3:2f:97:69:c2:e4:c0:c2:
                    d5:c7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0F:FF:57:87:A3:F2:FE:C7:E8:7D:41:DC:F5:82:92:F0:80:C5:85:13
            X509v3 Authority Key Identifier:
                keyid:F0:02:3C:E2:BA:5A:1D:4F:D0:A5:E2:27:DE:74:CB:C4:1D:2B:B9:C8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8AI84rpaHU_QpeIn3nTLxB0rucg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/0a0c19-023c-40f5-a772-ebd69d7734f0/1/8AI84rpaHU_QpeIn3nTLxB0rucg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/0a0c19-023c-40f5-a772-ebd69d7734f0/1/8AI84rpaHU_QpeIn3nTLxB0rucg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7f:b7:95:fa:a2:17:07:77:d1:fe:9d:8f:76:eb:75:34:81:74:
         08:72:4a:10:fd:97:7e:2d:e9:46:23:9a:68:34:d1:af:27:bd:
         e7:fa:23:46:81:b1:c6:f0:4e:07:f4:25:85:08:69:dc:0d:b5:
         5c:a4:ab:91:e6:1d:40:e0:b3:de:1b:43:6d:c4:4f:a9:5c:18:
         08:ef:d1:2e:89:b4:11:ef:a8:2a:a5:41:f1:e7:32:f4:fa:c7:
         dd:7e:01:58:52:7e:f6:0c:2c:86:8f:bd:4a:cd:35:fe:c7:03:
         37:5a:de:6e:e0:80:4f:61:8f:f6:3e:de:12:a7:37:c3:5b:a7:
         ea:4f:09:73:27:9c:fb:b8:fe:63:ea:41:24:93:61:c3:ae:63:
         89:6e:23:15:a4:a4:4c:9d:f6:65:d7:8c:d4:b5:8c:40:05:93:
         f1:2b:b3:42:cf:6d:be:8a:0c:c2:fc:ba:5c:d8:27:54:57:c9:
         78:bd:60:8e:16:28:64:c2:75:a1:ad:f7:b2:75:cf:05:7f:ae:
         70:85:20:47:02:cb:02:be:ef:05:43:6e:4c:4c:9f:08:38:b8:
         3b:88:b7:f9:58:b8:12:e2:cc:88:e6:b0:c6:0f:a5:be:5f:32:
         5e:e8:3c:9a:53:33:2f:5f:14:91:c0:a7:23:ab:0a:1d:f4:49:
         49:f4:d8:71
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn8WJzlxXavQBhEwOrzoxoGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwMDIzY2UyYmE1YTFkNGZkMGE1ZTIyN2RlNzRjYmM0MWQy
YmI5YzgwHhcNMjUxMDE5MTIwMTI5WhcNMjUxMDIwMTIwMTI5WjAzMTEwLwYDVQQD
EygwZmZmNTc4N2EzZjJmZWM3ZTg3ZDQxZGNmNTgyOTJmMDgwYzU4NTEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0k6Nee2WkKPR338ZPZSHiGg3Lz81
Yz+Bdv36Z/OtTWGO6R5VICRnkfv39drWn7nxxxRHWyfcpFRqGLMA8jAmMOJs2jg6
VCs/sSeXc83p3yZH/Q1gcofPXj9IFS2MTHWWeNa/qT27n9hBkgn+St+xQGzPG5Gm
Ruxs3xEnYmC2ZkIQZ5XoNDVt99rqiOuSRsXRFVOI1eC+EC1vgjnTMx7vldTBD3p/
Ert6PaWraknz+SNSNrHlqPoDULM1yQ22wUVeUSFYg0eGC0cUgBAAn1LIdF0GAGF5
IhNLp+SRJOzEC0p+P7jg/8jE/isxzpBaS4CgxBw++vAxwy+XacLkwMLVxwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFA//V4ej8v7H6H1B3PWCkvCAxYUTMB8GA1UdIwQY
MBaAFPACPOK6Wh1P0KXiJ950y8QdK7nIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOEFJODRycGFIVV9RcGVJbjNuVEx4QjBydWNnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZC8wYTBjMTktMDIzYy00MGY1LWE3NzIt
ZWJkNjlkNzczNGYwLzEvOEFJODRycGFIVV9RcGVJbjNuVEx4QjBydWNnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZC8wYTBjMTktMDIzYy00MGY1LWE3NzItZWJkNjlkNzczNGYw
LzEvOEFJODRycGFIVV9RcGVJbjNuVEx4QjBydWNnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAf7eV+qIX
B3fR/p2Pdut1NIF0CHJKEP2Xfi3pRiOaaDTRrye95/ojRoGxxvBOB/QlhQhp3A21
XKSrkeYdQOCz3htDbcRPqVwYCO/RLom0Ee+oKqVB8ecy9PrH3X4BWFJ+9gwsho+9
Ss01/scDN1rebuCAT2GP9j7eEqc3w1un6k8Jcyec+7j+Y+pBJJNhw65jiW4jFaSk
TJ32ZdeM1LWMQAWT8SuzQs9tvooMwvy6XNgnVFfJeL1gjhYoZMJ1oa33snXPBX+u
cIUgRwLLAr7vBUNuTEyfCDi4O4i3+Vi4EuLMiOawxg+lvl8yXug8mlMzL18UkcCn
I6sKHfRJSfTYcQ==
-----END CERTIFICATE-----
Generated at Sun Oct 19 15:12:57 2025 by rpki-client