Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9c/6a4b86-32b4-405f-bd65-68083709a4b5/1/TUknoUH7JbdYJMa-rvBnnTT8Sb0.mft
File:                     TUknoUH7JbdYJMa-rvBnnTT8Sb0.mft (raw, json)
Hash identifier:          aWdXt2mTPBjyeluj8mJ+GR6zrC9hYXAP1hJABLGdrJo=
Subject key identifier:   16:71:D5:69:F3:47:60:50:D8:A7:9F:09:20:78:37:86:8B:B9:BE:B7
Authority key identifier: 4D:49:27:A1:41:FB:25:B7:58:24:C6:BE:AE:F0:67:9D:34:FC:49:BD
Certificate issuer:       /CN=4d4927a141fb25b75824c6beaef0679d34fc49bd
Certificate serial:       0199FAD81133A2368CD31B5F1D10900DC5C0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/TUknoUH7JbdYJMa-rvBnnTT8Sb0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/9c/6a4b86-32b4-405f-bd65-68083709a4b5/1/TUknoUH7JbdYJMa-rvBnnTT8Sb0.mft
Manifest number:          03D6
Signing time:             Sun 19 Oct 2025 05:01:28 +0000
Manifest this update:     Sun 19 Oct 2025 05:01:28 +0000
Manifest next update:     Mon 20 Oct 2025 05:01:28 +0000
Files and hashes:         1: TUknoUH7JbdYJMa-rvBnnTT8Sb0.crl (hash: w3ODnnpJ7WoqVywNDjiPTlkwendw7cTSSde7DV+PkTI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/9c/6a4b86-32b4-405f-bd65-68083709a4b5/1/TUknoUH7JbdYJMa-rvBnnTT8Sb0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/9c/6a4b86-32b4-405f-bd65-68083709a4b5/1/TUknoUH7JbdYJMa-rvBnnTT8Sb0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/TUknoUH7JbdYJMa-rvBnnTT8Sb0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 05:01:28 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fa:d8:11:33:a2:36:8c:d3:1b:5f:1d:10:90:0d:c5:c0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4d4927a141fb25b75824c6beaef0679d34fc49bd
        Validity
            Not Before: Oct 19 05:01:28 2025 GMT
            Not After : Oct 20 05:01:28 2025 GMT
        Subject: CN=1671d569f3476050d8a79f09207837868bb9beb7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:99:7e:7c:65:34:06:a3:51:c1:9b:62:b7:84:79:
                    5f:3b:ca:c6:d5:97:f6:72:e7:18:24:38:37:bf:f0:
                    ea:3f:30:40:3c:d3:0c:62:2e:05:8d:25:9b:fb:ee:
                    fc:30:39:9c:92:07:28:9b:24:1c:8f:8f:f2:9d:3b:
                    83:2b:4d:af:ab:45:55:96:b8:14:18:64:f1:cb:48:
                    93:ee:41:1f:95:5e:fd:ff:85:1d:e8:3d:42:bc:33:
                    84:ba:24:43:70:35:e5:aa:b6:90:10:37:e3:13:5a:
                    47:3c:10:de:76:86:54:08:24:4d:d1:20:97:bf:6e:
                    ad:0e:22:29:8b:48:9d:5f:ed:a7:d4:08:c9:cf:14:
                    2e:f2:69:3e:7c:33:1e:b6:ad:18:45:0e:e1:a3:83:
                    00:3f:2c:5b:ef:36:e5:62:03:35:42:89:fb:13:dd:
                    8c:06:e3:72:26:b9:1b:03:1b:9b:17:62:c2:9c:76:
                    67:29:a0:e7:84:a5:b6:ba:00:48:6f:90:60:9a:ab:
                    af:f5:b1:51:72:72:f3:67:89:f8:65:11:d2:ad:24:
                    47:a2:83:b7:bb:e7:eb:75:90:6e:1c:45:f3:3e:da:
                    8e:f4:3a:6f:e1:90:01:79:48:a0:b4:7a:33:d3:ed:
                    a2:12:7e:0a:12:f5:ad:52:c5:91:29:29:f8:53:76:
                    dd:25
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                16:71:D5:69:F3:47:60:50:D8:A7:9F:09:20:78:37:86:8B:B9:BE:B7
            X509v3 Authority Key Identifier:
                keyid:4D:49:27:A1:41:FB:25:B7:58:24:C6:BE:AE:F0:67:9D:34:FC:49:BD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TUknoUH7JbdYJMa-rvBnnTT8Sb0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/6a4b86-32b4-405f-bd65-68083709a4b5/1/TUknoUH7JbdYJMa-rvBnnTT8Sb0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/6a4b86-32b4-405f-bd65-68083709a4b5/1/TUknoUH7JbdYJMa-rvBnnTT8Sb0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         56:a7:09:99:c8:cd:10:46:85:03:bb:55:38:60:77:2a:c3:b5:
         43:57:89:2c:09:59:37:5e:f7:bb:df:3a:3a:1f:70:f9:4b:e7:
         ba:52:61:da:1c:b2:84:fc:68:65:96:84:6f:44:b5:fc:38:ea:
         e9:4c:0f:c1:29:d4:89:22:de:79:da:5c:76:94:ba:fc:3b:ba:
         de:dc:2e:f9:84:0d:dd:fc:e7:6b:c2:bd:b3:52:12:60:af:2d:
         39:d5:02:65:a7:ff:e2:58:bf:23:63:18:c1:6c:f0:55:ad:70:
         bd:47:b5:29:14:36:21:53:74:a4:30:7e:1a:5c:93:02:a5:36:
         4f:18:95:94:64:64:19:68:a2:91:7e:76:94:89:f3:62:22:21:
         ed:26:4c:25:e4:b2:91:42:96:1e:44:c2:8c:b6:9d:75:9b:37:
         67:c7:35:e5:d5:b7:ba:b5:61:f0:ca:f4:9b:89:47:1e:5c:6f:
         89:e7:fa:4c:62:59:57:11:7c:43:7a:d1:79:6e:71:4f:d6:a1:
         15:8c:60:40:3b:45:11:05:42:bc:94:40:8e:a4:06:e7:a4:f3:
         26:da:31:a0:fc:4e:89:d6:9e:56:7e:7d:c1:ef:a6:f7:17:e8:
         13:33:1e:64:d8:2d:41:71:2b:48:f0:d1:32:fe:2b:f9:fd:d9:
         91:e4:3e:e3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn62BEzojaM0xtfHRCQDcXAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRkNDkyN2ExNDFmYjI1Yjc1ODI0YzZiZWFlZjA2NzlkMzRm
YzQ5YmQwHhcNMjUxMDE5MDUwMTI4WhcNMjUxMDIwMDUwMTI4WjAzMTEwLwYDVQQD
EygxNjcxZDU2OWYzNDc2MDUwZDhhNzlmMDkyMDc4Mzc4NjhiYjliZWI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmX58ZTQGo1HBm2K3hHlfO8rG1Zf2
cucYJDg3v/DqPzBAPNMMYi4FjSWb++78MDmckgcomyQcj4/ynTuDK02vq0VVlrgU
GGTxy0iT7kEflV79/4Ud6D1CvDOEuiRDcDXlqraQEDfjE1pHPBDedoZUCCRN0SCX
v26tDiIpi0idX+2n1AjJzxQu8mk+fDMetq0YRQ7ho4MAPyxb7zblYgM1Qon7E92M
BuNyJrkbAxubF2LCnHZnKaDnhKW2ugBIb5Bgmquv9bFRcnLzZ4n4ZRHSrSRHooO3
u+frdZBuHEXzPtqO9Dpv4ZABeUigtHoz0+2iEn4KEvWtUsWRKSn4U3bdJQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBZx1WnzR2BQ2KefCSB4N4aLub63MB8GA1UdIwQY
MBaAFE1JJ6FB+yW3WCTGvq7wZ500/Em9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVFVrbm9VSDdKYmRZSk1hLXJ2Qm5uVFQ4U2IwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yy82YTRiODYtMzJiNC00MDVmLWJkNjUt
NjgwODM3MDlhNGI1LzEvVFVrbm9VSDdKYmRZSk1hLXJ2Qm5uVFQ4U2IwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yy82YTRiODYtMzJiNC00MDVmLWJkNjUtNjgwODM3MDlhNGI1
LzEvVFVrbm9VSDdKYmRZSk1hLXJ2Qm5uVFQ4U2IwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVqcJmcjN
EEaFA7tVOGB3KsO1Q1eJLAlZN173u986Oh9w+UvnulJh2hyyhPxoZZaEb0S1/Djq
6UwPwSnUiSLeedpcdpS6/Du63twu+YQN3fzna8K9s1ISYK8tOdUCZaf/4li/I2MY
wWzwVa1wvUe1KRQ2IVN0pDB+GlyTAqU2TxiVlGRkGWiikX52lInzYiIh7SZMJeSy
kUKWHkTCjLaddZs3Z8c15dW3urVh8Mr0m4lHHlxvief6TGJZVxF8Q3rReW5xT9ah
FYxgQDtFEQVCvJRAjqQG56TzJtoxoPxOidaeVn59we+m9xfoEzMeZNgtQXErSPDR
Mv4r+f3ZkeQ+4w==
-----END CERTIFICATE-----
Generated at Sun Oct 19 15:19:02 2025 by rpki-client