Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a1/05bb43-4ae8-4b6d-b46c-113ede3aff79/1/y5ocuA-2NzLlMAR6HsVSn4yLGgY.mft
File:                     y5ocuA-2NzLlMAR6HsVSn4yLGgY.mft (raw, json)
Hash identifier:          cf/XLlacxAbjdbXZWLnuJzsfGFdYHEnVuudlVkxJ0LQ=
Subject key identifier:   D0:55:61:55:89:B1:C1:4D:60:69:CE:FA:42:6A:E4:C2:14:EB:F1:94
Authority key identifier: CB:9A:1C:B8:0F:B6:37:32:E5:30:04:7A:1E:C5:52:9F:8C:8B:1A:06
Certificate issuer:       /CN=cb9a1cb80fb63732e530047a1ec5529f8c8b1a06
Certificate serial:       0199FA69FEE50EFCCDD41A208F6968B9A0C9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/y5ocuA-2NzLlMAR6HsVSn4yLGgY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a1/05bb43-4ae8-4b6d-b46c-113ede3aff79/1/y5ocuA-2NzLlMAR6HsVSn4yLGgY.mft
Manifest number:          03F9
Signing time:             Sun 19 Oct 2025 03:01:14 +0000
Manifest this update:     Sun 19 Oct 2025 03:01:14 +0000
Manifest next update:     Mon 20 Oct 2025 03:01:14 +0000
Files and hashes:         1: y5ocuA-2NzLlMAR6HsVSn4yLGgY.crl (hash: cjZivc84M2G5Rt9C6kUyRL79DfqJ9eYsdxqsyOK7Nq8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a1/05bb43-4ae8-4b6d-b46c-113ede3aff79/1/y5ocuA-2NzLlMAR6HsVSn4yLGgY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a1/05bb43-4ae8-4b6d-b46c-113ede3aff79/1/y5ocuA-2NzLlMAR6HsVSn4yLGgY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/y5ocuA-2NzLlMAR6HsVSn4yLGgY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 03:01:14 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fa:69:fe:e5:0e:fc:cd:d4:1a:20:8f:69:68:b9:a0:c9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cb9a1cb80fb63732e530047a1ec5529f8c8b1a06
        Validity
            Not Before: Oct 19 03:01:14 2025 GMT
            Not After : Oct 20 03:01:14 2025 GMT
        Subject: CN=d055615589b1c14d6069cefa426ae4c214ebf194
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:91:d0:cd:33:82:cb:3b:f3:f5:2c:e3:9d:88:
                    81:6a:d4:42:4c:55:d8:eb:c8:b8:e4:40:a4:dd:d3:
                    3f:48:56:62:df:31:68:d1:4c:d6:f1:88:a7:a6:27:
                    d4:e3:ce:3a:b0:2c:43:86:46:a2:97:5e:b7:21:2c:
                    07:a1:c3:b2:5f:07:50:74:de:92:f2:84:48:85:ae:
                    49:05:41:a9:a4:b0:76:60:3f:23:06:8a:ae:65:55:
                    f8:c6:e7:e4:eb:09:b4:17:8c:b9:90:11:16:2e:95:
                    80:f6:99:bc:2f:0a:08:20:a2:87:d3:f5:55:47:e4:
                    cb:65:9f:62:46:ae:80:77:35:3b:ec:ac:23:c5:cb:
                    10:b9:3b:a7:24:86:fe:66:db:4a:fd:97:4c:02:07:
                    33:15:f1:c6:5d:38:8c:9d:8a:23:e6:54:8c:c6:ec:
                    16:e3:04:bf:1a:5a:dd:a7:2b:13:bb:67:d1:c1:75:
                    8f:c5:7d:fe:94:63:f6:e7:00:0a:ee:9a:68:c5:73:
                    26:f2:f5:48:8b:e5:73:f4:61:ab:28:de:6b:97:e5:
                    fd:74:b5:2a:27:07:8a:20:75:b8:4d:a4:0a:c0:12:
                    9d:17:82:5b:6a:2b:69:36:94:44:dc:d4:5e:99:93:
                    3e:b1:e8:4e:10:80:ae:3d:28:07:07:9a:54:7a:6c:
                    32:b7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D0:55:61:55:89:B1:C1:4D:60:69:CE:FA:42:6A:E4:C2:14:EB:F1:94
            X509v3 Authority Key Identifier:
                keyid:CB:9A:1C:B8:0F:B6:37:32:E5:30:04:7A:1E:C5:52:9F:8C:8B:1A:06

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/y5ocuA-2NzLlMAR6HsVSn4yLGgY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/05bb43-4ae8-4b6d-b46c-113ede3aff79/1/y5ocuA-2NzLlMAR6HsVSn4yLGgY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/05bb43-4ae8-4b6d-b46c-113ede3aff79/1/y5ocuA-2NzLlMAR6HsVSn4yLGgY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         9e:68:f5:61:7a:7e:b8:1a:ab:77:42:a3:bf:68:32:b0:2c:38:
         06:6a:4a:2c:08:fa:d0:1b:1b:48:b4:c9:e8:34:e8:b8:03:2d:
         51:60:07:cf:9c:1b:b1:8c:08:73:6d:fb:f2:53:f8:59:bd:98:
         ae:ec:6f:7c:9c:ae:7c:62:73:4f:4a:e7:0b:d9:a6:9f:10:de:
         45:ba:91:ed:ca:84:27:fe:d6:66:d0:99:6e:97:df:f9:32:e8:
         19:b6:36:52:03:3f:0c:18:ce:a7:eb:f7:34:7e:f2:d5:45:3b:
         50:b1:15:45:ba:3f:85:b5:e3:e8:8f:b2:77:0e:92:75:66:f1:
         51:36:e9:8c:8a:94:92:ac:4d:f0:45:79:12:5b:e8:d6:ed:35:
         a0:a6:dd:6b:43:2a:9d:4d:03:3f:fb:f5:0d:a3:70:ea:a3:17:
         da:d7:67:a9:6a:4c:57:04:7e:4b:19:a0:52:4a:75:45:52:29:
         54:4f:01:5a:92:0f:09:0a:fc:27:f7:6b:33:14:1c:2d:62:50:
         51:a6:4c:d0:c9:6e:ea:18:7c:2a:9c:fd:a6:d9:65:71:b8:96:
         58:f0:24:12:63:07:69:ec:16:c6:20:70:1f:c6:4c:a8:45:b6:
         fc:85:36:ed:ff:91:87:83:35:6d:45:73:0a:af:6f:6d:4a:06:
         a9:1c:4e:2f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn6af7lDvzN1Bogj2louaDJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNiOWExY2I4MGZiNjM3MzJlNTMwMDQ3YTFlYzU1MjlmOGM4
YjFhMDYwHhcNMjUxMDE5MDMwMTE0WhcNMjUxMDIwMDMwMTE0WjAzMTEwLwYDVQQD
EyhkMDU1NjE1NTg5YjFjMTRkNjA2OWNlZmE0MjZhZTRjMjE0ZWJmMTk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr5HQzTOCyzvz9SzjnYiBatRCTFXY
68i45ECk3dM/SFZi3zFo0UzW8YinpifU4846sCxDhkail163ISwHocOyXwdQdN6S
8oRIha5JBUGppLB2YD8jBoquZVX4xufk6wm0F4y5kBEWLpWA9pm8LwoIIKKH0/VV
R+TLZZ9iRq6AdzU77KwjxcsQuTunJIb+ZttK/ZdMAgczFfHGXTiMnYoj5lSMxuwW
4wS/GlrdpysTu2fRwXWPxX3+lGP25wAK7ppoxXMm8vVIi+Vz9GGrKN5rl+X9dLUq
JweKIHW4TaQKwBKdF4JbaitpNpRE3NRemZM+sehOEICuPSgHB5pUemwytwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNBVYVWJscFNYGnO+kJq5MIU6/GUMB8GA1UdIwQY
MBaAFMuaHLgPtjcy5TAEeh7FUp+MixoGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveTVvY3VBLTJOekxsTUFSNkhzVlNuNHlMR2dZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMS8wNWJiNDMtNGFlOC00YjZkLWI0NmMt
MTEzZWRlM2FmZjc5LzEveTVvY3VBLTJOekxsTUFSNkhzVlNuNHlMR2dZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMS8wNWJiNDMtNGFlOC00YjZkLWI0NmMtMTEzZWRlM2FmZjc5
LzEveTVvY3VBLTJOekxsTUFSNkhzVlNuNHlMR2dZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAnmj1YXp+
uBqrd0Kjv2gysCw4BmpKLAj60BsbSLTJ6DTouAMtUWAHz5wbsYwIc2378lP4Wb2Y
ruxvfJyufGJzT0rnC9mmnxDeRbqR7cqEJ/7WZtCZbpff+TLoGbY2UgM/DBjOp+v3
NH7y1UU7ULEVRbo/hbXj6I+ydw6SdWbxUTbpjIqUkqxN8EV5Elvo1u01oKbda0Mq
nU0DP/v1DaNw6qMX2tdnqWpMVwR+SxmgUkp1RVIpVE8BWpIPCQr8J/drMxQcLWJQ
UaZM0Mlu6hh8Kpz9ptllcbiWWPAkEmMHaewWxiBwH8ZMqEW2/IU27f+Rh4M1bUVz
Cq9vbUoGqRxOLw==
-----END CERTIFICATE-----
Generated at Sun Oct 19 13:06:28 2025 by rpki-client