Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/9292c9-24ab-4dbf-bebe-8963d5271f9c/1/bA0n8NEw_uZ9gtWYL3yTT4eRzfA.mft
File:                     bA0n8NEw_uZ9gtWYL3yTT4eRzfA.mft (raw, json)
Hash identifier:          KNLLmr6tBvcdO1azAXq0ApBrg+OtYsBqw0/zg2jq19w=
Subject key identifier:   95:72:E8:4D:EA:1E:0D:83:EA:97:1E:B8:3B:0A:29:A7:D9:0E:4C:8C
Authority key identifier: 6C:0D:27:F0:D1:30:FE:E6:7D:82:D5:98:2F:7C:93:4F:87:91:CD:F0
Certificate issuer:       /CN=6c0d27f0d130fee67d82d5982f7c934f8791cdf0
Certificate serial:       0199FB7CE47B0479CD1A0BA1DADDE0707DA5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/bA0n8NEw_uZ9gtWYL3yTT4eRzfA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a2/9292c9-24ab-4dbf-bebe-8963d5271f9c/1/bA0n8NEw_uZ9gtWYL3yTT4eRzfA.mft
Manifest number:          0104
Signing time:             Sun 19 Oct 2025 08:01:30 +0000
Manifest this update:     Sun 19 Oct 2025 08:01:30 +0000
Manifest next update:     Mon 20 Oct 2025 08:01:30 +0000
Files and hashes:         1: bA0n8NEw_uZ9gtWYL3yTT4eRzfA.crl (hash: go2bIpOBZ9ITpzbUp44JhljdJt3vsUpp1A8RhXYPpxc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a2/9292c9-24ab-4dbf-bebe-8963d5271f9c/1/bA0n8NEw_uZ9gtWYL3yTT4eRzfA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a2/9292c9-24ab-4dbf-bebe-8963d5271f9c/1/bA0n8NEw_uZ9gtWYL3yTT4eRzfA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/bA0n8NEw_uZ9gtWYL3yTT4eRzfA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 06:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fb:7c:e4:7b:04:79:cd:1a:0b:a1:da:dd:e0:70:7d:a5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6c0d27f0d130fee67d82d5982f7c934f8791cdf0
        Validity
            Not Before: Oct 19 08:01:30 2025 GMT
            Not After : Oct 20 08:01:30 2025 GMT
        Subject: CN=9572e84dea1e0d83ea971eb83b0a29a7d90e4c8c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:da:4b:9b:8e:ed:d7:5f:7e:62:e3:bc:2b:76:99:
                    ce:97:9a:88:06:36:96:27:6d:85:c4:a4:3c:d0:7e:
                    61:7a:35:2f:55:8c:f3:1b:db:78:26:3b:73:b5:8d:
                    79:78:ec:d2:b1:3f:fe:99:51:a4:d8:e6:0f:46:3c:
                    e7:b0:58:9b:33:83:42:57:c7:6b:fd:a2:d3:de:76:
                    c0:f1:b3:44:60:bf:ea:bf:a8:f1:7b:dc:68:f0:68:
                    08:8e:85:93:ba:ae:79:cb:a3:0f:7a:2f:3d:50:de:
                    88:0c:2e:46:40:80:6e:fb:ab:a8:2c:2c:8b:62:47:
                    be:a4:07:22:3e:3e:c0:8e:14:2a:61:6c:2e:6f:b2:
                    48:ed:85:81:d7:e8:83:5d:a5:4a:83:6d:ad:4a:73:
                    9e:3f:d4:f6:fc:34:4c:a4:19:66:98:04:29:c2:46:
                    8c:99:0e:de:5c:de:9f:b1:97:84:7a:2a:83:0c:51:
                    d3:76:b4:b0:c8:12:f8:2a:f4:b9:8e:01:a9:84:e5:
                    2d:ed:7a:7c:41:bb:af:fb:d5:41:84:7a:7a:45:ad:
                    5f:e6:c5:cc:04:17:02:b3:d0:bc:8e:ed:99:aa:24:
                    fd:cf:7c:d0:0d:61:10:59:88:0a:e7:56:b1:b1:4b:
                    0e:cf:04:52:8f:9a:bf:36:e1:47:80:3e:ce:ab:48:
                    16:51
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                95:72:E8:4D:EA:1E:0D:83:EA:97:1E:B8:3B:0A:29:A7:D9:0E:4C:8C
            X509v3 Authority Key Identifier:
                keyid:6C:0D:27:F0:D1:30:FE:E6:7D:82:D5:98:2F:7C:93:4F:87:91:CD:F0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bA0n8NEw_uZ9gtWYL3yTT4eRzfA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/9292c9-24ab-4dbf-bebe-8963d5271f9c/1/bA0n8NEw_uZ9gtWYL3yTT4eRzfA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/9292c9-24ab-4dbf-bebe-8963d5271f9c/1/bA0n8NEw_uZ9gtWYL3yTT4eRzfA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         92:2d:22:e2:c8:b9:66:3a:8c:f3:b7:7c:42:d0:0d:c1:38:4a:
         fd:bf:7c:63:bb:50:45:fb:de:ec:09:9b:be:86:e9:00:e8:bf:
         11:2f:bf:7f:4f:be:bd:7a:eb:52:a1:1e:44:89:af:b6:f1:08:
         6b:ea:ea:0c:45:b4:e6:31:7c:34:ce:52:7b:89:56:93:b8:3a:
         96:e9:a3:16:35:51:48:00:57:e2:4d:e7:e4:9b:ff:d8:cb:0a:
         96:42:2c:3d:a7:88:64:7f:59:97:42:5c:66:65:cd:6b:3e:7e:
         ce:8e:8a:fa:fa:a4:c9:61:27:fc:42:25:4c:2f:fd:31:cc:0d:
         55:89:fc:e8:22:db:60:11:10:e1:b2:33:1d:92:d8:6f:e9:0c:
         d5:63:dd:f5:89:00:c6:eb:60:90:9a:19:9a:c3:ef:24:37:23:
         e8:9f:58:ca:d7:d9:23:e4:60:5c:34:04:5a:21:fc:60:a9:88:
         84:fa:46:35:4e:f6:83:36:e9:d0:20:de:ba:db:e1:ab:fb:84:
         41:06:68:38:9d:6b:32:a8:06:5a:59:b5:a5:0a:1a:5b:dd:0f:
         be:26:19:52:ea:1d:4e:f3:cf:1b:13:e9:93:26:c5:a7:08:da:
         7e:4e:c0:99:ad:37:fc:a6:3a:f0:b4:5c:29:e1:fd:4d:5e:e8:
         1f:87:e6:d2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn7fOR7BHnNGguh2t3gcH2lMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjMGQyN2YwZDEzMGZlZTY3ZDgyZDU5ODJmN2M5MzRmODc5
MWNkZjAwHhcNMjUxMDE5MDgwMTMwWhcNMjUxMDIwMDgwMTMwWjAzMTEwLwYDVQQD
Eyg5NTcyZTg0ZGVhMWUwZDgzZWE5NzFlYjgzYjBhMjlhN2Q5MGU0YzhjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2kubju3XX35i47wrdpnOl5qIBjaW
J22FxKQ80H5hejUvVYzzG9t4JjtztY15eOzSsT/+mVGk2OYPRjznsFibM4NCV8dr
/aLT3nbA8bNEYL/qv6jxe9xo8GgIjoWTuq55y6MPei89UN6IDC5GQIBu+6uoLCyL
Yke+pAciPj7AjhQqYWwub7JI7YWB1+iDXaVKg22tSnOeP9T2/DRMpBlmmAQpwkaM
mQ7eXN6fsZeEeiqDDFHTdrSwyBL4KvS5jgGphOUt7Xp8Qbuv+9VBhHp6Ra1f5sXM
BBcCs9C8ju2ZqiT9z3zQDWEQWYgK51axsUsOzwRSj5q/NuFHgD7Oq0gWUQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJVy6E3qHg2D6pceuDsKKafZDkyMMB8GA1UdIwQY
MBaAFGwNJ/DRMP7mfYLVmC98k0+Hkc3wMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYkEwbjhORXdfdVo5Z3RXWUwzeVRUNGVSemZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi85MjkyYzktMjRhYi00ZGJmLWJlYmUt
ODk2M2Q1MjcxZjljLzEvYkEwbjhORXdfdVo5Z3RXWUwzeVRUNGVSemZBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMi85MjkyYzktMjRhYi00ZGJmLWJlYmUtODk2M2Q1MjcxZjlj
LzEvYkEwbjhORXdfdVo5Z3RXWUwzeVRUNGVSemZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAki0i4si5
ZjqM87d8QtANwThK/b98Y7tQRfve7AmbvobpAOi/ES+/f0++vXrrUqEeRImvtvEI
a+rqDEW05jF8NM5Se4lWk7g6lumjFjVRSABX4k3n5Jv/2MsKlkIsPaeIZH9Zl0Jc
ZmXNaz5+zo6K+vqkyWEn/EIlTC/9McwNVYn86CLbYBEQ4bIzHZLYb+kM1WPd9YkA
xutgkJoZmsPvJDcj6J9YytfZI+RgXDQEWiH8YKmIhPpGNU72gzbp0CDeutvhq/uE
QQZoOJ1rMqgGWlm1pQoaW90PviYZUuodTvPPGxPpkybFpwjafk7Ama03/KY68LRc
KeH9TV7oH4fm0g==
-----END CERTIFICATE-----
Generated at Sun Oct 19 15:18:55 2025 by rpki-client