Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/6fda1d-b96b-4cf9-bb68-3fbdd9dbbd92/1/xsAMVTpU2gW5NjWmVMraA8bZ3ys.mft
File:                     xsAMVTpU2gW5NjWmVMraA8bZ3ys.mft (raw, json)
Hash identifier:          pit6CNqPeEF+v8dz53l1k0YH11kbdbacUBifKYFGn6U=
Subject key identifier:   F6:7F:FD:2B:87:7A:A6:14:96:D3:F6:2E:C4:27:D6:D4:2E:DC:D0:E6
Authority key identifier: C6:C0:0C:55:3A:54:DA:05:B9:36:35:A6:54:CA:DA:03:C6:D9:DF:2B
Certificate issuer:       /CN=c6c00c553a54da05b93635a654cada03c6d9df2b
Certificate serial:       0199FB45AF0CC88A9985E1F6FA424E5D8488
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/xsAMVTpU2gW5NjWmVMraA8bZ3ys.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a9/6fda1d-b96b-4cf9-bb68-3fbdd9dbbd92/1/xsAMVTpU2gW5NjWmVMraA8bZ3ys.mft
Manifest number:          07B3
Signing time:             Sun 19 Oct 2025 07:01:11 +0000
Manifest this update:     Sun 19 Oct 2025 07:01:11 +0000
Manifest next update:     Mon 20 Oct 2025 07:01:11 +0000
Files and hashes:         1: xsAMVTpU2gW5NjWmVMraA8bZ3ys.crl (hash: aiq7etolb+ZXcpAowzYDdu5hNZa9Omm8zpByKnGOp2Q=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a9/6fda1d-b96b-4cf9-bb68-3fbdd9dbbd92/1/xsAMVTpU2gW5NjWmVMraA8bZ3ys.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a9/6fda1d-b96b-4cf9-bb68-3fbdd9dbbd92/1/xsAMVTpU2gW5NjWmVMraA8bZ3ys.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/xsAMVTpU2gW5NjWmVMraA8bZ3ys.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 06:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fb:45:af:0c:c8:8a:99:85:e1:f6:fa:42:4e:5d:84:88
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c6c00c553a54da05b93635a654cada03c6d9df2b
        Validity
            Not Before: Oct 19 07:01:11 2025 GMT
            Not After : Oct 20 07:01:11 2025 GMT
        Subject: CN=f67ffd2b877aa61496d3f62ec427d6d42edcd0e6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e6:76:60:74:86:69:fe:93:2a:dd:04:bb:db:40:
                    53:5e:10:ab:d4:fe:68:96:cc:16:6d:07:b7:9f:2c:
                    8b:17:30:03:fe:dc:d4:57:b7:c1:d5:b6:c0:9c:a3:
                    43:91:40:e1:12:b7:dd:a9:42:b7:7b:5d:ea:a4:a3:
                    5a:eb:a1:48:5f:fe:86:90:e1:8e:f4:db:a0:10:56:
                    88:8a:26:3a:a3:a3:72:0c:e4:c9:f2:a6:d3:76:e7:
                    ed:f1:94:19:f7:10:7d:50:4b:15:b2:e7:6b:6b:ae:
                    fe:bd:4b:fc:9b:22:29:65:7f:97:d4:a9:82:83:9b:
                    28:ea:c4:5d:b0:52:0b:d4:50:e0:21:a7:4c:e7:c7:
                    53:b7:7d:57:c1:76:16:e9:9d:20:2e:69:96:2c:18:
                    44:ac:e7:19:04:f0:18:72:b0:83:8e:c2:ea:bf:79:
                    e5:f4:90:de:99:92:be:bf:50:af:c7:b1:97:69:81:
                    5c:ad:a4:d5:a8:67:ff:d5:cc:f0:28:16:2f:df:ae:
                    8b:68:23:38:8c:8d:8f:49:09:ec:9f:85:bc:1d:b9:
                    3b:c6:ac:85:ca:1f:67:67:61:97:4c:57:85:2c:93:
                    9a:d6:1f:74:a5:0b:fd:60:80:60:f7:84:2e:36:bd:
                    9d:34:00:c1:29:95:08:ce:f9:fc:00:6a:e5:7d:02:
                    b8:b1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F6:7F:FD:2B:87:7A:A6:14:96:D3:F6:2E:C4:27:D6:D4:2E:DC:D0:E6
            X509v3 Authority Key Identifier:
                keyid:C6:C0:0C:55:3A:54:DA:05:B9:36:35:A6:54:CA:DA:03:C6:D9:DF:2B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xsAMVTpU2gW5NjWmVMraA8bZ3ys.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/6fda1d-b96b-4cf9-bb68-3fbdd9dbbd92/1/xsAMVTpU2gW5NjWmVMraA8bZ3ys.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/6fda1d-b96b-4cf9-bb68-3fbdd9dbbd92/1/xsAMVTpU2gW5NjWmVMraA8bZ3ys.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         24:f7:08:4f:2e:d6:ec:90:51:f0:ee:8c:44:03:46:7f:0b:1d:
         1f:e3:29:02:97:16:84:e3:88:89:a2:e8:6f:a3:28:f9:43:c5:
         61:6a:00:9f:f0:c1:3a:79:3c:08:b9:72:fc:95:e0:7f:98:61:
         41:a2:ee:4c:1f:f1:de:eb:4c:7b:1a:af:ab:36:e4:89:a2:a1:
         a1:6e:4e:8f:42:3e:19:85:d3:d7:81:da:df:29:6a:0b:5a:9d:
         c4:bb:3c:1d:dc:40:f9:07:81:ff:05:17:ef:37:9b:1c:29:f4:
         30:64:de:a7:88:41:99:59:6b:1c:63:d7:f5:e8:89:c2:a1:8a:
         fb:3d:2c:67:c4:25:15:aa:95:7d:6d:b7:b3:d9:71:a7:03:13:
         d3:7d:7a:05:b6:fa:44:3a:db:60:95:f6:7f:36:78:78:a8:d1:
         d6:6d:63:6a:cc:24:39:ce:8b:d6:14:45:7e:d1:70:9f:73:0c:
         1b:d2:1d:2f:58:0a:d9:d6:60:5e:68:82:ef:1c:2d:60:ff:ef:
         f3:6b:96:4a:7a:9f:a1:d4:9e:00:07:87:2d:2d:cc:42:38:72:
         26:ab:7c:4b:e3:bd:ba:31:9c:68:3c:9d:0e:42:91:3c:27:c0:
         51:4e:ef:b0:fd:da:d8:5e:40:50:47:f2:f6:ce:10:ce:af:cd:
         e1:88:2c:9c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn7Ra8MyIqZheH2+kJOXYSIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2YzAwYzU1M2E1NGRhMDViOTM2MzVhNjU0Y2FkYTAzYzZk
OWRmMmIwHhcNMjUxMDE5MDcwMTExWhcNMjUxMDIwMDcwMTExWjAzMTEwLwYDVQQD
EyhmNjdmZmQyYjg3N2FhNjE0OTZkM2Y2MmVjNDI3ZDZkNDJlZGNkMGU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5nZgdIZp/pMq3QS720BTXhCr1P5o
lswWbQe3nyyLFzAD/tzUV7fB1bbAnKNDkUDhErfdqUK3e13qpKNa66FIX/6GkOGO
9NugEFaIiiY6o6NyDOTJ8qbTduft8ZQZ9xB9UEsVsudra67+vUv8myIpZX+X1KmC
g5so6sRdsFIL1FDgIadM58dTt31XwXYW6Z0gLmmWLBhErOcZBPAYcrCDjsLqv3nl
9JDemZK+v1Cvx7GXaYFcraTVqGf/1czwKBYv366LaCM4jI2PSQnsn4W8Hbk7xqyF
yh9nZ2GXTFeFLJOa1h90pQv9YIBg94QuNr2dNADBKZUIzvn8AGrlfQK4sQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPZ//SuHeqYUltP2LsQn1tQu3NDmMB8GA1UdIwQY
MBaAFMbADFU6VNoFuTY1plTK2gPG2d8rMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveHNBTVZUcFUyZ1c1TmpXbVZNcmFBOGJaM3lzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOS82ZmRhMWQtYjk2Yi00Y2Y5LWJiNjgt
M2ZiZGQ5ZGJiZDkyLzEveHNBTVZUcFUyZ1c1TmpXbVZNcmFBOGJaM3lzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOS82ZmRhMWQtYjk2Yi00Y2Y5LWJiNjgtM2ZiZGQ5ZGJiZDky
LzEveHNBTVZUcFUyZ1c1TmpXbVZNcmFBOGJaM3lzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJPcITy7W
7JBR8O6MRANGfwsdH+MpApcWhOOIiaLob6Mo+UPFYWoAn/DBOnk8CLly/JXgf5hh
QaLuTB/x3utMexqvqzbkiaKhoW5Oj0I+GYXT14Ha3ylqC1qdxLs8HdxA+QeB/wUX
7zebHCn0MGTep4hBmVlrHGPX9eiJwqGK+z0sZ8QlFaqVfW23s9lxpwMT0316Bbb6
RDrbYJX2fzZ4eKjR1m1jaswkOc6L1hRFftFwn3MMG9IdL1gK2dZgXmiC7xwtYP/v
82uWSnqfodSeAAeHLS3MQjhyJqt8S+O9ujGcaDydDkKRPCfAUU7vsP3a2F5AUEfy
9s4Qzq/N4YgsnA==
-----END CERTIFICATE-----
Generated at Sun Oct 19 13:05:40 2025 by rpki-client