Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/017147-a6c1-4f48-a5d9-2cde4045c42a/1/oWkKV2UZ54d6ZAis325pu4RyqhU.mft
File:                     oWkKV2UZ54d6ZAis325pu4RyqhU.mft (raw, json)
Hash identifier:          ulH6lU8CBnMzVMMYsB4Ga2LzImslA2mNP9gcIXu8dnE=
Subject key identifier:   4D:B8:6A:65:E2:27:BA:A6:DB:AC:03:C1:44:56:78:B6:B2:8C:19:29
Authority key identifier: A1:69:0A:57:65:19:E7:87:7A:64:08:AC:DF:6E:69:BB:84:72:AA:15
Certificate issuer:       /CN=a1690a576519e7877a6408acdf6e69bb8472aa15
Certificate serial:       0199FC8F9DCFB8049F61DA2E7DBD90EC3139
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/oWkKV2UZ54d6ZAis325pu4RyqhU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/aa/017147-a6c1-4f48-a5d9-2cde4045c42a/1/oWkKV2UZ54d6ZAis325pu4RyqhU.mft
Manifest number:          05D4
Signing time:             Sun 19 Oct 2025 13:01:34 +0000
Manifest this update:     Sun 19 Oct 2025 13:01:34 +0000
Manifest next update:     Mon 20 Oct 2025 13:01:34 +0000
Files and hashes:         1: oWkKV2UZ54d6ZAis325pu4RyqhU.crl (hash: hRBHD0Zb6oYZju3syr6BmENLorrlz+EWXerPiRg64xs=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/aa/017147-a6c1-4f48-a5d9-2cde4045c42a/1/oWkKV2UZ54d6ZAis325pu4RyqhU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/aa/017147-a6c1-4f48-a5d9-2cde4045c42a/1/oWkKV2UZ54d6ZAis325pu4RyqhU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/oWkKV2UZ54d6ZAis325pu4RyqhU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 06:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fc:8f:9d:cf:b8:04:9f:61:da:2e:7d:bd:90:ec:31:39
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a1690a576519e7877a6408acdf6e69bb8472aa15
        Validity
            Not Before: Oct 19 13:01:34 2025 GMT
            Not After : Oct 20 13:01:34 2025 GMT
        Subject: CN=4db86a65e227baa6dbac03c1445678b6b28c1929
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:92:7d:ee:95:e0:da:30:5a:fd:a2:3d:8d:2f:
                    3a:3e:68:b4:6e:e5:5e:b3:49:8a:55:b3:90:51:eb:
                    10:ab:07:68:69:9c:9b:71:6a:c5:a2:fc:29:6d:bc:
                    2f:66:3c:86:a6:81:0d:61:ee:e5:d8:88:f9:55:46:
                    d3:dc:f6:10:76:35:50:6d:fc:5f:99:06:fb:bd:65:
                    67:fb:db:0e:25:9f:3a:82:ef:74:6e:bb:3c:7d:c2:
                    95:a7:14:1a:d2:61:f0:d2:dc:38:09:43:3a:7e:0e:
                    e0:eb:79:72:18:a3:a2:90:3a:89:01:8e:19:97:c5:
                    37:4a:67:76:a9:89:b0:a3:45:94:4e:a1:f2:14:ab:
                    84:05:56:93:68:7e:40:76:28:b5:70:0b:b6:8f:31:
                    46:5e:a3:86:56:47:83:7e:89:97:fd:5d:85:02:df:
                    7a:c3:69:ce:c5:de:39:d2:17:8c:8a:46:b1:34:a3:
                    68:ff:ec:ae:d0:06:2d:3f:0f:54:3c:33:ee:8e:d8:
                    12:fb:c8:ea:a5:84:69:9b:3f:39:c7:26:7b:56:ee:
                    be:45:d8:36:b0:2c:ca:89:84:2f:57:f1:76:28:ed:
                    7f:a7:57:8b:39:4c:36:d3:86:9f:43:4d:6e:a3:e2:
                    53:78:bb:52:cf:55:7d:4d:03:36:82:42:d5:4d:17:
                    a7:6b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4D:B8:6A:65:E2:27:BA:A6:DB:AC:03:C1:44:56:78:B6:B2:8C:19:29
            X509v3 Authority Key Identifier:
                keyid:A1:69:0A:57:65:19:E7:87:7A:64:08:AC:DF:6E:69:BB:84:72:AA:15

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oWkKV2UZ54d6ZAis325pu4RyqhU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/017147-a6c1-4f48-a5d9-2cde4045c42a/1/oWkKV2UZ54d6ZAis325pu4RyqhU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/017147-a6c1-4f48-a5d9-2cde4045c42a/1/oWkKV2UZ54d6ZAis325pu4RyqhU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         43:4f:cb:f3:39:a2:11:e4:cb:10:ad:c6:bf:c9:de:32:43:15:
         42:46:11:c6:92:7c:5b:3c:fe:b7:ff:f3:d8:38:db:41:c0:da:
         59:54:75:94:73:e7:08:c5:26:e1:2c:19:3b:75:24:dd:a2:2b:
         62:95:6c:03:f2:01:20:84:66:86:3b:48:0c:50:67:ad:c2:32:
         b0:c5:b1:07:11:c6:86:0f:a3:b5:da:0e:d4:5f:45:31:df:b0:
         48:d7:16:67:4f:7f:3d:e0:e2:d7:82:0b:66:84:b4:da:2a:9f:
         27:ce:d0:d5:5a:2e:bc:52:b9:26:d4:2c:77:9b:cf:3d:95:65:
         70:04:97:9a:70:93:12:03:36:fa:02:ad:90:df:d1:f0:99:50:
         b5:da:50:0b:8b:3d:1c:8a:e9:77:8b:fa:61:15:f4:a0:68:97:
         58:43:c7:31:60:08:34:2c:25:a2:66:0b:a1:d2:ce:7c:91:36:
         5a:38:02:d5:00:0a:00:15:a8:c9:56:42:01:d9:e0:e3:8b:4b:
         7e:38:cc:b2:90:91:61:c4:44:ad:48:b9:43:fb:76:c3:f4:fa:
         d4:9f:a5:73:3f:56:83:1d:15:e0:9f:71:55:02:20:ef:ce:f8:
         4e:ba:6d:4f:69:96:61:8c:69:ff:fb:0a:41:29:bc:dc:de:5f:
         e6:8c:d7:b3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn8j53PuASfYdoufb2Q7DE5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGExNjkwYTU3NjUxOWU3ODc3YTY0MDhhY2RmNmU2OWJiODQ3
MmFhMTUwHhcNMjUxMDE5MTMwMTM0WhcNMjUxMDIwMTMwMTM0WjAzMTEwLwYDVQQD
Eyg0ZGI4NmE2NWUyMjdiYWE2ZGJhYzAzYzE0NDU2NzhiNmIyOGMxOTI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt5J97pXg2jBa/aI9jS86Pmi0buVe
s0mKVbOQUesQqwdoaZybcWrFovwpbbwvZjyGpoENYe7l2Ij5VUbT3PYQdjVQbfxf
mQb7vWVn+9sOJZ86gu90brs8fcKVpxQa0mHw0tw4CUM6fg7g63lyGKOikDqJAY4Z
l8U3Smd2qYmwo0WUTqHyFKuEBVaTaH5Adii1cAu2jzFGXqOGVkeDfomX/V2FAt96
w2nOxd450heMikaxNKNo/+yu0AYtPw9UPDPujtgS+8jqpYRpmz85xyZ7Vu6+Rdg2
sCzKiYQvV/F2KO1/p1eLOUw204afQ01uo+JTeLtSz1V9TQM2gkLVTRenawIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFE24amXiJ7qm26wDwURWeLayjBkpMB8GA1UdIwQY
MBaAFKFpCldlGeeHemQIrN9uabuEcqoVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb1drS1YyVVo1NGQ2WkFpczMyNXB1NFJ5cWhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS8wMTcxNDctYTZjMS00ZjQ4LWE1ZDkt
MmNkZTQwNDVjNDJhLzEvb1drS1YyVVo1NGQ2WkFpczMyNXB1NFJ5cWhVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYS8wMTcxNDctYTZjMS00ZjQ4LWE1ZDktMmNkZTQwNDVjNDJh
LzEvb1drS1YyVVo1NGQ2WkFpczMyNXB1NFJ5cWhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQ0/L8zmi
EeTLEK3Gv8neMkMVQkYRxpJ8Wzz+t//z2DjbQcDaWVR1lHPnCMUm4SwZO3Uk3aIr
YpVsA/IBIIRmhjtIDFBnrcIysMWxBxHGhg+jtdoO1F9FMd+wSNcWZ09/PeDi14IL
ZoS02iqfJ87Q1VouvFK5JtQsd5vPPZVlcASXmnCTEgM2+gKtkN/R8JlQtdpQC4s9
HIrpd4v6YRX0oGiXWEPHMWAINCwlomYLodLOfJE2WjgC1QAKABWoyVZCAdng44tL
fjjMspCRYcRErUi5Q/t2w/T61J+lcz9Wgx0V4J9xVQIg7874TrptT2mWYYxp//sK
QSm83N5f5ozXsw==
-----END CERTIFICATE-----
Generated at Sun Oct 19 15:14:15 2025 by rpki-client