Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/52ebd9-7d5b-452a-8f4f-e23497393b8f/1/5pgECu2WLzBoge6mVTBA-5ptNMk.mft
File:                     5pgECu2WLzBoge6mVTBA-5ptNMk.mft (raw, json)
Hash identifier:          X6JIWUQEtZ+RH9y3OYetcPoN3WSFu0GjYg8HgIJgsag=
Subject key identifier:   CC:AE:F7:23:8D:E5:DE:83:44:2A:38:4B:D2:47:13:98:11:52:65:5B
Authority key identifier: E6:98:04:0A:ED:96:2F:30:68:81:EE:A6:55:30:40:FB:9A:6D:34:C9
Certificate issuer:       /CN=e698040aed962f306881eea6553040fb9a6d34c9
Certificate serial:       0199FC58373BFE97A2914781393BD2E8354B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/5pgECu2WLzBoge6mVTBA-5ptNMk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/aa/52ebd9-7d5b-452a-8f4f-e23497393b8f/1/5pgECu2WLzBoge6mVTBA-5ptNMk.mft
Manifest number:          0586
Signing time:             Sun 19 Oct 2025 12:01:03 +0000
Manifest this update:     Sun 19 Oct 2025 12:01:03 +0000
Manifest next update:     Mon 20 Oct 2025 12:01:03 +0000
Files and hashes:         1: 5pgECu2WLzBoge6mVTBA-5ptNMk.crl (hash: xid3EH2ABWze7PJWg4/BcI2dqJdq8c4FxTgnu6C5bLE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/aa/52ebd9-7d5b-452a-8f4f-e23497393b8f/1/5pgECu2WLzBoge6mVTBA-5ptNMk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/aa/52ebd9-7d5b-452a-8f4f-e23497393b8f/1/5pgECu2WLzBoge6mVTBA-5ptNMk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/5pgECu2WLzBoge6mVTBA-5ptNMk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 06:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fc:58:37:3b:fe:97:a2:91:47:81:39:3b:d2:e8:35:4b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e698040aed962f306881eea6553040fb9a6d34c9
        Validity
            Not Before: Oct 19 12:01:03 2025 GMT
            Not After : Oct 20 12:01:03 2025 GMT
        Subject: CN=ccaef7238de5de83442a384bd24713981152655b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:84:46:4e:24:e9:3f:bc:7f:2c:4f:44:80:5f:1e:
                    39:e1:e3:b6:27:37:f7:6c:be:9e:b5:6b:ad:87:fa:
                    4c:59:a6:19:93:bf:84:51:a4:5e:2d:da:ad:a9:0b:
                    bb:08:1b:5b:12:4b:4e:43:34:dd:99:fa:7d:6f:f1:
                    db:6a:01:b2:d9:db:02:b2:7a:be:59:7a:bc:6e:b8:
                    02:99:a5:f3:cc:8b:20:9c:a8:a9:9e:36:9e:4d:dc:
                    f4:0d:f5:30:2b:8f:1e:2c:c0:06:a5:d3:ba:97:9c:
                    9f:c4:6c:d0:f0:b4:8c:d6:99:51:13:70:94:5e:70:
                    71:b4:70:a8:00:c4:36:dd:0d:6d:ea:59:c9:06:e9:
                    93:f0:ee:fb:8e:a1:c3:55:16:86:27:fc:7c:83:3f:
                    3d:e9:e5:88:36:fa:82:59:b7:0f:74:08:72:97:60:
                    07:66:48:e8:6c:a4:31:e9:6e:dd:30:ba:97:df:34:
                    3e:61:fb:f6:4a:b2:a9:bc:e8:b9:98:c3:02:b7:95:
                    2a:ef:2a:65:e4:94:55:b1:5a:06:47:3a:e4:97:eb:
                    f7:a8:05:48:6b:15:3f:21:19:f4:48:bc:8a:f7:57:
                    6a:29:47:c7:9a:bf:42:40:04:f7:b7:dc:e9:62:46:
                    ed:a5:f9:d8:16:16:f0:77:03:a0:e8:c8:82:3a:88:
                    d5:6d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CC:AE:F7:23:8D:E5:DE:83:44:2A:38:4B:D2:47:13:98:11:52:65:5B
            X509v3 Authority Key Identifier:
                keyid:E6:98:04:0A:ED:96:2F:30:68:81:EE:A6:55:30:40:FB:9A:6D:34:C9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5pgECu2WLzBoge6mVTBA-5ptNMk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/52ebd9-7d5b-452a-8f4f-e23497393b8f/1/5pgECu2WLzBoge6mVTBA-5ptNMk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/52ebd9-7d5b-452a-8f4f-e23497393b8f/1/5pgECu2WLzBoge6mVTBA-5ptNMk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a4:3e:bf:03:02:19:2a:fa:a8:f3:66:1d:fd:2d:6d:1a:dd:ce:
         c2:79:a4:98:ba:74:dd:80:fc:55:04:dc:d2:25:b3:dd:3c:aa:
         ec:a6:42:23:6c:be:ba:d8:b2:8f:2b:8d:2b:5b:eb:8b:8d:50:
         7c:58:8c:5a:76:41:97:b0:b0:b0:c6:8e:98:28:59:82:63:9b:
         e4:62:81:7b:5d:73:44:41:82:f4:70:f3:c8:51:b2:47:c5:0c:
         36:87:f1:e8:19:c2:e5:b1:60:34:ab:d3:43:5d:00:a4:b4:e1:
         11:dc:2e:5b:45:7a:0f:43:be:08:fb:5a:32:ed:bb:78:41:09:
         87:49:c1:fd:0e:f8:b9:c1:6b:89:0b:84:ed:2b:28:ba:66:52:
         ab:36:5d:05:f5:e0:c5:eb:87:a9:34:27:7f:17:5f:d9:86:2b:
         be:34:04:0c:28:85:6a:91:00:6d:84:1b:c5:bc:34:6e:2c:62:
         dd:13:d2:4f:ba:66:c2:e9:f4:d6:46:9d:a2:bf:4f:8e:5f:50:
         0e:b4:51:3e:d4:84:44:c4:cf:57:24:89:6f:22:f1:7a:0a:7f:
         0b:ed:81:45:7a:6e:fe:c2:d0:f1:ee:a5:1d:cb:5d:79:f8:84:
         99:fb:c5:52:0e:40:d1:2f:87:20:cf:7d:0f:7e:ad:33:d9:37:
         e9:f9:59:29
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn8WDc7/peikUeBOTvS6DVLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU2OTgwNDBhZWQ5NjJmMzA2ODgxZWVhNjU1MzA0MGZiOWE2
ZDM0YzkwHhcNMjUxMDE5MTIwMTAzWhcNMjUxMDIwMTIwMTAzWjAzMTEwLwYDVQQD
EyhjY2FlZjcyMzhkZTVkZTgzNDQyYTM4NGJkMjQ3MTM5ODExNTI2NTViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhEZOJOk/vH8sT0SAXx454eO2Jzf3
bL6etWuth/pMWaYZk7+EUaReLdqtqQu7CBtbEktOQzTdmfp9b/HbagGy2dsCsnq+
WXq8brgCmaXzzIsgnKipnjaeTdz0DfUwK48eLMAGpdO6l5yfxGzQ8LSM1plRE3CU
XnBxtHCoAMQ23Q1t6lnJBumT8O77jqHDVRaGJ/x8gz896eWINvqCWbcPdAhyl2AH
ZkjobKQx6W7dMLqX3zQ+Yfv2SrKpvOi5mMMCt5Uq7ypl5JRVsVoGRzrkl+v3qAVI
axU/IRn0SLyK91dqKUfHmr9CQAT3t9zpYkbtpfnYFhbwdwOg6MiCOojVbQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMyu9yON5d6DRCo4S9JHE5gRUmVbMB8GA1UdIwQY
MBaAFOaYBArtli8waIHuplUwQPuabTTJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNXBnRUN1MldMekJvZ2U2bVZUQkEtNXB0Tk1rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS81MmViZDktN2Q1Yi00NTJhLThmNGYt
ZTIzNDk3MzkzYjhmLzEvNXBnRUN1MldMekJvZ2U2bVZUQkEtNXB0Tk1rLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYS81MmViZDktN2Q1Yi00NTJhLThmNGYtZTIzNDk3MzkzYjhm
LzEvNXBnRUN1MldMekJvZ2U2bVZUQkEtNXB0Tk1rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEApD6/AwIZ
Kvqo82Yd/S1tGt3OwnmkmLp03YD8VQTc0iWz3Tyq7KZCI2y+utiyjyuNK1vri41Q
fFiMWnZBl7CwsMaOmChZgmOb5GKBe11zREGC9HDzyFGyR8UMNofx6BnC5bFgNKvT
Q10ApLThEdwuW0V6D0O+CPtaMu27eEEJh0nB/Q74ucFriQuE7SsoumZSqzZdBfXg
xeuHqTQnfxdf2YYrvjQEDCiFapEAbYQbxbw0bixi3RPST7pmwun01kador9Pjl9Q
DrRRPtSERMTPVySJbyLxegp/C+2BRXpu/sLQ8e6lHctdefiEmfvFUg5A0S+HIM99
D36tM9k36flZKQ==
-----END CERTIFICATE-----
Generated at Sun Oct 19 15:19:28 2025 by rpki-client