Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/b7628d-426c-4889-a00c-4f974c977945/1/6XKmwuvqRkEwcvkN1SbXjxEC9PI.mft
File:                     6XKmwuvqRkEwcvkN1SbXjxEC9PI.mft (raw, json)
Hash identifier:          FJCUgUHmYvrmasjpl7G3OabwHss5tdCqGS5lDguHzCk=
Subject key identifier:   29:0B:8B:B5:81:A1:48:17:E6:C0:95:75:68:CD:59:CC:D5:E4:10:20
Authority key identifier: E9:72:A6:C2:EB:EA:46:41:30:72:F9:0D:D5:26:D7:8F:11:02:F4:F2
Certificate issuer:       /CN=e972a6c2ebea46413072f90dd526d78f1102f4f2
Certificate serial:       0199FCC6085E3A9E2B2FF2FCD19A6F753218
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/6XKmwuvqRkEwcvkN1SbXjxEC9PI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/aa/b7628d-426c-4889-a00c-4f974c977945/1/6XKmwuvqRkEwcvkN1SbXjxEC9PI.mft
Manifest number:          07A1
Signing time:             Sun 19 Oct 2025 14:01:00 +0000
Manifest this update:     Sun 19 Oct 2025 14:01:00 +0000
Manifest next update:     Mon 20 Oct 2025 14:01:00 +0000
Files and hashes:         1: 6XKmwuvqRkEwcvkN1SbXjxEC9PI.crl (hash: ZMzTuQl7gIVkRbznL16Jx04x7H5yPApJy3SkaQ41SLc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/aa/b7628d-426c-4889-a00c-4f974c977945/1/6XKmwuvqRkEwcvkN1SbXjxEC9PI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/aa/b7628d-426c-4889-a00c-4f974c977945/1/6XKmwuvqRkEwcvkN1SbXjxEC9PI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/6XKmwuvqRkEwcvkN1SbXjxEC9PI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 14:01:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fc:c6:08:5e:3a:9e:2b:2f:f2:fc:d1:9a:6f:75:32:18
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e972a6c2ebea46413072f90dd526d78f1102f4f2
        Validity
            Not Before: Oct 19 14:01:00 2025 GMT
            Not After : Oct 20 14:01:00 2025 GMT
        Subject: CN=290b8bb581a14817e6c0957568cd59ccd5e41020
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d6:4c:55:c9:38:ed:e8:47:c6:0d:8f:b3:7b:93:
                    5e:c2:7b:3f:e6:8c:0d:eb:d8:24:2c:cc:1b:97:04:
                    e7:0d:13:9c:66:82:58:1b:f0:3a:a0:bd:9d:3b:70:
                    2f:79:ec:8b:a7:8c:4a:9b:98:d8:9a:6a:c0:d6:a8:
                    07:b9:57:92:34:8c:61:88:50:d3:3c:49:0c:98:ca:
                    35:88:87:f6:8a:06:2f:2b:9f:93:e6:4d:24:12:9f:
                    cb:fe:9d:b7:23:51:f7:88:8b:46:17:70:e3:09:0f:
                    50:f6:bc:a0:16:6d:71:41:9a:8f:f5:71:58:c3:0d:
                    49:05:16:33:d1:ea:44:69:fc:b9:3f:63:3e:68:d6:
                    1c:f7:bc:89:60:05:a4:35:3a:9e:61:aa:8e:02:22:
                    dd:59:34:7c:30:cf:81:c9:f9:89:da:d6:05:7a:6e:
                    a2:92:96:14:33:8b:fe:83:b0:48:e6:a1:2d:81:11:
                    76:c2:62:4a:81:3c:16:59:f4:70:a5:b2:a5:2c:b8:
                    3c:74:69:b0:3a:61:fe:c0:ed:ce:59:f6:0a:df:2d:
                    71:ca:39:99:5f:49:cd:df:ce:1c:f5:34:e0:81:50:
                    e0:f6:21:36:9f:d9:7c:16:a9:28:c5:5f:8a:5c:3a:
                    73:fc:f3:78:22:03:42:50:63:56:be:70:f5:89:c3:
                    32:8b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                29:0B:8B:B5:81:A1:48:17:E6:C0:95:75:68:CD:59:CC:D5:E4:10:20
            X509v3 Authority Key Identifier:
                keyid:E9:72:A6:C2:EB:EA:46:41:30:72:F9:0D:D5:26:D7:8F:11:02:F4:F2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6XKmwuvqRkEwcvkN1SbXjxEC9PI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/b7628d-426c-4889-a00c-4f974c977945/1/6XKmwuvqRkEwcvkN1SbXjxEC9PI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/b7628d-426c-4889-a00c-4f974c977945/1/6XKmwuvqRkEwcvkN1SbXjxEC9PI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1e:fe:f2:7a:36:8e:18:1a:03:5c:bd:f2:dc:f0:6b:3a:81:23:
         46:ae:45:2f:76:2d:a3:1b:09:b6:86:da:9e:9f:14:5e:5f:41:
         e4:c9:e7:41:a8:e6:05:55:4a:e0:04:3e:78:71:b1:78:bc:50:
         e4:f5:42:9d:eb:d5:34:d8:ff:c8:c5:48:92:dc:0f:b0:18:34:
         48:3d:b1:ae:9c:4e:84:f0:e1:a1:01:22:11:e0:95:4c:ee:3d:
         c0:d7:a6:5f:8c:3a:f2:8d:20:91:61:89:a6:41:30:75:cd:02:
         18:39:00:a8:18:6c:20:a2:17:9b:a6:4f:76:86:1a:ce:a7:63:
         1e:eb:ba:af:05:63:cf:51:94:36:88:c8:90:bc:50:c6:d2:cb:
         36:ad:50:9a:1f:c2:ad:76:49:ec:04:d7:47:6b:0b:4e:3f:0c:
         cf:3e:32:28:7d:0a:27:af:cf:de:3c:69:d2:b8:90:b9:ba:45:
         a0:1d:92:81:f5:99:fe:b7:c0:6c:10:84:0b:bb:1f:f9:ea:36:
         15:1b:7c:05:af:80:52:e9:c9:e1:af:c3:80:10:f3:d0:9a:a7:
         a6:0d:12:c9:c0:0a:10:b0:ef:1b:0c:7b:04:3f:55:90:1f:aa:
         d9:07:38:2e:5b:aa:ae:ac:1c:a7:dd:f1:3e:da:0f:90:d3:5b:
         df:ca:da:9e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn8xgheOp4rL/L80ZpvdTIYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU5NzJhNmMyZWJlYTQ2NDEzMDcyZjkwZGQ1MjZkNzhmMTEw
MmY0ZjIwHhcNMjUxMDE5MTQwMTAwWhcNMjUxMDIwMTQwMTAwWjAzMTEwLwYDVQQD
EygyOTBiOGJiNTgxYTE0ODE3ZTZjMDk1NzU2OGNkNTljY2Q1ZTQxMDIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1kxVyTjt6EfGDY+ze5Newns/5owN
69gkLMwblwTnDROcZoJYG/A6oL2dO3AveeyLp4xKm5jYmmrA1qgHuVeSNIxhiFDT
PEkMmMo1iIf2igYvK5+T5k0kEp/L/p23I1H3iItGF3DjCQ9Q9rygFm1xQZqP9XFY
ww1JBRYz0epEafy5P2M+aNYc97yJYAWkNTqeYaqOAiLdWTR8MM+ByfmJ2tYFem6i
kpYUM4v+g7BI5qEtgRF2wmJKgTwWWfRwpbKlLLg8dGmwOmH+wO3OWfYK3y1xyjmZ
X0nN384c9TTggVDg9iE2n9l8FqkoxV+KXDpz/PN4IgNCUGNWvnD1icMyiwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCkLi7WBoUgX5sCVdWjNWczV5BAgMB8GA1UdIwQY
MBaAFOlypsLr6kZBMHL5DdUm148RAvTyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNlhLbXd1dnFSa0V3Y3ZrTjFTYlhqeEVDOVBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS9iNzYyOGQtNDI2Yy00ODg5LWEwMGMt
NGY5NzRjOTc3OTQ1LzEvNlhLbXd1dnFSa0V3Y3ZrTjFTYlhqeEVDOVBJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYS9iNzYyOGQtNDI2Yy00ODg5LWEwMGMtNGY5NzRjOTc3OTQ1
LzEvNlhLbXd1dnFSa0V3Y3ZrTjFTYlhqeEVDOVBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHv7yejaO
GBoDXL3y3PBrOoEjRq5FL3YtoxsJtobanp8UXl9B5MnnQajmBVVK4AQ+eHGxeLxQ
5PVCnevVNNj/yMVIktwPsBg0SD2xrpxOhPDhoQEiEeCVTO49wNemX4w68o0gkWGJ
pkEwdc0CGDkAqBhsIKIXm6ZPdoYazqdjHuu6rwVjz1GUNojIkLxQxtLLNq1Qmh/C
rXZJ7ATXR2sLTj8Mzz4yKH0KJ6/P3jxp0riQubpFoB2SgfWZ/rfAbBCEC7sf+eo2
FRt8Ba+AUunJ4a/DgBDz0Jqnpg0SycAKELDvGwx7BD9VkB+q2Qc4Lluqrqwcp93x
PtoPkNNb38rang==
-----END CERTIFICATE-----
Generated at Sun Oct 19 23:44:41 2025 by rpki-client