Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/2c74d9-c3e0-496b-a4be-8dd45d2bca7a/1/gAVnqlixEmbTjGRvpkc_VEk3fE0.mft
File:                     gAVnqlixEmbTjGRvpkc_VEk3fE0.mft (raw, json)
Hash identifier:          o7nPS6sJ+hKyschHX0lKqwfXyZlxn/jjhq2ApZTG31o=
Subject key identifier:   B4:47:37:16:6B:57:FA:D4:C0:BF:02:F2:AC:19:28:FD:F5:55:8B:71
Authority key identifier: 80:05:67:AA:58:B1:12:66:D3:8C:64:6F:A6:47:3F:54:49:37:7C:4D
Certificate issuer:       /CN=800567aa58b11266d38c646fa6473f5449377c4d
Certificate serial:       0199FB0EEBBBF2FA8EB816D67EBA01F562F0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/gAVnqlixEmbTjGRvpkc_VEk3fE0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b1/2c74d9-c3e0-496b-a4be-8dd45d2bca7a/1/gAVnqlixEmbTjGRvpkc_VEk3fE0.mft
Manifest number:          0199
Signing time:             Sun 19 Oct 2025 06:01:22 +0000
Manifest this update:     Sun 19 Oct 2025 06:01:22 +0000
Manifest next update:     Mon 20 Oct 2025 06:01:22 +0000
Files and hashes:         1: gAVnqlixEmbTjGRvpkc_VEk3fE0.crl (hash: w+VD+qiUg6P1w5QvxNMQE/gNXSrp2dgQrEyVbwpVLC0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b1/2c74d9-c3e0-496b-a4be-8dd45d2bca7a/1/gAVnqlixEmbTjGRvpkc_VEk3fE0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b1/2c74d9-c3e0-496b-a4be-8dd45d2bca7a/1/gAVnqlixEmbTjGRvpkc_VEk3fE0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/gAVnqlixEmbTjGRvpkc_VEk3fE0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 06:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fb:0e:eb:bb:f2:fa:8e:b8:16:d6:7e:ba:01:f5:62:f0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=800567aa58b11266d38c646fa6473f5449377c4d
        Validity
            Not Before: Oct 19 06:01:22 2025 GMT
            Not After : Oct 20 06:01:22 2025 GMT
        Subject: CN=b44737166b57fad4c0bf02f2ac1928fdf5558b71
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f5:83:48:32:39:92:77:70:11:f5:f5:ce:4f:1d:
                    fd:a9:68:ab:14:10:73:eb:8f:36:34:ed:32:52:88:
                    0a:e2:81:17:3d:b6:f4:25:45:29:85:bc:a4:55:ef:
                    82:10:ed:13:e7:78:5a:08:95:39:ec:2d:37:ec:03:
                    61:ff:89:96:e6:4c:ee:a0:ab:db:74:f2:14:a4:f0:
                    3f:8a:0d:34:0a:2a:c6:fe:ec:06:a3:fd:a9:d1:a5:
                    05:1c:89:29:c6:b8:97:c5:0f:f0:b2:7c:3d:99:77:
                    c1:88:f0:8a:44:c5:a5:4f:b0:bb:58:8c:81:00:6e:
                    60:f0:17:8c:1b:a6:c2:ec:b6:c3:3e:88:b0:1a:b3:
                    d0:2d:9c:6b:e6:4d:85:1c:f0:6d:e6:0c:d8:bc:56:
                    9a:2c:c7:21:fa:e6:21:f1:a1:85:02:56:21:22:e5:
                    98:0d:df:fc:55:b3:a7:26:ef:6d:cb:4f:13:30:fd:
                    af:34:82:7e:40:83:68:b9:0e:dd:95:6a:48:2c:ef:
                    6e:f1:7f:ed:fa:52:06:9b:62:82:93:62:93:3c:b8:
                    04:59:47:68:fe:c1:fc:a2:23:c0:83:0e:f9:b9:46:
                    8b:38:21:41:92:47:24:8f:c2:cc:af:4f:9e:b2:0e:
                    5f:bb:58:89:c2:49:a0:0c:60:d3:9d:4e:42:5a:31:
                    7e:b1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B4:47:37:16:6B:57:FA:D4:C0:BF:02:F2:AC:19:28:FD:F5:55:8B:71
            X509v3 Authority Key Identifier:
                keyid:80:05:67:AA:58:B1:12:66:D3:8C:64:6F:A6:47:3F:54:49:37:7C:4D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gAVnqlixEmbTjGRvpkc_VEk3fE0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/2c74d9-c3e0-496b-a4be-8dd45d2bca7a/1/gAVnqlixEmbTjGRvpkc_VEk3fE0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/2c74d9-c3e0-496b-a4be-8dd45d2bca7a/1/gAVnqlixEmbTjGRvpkc_VEk3fE0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         09:7c:13:d0:dc:44:01:a5:b4:32:84:0e:ce:58:b0:cf:10:7b:
         e8:b9:83:31:32:b8:d6:8e:a4:22:cd:f3:f1:9f:e7:19:bc:d7:
         af:04:a2:f0:88:fa:1a:45:78:be:9f:ad:0f:58:f3:e5:c4:44:
         55:74:ec:8c:31:ab:e2:25:85:65:e9:a7:50:5e:a7:2f:19:be:
         b9:30:57:b1:2f:8a:b4:75:ac:09:62:38:e3:53:2e:25:ec:64:
         07:25:f1:f1:8a:4e:ab:84:b6:2d:80:54:b4:8f:e7:1f:8d:8a:
         05:a3:d6:25:f5:a1:16:1f:13:4c:b6:d3:56:ba:2c:c2:52:97:
         44:d2:93:02:84:3d:d0:6a:61:e1:64:7c:19:40:8f:f9:e8:8c:
         50:3d:48:48:62:ba:c4:72:bc:eb:37:95:ad:98:5d:db:45:42:
         d5:a0:d7:41:4a:ab:f0:ad:36:d6:78:d5:dd:4f:00:a2:16:8c:
         4b:56:47:b2:fc:5c:cc:41:f6:df:d7:c1:f2:65:1d:48:47:b3:
         a2:d0:51:c2:a7:06:f8:11:73:5a:ef:0c:29:a1:b9:38:b7:1a:
         0b:f9:ca:48:ce:33:da:6e:a6:7c:e1:b0:4f:5e:8b:63:76:e8:
         b2:e3:d4:f3:3e:25:7e:9a:63:6a:5a:43:28:86:d8:bb:5e:30:
         ec:de:ec:c8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn7Duu78vqOuBbWfroB9WLwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgwMDU2N2FhNThiMTEyNjZkMzhjNjQ2ZmE2NDczZjU0NDkz
NzdjNGQwHhcNMjUxMDE5MDYwMTIyWhcNMjUxMDIwMDYwMTIyWjAzMTEwLwYDVQQD
EyhiNDQ3MzcxNjZiNTdmYWQ0YzBiZjAyZjJhYzE5MjhmZGY1NTU4YjcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9YNIMjmSd3AR9fXOTx39qWirFBBz
6482NO0yUogK4oEXPbb0JUUphbykVe+CEO0T53haCJU57C037ANh/4mW5kzuoKvb
dPIUpPA/ig00CirG/uwGo/2p0aUFHIkpxriXxQ/wsnw9mXfBiPCKRMWlT7C7WIyB
AG5g8BeMG6bC7LbDPoiwGrPQLZxr5k2FHPBt5gzYvFaaLMch+uYh8aGFAlYhIuWY
Dd/8VbOnJu9ty08TMP2vNIJ+QINouQ7dlWpILO9u8X/t+lIGm2KCk2KTPLgEWUdo
/sH8oiPAgw75uUaLOCFBkkckj8LMr0+esg5fu1iJwkmgDGDTnU5CWjF+sQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLRHNxZrV/rUwL8C8qwZKP31VYtxMB8GA1UdIwQY
MBaAFIAFZ6pYsRJm04xkb6ZHP1RJN3xNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ0FWbnFsaXhFbWJUakdSdnBrY19WRWszZkUwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS8yYzc0ZDktYzNlMC00OTZiLWE0YmUt
OGRkNDVkMmJjYTdhLzEvZ0FWbnFsaXhFbWJUakdSdnBrY19WRWszZkUwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS8yYzc0ZDktYzNlMC00OTZiLWE0YmUtOGRkNDVkMmJjYTdh
LzEvZ0FWbnFsaXhFbWJUakdSdnBrY19WRWszZkUwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACXwT0NxE
AaW0MoQOzliwzxB76LmDMTK41o6kIs3z8Z/nGbzXrwSi8Ij6GkV4vp+tD1jz5cRE
VXTsjDGr4iWFZemnUF6nLxm+uTBXsS+KtHWsCWI441MuJexkByXx8YpOq4S2LYBU
tI/nH42KBaPWJfWhFh8TTLbTVroswlKXRNKTAoQ90Gph4WR8GUCP+eiMUD1ISGK6
xHK86zeVrZhd20VC1aDXQUqr8K021njV3U8AohaMS1ZHsvxczEH239fB8mUdSEez
otBRwqcG+BFzWu8MKaG5OLcaC/nKSM4z2m6mfOGwT16LY3bosuPU8z4lfppjalpD
KIbYu14w7N7syA==
-----END CERTIFICATE-----
Generated at Sun Oct 19 13:07:46 2025 by rpki-client