Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/6fd9be-9694-4639-90c5-90ebd76e91f9/1/HbLi5zWagBYypm0QuWHk8uxt_E8.mft
File:                     HbLi5zWagBYypm0QuWHk8uxt_E8.mft (raw, json)
Hash identifier:          5+XkaUP6K5qo6cDv4TVhGC+3Y+hmL86SFZEHA3KsrDU=
Subject key identifier:   1C:42:BC:FE:BA:C3:B6:50:3F:CE:A6:16:1D:7C:FF:0E:6F:4C:6D:09
Authority key identifier: 1D:B2:E2:E7:35:9A:80:16:32:A6:6D:10:B9:61:E4:F2:EC:6D:FC:4F
Certificate issuer:       /CN=1db2e2e7359a801632a66d10b961e4f2ec6dfc4f
Certificate serial:       0199FA6A88F3821BB9E29816E1FCB27EADFB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HbLi5zWagBYypm0QuWHk8uxt_E8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b6/6fd9be-9694-4639-90c5-90ebd76e91f9/1/HbLi5zWagBYypm0QuWHk8uxt_E8.mft
Manifest number:          16DF
Signing time:             Sun 19 Oct 2025 03:01:49 +0000
Manifest this update:     Sun 19 Oct 2025 03:01:49 +0000
Manifest next update:     Mon 20 Oct 2025 03:01:49 +0000
Files and hashes:         1: HbLi5zWagBYypm0QuWHk8uxt_E8.crl (hash: nAXwKNqgfMwF8fUsAIPeJC9cieZGrl0ntTFzGWdWzZY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b6/6fd9be-9694-4639-90c5-90ebd76e91f9/1/HbLi5zWagBYypm0QuWHk8uxt_E8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b6/6fd9be-9694-4639-90c5-90ebd76e91f9/1/HbLi5zWagBYypm0QuWHk8uxt_E8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/HbLi5zWagBYypm0QuWHk8uxt_E8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 03:01:49 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fa:6a:88:f3:82:1b:b9:e2:98:16:e1:fc:b2:7e:ad:fb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1db2e2e7359a801632a66d10b961e4f2ec6dfc4f
        Validity
            Not Before: Oct 19 03:01:49 2025 GMT
            Not After : Oct 20 03:01:49 2025 GMT
        Subject: CN=1c42bcfebac3b6503fcea6161d7cff0e6f4c6d09
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:95:b0:63:1e:b2:d0:ac:1b:64:9d:65:27:1f:f3:
                    2b:75:a2:4b:3c:fd:0b:59:72:94:bf:ac:c7:6f:e8:
                    6a:bd:da:a7:7b:a1:d3:57:f8:1c:e6:82:a8:1d:4e:
                    05:c4:82:14:9d:ed:80:9f:bc:09:86:02:a7:a3:87:
                    06:d8:d4:1d:a4:fc:83:99:70:a0:ee:cb:9b:53:c2:
                    64:56:65:48:b9:05:a7:d3:89:f6:a7:7e:a6:dd:0d:
                    5c:89:6d:ce:e7:be:50:d7:1c:0d:e8:44:9d:a1:bd:
                    0a:1d:ad:1d:ed:92:6b:78:39:92:9b:e0:fc:1f:03:
                    25:a4:e0:34:e8:d5:8c:21:6c:4c:48:9f:b8:27:2e:
                    eb:ae:6b:1a:2f:7f:d0:d5:8c:3a:ab:47:33:10:4f:
                    cf:c5:95:f9:9c:ab:39:48:fc:30:2e:8e:91:a8:8e:
                    cc:1b:cf:a4:8a:f8:06:b4:5b:42:f0:d6:82:ad:66:
                    a9:eb:49:60:ff:c2:b0:1a:c4:cf:1d:6c:a8:d7:79:
                    3b:f7:fd:2a:63:af:e0:79:74:19:94:cb:6c:bc:4e:
                    c9:be:26:f9:d4:08:ea:98:62:eb:f5:ba:21:2d:19:
                    1a:9c:4c:04:27:8b:50:d2:3e:b9:1f:59:a6:2f:98:
                    04:84:5a:64:68:99:9d:58:c0:c8:6a:e0:32:bb:82:
                    af:d9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1C:42:BC:FE:BA:C3:B6:50:3F:CE:A6:16:1D:7C:FF:0E:6F:4C:6D:09
            X509v3 Authority Key Identifier:
                keyid:1D:B2:E2:E7:35:9A:80:16:32:A6:6D:10:B9:61:E4:F2:EC:6D:FC:4F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HbLi5zWagBYypm0QuWHk8uxt_E8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/6fd9be-9694-4639-90c5-90ebd76e91f9/1/HbLi5zWagBYypm0QuWHk8uxt_E8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/6fd9be-9694-4639-90c5-90ebd76e91f9/1/HbLi5zWagBYypm0QuWHk8uxt_E8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         83:4d:de:2c:b0:98:41:1e:f2:da:24:e7:98:42:84:14:6e:be:
         32:bd:a7:c9:fb:1c:01:83:48:e1:9b:d5:75:e1:00:5e:00:d5:
         07:f2:29:aa:a4:1e:4c:e0:53:d3:a2:95:00:29:d3:ea:8c:59:
         6f:27:45:2c:b8:17:0b:b2:d1:cc:59:99:f1:48:c0:92:79:a0:
         bf:1d:19:e6:17:1d:43:68:0e:c5:8c:2e:11:76:1a:a4:a6:3b:
         81:86:80:ac:8c:e3:39:7a:b0:56:a1:2a:43:a6:38:0d:5d:22:
         0e:9c:93:9a:a5:fd:d9:e9:66:de:fa:c2:56:c6:d3:0d:ad:5b:
         5d:9c:fa:7d:07:79:b3:3b:cf:ba:96:68:a1:76:e1:f7:81:0e:
         ee:a3:fe:83:a4:6b:65:61:a0:78:b7:6b:89:31:0c:4c:98:cf:
         69:67:ba:90:8d:8a:29:bc:03:55:93:4f:72:ac:b6:e5:9c:e0:
         b3:4c:a1:c4:a5:ce:20:39:af:0f:13:24:c9:a0:3a:4b:3d:a1:
         e8:08:aa:56:a9:62:96:18:e6:12:4f:16:6e:c2:36:ed:06:96:
         de:b3:4f:48:80:f5:de:d0:f9:a3:51:74:95:f4:72:af:49:75:
         06:fd:0d:b8:24:89:c7:66:d7:b4:bb:9f:c4:b0:14:91:f5:be:
         1d:50:08:19
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn6aojzghu54pgW4fyyfq37MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFkYjJlMmU3MzU5YTgwMTYzMmE2NmQxMGI5NjFlNGYyZWM2
ZGZjNGYwHhcNMjUxMDE5MDMwMTQ5WhcNMjUxMDIwMDMwMTQ5WjAzMTEwLwYDVQQD
EygxYzQyYmNmZWJhYzNiNjUwM2ZjZWE2MTYxZDdjZmYwZTZmNGM2ZDA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlbBjHrLQrBtknWUnH/MrdaJLPP0L
WXKUv6zHb+hqvdqne6HTV/gc5oKoHU4FxIIUne2An7wJhgKno4cG2NQdpPyDmXCg
7subU8JkVmVIuQWn04n2p36m3Q1ciW3O575Q1xwN6ESdob0KHa0d7ZJreDmSm+D8
HwMlpOA06NWMIWxMSJ+4Jy7rrmsaL3/Q1Yw6q0czEE/PxZX5nKs5SPwwLo6RqI7M
G8+kivgGtFtC8NaCrWap60lg/8KwGsTPHWyo13k79/0qY6/geXQZlMtsvE7Jvib5
1AjqmGLr9bohLRkanEwEJ4tQ0j65H1mmL5gEhFpkaJmdWMDIauAyu4Kv2QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBxCvP66w7ZQP86mFh18/w5vTG0JMB8GA1UdIwQY
MBaAFB2y4uc1moAWMqZtELlh5PLsbfxPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSGJMaTV6V2FnQll5cG0wUXVXSGs4dXh0X0U4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNi82ZmQ5YmUtOTY5NC00NjM5LTkwYzUt
OTBlYmQ3NmU5MWY5LzEvSGJMaTV6V2FnQll5cG0wUXVXSGs4dXh0X0U4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNi82ZmQ5YmUtOTY5NC00NjM5LTkwYzUtOTBlYmQ3NmU5MWY5
LzEvSGJMaTV6V2FnQll5cG0wUXVXSGs4dXh0X0U4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAg03eLLCY
QR7y2iTnmEKEFG6+Mr2nyfscAYNI4ZvVdeEAXgDVB/IpqqQeTOBT06KVACnT6oxZ
bydFLLgXC7LRzFmZ8UjAknmgvx0Z5hcdQ2gOxYwuEXYapKY7gYaArIzjOXqwVqEq
Q6Y4DV0iDpyTmqX92elm3vrCVsbTDa1bXZz6fQd5szvPupZooXbh94EO7qP+g6Rr
ZWGgeLdriTEMTJjPaWe6kI2KKbwDVZNPcqy25Zzgs0yhxKXOIDmvDxMkyaA6Sz2h
6AiqVqlilhjmEk8WbsI27QaW3rNPSID13tD5o1F0lfRyr0l1Bv0NuCSJx2bXtLuf
xLAUkfW+HVAIGQ==
-----END CERTIFICATE-----
Generated at Sun Oct 19 13:07:04 2025 by rpki-client