Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/eaa246-3304-49eb-aada-a069af854b05/1/b2SOPKtgm9FIPKPlGRHOqlPwxqE.mft
File:                     b2SOPKtgm9FIPKPlGRHOqlPwxqE.mft (raw, json)
Hash identifier:          6WcpzSaflnDzVt0ag93ssDCWp42owSXLaJlC0cSFHn4=
Subject key identifier:   03:A8:7B:6E:53:50:3C:45:39:93:C2:58:6E:79:E6:E8:18:1C:92:45
Authority key identifier: 6F:64:8E:3C:AB:60:9B:D1:48:3C:A3:E5:19:11:CE:AA:53:F0:C6:A1
Certificate issuer:       /CN=6f648e3cab609bd1483ca3e51911ceaa53f0c6a1
Certificate serial:       0199FAD79EF8674B584FE4E4CF3D95E2B6E1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/b2SOPKtgm9FIPKPlGRHOqlPwxqE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bd/eaa246-3304-49eb-aada-a069af854b05/1/b2SOPKtgm9FIPKPlGRHOqlPwxqE.mft
Manifest number:          10D9
Signing time:             Sun 19 Oct 2025 05:00:58 +0000
Manifest this update:     Sun 19 Oct 2025 05:00:58 +0000
Manifest next update:     Mon 20 Oct 2025 05:00:58 +0000
Files and hashes:         1: b2SOPKtgm9FIPKPlGRHOqlPwxqE.crl (hash: wfb9Eg9d5ayH/jFYSNrWLWR/0qEec2Bzjs9Bw/c2XBo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/bd/eaa246-3304-49eb-aada-a069af854b05/1/b2SOPKtgm9FIPKPlGRHOqlPwxqE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/bd/eaa246-3304-49eb-aada-a069af854b05/1/b2SOPKtgm9FIPKPlGRHOqlPwxqE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/b2SOPKtgm9FIPKPlGRHOqlPwxqE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 05:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fa:d7:9e:f8:67:4b:58:4f:e4:e4:cf:3d:95:e2:b6:e1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6f648e3cab609bd1483ca3e51911ceaa53f0c6a1
        Validity
            Not Before: Oct 19 05:00:58 2025 GMT
            Not After : Oct 20 05:00:58 2025 GMT
        Subject: CN=03a87b6e53503c453993c2586e79e6e8181c9245
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:4c:ef:f2:92:1e:65:15:7c:a3:01:c4:e6:7a:
                    84:ee:ef:3e:ca:03:71:0e:61:da:07:ed:bb:ed:61:
                    6e:37:7c:ae:91:47:06:38:11:1b:8e:44:47:e8:b6:
                    cf:59:88:07:66:8f:b9:a3:18:39:26:89:df:29:72:
                    8b:eb:67:2f:09:46:55:68:5b:10:f1:98:42:14:2d:
                    f2:a3:aa:6a:c8:5e:6a:4a:a5:f1:19:ed:91:1a:d7:
                    f3:57:97:b4:1a:4f:63:e4:dc:55:82:e4:37:5b:a1:
                    e0:dc:23:ef:4c:ac:9e:49:3b:66:6b:c7:64:14:ce:
                    a2:07:39:de:70:ac:32:0c:b1:04:39:5c:65:75:8f:
                    d9:c6:1d:cf:76:a6:e6:79:f1:e8:bf:fb:15:e3:2d:
                    39:20:11:a9:b6:78:a5:c3:74:7c:0e:29:8f:93:30:
                    88:2a:56:7b:05:dd:e1:1a:6f:1e:02:06:61:9a:ed:
                    36:c9:48:62:88:4a:e5:66:2a:d6:ec:02:b5:91:81:
                    d5:55:8e:fa:74:22:6b:c3:bc:6b:b8:0b:d0:2c:15:
                    ae:e8:79:ce:9c:8f:f2:48:e8:9a:83:08:c8:75:e8:
                    23:44:56:b8:e4:ac:38:37:2a:68:34:f7:df:5b:30:
                    f7:a5:85:ae:dc:dd:3e:fa:66:27:32:98:fd:d9:8e:
                    99:1b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                03:A8:7B:6E:53:50:3C:45:39:93:C2:58:6E:79:E6:E8:18:1C:92:45
            X509v3 Authority Key Identifier:
                keyid:6F:64:8E:3C:AB:60:9B:D1:48:3C:A3:E5:19:11:CE:AA:53:F0:C6:A1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2SOPKtgm9FIPKPlGRHOqlPwxqE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/eaa246-3304-49eb-aada-a069af854b05/1/b2SOPKtgm9FIPKPlGRHOqlPwxqE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/eaa246-3304-49eb-aada-a069af854b05/1/b2SOPKtgm9FIPKPlGRHOqlPwxqE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3a:ec:5f:60:dc:3d:84:dd:b5:ab:f7:91:26:30:43:07:33:93:
         2b:a9:5e:a8:c3:5a:7c:27:b2:e5:ea:cc:bf:97:ef:b4:1f:30:
         25:0a:21:d0:50:6a:fb:b6:78:b8:49:a8:4f:f5:f3:72:60:b5:
         a2:7f:fc:0b:c9:72:9a:a5:88:59:de:a7:44:94:17:3d:41:8b:
         d2:c4:c2:da:c8:84:4c:5f:80:f4:6f:21:e7:9d:2a:07:99:4b:
         7d:d5:31:9f:5e:1a:5f:3f:a9:bf:99:1f:40:b6:c8:21:0a:34:
         d3:5a:68:a2:67:d6:4a:6b:8e:8e:4c:46:e7:9c:d0:ef:ab:c5:
         3f:94:6b:51:e9:fe:65:6d:3d:b0:0a:8e:bf:8c:7d:39:07:d9:
         75:9a:08:52:e8:c1:88:99:33:ba:13:27:0f:fb:f2:1c:ba:22:
         ed:45:c6:19:ad:bd:9c:bd:21:57:64:44:52:90:d1:11:aa:2e:
         f6:2a:f8:c3:06:fa:44:4c:48:67:ab:f0:e6:90:ef:bd:38:ac:
         ff:ea:36:59:ab:8a:71:d5:4b:2f:dc:55:1f:d0:29:3e:c9:57:
         9f:13:12:ab:3c:d3:a3:7d:24:16:3e:fa:73:c0:b3:08:37:f5:
         72:5e:7e:09:dd:66:c6:e6:70:fd:1f:1b:ab:af:c1:e3:1e:53:
         f9:cd:a6:6e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn61574Z0tYT+Tkzz2V4rbhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmNjQ4ZTNjYWI2MDliZDE0ODNjYTNlNTE5MTFjZWFhNTNm
MGM2YTEwHhcNMjUxMDE5MDUwMDU4WhcNMjUxMDIwMDUwMDU4WjAzMTEwLwYDVQQD
EygwM2E4N2I2ZTUzNTAzYzQ1Mzk5M2MyNTg2ZTc5ZTZlODE4MWM5MjQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtUzv8pIeZRV8owHE5nqE7u8+ygNx
DmHaB+277WFuN3yukUcGOBEbjkRH6LbPWYgHZo+5oxg5JonfKXKL62cvCUZVaFsQ
8ZhCFC3yo6pqyF5qSqXxGe2RGtfzV5e0Gk9j5NxVguQ3W6Hg3CPvTKyeSTtma8dk
FM6iBznecKwyDLEEOVxldY/Zxh3PdqbmefHov/sV4y05IBGptnilw3R8DimPkzCI
KlZ7Bd3hGm8eAgZhmu02yUhiiErlZirW7AK1kYHVVY76dCJrw7xruAvQLBWu6HnO
nI/ySOiagwjIdegjRFa45Kw4NypoNPffWzD3pYWu3N0++mYnMpj92Y6ZGwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAOoe25TUDxFOZPCWG555ugYHJJFMB8GA1UdIwQY
MBaAFG9kjjyrYJvRSDyj5RkRzqpT8MahMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjJTT1BLdGdtOUZJUEtQbEdSSE9xbFB3eHFFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZC9lYWEyNDYtMzMwNC00OWViLWFhZGEt
YTA2OWFmODU0YjA1LzEvYjJTT1BLdGdtOUZJUEtQbEdSSE9xbFB3eHFFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZC9lYWEyNDYtMzMwNC00OWViLWFhZGEtYTA2OWFmODU0YjA1
LzEvYjJTT1BLdGdtOUZJUEtQbEdSSE9xbFB3eHFFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAOuxfYNw9
hN21q/eRJjBDBzOTK6leqMNafCey5erMv5fvtB8wJQoh0FBq+7Z4uEmoT/XzcmC1
on/8C8lymqWIWd6nRJQXPUGL0sTC2siETF+A9G8h550qB5lLfdUxn14aXz+pv5kf
QLbIIQo001poomfWSmuOjkxG55zQ76vFP5RrUen+ZW09sAqOv4x9OQfZdZoIUujB
iJkzuhMnD/vyHLoi7UXGGa29nL0hV2REUpDREaou9ir4wwb6RExIZ6vw5pDvvTis
/+o2WauKcdVLL9xVH9ApPslXnxMSqzzTo30kFj76c8CzCDf1cl5+Cd1mxuZw/R8b
q6/B4x5T+c2mbg==
-----END CERTIFICATE-----
Generated at Sun Oct 19 15:13:05 2025 by rpki-client