Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/495c34-95f9-495e-b1c8-474f2cf6e62a/1/OWpY9F0OyAFfoyauWP9YAzKJv50.mft
File:                     OWpY9F0OyAFfoyauWP9YAzKJv50.mft (raw, json)
Hash identifier:          +WxVj07lpggCQFo+LzYLM9eF41ZgSfMdeq5AeDPmYYU=
Subject key identifier:   75:4E:7A:23:1F:11:E4:CE:6D:94:0E:32:5A:5E:3D:CD:77:97:F0:13
Authority key identifier: 39:6A:58:F4:5D:0E:C8:01:5F:A3:26:AE:58:FF:58:03:32:89:BF:9D
Certificate issuer:       /CN=396a58f45d0ec8015fa326ae58ff58033289bf9d
Certificate serial:       0199FC8F30021D0A466291BFF62E15B49A29
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OWpY9F0OyAFfoyauWP9YAzKJv50.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c3/495c34-95f9-495e-b1c8-474f2cf6e62a/1/OWpY9F0OyAFfoyauWP9YAzKJv50.mft
Manifest number:          16DF
Signing time:             Sun 19 Oct 2025 13:01:06 +0000
Manifest this update:     Sun 19 Oct 2025 13:01:06 +0000
Manifest next update:     Mon 20 Oct 2025 13:01:06 +0000
Files and hashes:         1: OWpY9F0OyAFfoyauWP9YAzKJv50.crl (hash: mSqQVTRuWpEWwOhqdeRzU6bo8rRmmmS1TD9tBBeksG0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c3/495c34-95f9-495e-b1c8-474f2cf6e62a/1/OWpY9F0OyAFfoyauWP9YAzKJv50.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c3/495c34-95f9-495e-b1c8-474f2cf6e62a/1/OWpY9F0OyAFfoyauWP9YAzKJv50.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/OWpY9F0OyAFfoyauWP9YAzKJv50.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 06:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fc:8f:30:02:1d:0a:46:62:91:bf:f6:2e:15:b4:9a:29
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=396a58f45d0ec8015fa326ae58ff58033289bf9d
        Validity
            Not Before: Oct 19 13:01:06 2025 GMT
            Not After : Oct 20 13:01:06 2025 GMT
        Subject: CN=754e7a231f11e4ce6d940e325a5e3dcd7797f013
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c5:07:de:4d:01:95:a5:4c:4b:dc:35:c4:b7:b3:
                    5e:7f:f6:13:b4:0d:c0:b5:a8:56:9f:5d:c8:85:3d:
                    be:44:47:0d:75:2d:37:8c:d4:45:de:8b:ae:e5:89:
                    af:33:14:ad:ee:51:20:9d:da:9a:5d:7b:22:e4:2b:
                    1d:93:36:c0:64:cc:ec:d1:a6:cb:11:6f:8f:61:6d:
                    22:b8:43:cb:e6:f4:5b:ca:7a:fe:a1:da:86:e4:b1:
                    38:5a:57:4f:17:a6:bc:37:d5:4a:41:72:8d:e8:87:
                    5d:32:d4:e3:79:b0:37:64:71:db:a5:d9:ab:4f:87:
                    8f:ac:5d:c5:82:ae:98:d7:ea:18:5e:bf:47:26:5b:
                    ed:6e:e3:4b:26:3b:4b:a2:c6:99:a7:a0:2e:3b:fb:
                    47:4f:d2:b5:e1:ce:1b:22:41:5c:1f:d3:73:de:89:
                    b3:6a:7d:99:32:00:b6:01:dc:43:fb:a0:77:86:b4:
                    3e:95:9a:bf:a7:ef:e7:4a:bb:d1:d3:19:4a:32:5e:
                    a4:64:c7:5e:35:fd:e1:87:c4:1a:9e:91:59:92:7b:
                    dd:54:20:c9:a1:a7:9a:7c:12:b4:52:94:cd:f2:e7:
                    6a:fd:31:c8:17:c3:06:19:8e:22:df:50:6d:3f:60:
                    ce:ca:b8:97:50:77:31:4b:f0:77:95:6c:97:97:c2:
                    d7:d1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                75:4E:7A:23:1F:11:E4:CE:6D:94:0E:32:5A:5E:3D:CD:77:97:F0:13
            X509v3 Authority Key Identifier:
                keyid:39:6A:58:F4:5D:0E:C8:01:5F:A3:26:AE:58:FF:58:03:32:89:BF:9D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OWpY9F0OyAFfoyauWP9YAzKJv50.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/495c34-95f9-495e-b1c8-474f2cf6e62a/1/OWpY9F0OyAFfoyauWP9YAzKJv50.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/495c34-95f9-495e-b1c8-474f2cf6e62a/1/OWpY9F0OyAFfoyauWP9YAzKJv50.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0d:fc:ee:27:7a:79:4c:f9:a9:b9:0d:54:ac:2f:fa:38:f3:2c:
         f9:5d:8f:54:f0:d2:93:c0:47:89:ed:6f:e5:7c:73:b7:f6:3f:
         a0:f2:ca:0b:ce:20:04:4c:0f:94:56:92:f3:c3:ec:12:04:50:
         77:7d:b9:44:32:f6:0c:5b:71:cf:bd:86:11:9c:50:a8:f3:e1:
         94:63:0c:a1:cf:4f:c8:61:2d:fc:35:ef:f5:5c:31:a2:e4:0e:
         2c:0e:1b:b6:c1:b2:af:20:91:aa:a8:3c:28:d8:40:f2:26:81:
         ec:ed:c5:92:3e:e7:21:4b:9a:9a:a9:90:6c:a7:02:9a:1c:48:
         f3:dd:7d:72:85:aa:3f:79:b3:a3:16:26:a0:7c:fe:c4:5a:12:
         a5:aa:4b:88:dd:12:36:32:37:83:cc:85:cb:d9:34:cf:f6:29:
         8f:52:b9:32:ae:66:02:14:a0:7e:67:da:cb:cf:2c:fd:90:c3:
         9f:c2:68:2c:a5:51:24:cf:f9:ac:71:38:f7:58:18:40:78:7e:
         c0:e2:8f:37:9c:0e:90:03:ca:57:fd:11:99:6c:1e:44:3d:37:
         57:6d:f4:e6:aa:5f:1a:e2:c4:a2:fb:8d:07:07:00:ed:f9:45:
         df:f3:3b:85:b2:17:0c:87:d9:e8:1a:a2:d6:2f:ea:a3:b1:35:
         7a:27:cf:e6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn8jzACHQpGYpG/9i4VtJopMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM5NmE1OGY0NWQwZWM4MDE1ZmEzMjZhZTU4ZmY1ODAzMzI4
OWJmOWQwHhcNMjUxMDE5MTMwMTA2WhcNMjUxMDIwMTMwMTA2WjAzMTEwLwYDVQQD
Eyg3NTRlN2EyMzFmMTFlNGNlNmQ5NDBlMzI1YTVlM2RjZDc3OTdmMDEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxQfeTQGVpUxL3DXEt7Nef/YTtA3A
tahWn13IhT2+REcNdS03jNRF3ouu5YmvMxSt7lEgndqaXXsi5CsdkzbAZMzs0abL
EW+PYW0iuEPL5vRbynr+odqG5LE4WldPF6a8N9VKQXKN6IddMtTjebA3ZHHbpdmr
T4ePrF3Fgq6Y1+oYXr9HJlvtbuNLJjtLosaZp6AuO/tHT9K14c4bIkFcH9Nz3omz
an2ZMgC2AdxD+6B3hrQ+lZq/p+/nSrvR0xlKMl6kZMdeNf3hh8QanpFZknvdVCDJ
oaeafBK0UpTN8udq/THIF8MGGY4i31BtP2DOyriXUHcxS/B3lWyXl8LX0QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHVOeiMfEeTObZQOMlpePc13l/ATMB8GA1UdIwQY
MBaAFDlqWPRdDsgBX6Mmrlj/WAMyib+dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT1dwWTlGME95QUZmb3lhdVdQOVlBektKdjUwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy80OTVjMzQtOTVmOS00OTVlLWIxYzgt
NDc0ZjJjZjZlNjJhLzEvT1dwWTlGME95QUZmb3lhdVdQOVlBektKdjUwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy80OTVjMzQtOTVmOS00OTVlLWIxYzgtNDc0ZjJjZjZlNjJh
LzEvT1dwWTlGME95QUZmb3lhdVdQOVlBektKdjUwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADfzuJ3p5
TPmpuQ1UrC/6OPMs+V2PVPDSk8BHie1v5Xxzt/Y/oPLKC84gBEwPlFaS88PsEgRQ
d325RDL2DFtxz72GEZxQqPPhlGMMoc9PyGEt/DXv9VwxouQOLA4btsGyryCRqqg8
KNhA8iaB7O3Fkj7nIUuamqmQbKcCmhxI8919coWqP3mzoxYmoHz+xFoSpapLiN0S
NjI3g8yFy9k0z/Ypj1K5Mq5mAhSgfmfay88s/ZDDn8JoLKVRJM/5rHE491gYQHh+
wOKPN5wOkAPKV/0RmWweRD03V2305qpfGuLEovuNBwcA7flF3/M7hbIXDIfZ6Bqi
1i/qo7E1eifP5g==
-----END CERTIFICATE-----
Generated at Sun Oct 19 15:19:17 2025 by rpki-client