Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/5430d6-edc0-4428-b24a-300f5cabee11/1/XrtlNn2CQrAVmiU5y1oCM1Qu-WM.mft
File:                     XrtlNn2CQrAVmiU5y1oCM1Qu-WM.mft (raw, json)
Hash identifier:          cQ9TOkfTGFciFFcnXZPQ6iDOBZ3OCMiBI6staoJFudk=
Subject key identifier:   0D:47:7D:BB:CD:E3:B8:EB:67:71:BF:26:A0:F6:9A:DB:A5:50:2F:59
Authority key identifier: 5E:BB:65:36:7D:82:42:B0:15:9A:25:39:CB:5A:02:33:54:2E:F9:63
Certificate issuer:       /CN=5ebb65367d8242b0159a2539cb5a0233542ef963
Certificate serial:       0199FC8F8128819B103768A0366BCFC3610E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/XrtlNn2CQrAVmiU5y1oCM1Qu-WM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d3/5430d6-edc0-4428-b24a-300f5cabee11/1/XrtlNn2CQrAVmiU5y1oCM1Qu-WM.mft
Manifest number:          07B7
Signing time:             Sun 19 Oct 2025 13:01:27 +0000
Manifest this update:     Sun 19 Oct 2025 13:01:27 +0000
Manifest next update:     Mon 20 Oct 2025 13:01:27 +0000
Files and hashes:         1: XrtlNn2CQrAVmiU5y1oCM1Qu-WM.crl (hash: gQaEXmtHbsQPJUu3HCrLqz2PbQjXpir1zhcOeISuKUA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d3/5430d6-edc0-4428-b24a-300f5cabee11/1/XrtlNn2CQrAVmiU5y1oCM1Qu-WM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d3/5430d6-edc0-4428-b24a-300f5cabee11/1/XrtlNn2CQrAVmiU5y1oCM1Qu-WM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/XrtlNn2CQrAVmiU5y1oCM1Qu-WM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 06:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fc:8f:81:28:81:9b:10:37:68:a0:36:6b:cf:c3:61:0e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5ebb65367d8242b0159a2539cb5a0233542ef963
        Validity
            Not Before: Oct 19 13:01:27 2025 GMT
            Not After : Oct 20 13:01:27 2025 GMT
        Subject: CN=0d477dbbcde3b8eb6771bf26a0f69adba5502f59
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cc:4f:bb:2a:16:e0:12:bb:ac:75:e9:d6:8e:b4:
                    a9:34:0f:fc:81:e6:2f:0a:66:c6:5e:19:64:4b:b1:
                    44:2e:56:ae:9e:b5:d5:23:f6:da:92:88:4a:1c:ca:
                    3d:98:cc:9b:86:2d:7d:dc:36:e0:0a:3d:4a:c7:57:
                    14:af:99:25:31:8b:62:3e:07:2c:38:db:a8:ff:5d:
                    4a:5c:4b:d0:f9:00:84:b9:0f:f2:0b:7a:6a:3c:20:
                    a8:8f:70:dd:c7:0f:7a:1f:8a:c9:0b:d9:eb:6a:57:
                    a2:8d:8f:c7:57:b4:3a:2f:af:0e:9d:e0:9c:cb:e2:
                    52:6d:04:00:3f:46:7b:b4:79:89:69:4c:ac:6c:83:
                    96:55:56:0b:25:7b:ab:92:a3:ce:8c:9c:39:a0:89:
                    86:2f:e4:33:43:6d:d0:7c:76:3f:9f:b2:ee:1e:89:
                    5e:72:f1:0d:e0:d3:5e:5f:be:25:44:0b:2c:7e:db:
                    75:94:18:32:c2:5b:f2:9f:60:3f:eb:82:f8:7f:e5:
                    53:8a:4a:67:2d:6b:ed:75:ad:19:b8:dd:99:a4:42:
                    f6:80:98:91:4f:8d:26:d8:fe:a4:2b:d4:12:27:36:
                    0f:46:5f:f5:5d:18:b0:4f:01:e8:07:84:69:92:09:
                    a7:e2:e4:f3:f9:40:b4:fc:f2:11:5b:0f:78:00:5a:
                    fa:87
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0D:47:7D:BB:CD:E3:B8:EB:67:71:BF:26:A0:F6:9A:DB:A5:50:2F:59
            X509v3 Authority Key Identifier:
                keyid:5E:BB:65:36:7D:82:42:B0:15:9A:25:39:CB:5A:02:33:54:2E:F9:63

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XrtlNn2CQrAVmiU5y1oCM1Qu-WM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/5430d6-edc0-4428-b24a-300f5cabee11/1/XrtlNn2CQrAVmiU5y1oCM1Qu-WM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/5430d6-edc0-4428-b24a-300f5cabee11/1/XrtlNn2CQrAVmiU5y1oCM1Qu-WM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         94:d5:6e:91:a8:ab:ab:f1:55:a3:2b:c0:c0:8a:d0:f9:32:3c:
         84:5c:df:be:a0:43:ee:d8:9b:b7:c4:09:32:a9:8e:84:3d:cf:
         b4:43:0d:7b:09:de:7f:89:51:8a:ae:2c:d4:a2:56:5d:99:7c:
         5e:f9:e8:9b:05:83:1a:be:2e:a3:a3:1f:51:20:cc:88:ad:f1:
         93:48:e1:b5:3b:77:47:58:96:be:21:cf:42:57:4f:af:b6:d8:
         6c:cc:a7:b7:a0:e6:30:dd:b1:68:a6:44:9f:47:54:f3:36:0f:
         0c:56:6a:0d:0f:1a:6c:5b:42:ac:1f:46:45:47:42:04:44:0f:
         9e:bd:0a:38:18:35:b4:b3:5c:79:af:4e:66:37:d9:ea:fa:8a:
         58:7d:7b:bf:ae:89:7e:7c:4a:b7:6e:59:d3:8d:ca:ee:8f:66:
         cb:89:9b:3a:b8:f6:c2:8f:e2:66:69:11:29:96:4e:df:62:95:
         c7:00:71:64:6a:b2:05:c0:43:09:86:27:44:cd:29:c7:37:5e:
         d7:2e:a2:c6:d0:47:91:9a:e7:06:26:06:c1:ef:dd:2e:29:84:
         3c:08:d6:0d:8c:f9:78:7e:4a:f2:b9:2e:5d:3e:a8:62:d9:87:
         dd:ee:84:59:45:c5:66:b1:9e:69:30:9c:f6:62:dd:13:98:c5:
         63:6c:91:83
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn8j4EogZsQN2igNmvPw2EOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlYmI2NTM2N2Q4MjQyYjAxNTlhMjUzOWNiNWEwMjMzNTQy
ZWY5NjMwHhcNMjUxMDE5MTMwMTI3WhcNMjUxMDIwMTMwMTI3WjAzMTEwLwYDVQQD
EygwZDQ3N2RiYmNkZTNiOGViNjc3MWJmMjZhMGY2OWFkYmE1NTAyZjU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzE+7KhbgErusdenWjrSpNA/8geYv
CmbGXhlkS7FELlaunrXVI/bakohKHMo9mMybhi193DbgCj1Kx1cUr5klMYtiPgcs
ONuo/11KXEvQ+QCEuQ/yC3pqPCCoj3Ddxw96H4rJC9nraleijY/HV7Q6L68OneCc
y+JSbQQAP0Z7tHmJaUysbIOWVVYLJXurkqPOjJw5oImGL+QzQ23QfHY/n7LuHole
cvEN4NNeX74lRAssftt1lBgywlvyn2A/64L4f+VTikpnLWvtda0ZuN2ZpEL2gJiR
T40m2P6kK9QSJzYPRl/1XRiwTwHoB4Rpkgmn4uTz+UC0/PIRWw94AFr6hwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFA1HfbvN47jrZ3G/JqD2mtulUC9ZMB8GA1UdIwQY
MBaAFF67ZTZ9gkKwFZolOctaAjNULvljMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHJ0bE5uMkNRckFWbWlVNXkxb0NNMVF1LVdNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy81NDMwZDYtZWRjMC00NDI4LWIyNGEt
MzAwZjVjYWJlZTExLzEvWHJ0bE5uMkNRckFWbWlVNXkxb0NNMVF1LVdNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy81NDMwZDYtZWRjMC00NDI4LWIyNGEtMzAwZjVjYWJlZTEx
LzEvWHJ0bE5uMkNRckFWbWlVNXkxb0NNMVF1LVdNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAlNVukair
q/FVoyvAwIrQ+TI8hFzfvqBD7tibt8QJMqmOhD3PtEMNewnef4lRiq4s1KJWXZl8
XvnomwWDGr4uo6MfUSDMiK3xk0jhtTt3R1iWviHPQldPr7bYbMynt6DmMN2xaKZE
n0dU8zYPDFZqDQ8abFtCrB9GRUdCBEQPnr0KOBg1tLNcea9OZjfZ6vqKWH17v66J
fnxKt25Z043K7o9my4mbOrj2wo/iZmkRKZZO32KVxwBxZGqyBcBDCYYnRM0pxzde
1y6ixtBHkZrnBiYGwe/dLimEPAjWDYz5eH5K8rkuXT6oYtmH3e6EWUXFZrGeaTCc
9mLdE5jFY2yRgw==
-----END CERTIFICATE-----
Generated at Sun Oct 19 15:22:04 2025 by rpki-client