Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d6/5f757b-4f22-43db-9da9-2496116e415d/1/k8QjPQuo54YYoJpyVh3M0GSYyE4.mft
File:                     k8QjPQuo54YYoJpyVh3M0GSYyE4.mft (raw, json)
Hash identifier:          xz5z+Yocr63b4fAeU1uRxgubwRrpuXm5Hrs28szOlzw=
Subject key identifier:   18:96:85:62:61:1B:02:FC:F0:9B:76:E0:1D:AA:8C:14:54:3E:72:56
Authority key identifier: 93:C4:23:3D:0B:A8:E7:86:18:A0:9A:72:56:1D:CC:D0:64:98:C8:4E
Certificate issuer:       /CN=93c4233d0ba8e78618a09a72561dccd06498c84e
Certificate serial:       0199FBEB45F1385D3BEFFD615010F593FD32
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/k8QjPQuo54YYoJpyVh3M0GSYyE4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d6/5f757b-4f22-43db-9da9-2496116e415d/1/k8QjPQuo54YYoJpyVh3M0GSYyE4.mft
Manifest number:          16DF
Signing time:             Sun 19 Oct 2025 10:02:04 +0000
Manifest this update:     Sun 19 Oct 2025 10:02:04 +0000
Manifest next update:     Mon 20 Oct 2025 10:02:04 +0000
Files and hashes:         1: k8QjPQuo54YYoJpyVh3M0GSYyE4.crl (hash: wVm8FKZJG8ANM+6IP7+sJ3fiXnzt1M1ickgT5XpH0hY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d6/5f757b-4f22-43db-9da9-2496116e415d/1/k8QjPQuo54YYoJpyVh3M0GSYyE4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d6/5f757b-4f22-43db-9da9-2496116e415d/1/k8QjPQuo54YYoJpyVh3M0GSYyE4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/k8QjPQuo54YYoJpyVh3M0GSYyE4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 06:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fb:eb:45:f1:38:5d:3b:ef:fd:61:50:10:f5:93:fd:32
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=93c4233d0ba8e78618a09a72561dccd06498c84e
        Validity
            Not Before: Oct 19 10:02:04 2025 GMT
            Not After : Oct 20 10:02:04 2025 GMT
        Subject: CN=18968562611b02fcf09b76e01daa8c14543e7256
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9a:45:e5:78:68:7d:05:ea:c9:34:15:28:fb:bb:
                    04:a9:d4:49:e5:e5:72:14:cb:26:fc:6c:fe:1e:15:
                    3c:6a:3c:24:cf:60:20:c7:e2:62:d5:ea:3d:d3:1d:
                    82:df:89:52:7b:0a:22:4f:0f:eb:59:c2:d7:cf:bf:
                    dd:6d:ec:2d:65:0a:53:68:68:1f:ab:99:14:3e:e4:
                    89:1c:43:f4:35:bd:d1:80:ca:79:72:73:7d:2c:ef:
                    cd:7b:78:48:d8:ff:96:22:54:a5:54:36:67:2a:be:
                    9c:15:e4:8b:38:a0:6f:3b:7a:66:ed:b8:c2:f8:0c:
                    6c:23:9c:4c:77:a1:f4:4c:a7:e8:d2:fd:a6:1b:6b:
                    4c:5e:0d:f7:cc:d2:13:20:30:2c:12:9a:d9:96:dd:
                    ef:9e:a3:c8:3d:71:dd:73:48:8b:fe:9f:66:1f:7e:
                    98:5b:b1:ec:7c:a4:65:68:47:44:b5:d3:8d:77:45:
                    0f:fa:3d:93:ed:bc:df:85:33:29:e5:f9:79:fb:d8:
                    5b:12:0b:95:aa:c8:7a:c4:97:d6:d2:90:9c:0b:f5:
                    80:6f:b0:31:32:72:f2:8f:1c:bd:9c:d8:78:b2:58:
                    75:69:f3:7c:a5:9b:3d:53:34:d5:17:e7:2d:2b:49:
                    70:47:1e:e7:b0:1b:6a:89:e7:88:62:e1:d2:14:e3:
                    e7:3f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                18:96:85:62:61:1B:02:FC:F0:9B:76:E0:1D:AA:8C:14:54:3E:72:56
            X509v3 Authority Key Identifier:
                keyid:93:C4:23:3D:0B:A8:E7:86:18:A0:9A:72:56:1D:CC:D0:64:98:C8:4E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/k8QjPQuo54YYoJpyVh3M0GSYyE4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d6/5f757b-4f22-43db-9da9-2496116e415d/1/k8QjPQuo54YYoJpyVh3M0GSYyE4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d6/5f757b-4f22-43db-9da9-2496116e415d/1/k8QjPQuo54YYoJpyVh3M0GSYyE4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         49:dd:82:b7:33:b7:54:eb:e1:43:9d:22:7a:59:1a:31:cc:64:
         33:aa:2e:d8:6f:3c:c2:a0:f6:05:5d:e6:a5:84:0c:cf:f7:45:
         f2:a7:24:92:5f:96:98:37:bc:1d:91:82:16:b4:81:10:91:ce:
         3e:99:f4:c4:81:da:88:d6:d7:82:f1:c4:13:e0:3f:90:5a:4c:
         87:11:90:fb:1a:47:e0:0f:b4:2b:09:8c:dc:95:d5:d5:c4:a8:
         fd:da:00:51:e6:e3:f4:c4:87:8e:b5:08:9a:ea:1c:ba:61:4d:
         b0:05:b3:25:dc:e7:77:3e:b2:e5:07:4c:d8:ea:d4:dc:03:5d:
         cb:75:cf:d3:2d:24:c1:23:0f:a8:93:83:4d:54:42:3e:fa:62:
         26:1d:e3:77:a9:47:50:38:b0:d2:58:16:fd:ec:19:32:3c:76:
         34:ef:d1:0e:70:2a:35:9a:6e:b0:e4:c5:96:7c:1a:d8:c8:08:
         5d:d9:be:dc:c3:3b:03:db:a0:84:59:9e:88:73:93:94:13:d7:
         a9:cf:0e:c5:3d:8f:eb:2c:32:51:9c:a2:a4:a7:f6:89:7c:60:
         ae:5d:c0:31:a1:f3:67:ba:05:c5:86:28:e3:47:b5:41:09:6f:
         a3:42:3c:51:90:f5:13:dc:99:2a:5a:cf:86:ef:84:87:77:4f:
         95:80:de:a1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn760XxOF077/1hUBD1k/0yMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkzYzQyMzNkMGJhOGU3ODYxOGEwOWE3MjU2MWRjY2QwNjQ5
OGM4NGUwHhcNMjUxMDE5MTAwMjA0WhcNMjUxMDIwMTAwMjA0WjAzMTEwLwYDVQQD
EygxODk2ODU2MjYxMWIwMmZjZjA5Yjc2ZTAxZGFhOGMxNDU0M2U3MjU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmkXleGh9BerJNBUo+7sEqdRJ5eVy
FMsm/Gz+HhU8ajwkz2Agx+Ji1eo90x2C34lSewoiTw/rWcLXz7/dbewtZQpTaGgf
q5kUPuSJHEP0Nb3RgMp5cnN9LO/Ne3hI2P+WIlSlVDZnKr6cFeSLOKBvO3pm7bjC
+AxsI5xMd6H0TKfo0v2mG2tMXg33zNITIDAsEprZlt3vnqPIPXHdc0iL/p9mH36Y
W7HsfKRlaEdEtdONd0UP+j2T7bzfhTMp5fl5+9hbEguVqsh6xJfW0pCcC/WAb7Ax
MnLyjxy9nNh4slh1afN8pZs9UzTVF+ctK0lwRx7nsBtqieeIYuHSFOPnPwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBiWhWJhGwL88Jt24B2qjBRUPnJWMB8GA1UdIwQY
MBaAFJPEIz0LqOeGGKCaclYdzNBkmMhOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvazhRalBRdW81NFlZb0pweVZoM00wR1NZeUU0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNi81Zjc1N2ItNGYyMi00M2RiLTlkYTkt
MjQ5NjExNmU0MTVkLzEvazhRalBRdW81NFlZb0pweVZoM00wR1NZeUU0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNi81Zjc1N2ItNGYyMi00M2RiLTlkYTktMjQ5NjExNmU0MTVk
LzEvazhRalBRdW81NFlZb0pweVZoM00wR1NZeUU0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEASd2CtzO3
VOvhQ50ielkaMcxkM6ou2G88wqD2BV3mpYQMz/dF8qckkl+WmDe8HZGCFrSBEJHO
Ppn0xIHaiNbXgvHEE+A/kFpMhxGQ+xpH4A+0KwmM3JXV1cSo/doAUebj9MSHjrUI
muocumFNsAWzJdzndz6y5QdM2OrU3ANdy3XP0y0kwSMPqJODTVRCPvpiJh3jd6lH
UDiw0lgW/ewZMjx2NO/RDnAqNZpusOTFlnwa2MgIXdm+3MM7A9ughFmeiHOTlBPX
qc8OxT2P6ywyUZyipKf2iXxgrl3AMaHzZ7oFxYYo40e1QQlvo0I8UZD1E9yZKlrP
hu+Eh3dPlYDeoQ==
-----END CERTIFICATE-----
Generated at Sun Oct 19 13:06:13 2025 by rpki-client