Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/b66986-8f6b-46b9-bccd-f7369f9dcc9c/1/in1zAecVR30mgJu6u0zQMr07Vhg.mft
File:                     in1zAecVR30mgJu6u0zQMr07Vhg.mft (raw, json)
Hash identifier:          0+LOlqGIGqCSUPqytXT1PUrx+UkA8Dq0TNcZacyQg98=
Subject key identifier:   54:B9:B5:DA:2C:8E:11:AB:D5:21:23:AB:03:DF:78:B6:7A:DE:44:E4
Authority key identifier: 8A:7D:73:01:E7:15:47:7D:26:80:9B:BA:BB:4C:D0:32:BD:3B:56:18
Certificate issuer:       /CN=8a7d7301e715477d26809bbabb4cd032bd3b5618
Certificate serial:       0199FAD7BA40C070C7FEA60AE37ACABEC1DA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/in1zAecVR30mgJu6u0zQMr07Vhg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/db/b66986-8f6b-46b9-bccd-f7369f9dcc9c/1/in1zAecVR30mgJu6u0zQMr07Vhg.mft
Manifest number:          0390
Signing time:             Sun 19 Oct 2025 05:01:05 +0000
Manifest this update:     Sun 19 Oct 2025 05:01:05 +0000
Manifest next update:     Mon 20 Oct 2025 05:01:05 +0000
Files and hashes:         1: in1zAecVR30mgJu6u0zQMr07Vhg.crl (hash: 8AdRqrs+g9s+0C3+wVZdt7D+o9vdFeZ8r9y8zcv6EVY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/db/b66986-8f6b-46b9-bccd-f7369f9dcc9c/1/in1zAecVR30mgJu6u0zQMr07Vhg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/db/b66986-8f6b-46b9-bccd-f7369f9dcc9c/1/in1zAecVR30mgJu6u0zQMr07Vhg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/in1zAecVR30mgJu6u0zQMr07Vhg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 05:01:05 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fa:d7:ba:40:c0:70:c7:fe:a6:0a:e3:7a:ca:be:c1:da
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8a7d7301e715477d26809bbabb4cd032bd3b5618
        Validity
            Not Before: Oct 19 05:01:05 2025 GMT
            Not After : Oct 20 05:01:05 2025 GMT
        Subject: CN=54b9b5da2c8e11abd52123ab03df78b67ade44e4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:86:a7:96:02:7b:ed:95:98:cf:06:08:4b:a1:73:
                    34:dc:79:8e:60:3e:bf:51:51:1e:63:73:3d:90:b7:
                    af:ed:36:6f:0f:4a:63:ec:99:58:03:01:c9:7d:65:
                    c8:98:d1:43:fa:67:15:2a:4d:10:d9:aa:99:74:32:
                    60:b5:6b:64:b3:21:67:67:0e:5d:6f:35:a0:f7:af:
                    ec:12:04:bf:40:6c:9b:e5:20:eb:ef:0c:b0:d7:26:
                    23:10:e6:6d:b2:59:ff:31:22:97:e4:50:1b:bd:1b:
                    a1:2b:41:c8:2a:6c:15:82:50:b8:5a:80:e0:b9:fb:
                    0f:56:67:7d:49:a4:9c:72:10:03:10:7f:2e:d9:d3:
                    ec:55:c1:88:6d:2c:cc:2a:c6:3e:a2:f2:71:30:c7:
                    84:52:1f:16:00:1b:4b:f9:0a:16:0e:b6:7a:de:f2:
                    4a:21:84:eb:02:10:97:a3:56:3b:9f:35:d0:5e:33:
                    ae:90:9a:61:4f:cd:ae:78:58:66:5a:61:be:cd:95:
                    4e:56:16:d1:f8:50:07:80:82:bd:ab:20:0d:d0:2d:
                    1a:8b:bb:f6:3d:f4:50:32:92:b9:99:79:2b:5c:ec:
                    cb:9e:14:01:a8:6e:cc:98:a4:e8:39:8a:c0:f6:c9:
                    9f:ab:63:0c:17:36:91:06:d5:75:24:ee:c1:ef:b3:
                    6f:41
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                54:B9:B5:DA:2C:8E:11:AB:D5:21:23:AB:03:DF:78:B6:7A:DE:44:E4
            X509v3 Authority Key Identifier:
                keyid:8A:7D:73:01:E7:15:47:7D:26:80:9B:BA:BB:4C:D0:32:BD:3B:56:18

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/in1zAecVR30mgJu6u0zQMr07Vhg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/b66986-8f6b-46b9-bccd-f7369f9dcc9c/1/in1zAecVR30mgJu6u0zQMr07Vhg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/db/b66986-8f6b-46b9-bccd-f7369f9dcc9c/1/in1zAecVR30mgJu6u0zQMr07Vhg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         bc:92:fe:7b:d4:96:9e:e2:b8:77:88:fa:45:ad:63:93:3f:cf:
         8c:7a:62:19:b0:c5:dc:f9:1a:cc:96:81:90:e8:39:87:4d:df:
         e2:5f:6d:9d:d1:b0:f6:a0:e0:49:05:91:b2:e0:44:50:48:c3:
         f0:29:45:6a:e1:06:09:2c:76:92:75:a6:41:f6:f7:be:84:36:
         85:ef:52:89:ca:27:d2:d7:12:d4:14:7a:ad:c8:66:3a:9e:f3:
         5e:15:9f:d6:6a:da:5c:c2:d8:8a:3c:9d:66:22:64:66:a5:36:
         9b:06:91:c2:c5:9b:d5:a1:8a:61:4d:b3:97:74:71:4d:c2:5e:
         e9:b7:c9:03:ab:1b:97:c2:2f:7a:5d:a2:6b:ed:7b:39:7c:41:
         5b:24:5c:e1:8b:87:83:36:ad:c9:f4:e2:05:36:6d:61:66:08:
         4f:13:11:43:88:50:85:bd:6f:76:d7:c5:c6:01:8e:8e:d7:1e:
         e2:c2:8e:ae:67:85:ac:a8:e6:f8:ef:0c:4e:13:18:52:8b:65:
         9d:68:1a:e9:68:68:65:f2:a8:56:24:7b:8a:bb:cb:72:29:08:
         0c:14:c6:b4:f8:16:5b:1b:cc:98:c9:0d:97:8e:b8:d3:7c:b1:
         5c:23:50:b8:3d:e1:b0:65:0f:53:c0:82:ec:3c:e3:c6:32:f6:
         e1:f2:31:f1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn617pAwHDH/qYK43rKvsHaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhhN2Q3MzAxZTcxNTQ3N2QyNjgwOWJiYWJiNGNkMDMyYmQz
YjU2MTgwHhcNMjUxMDE5MDUwMTA1WhcNMjUxMDIwMDUwMTA1WjAzMTEwLwYDVQQD
Eyg1NGI5YjVkYTJjOGUxMWFiZDUyMTIzYWIwM2RmNzhiNjdhZGU0NGU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhqeWAnvtlZjPBghLoXM03HmOYD6/
UVEeY3M9kLev7TZvD0pj7JlYAwHJfWXImNFD+mcVKk0Q2aqZdDJgtWtksyFnZw5d
bzWg96/sEgS/QGyb5SDr7wyw1yYjEOZtsln/MSKX5FAbvRuhK0HIKmwVglC4WoDg
ufsPVmd9SaScchADEH8u2dPsVcGIbSzMKsY+ovJxMMeEUh8WABtL+QoWDrZ63vJK
IYTrAhCXo1Y7nzXQXjOukJphT82ueFhmWmG+zZVOVhbR+FAHgIK9qyAN0C0ai7v2
PfRQMpK5mXkrXOzLnhQBqG7MmKToOYrA9smfq2MMFzaRBtV1JO7B77NvQQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFS5tdosjhGr1SEjqwPfeLZ63kTkMB8GA1UdIwQY
MBaAFIp9cwHnFUd9JoCburtM0DK9O1YYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaW4xekFlY1ZSMzBtZ0p1NnUwelFNcjA3VmhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi9iNjY5ODYtOGY2Yi00NmI5LWJjY2Qt
ZjczNjlmOWRjYzljLzEvaW4xekFlY1ZSMzBtZ0p1NnUwelFNcjA3VmhnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi9iNjY5ODYtOGY2Yi00NmI5LWJjY2QtZjczNjlmOWRjYzlj
LzEvaW4xekFlY1ZSMzBtZ0p1NnUwelFNcjA3VmhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAvJL+e9SW
nuK4d4j6Ra1jkz/PjHpiGbDF3PkazJaBkOg5h03f4l9tndGw9qDgSQWRsuBEUEjD
8ClFauEGCSx2knWmQfb3voQ2he9Sicon0tcS1BR6rchmOp7zXhWf1mraXMLYijyd
ZiJkZqU2mwaRwsWb1aGKYU2zl3RxTcJe6bfJA6sbl8Ivel2ia+17OXxBWyRc4YuH
gzatyfTiBTZtYWYITxMRQ4hQhb1vdtfFxgGOjtce4sKOrmeFrKjm+O8MThMYUotl
nWga6WhoZfKoViR7irvLcikIDBTGtPgWWxvMmMkNl46403yxXCNQuD3hsGUPU8CC
7DzjxjL24fIx8Q==
-----END CERTIFICATE-----
Generated at Sun Oct 19 15:19:28 2025 by rpki-client