Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/4239e9-e670-44f1-868e-f3f581dfc648/1/TQ8lfzOc-54nVLbMJDZPDxKQWNs.mft
File:                     TQ8lfzOc-54nVLbMJDZPDxKQWNs.mft (raw, json)
Hash identifier:          F70yFfrUwUhC6ZwkaT5eveQ0vdbV57b1dxH+EsI6nqw=
Subject key identifier:   99:B0:61:35:A1:3B:51:43:92:11:A8:C3:2C:0E:53:11:EA:A3:58:E6
Authority key identifier: 4D:0F:25:7F:33:9C:FB:9E:27:54:B6:CC:24:36:4F:0F:12:90:58:DB
Certificate issuer:       /CN=4d0f257f339cfb9e2754b6cc24364f0f129058db
Certificate serial:       0199FC587A150152237AF95998FD980756B0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/TQ8lfzOc-54nVLbMJDZPDxKQWNs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/dd/4239e9-e670-44f1-868e-f3f581dfc648/1/TQ8lfzOc-54nVLbMJDZPDxKQWNs.mft
Manifest number:          151B
Signing time:             Sun 19 Oct 2025 12:01:20 +0000
Manifest this update:     Sun 19 Oct 2025 12:01:20 +0000
Manifest next update:     Mon 20 Oct 2025 12:01:20 +0000
Files and hashes:         1: TQ8lfzOc-54nVLbMJDZPDxKQWNs.crl (hash: lcMSx7iiYbzyl5V138o2iLJN6VXXFvqx62SHbP5r9OQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/dd/4239e9-e670-44f1-868e-f3f581dfc648/1/TQ8lfzOc-54nVLbMJDZPDxKQWNs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/dd/4239e9-e670-44f1-868e-f3f581dfc648/1/TQ8lfzOc-54nVLbMJDZPDxKQWNs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/TQ8lfzOc-54nVLbMJDZPDxKQWNs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 06:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fc:58:7a:15:01:52:23:7a:f9:59:98:fd:98:07:56:b0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4d0f257f339cfb9e2754b6cc24364f0f129058db
        Validity
            Not Before: Oct 19 12:01:20 2025 GMT
            Not After : Oct 20 12:01:20 2025 GMT
        Subject: CN=99b06135a13b51439211a8c32c0e5311eaa358e6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c6:9c:b0:fc:de:ea:16:4e:35:c1:53:bc:06:3c:
                    75:5e:82:8f:e6:07:3c:73:32:14:17:e8:3c:75:75:
                    a2:b9:12:da:93:d5:2d:6a:f0:3b:ec:ed:cc:18:e9:
                    3f:36:d2:2a:f2:76:e8:d8:b8:88:9a:30:f8:39:ae:
                    c7:b3:e0:32:ec:47:66:86:c0:e0:ec:c3:64:26:1e:
                    a7:ba:c3:aa:da:78:24:ee:79:df:23:61:46:7b:be:
                    8a:40:3f:00:d1:63:76:24:69:f4:62:24:40:aa:cc:
                    34:49:4c:ee:56:d2:d3:aa:51:e9:15:94:0c:45:84:
                    e6:a1:46:c4:79:45:a6:1a:28:63:74:36:f7:2f:a3:
                    c3:05:14:6d:ba:d3:be:af:9b:1c:e5:9f:11:e2:2d:
                    a5:5d:0a:d5:40:bd:c3:a5:bb:c6:2c:f5:60:52:c1:
                    bf:e9:8f:00:ad:e9:cd:43:ef:14:d6:e8:72:99:fc:
                    5f:fa:88:d5:05:13:fc:d4:df:5c:2f:78:e3:4e:4a:
                    61:f4:02:ec:0a:f5:1c:e0:08:3d:78:fc:1b:c1:99:
                    72:27:1c:16:10:23:d9:10:88:d0:ef:f9:cd:72:86:
                    18:a3:35:49:a9:12:32:31:46:65:33:1e:b9:f5:6d:
                    a5:77:c6:4a:a1:b7:6c:cc:1b:8f:dc:27:48:e4:d0:
                    d6:19
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                99:B0:61:35:A1:3B:51:43:92:11:A8:C3:2C:0E:53:11:EA:A3:58:E6
            X509v3 Authority Key Identifier:
                keyid:4D:0F:25:7F:33:9C:FB:9E:27:54:B6:CC:24:36:4F:0F:12:90:58:DB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TQ8lfzOc-54nVLbMJDZPDxKQWNs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/4239e9-e670-44f1-868e-f3f581dfc648/1/TQ8lfzOc-54nVLbMJDZPDxKQWNs.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/4239e9-e670-44f1-868e-f3f581dfc648/1/TQ8lfzOc-54nVLbMJDZPDxKQWNs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         9f:db:d0:3b:28:ac:93:d7:a5:40:f0:dd:c2:e8:04:3f:b3:38:
         4f:35:37:6f:51:ef:1f:50:18:31:de:e8:db:bb:e0:92:72:ec:
         24:51:73:db:ed:48:4d:1c:bf:37:4b:da:1f:65:e9:0b:ed:54:
         22:79:40:6a:06:aa:1c:af:bc:25:e6:e8:d0:f7:57:b2:5f:ac:
         db:fa:40:3c:f3:bf:8e:a7:16:28:9c:e0:b4:e7:11:96:4f:ee:
         2b:28:09:db:c6:82:50:74:06:8a:5d:7b:46:b7:ee:6c:83:02:
         9c:cc:6d:20:97:fe:5d:a8:8c:99:98:e9:98:d1:b9:0d:cf:4b:
         a5:8d:74:92:2d:60:8d:f1:29:53:7a:59:3d:de:9c:ad:ad:d5:
         52:54:85:14:30:57:73:77:47:71:aa:87:ac:21:4b:0c:b4:1b:
         fb:56:37:c4:d9:29:fa:4d:4b:0d:29:22:74:a2:17:11:92:ac:
         37:3e:3b:c5:96:00:39:26:05:8d:72:0a:0c:7b:3b:bd:98:47:
         0c:fd:ba:f6:3e:ad:69:68:ba:cf:44:12:70:32:fe:b9:61:8b:
         66:16:20:96:64:bd:dd:aa:25:11:da:27:6e:29:e2:48:20:23:
         5c:b1:0e:19:0b:d9:2f:b5:b7:15:df:78:b4:37:40:ef:97:3a:
         19:1b:43:cb
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn8WHoVAVIjevlZmP2YB1awMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRkMGYyNTdmMzM5Y2ZiOWUyNzU0YjZjYzI0MzY0ZjBmMTI5
MDU4ZGIwHhcNMjUxMDE5MTIwMTIwWhcNMjUxMDIwMTIwMTIwWjAzMTEwLwYDVQQD
Eyg5OWIwNjEzNWExM2I1MTQzOTIxMWE4YzMyYzBlNTMxMWVhYTM1OGU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxpyw/N7qFk41wVO8Bjx1XoKP5gc8
czIUF+g8dXWiuRLak9UtavA77O3MGOk/NtIq8nbo2LiImjD4Oa7Hs+Ay7EdmhsDg
7MNkJh6nusOq2ngk7nnfI2FGe76KQD8A0WN2JGn0YiRAqsw0SUzuVtLTqlHpFZQM
RYTmoUbEeUWmGihjdDb3L6PDBRRtutO+r5sc5Z8R4i2lXQrVQL3DpbvGLPVgUsG/
6Y8ArenNQ+8U1uhymfxf+ojVBRP81N9cL3jjTkph9ALsCvUc4Ag9ePwbwZlyJxwW
ECPZEIjQ7/nNcoYYozVJqRIyMUZlMx659W2ld8ZKobdszBuP3CdI5NDWGQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJmwYTWhO1FDkhGowywOUxHqo1jmMB8GA1UdIwQY
MBaAFE0PJX8znPueJ1S2zCQ2Tw8SkFjbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVFE4bGZ6T2MtNTRuVkxiTUpEWlBEeEtRV05zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC80MjM5ZTktZTY3MC00NGYxLTg2OGUt
ZjNmNTgxZGZjNjQ4LzEvVFE4bGZ6T2MtNTRuVkxiTUpEWlBEeEtRV05zLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC80MjM5ZTktZTY3MC00NGYxLTg2OGUtZjNmNTgxZGZjNjQ4
LzEvVFE4bGZ6T2MtNTRuVkxiTUpEWlBEeEtRV05zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAn9vQOyis
k9elQPDdwugEP7M4TzU3b1HvH1AYMd7o27vgknLsJFFz2+1ITRy/N0vaH2XpC+1U
InlAagaqHK+8Jebo0PdXsl+s2/pAPPO/jqcWKJzgtOcRlk/uKygJ28aCUHQGil17
RrfubIMCnMxtIJf+XaiMmZjpmNG5Dc9LpY10ki1gjfEpU3pZPd6cra3VUlSFFDBX
c3dHcaqHrCFLDLQb+1Y3xNkp+k1LDSkidKIXEZKsNz47xZYAOSYFjXIKDHs7vZhH
DP269j6taWi6z0QScDL+uWGLZhYglmS93aolEdonbiniSCAjXLEOGQvZL7W3Fd94
tDdA75c6GRtDyw==
-----END CERTIFICATE-----
Generated at Sun Oct 19 15:22:30 2025 by rpki-client