Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e1/de78c9-a5fa-4385-9edf-54f72d7f5c20/1/V3l3onVhz5BYpS5GDJSZSAVb3T0.mft
File:                     V3l3onVhz5BYpS5GDJSZSAVb3T0.mft (raw, json)
Hash identifier:          pQ0mVWYjeD3gBc9YuKIo8IJHxqsYOk3UhI6H6Qx+kqo=
Subject key identifier:   BC:DD:DA:C9:5D:7D:06:C6:2D:86:10:C1:D2:A6:49:9A:68:59:F1:24
Authority key identifier: 57:79:77:A2:75:61:CF:90:58:A5:2E:46:0C:94:99:48:05:5B:DD:3D
Certificate issuer:       /CN=577977a27561cf9058a52e460c949948055bdd3d
Certificate serial:       0199FBEABD5F94E1F9A64CC1BC53B7C8FF85
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/V3l3onVhz5BYpS5GDJSZSAVb3T0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e1/de78c9-a5fa-4385-9edf-54f72d7f5c20/1/V3l3onVhz5BYpS5GDJSZSAVb3T0.mft
Manifest number:          08F0
Signing time:             Sun 19 Oct 2025 10:01:29 +0000
Manifest this update:     Sun 19 Oct 2025 10:01:29 +0000
Manifest next update:     Mon 20 Oct 2025 10:01:29 +0000
Files and hashes:         1: V3l3onVhz5BYpS5GDJSZSAVb3T0.crl (hash: B+8y9vl3c15U/7g3y2l2q8zUUEXHFD+rIQ+vVb1taOw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e1/de78c9-a5fa-4385-9edf-54f72d7f5c20/1/V3l3onVhz5BYpS5GDJSZSAVb3T0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e1/de78c9-a5fa-4385-9edf-54f72d7f5c20/1/V3l3onVhz5BYpS5GDJSZSAVb3T0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/V3l3onVhz5BYpS5GDJSZSAVb3T0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 06:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fb:ea:bd:5f:94:e1:f9:a6:4c:c1:bc:53:b7:c8:ff:85
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=577977a27561cf9058a52e460c949948055bdd3d
        Validity
            Not Before: Oct 19 10:01:29 2025 GMT
            Not After : Oct 20 10:01:29 2025 GMT
        Subject: CN=bcdddac95d7d06c62d8610c1d2a6499a6859f124
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f8:36:0a:b8:2f:de:e3:cc:45:d5:8c:f7:de:7b:
                    62:38:22:71:3f:e5:70:c3:a5:b1:d6:c7:b8:f1:11:
                    89:55:68:5d:d5:fb:04:53:ae:e6:a1:45:f7:d3:31:
                    ab:1a:90:79:36:b1:79:b4:51:11:84:5a:c9:2e:83:
                    a0:79:50:74:fc:c8:9e:83:95:a7:04:8d:f2:18:98:
                    2d:5d:a5:ed:7a:68:fb:7c:6e:69:64:df:67:1d:f1:
                    5e:96:97:25:b9:75:b6:66:01:13:e1:11:80:f5:a5:
                    34:39:10:73:1f:12:3a:d1:c0:b0:26:fe:85:73:2e:
                    59:18:be:05:10:ad:1a:b1:f4:ba:ba:75:06:b0:d3:
                    5a:b0:3a:21:3e:0e:d8:dd:78:a4:fc:07:98:dc:9a:
                    ea:1f:33:bc:23:d3:79:88:99:9b:e2:32:f2:29:a1:
                    1f:7d:5a:ed:7a:31:e7:f4:33:d1:71:96:2a:6a:fb:
                    73:7f:6b:69:67:45:e5:35:10:89:e9:a8:9e:68:a7:
                    9f:fe:8a:23:4a:1c:55:e9:2e:dd:16:fa:21:4f:d8:
                    33:0c:ba:37:3b:3f:2a:33:e2:13:ea:f8:a1:70:15:
                    bf:60:10:4b:7b:fa:7f:20:4e:76:1f:20:91:35:0c:
                    8f:81:c7:a7:d0:be:8f:d8:8c:1c:95:60:14:6d:3c:
                    3e:d5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BC:DD:DA:C9:5D:7D:06:C6:2D:86:10:C1:D2:A6:49:9A:68:59:F1:24
            X509v3 Authority Key Identifier:
                keyid:57:79:77:A2:75:61:CF:90:58:A5:2E:46:0C:94:99:48:05:5B:DD:3D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/V3l3onVhz5BYpS5GDJSZSAVb3T0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/de78c9-a5fa-4385-9edf-54f72d7f5c20/1/V3l3onVhz5BYpS5GDJSZSAVb3T0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/de78c9-a5fa-4385-9edf-54f72d7f5c20/1/V3l3onVhz5BYpS5GDJSZSAVb3T0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0f:b3:63:ed:9a:0d:bc:1a:9f:2d:01:d3:d2:15:5d:6a:46:6a:
         5d:bf:55:98:d8:79:d0:ee:33:2f:02:c6:90:39:fc:07:97:3c:
         bd:c9:35:99:f8:0d:8a:a9:93:5b:49:f5:b6:cd:e5:19:84:f1:
         67:ad:da:2a:92:a7:89:7a:6c:a4:d3:25:12:ea:85:66:4f:c8:
         52:6c:b9:39:55:0d:5c:c1:d6:84:55:68:bf:e4:99:b8:a8:4b:
         1d:7c:0a:28:46:e1:ef:46:bd:a3:ae:5a:36:13:40:7c:06:6a:
         dc:ae:86:5b:5f:ff:31:57:35:93:6b:fe:cd:37:47:f7:d8:aa:
         a7:2e:94:4f:27:ac:72:ef:2a:d7:f2:8e:e2:1d:56:90:51:04:
         a5:43:16:57:c7:ca:1f:17:9e:a6:b3:7b:a4:93:2b:d7:c8:f1:
         2c:08:25:e2:01:ce:12:e7:20:dc:e0:a2:54:ed:64:7a:bb:96:
         05:b1:97:39:c1:b8:ac:60:cf:0d:35:69:ac:16:05:1c:50:95:
         c5:1e:7c:b0:47:59:2e:64:9c:4e:0c:2c:15:db:36:a7:86:fc:
         05:02:4f:8b:ce:ba:4b:ed:12:81:a7:01:4c:d3:4b:df:0e:cf:
         fe:6c:a9:c2:78:d0:1c:e4:50:19:c8:a4:c3:c7:fe:da:9d:91:
         3b:3a:0d:5e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn76r1flOH5pkzBvFO3yP+FMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU3Nzk3N2EyNzU2MWNmOTA1OGE1MmU0NjBjOTQ5OTQ4MDU1
YmRkM2QwHhcNMjUxMDE5MTAwMTI5WhcNMjUxMDIwMTAwMTI5WjAzMTEwLwYDVQQD
EyhiY2RkZGFjOTVkN2QwNmM2MmQ4NjEwYzFkMmE2NDk5YTY4NTlmMTI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+DYKuC/e48xF1Yz33ntiOCJxP+Vw
w6Wx1se48RGJVWhd1fsEU67moUX30zGrGpB5NrF5tFERhFrJLoOgeVB0/Mieg5Wn
BI3yGJgtXaXtemj7fG5pZN9nHfFelpcluXW2ZgET4RGA9aU0ORBzHxI60cCwJv6F
cy5ZGL4FEK0asfS6unUGsNNasDohPg7Y3Xik/AeY3JrqHzO8I9N5iJmb4jLyKaEf
fVrtejHn9DPRcZYqavtzf2tpZ0XlNRCJ6aieaKef/oojShxV6S7dFvohT9gzDLo3
Oz8qM+IT6vihcBW/YBBLe/p/IE52HyCRNQyPgcen0L6P2IwclWAUbTw+1QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLzd2sldfQbGLYYQwdKmSZpoWfEkMB8GA1UdIwQY
MBaAFFd5d6J1Yc+QWKUuRgyUmUgFW909MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVjNsM29uVmh6NUJZcFM1R0RKU1pTQVZiM1QwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMS9kZTc4YzktYTVmYS00Mzg1LTllZGYt
NTRmNzJkN2Y1YzIwLzEvVjNsM29uVmh6NUJZcFM1R0RKU1pTQVZiM1QwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMS9kZTc4YzktYTVmYS00Mzg1LTllZGYtNTRmNzJkN2Y1YzIw
LzEvVjNsM29uVmh6NUJZcFM1R0RKU1pTQVZiM1QwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAD7Nj7ZoN
vBqfLQHT0hVdakZqXb9VmNh50O4zLwLGkDn8B5c8vck1mfgNiqmTW0n1ts3lGYTx
Z63aKpKniXpspNMlEuqFZk/IUmy5OVUNXMHWhFVov+SZuKhLHXwKKEbh70a9o65a
NhNAfAZq3K6GW1//MVc1k2v+zTdH99iqpy6UTyescu8q1/KO4h1WkFEEpUMWV8fK
HxeeprN7pJMr18jxLAgl4gHOEucg3OCiVO1keruWBbGXOcG4rGDPDTVprBYFHFCV
xR58sEdZLmScTgwsFds2p4b8BQJPi866S+0SgacBTNNL3w7P/mypwnjQHORQGcik
w8f+2p2ROzoNXg==
-----END CERTIFICATE-----
Generated at Sun Oct 19 13:07:21 2025 by rpki-client