Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/06f9a3-8fca-414e-b5ad-ca36d98b3c4d/1/U_8iLUoiYwLL8QBoyqb0xB97scs.mft
File:                     U_8iLUoiYwLL8QBoyqb0xB97scs.mft (raw, json)
Hash identifier:          BuHHkdpFv89FPFQ57fFMy/8WW/o0cuLpWRnKEFHpJsw=
Subject key identifier:   66:24:C0:FC:7F:0F:37:EB:E5:C7:66:7F:7A:5C:FE:A3:F6:A3:B8:10
Authority key identifier: 53:FF:22:2D:4A:22:63:02:CB:F1:00:68:CA:A6:F4:C4:1F:7B:B1:CB
Certificate issuer:       /CN=53ff222d4a226302cbf10068caa6f4c41f7bb1cb
Certificate serial:       0199FBEB03DD83CFFFDDE11681D0BEC17F49
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/U_8iLUoiYwLL8QBoyqb0xB97scs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e5/06f9a3-8fca-414e-b5ad-ca36d98b3c4d/1/U_8iLUoiYwLL8QBoyqb0xB97scs.mft
Manifest number:          0288
Signing time:             Sun 19 Oct 2025 10:01:47 +0000
Manifest this update:     Sun 19 Oct 2025 10:01:47 +0000
Manifest next update:     Mon 20 Oct 2025 10:01:47 +0000
Files and hashes:         1: U_8iLUoiYwLL8QBoyqb0xB97scs.crl (hash: yqge+h43f61cCJfISTEvjj/mFt24sozILmiiWRlBB4Q=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e5/06f9a3-8fca-414e-b5ad-ca36d98b3c4d/1/U_8iLUoiYwLL8QBoyqb0xB97scs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e5/06f9a3-8fca-414e-b5ad-ca36d98b3c4d/1/U_8iLUoiYwLL8QBoyqb0xB97scs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/U_8iLUoiYwLL8QBoyqb0xB97scs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 06:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fb:eb:03:dd:83:cf:ff:dd:e1:16:81:d0:be:c1:7f:49
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=53ff222d4a226302cbf10068caa6f4c41f7bb1cb
        Validity
            Not Before: Oct 19 10:01:47 2025 GMT
            Not After : Oct 20 10:01:47 2025 GMT
        Subject: CN=6624c0fc7f0f37ebe5c7667f7a5cfea3f6a3b810
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:5d:2f:c7:1a:48:d5:c6:00:28:cd:23:7a:83:
                    f4:bf:62:65:fa:87:77:31:c2:bb:fc:66:d0:9b:38:
                    2c:50:23:94:35:db:05:86:79:f1:c4:ad:7a:b8:dc:
                    57:1d:5e:14:c9:b7:6a:31:4c:5e:fc:7d:ab:0f:d6:
                    9f:02:b4:c1:6b:13:ac:cb:ef:5a:11:41:41:1d:f2:
                    ed:2d:23:99:25:ec:64:c4:75:c9:9d:63:91:ba:e1:
                    54:c4:f5:0f:d1:94:0d:3f:2e:b0:84:f1:2c:12:42:
                    60:e0:d8:37:21:cb:31:8c:93:c2:6e:4a:d8:d7:e2:
                    28:e2:84:a5:3d:2c:e1:b5:7e:b8:77:58:87:b0:e8:
                    07:ce:c2:3d:62:8e:89:20:a2:29:da:7c:ca:85:0e:
                    e3:21:d2:48:b2:4a:27:25:ef:17:c3:97:b1:5a:74:
                    e5:83:28:c6:09:12:04:6f:44:f3:db:7d:66:2b:6e:
                    12:91:e7:c0:29:12:14:36:60:f8:e7:5b:cb:45:c8:
                    36:37:df:c4:4d:51:6b:3f:78:46:28:d0:d0:de:41:
                    15:5b:45:82:f3:5a:94:de:f8:6a:50:8c:da:30:db:
                    93:1a:77:8a:98:2b:fa:cc:9f:fb:ca:7c:13:1d:81:
                    87:74:ca:8f:5b:ac:47:58:fe:63:0c:fb:1e:cb:2e:
                    53:7d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                66:24:C0:FC:7F:0F:37:EB:E5:C7:66:7F:7A:5C:FE:A3:F6:A3:B8:10
            X509v3 Authority Key Identifier:
                keyid:53:FF:22:2D:4A:22:63:02:CB:F1:00:68:CA:A6:F4:C4:1F:7B:B1:CB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/U_8iLUoiYwLL8QBoyqb0xB97scs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/06f9a3-8fca-414e-b5ad-ca36d98b3c4d/1/U_8iLUoiYwLL8QBoyqb0xB97scs.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/06f9a3-8fca-414e-b5ad-ca36d98b3c4d/1/U_8iLUoiYwLL8QBoyqb0xB97scs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         42:02:35:01:8f:a1:f3:2d:3a:ea:db:6f:17:8e:06:d9:72:a9:
         66:76:f9:36:54:42:c8:47:14:00:ee:21:b7:c4:a5:b9:4e:fe:
         2c:1e:70:3a:82:44:31:0a:3e:87:09:c1:d9:1a:c7:ad:ad:e3:
         17:88:51:1b:91:a1:2d:61:21:a1:3c:2a:c2:d8:35:5c:a1:a7:
         c4:27:09:73:1a:cb:40:bf:6a:a4:72:51:fe:b3:e5:f6:d2:00:
         dd:86:53:d3:24:9f:5b:1d:8f:2b:ae:1a:9e:0f:fd:6e:51:31:
         f3:0c:75:0e:2e:df:1f:dc:29:93:66:e0:b8:d5:57:34:ce:c9:
         c8:40:ab:94:f7:07:19:a9:6d:a9:07:40:4e:88:ef:fa:93:47:
         f4:e0:ab:9b:cf:6f:f3:5f:be:ce:00:c6:38:90:99:6e:b1:7f:
         9b:10:af:74:ef:cb:63:ac:59:e7:92:61:e4:20:53:88:8f:23:
         79:b7:bc:b7:76:7f:6c:5e:24:72:29:71:07:2f:44:25:ea:e2:
         58:7d:3a:60:f1:e1:15:1b:67:9b:c3:7f:36:ea:df:50:b2:f8:
         82:94:ec:e2:dc:86:86:0c:de:25:d8:74:71:71:0f:f4:e9:50:
         c4:d2:10:91:46:31:1f:76:57:66:70:f2:17:3d:64:65:82:d1:
         03:be:8b:c2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn76wPdg8//3eEWgdC+wX9JMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUzZmYyMjJkNGEyMjYzMDJjYmYxMDA2OGNhYTZmNGM0MWY3
YmIxY2IwHhcNMjUxMDE5MTAwMTQ3WhcNMjUxMDIwMTAwMTQ3WjAzMTEwLwYDVQQD
Eyg2NjI0YzBmYzdmMGYzN2ViZTVjNzY2N2Y3YTVjZmVhM2Y2YTNiODEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsV0vxxpI1cYAKM0jeoP0v2Jl+od3
McK7/GbQmzgsUCOUNdsFhnnxxK16uNxXHV4UybdqMUxe/H2rD9afArTBaxOsy+9a
EUFBHfLtLSOZJexkxHXJnWORuuFUxPUP0ZQNPy6whPEsEkJg4Ng3IcsxjJPCbkrY
1+Io4oSlPSzhtX64d1iHsOgHzsI9Yo6JIKIp2nzKhQ7jIdJIskonJe8Xw5exWnTl
gyjGCRIEb0Tz231mK24SkefAKRIUNmD451vLRcg2N9/ETVFrP3hGKNDQ3kEVW0WC
81qU3vhqUIzaMNuTGneKmCv6zJ/7ynwTHYGHdMqPW6xHWP5jDPseyy5TfQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGYkwPx/Dzfr5cdmf3pc/qP2o7gQMB8GA1UdIwQY
MBaAFFP/Ii1KImMCy/EAaMqm9MQfe7HLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVV84aUxVb2lZd0xMOFFCb3lxYjB4Qjk3c2NzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS8wNmY5YTMtOGZjYS00MTRlLWI1YWQt
Y2EzNmQ5OGIzYzRkLzEvVV84aUxVb2lZd0xMOFFCb3lxYjB4Qjk3c2NzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNS8wNmY5YTMtOGZjYS00MTRlLWI1YWQtY2EzNmQ5OGIzYzRk
LzEvVV84aUxVb2lZd0xMOFFCb3lxYjB4Qjk3c2NzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQgI1AY+h
8y066ttvF44G2XKpZnb5NlRCyEcUAO4ht8SluU7+LB5wOoJEMQo+hwnB2RrHra3j
F4hRG5GhLWEhoTwqwtg1XKGnxCcJcxrLQL9qpHJR/rPl9tIA3YZT0ySfWx2PK64a
ng/9blEx8wx1Di7fH9wpk2bguNVXNM7JyECrlPcHGaltqQdATojv+pNH9OCrm89v
81++zgDGOJCZbrF/mxCvdO/LY6xZ55Jh5CBTiI8jebe8t3Z/bF4kcilxBy9EJeri
WH06YPHhFRtnm8N/NurfULL4gpTs4tyGhgzeJdh0cXEP9OlQxNIQkUYxH3ZXZnDy
Fz1kZYLRA76Lwg==
-----END CERTIFICATE-----
Generated at Sun Oct 19 15:14:57 2025 by rpki-client