Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/c09c64-0baf-4b07-8d29-473851709c58/1/curcen7OR31fTXdyQ7YPK7u3VgM.mft
File:                     curcen7OR31fTXdyQ7YPK7u3VgM.mft (raw, json)
Hash identifier:          8NiqnXX4UNCAYfupyRamGfP+JLnZjxIXB1YUMmV1+GU=
Subject key identifier:   4C:01:84:50:66:13:92:A2:84:CB:F7:45:7A:1B:73:8A:0E:A0:7D:31
Authority key identifier: 72:EA:DC:7A:7E:CE:47:7D:5F:4D:77:72:43:B6:0F:2B:BB:B7:56:03
Certificate issuer:       /CN=72eadc7a7ece477d5f4d777243b60f2bbbb75603
Certificate serial:       0199FC58C041FE48BA62B2ED992C6ABB0EB8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/curcen7OR31fTXdyQ7YPK7u3VgM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e5/c09c64-0baf-4b07-8d29-473851709c58/1/curcen7OR31fTXdyQ7YPK7u3VgM.mft
Manifest number:          094C
Signing time:             Sun 19 Oct 2025 12:01:38 +0000
Manifest this update:     Sun 19 Oct 2025 12:01:38 +0000
Manifest next update:     Mon 20 Oct 2025 12:01:38 +0000
Files and hashes:         1: curcen7OR31fTXdyQ7YPK7u3VgM.crl (hash: g4vAxV4DGhsVMVMn7YSheqzbgvlHQTDiz+iboi4lyf4=)
                          2: mFFNgz0LoOIjeTT2_r0-wBPyYQM.roa (hash: 8oKdatfS4ydJsathXE08ETrnAsR4fEoI1qYHumOim1w=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e5/c09c64-0baf-4b07-8d29-473851709c58/1/curcen7OR31fTXdyQ7YPK7u3VgM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e5/c09c64-0baf-4b07-8d29-473851709c58/1/curcen7OR31fTXdyQ7YPK7u3VgM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/curcen7OR31fTXdyQ7YPK7u3VgM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 06:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fc:58:c0:41:fe:48:ba:62:b2:ed:99:2c:6a:bb:0e:b8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=72eadc7a7ece477d5f4d777243b60f2bbbb75603
        Validity
            Not Before: Oct 19 12:01:38 2025 GMT
            Not After : Oct 20 12:01:38 2025 GMT
        Subject: CN=4c018450661392a284cbf7457a1b738a0ea07d31
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ca:af:ff:25:38:d5:c4:f8:b1:3d:e5:14:bd:0a:
                    89:de:a8:a6:12:8f:3c:b3:db:20:e0:a8:2b:98:bf:
                    51:c8:2a:02:e3:51:f4:ee:60:e0:50:86:12:be:22:
                    87:00:4c:55:e8:f1:db:a0:58:17:ec:b4:f5:34:6e:
                    73:55:e0:a7:59:e9:83:c8:52:9a:ee:0f:f5:d2:03:
                    28:81:8e:df:08:7e:f0:25:34:ad:ae:99:98:fe:25:
                    97:56:61:33:75:d6:55:99:8e:da:08:0f:a0:a7:bb:
                    c8:a1:04:1c:3c:63:3a:05:ba:20:af:c1:7a:ea:77:
                    02:f1:97:31:a8:b2:80:3a:17:4a:f7:6e:ec:8c:07:
                    c2:40:01:d8:62:7a:b3:85:57:db:d4:66:ad:32:79:
                    83:34:fb:68:30:af:72:0c:21:30:8a:a4:59:1c:22:
                    84:8f:84:ea:45:e6:9a:bf:1f:01:be:a5:13:36:37:
                    85:46:fc:5c:4a:13:5b:08:9a:b0:3d:aa:ed:5a:b3:
                    01:a3:24:c5:92:43:ce:e6:ee:25:0d:06:9e:2a:25:
                    e0:24:b1:a8:f5:01:8c:45:23:0a:96:ab:6e:f6:7f:
                    ec:06:d5:db:ea:df:46:80:a8:2a:fc:df:45:81:12:
                    9c:ee:29:af:38:5e:bf:ec:00:ab:ae:19:45:87:27:
                    63:a5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4C:01:84:50:66:13:92:A2:84:CB:F7:45:7A:1B:73:8A:0E:A0:7D:31
            X509v3 Authority Key Identifier:
                keyid:72:EA:DC:7A:7E:CE:47:7D:5F:4D:77:72:43:B6:0F:2B:BB:B7:56:03

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/curcen7OR31fTXdyQ7YPK7u3VgM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/c09c64-0baf-4b07-8d29-473851709c58/1/curcen7OR31fTXdyQ7YPK7u3VgM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/c09c64-0baf-4b07-8d29-473851709c58/1/curcen7OR31fTXdyQ7YPK7u3VgM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2b:d7:f5:22:87:76:88:fe:f0:a7:ad:64:57:f9:04:df:a6:91:
         a8:91:18:e0:00:a8:04:d8:24:53:89:66:ed:62:04:97:21:1d:
         86:74:26:78:57:54:5f:f0:bf:a4:60:ed:d1:37:44:77:80:b8:
         a5:e4:9b:14:7a:ae:b5:1d:bd:9f:11:c3:88:d1:1f:f8:83:5d:
         e0:f5:1e:6d:ba:d6:74:80:0c:73:dd:2a:4e:95:fc:ff:72:63:
         f0:07:6f:20:16:34:e5:7f:bc:6b:bc:22:34:6e:d4:57:c5:e6:
         35:fe:5d:10:f9:d7:1d:09:21:5f:ed:6f:bd:db:fd:1d:fe:09:
         0b:10:1b:6f:15:c3:2c:55:74:82:c0:20:45:64:f6:73:2d:8d:
         0a:27:71:23:5b:47:20:3a:a2:b2:b8:f8:64:72:a7:7c:4b:64:
         04:02:a4:fd:5a:98:16:18:a7:7d:f2:10:c9:69:7b:5b:ce:c7:
         d7:0c:bd:5d:fe:7d:5e:cd:10:4d:87:3b:c6:88:92:9b:bf:ac:
         c6:df:54:64:0f:16:47:a9:5c:2d:6d:cf:69:68:60:9c:2b:1a:
         7d:5c:57:96:68:5d:fb:9a:12:9e:64:a7:1a:9a:df:ef:92:8d:
         75:a2:ec:29:86:83:2f:93:32:97:52:d9:fd:7e:8f:e1:9a:d6:
         94:21:36:2c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn8WMBB/ki6YrLtmSxquw64MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyZWFkYzdhN2VjZTQ3N2Q1ZjRkNzc3MjQzYjYwZjJiYmJi
NzU2MDMwHhcNMjUxMDE5MTIwMTM4WhcNMjUxMDIwMTIwMTM4WjAzMTEwLwYDVQQD
Eyg0YzAxODQ1MDY2MTM5MmEyODRjYmY3NDU3YTFiNzM4YTBlYTA3ZDMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyq//JTjVxPixPeUUvQqJ3qimEo88
s9sg4KgrmL9RyCoC41H07mDgUIYSviKHAExV6PHboFgX7LT1NG5zVeCnWemDyFKa
7g/10gMogY7fCH7wJTStrpmY/iWXVmEzddZVmY7aCA+gp7vIoQQcPGM6Bbogr8F6
6ncC8ZcxqLKAOhdK927sjAfCQAHYYnqzhVfb1GatMnmDNPtoMK9yDCEwiqRZHCKE
j4TqReaavx8BvqUTNjeFRvxcShNbCJqwPartWrMBoyTFkkPO5u4lDQaeKiXgJLGo
9QGMRSMKlqtu9n/sBtXb6t9GgKgq/N9FgRKc7imvOF6/7ACrrhlFhydjpQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEwBhFBmE5KihMv3RXobc4oOoH0xMB8GA1UdIwQY
MBaAFHLq3Hp+zkd9X013ckO2Dyu7t1YDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY3VyY2VuN09SMzFmVFhkeVE3WVBLN3UzVmdNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS9jMDljNjQtMGJhZi00YjA3LThkMjkt
NDczODUxNzA5YzU4LzEvY3VyY2VuN09SMzFmVFhkeVE3WVBLN3UzVmdNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNS9jMDljNjQtMGJhZi00YjA3LThkMjktNDczODUxNzA5YzU4
LzEvY3VyY2VuN09SMzFmVFhkeVE3WVBLN3UzVmdNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAK9f1Iod2
iP7wp61kV/kE36aRqJEY4ACoBNgkU4lm7WIElyEdhnQmeFdUX/C/pGDt0TdEd4C4
peSbFHqutR29nxHDiNEf+INd4PUebbrWdIAMc90qTpX8/3Jj8AdvIBY05X+8a7wi
NG7UV8XmNf5dEPnXHQkhX+1vvdv9Hf4JCxAbbxXDLFV0gsAgRWT2cy2NCidxI1tH
IDqisrj4ZHKnfEtkBAKk/VqYFhinffIQyWl7W87H1wy9Xf59Xs0QTYc7xoiSm7+s
xt9UZA8WR6lcLW3PaWhgnCsafVxXlmhd+5oSnmSnGprf75KNdaLsKYaDL5Myl1LZ
/X6P4ZrWlCE2LA==
-----END CERTIFICATE-----
Generated at Sun Oct 19 15:22:32 2025 by rpki-client