Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ec/68b57b-d18d-4785-97b0-ec56c0b081ae/1/uo1nmL3QsriAXUOzRV92c5uUbx0.mft
File:                     uo1nmL3QsriAXUOzRV92c5uUbx0.mft (raw, json)
Hash identifier:          PzXTRb0Kry6jhNcWoVhkzjlyQqNcvujO1bvuFsxofNE=
Subject key identifier:   D7:02:E6:B5:6C:AD:CA:03:8C:9A:FF:5D:45:C6:4F:47:11:5E:7E:58
Authority key identifier: BA:8D:67:98:BD:D0:B2:B8:80:5D:43:B3:45:5F:76:73:9B:94:6F:1D
Certificate issuer:       /CN=ba8d6798bdd0b2b8805d43b3455f76739b946f1d
Certificate serial:       0199FBEC5FDD522EB6348648CEB6A1EAD345
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/uo1nmL3QsriAXUOzRV92c5uUbx0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ec/68b57b-d18d-4785-97b0-ec56c0b081ae/1/uo1nmL3QsriAXUOzRV92c5uUbx0.mft
Manifest number:          1671
Signing time:             Sun 19 Oct 2025 10:03:16 +0000
Manifest this update:     Sun 19 Oct 2025 10:03:16 +0000
Manifest next update:     Mon 20 Oct 2025 10:03:16 +0000
Files and hashes:         1: uo1nmL3QsriAXUOzRV92c5uUbx0.crl (hash: JCiKaTw4j2qllCc9YImEdwmEcVn95NhLYoULQbRdc6Q=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ec/68b57b-d18d-4785-97b0-ec56c0b081ae/1/uo1nmL3QsriAXUOzRV92c5uUbx0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ec/68b57b-d18d-4785-97b0-ec56c0b081ae/1/uo1nmL3QsriAXUOzRV92c5uUbx0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/uo1nmL3QsriAXUOzRV92c5uUbx0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 06:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fb:ec:5f:dd:52:2e:b6:34:86:48:ce:b6:a1:ea:d3:45
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ba8d6798bdd0b2b8805d43b3455f76739b946f1d
        Validity
            Not Before: Oct 19 10:03:16 2025 GMT
            Not After : Oct 20 10:03:16 2025 GMT
        Subject: CN=d702e6b56cadca038c9aff5d45c64f47115e7e58
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9f:e6:3f:33:ad:99:86:71:93:ea:40:9e:17:21:
                    41:c1:8b:9d:fc:6a:b6:08:c6:89:49:21:bc:a8:29:
                    cd:b6:64:05:54:c4:d0:fc:19:5d:5c:45:b8:9d:f5:
                    a1:8e:a9:98:45:e5:67:40:1c:4e:f6:53:38:f9:a8:
                    9f:02:bc:c0:90:8d:5b:e4:0a:67:3e:3a:f8:00:f4:
                    0f:fb:99:80:d6:d6:49:f0:a1:8a:01:c9:e3:2f:48:
                    11:cf:d7:61:cb:92:0c:b6:8d:9c:62:95:ed:19:d9:
                    8e:84:dd:07:2b:e9:2a:f4:ef:db:09:5d:03:44:a5:
                    a4:21:46:20:c1:9e:2b:34:c9:e5:f6:86:e3:97:11:
                    7f:67:95:9d:f4:56:f3:2b:88:ff:e8:26:bc:8b:1d:
                    15:a4:4e:78:0f:6a:f2:b3:7a:0b:4d:1b:63:c6:47:
                    32:98:95:59:f0:49:2e:bc:cf:b5:88:1b:e8:15:5d:
                    a2:d9:0b:3a:00:c6:16:71:59:35:4b:65:1f:c0:d7:
                    b4:71:a3:7f:4b:a3:6f:a0:06:e5:ad:4b:b6:13:29:
                    16:f8:63:2d:9a:5c:aa:23:42:b1:82:13:2c:2b:37:
                    0e:99:b3:91:17:d9:00:6f:10:b2:06:08:bc:b0:92:
                    7a:ee:bf:ea:7a:de:04:22:e6:80:d5:c3:74:5b:19:
                    fb:0b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D7:02:E6:B5:6C:AD:CA:03:8C:9A:FF:5D:45:C6:4F:47:11:5E:7E:58
            X509v3 Authority Key Identifier:
                keyid:BA:8D:67:98:BD:D0:B2:B8:80:5D:43:B3:45:5F:76:73:9B:94:6F:1D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uo1nmL3QsriAXUOzRV92c5uUbx0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/68b57b-d18d-4785-97b0-ec56c0b081ae/1/uo1nmL3QsriAXUOzRV92c5uUbx0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/68b57b-d18d-4785-97b0-ec56c0b081ae/1/uo1nmL3QsriAXUOzRV92c5uUbx0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         c3:37:ff:7f:01:5c:ac:c1:08:4a:c6:fc:67:cc:d7:cb:75:f3:
         89:39:a4:22:9b:9e:19:2d:8d:bd:f2:9f:5c:da:4b:65:6c:e8:
         f6:87:8d:39:fd:80:20:19:af:a0:11:d4:f0:81:18:bc:83:e7:
         10:f4:f7:e5:a7:8e:fd:39:77:01:f9:ab:26:ef:eb:7f:40:49:
         f0:34:f4:e5:0a:51:7b:a1:29:6b:72:20:f5:43:d4:ad:84:2c:
         f0:48:ee:d5:af:6e:b3:8d:d6:47:23:f9:17:1a:8c:49:f3:5a:
         30:ca:a4:0b:39:45:00:d1:2b:60:95:6f:b8:97:03:16:a4:46:
         14:03:47:5c:25:b3:87:65:99:33:b2:91:5b:2f:cb:b3:16:e5:
         52:57:f2:24:8d:4f:59:dc:b4:17:e3:0c:29:aa:b5:40:da:34:
         7a:c9:54:ff:bc:10:65:d1:b1:8f:cb:4d:1b:e2:f4:bc:df:86:
         59:df:9b:41:db:e2:87:e0:7b:16:0c:c1:f5:bd:a2:83:92:28:
         b4:b8:e5:fc:f8:5d:b7:c5:4d:c8:11:7c:74:8d:d9:6f:f1:89:
         9a:b1:55:56:15:97:45:02:0c:15:ed:cd:58:37:e0:ca:b0:13:
         ae:ec:33:f6:e5:e9:97:45:cb:3f:24:3a:4a:23:a8:1a:5c:08:
         a1:54:e4:8b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn77F/dUi62NIZIzrah6tNFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJhOGQ2Nzk4YmRkMGIyYjg4MDVkNDNiMzQ1NWY3NjczOWI5
NDZmMWQwHhcNMjUxMDE5MTAwMzE2WhcNMjUxMDIwMTAwMzE2WjAzMTEwLwYDVQQD
EyhkNzAyZTZiNTZjYWRjYTAzOGM5YWZmNWQ0NWM2NGY0NzExNWU3ZTU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn+Y/M62ZhnGT6kCeFyFBwYud/Gq2
CMaJSSG8qCnNtmQFVMTQ/BldXEW4nfWhjqmYReVnQBxO9lM4+aifArzAkI1b5Apn
Pjr4APQP+5mA1tZJ8KGKAcnjL0gRz9dhy5IMto2cYpXtGdmOhN0HK+kq9O/bCV0D
RKWkIUYgwZ4rNMnl9objlxF/Z5Wd9FbzK4j/6Ca8ix0VpE54D2rys3oLTRtjxkcy
mJVZ8EkuvM+1iBvoFV2i2Qs6AMYWcVk1S2UfwNe0caN/S6NvoAblrUu2EykW+GMt
mlyqI0KxghMsKzcOmbORF9kAbxCyBgi8sJJ67r/qet4EIuaA1cN0Wxn7CwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNcC5rVsrcoDjJr/XUXGT0cRXn5YMB8GA1UdIwQY
MBaAFLqNZ5i90LK4gF1Ds0VfdnOblG8dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdW8xbm1MM1FzcmlBWFVPelJWOTJjNXVVYngwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYy82OGI1N2ItZDE4ZC00Nzg1LTk3YjAt
ZWM1NmMwYjA4MWFlLzEvdW8xbm1MM1FzcmlBWFVPelJWOTJjNXVVYngwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYy82OGI1N2ItZDE4ZC00Nzg1LTk3YjAtZWM1NmMwYjA4MWFl
LzEvdW8xbm1MM1FzcmlBWFVPelJWOTJjNXVVYngwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAwzf/fwFc
rMEISsb8Z8zXy3XziTmkIpueGS2NvfKfXNpLZWzo9oeNOf2AIBmvoBHU8IEYvIPn
EPT35aeO/Tl3AfmrJu/rf0BJ8DT05QpRe6Epa3Ig9UPUrYQs8Eju1a9us43WRyP5
FxqMSfNaMMqkCzlFANErYJVvuJcDFqRGFANHXCWzh2WZM7KRWy/LsxblUlfyJI1P
Wdy0F+MMKaq1QNo0eslU/7wQZdGxj8tNG+L0vN+GWd+bQdvih+B7FgzB9b2ig5Io
tLjl/Phdt8VNyBF8dI3Zb/GJmrFVVhWXRQIMFe3NWDfgyrATruwz9uXpl0XLPyQ6
SiOoGlwIoVTkiw==
-----END CERTIFICATE-----
Generated at Sun Oct 19 15:19:18 2025 by rpki-client