Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/6fb9c3-6c9c-439e-8cca-d99a2198a68d/1/QucVYSpqaXFPXj8uTLxI_OhKb1I.mft
File:                     QucVYSpqaXFPXj8uTLxI_OhKb1I.mft (raw, json)
Hash identifier:          reEyrzAnadeRCOcQu/4mSVSDb2lwXCHKx8DURhtcPbY=
Subject key identifier:   F9:53:1F:8D:B2:C1:9C:91:EC:C5:1C:99:42:23:4D:8E:9D:F9:3D:8B
Authority key identifier: 42:E7:15:61:2A:6A:69:71:4F:5E:3F:2E:4C:BC:48:FC:E8:4A:6F:52
Certificate issuer:       /CN=42e715612a6a69714f5e3f2e4cbc48fce84a6f52
Certificate serial:       0199FC585D2C679A3DF5BB1B6BCA0488C32F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/QucVYSpqaXFPXj8uTLxI_OhKb1I.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f3/6fb9c3-6c9c-439e-8cca-d99a2198a68d/1/QucVYSpqaXFPXj8uTLxI_OhKb1I.mft
Manifest number:          16DF
Signing time:             Sun 19 Oct 2025 12:01:13 +0000
Manifest this update:     Sun 19 Oct 2025 12:01:13 +0000
Manifest next update:     Mon 20 Oct 2025 12:01:13 +0000
Files and hashes:         1: QucVYSpqaXFPXj8uTLxI_OhKb1I.crl (hash: f+KnehaD8M4ya9308bnxkqLuL7hG8UZnzgbvkg4pDkk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f3/6fb9c3-6c9c-439e-8cca-d99a2198a68d/1/QucVYSpqaXFPXj8uTLxI_OhKb1I.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f3/6fb9c3-6c9c-439e-8cca-d99a2198a68d/1/QucVYSpqaXFPXj8uTLxI_OhKb1I.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/QucVYSpqaXFPXj8uTLxI_OhKb1I.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 06:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fc:58:5d:2c:67:9a:3d:f5:bb:1b:6b:ca:04:88:c3:2f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=42e715612a6a69714f5e3f2e4cbc48fce84a6f52
        Validity
            Not Before: Oct 19 12:01:13 2025 GMT
            Not After : Oct 20 12:01:13 2025 GMT
        Subject: CN=f9531f8db2c19c91ecc51c9942234d8e9df93d8b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:94:17:00:59:1b:e0:df:ef:bc:39:df:f2:86:
                    a4:82:27:2b:b3:82:07:e4:95:b0:d1:a2:f8:4e:b1:
                    1f:12:0e:8c:dc:6a:b3:19:e9:fe:b8:15:82:73:cf:
                    5e:89:52:a1:c7:c4:7a:be:a7:25:59:89:32:8d:a1:
                    9f:10:84:6d:66:0c:c3:da:e5:6f:f6:07:77:1b:f2:
                    60:45:86:4a:93:d6:63:b8:35:e1:c7:d8:59:e6:5f:
                    1d:08:40:c1:91:64:3c:73:da:b0:13:d3:ed:bb:3b:
                    dd:5a:db:c5:bc:c0:ff:87:2e:8c:b5:fb:f1:95:b6:
                    60:61:b7:59:30:da:3c:96:96:5f:f0:93:b1:12:97:
                    5a:35:82:12:bc:c7:bb:a5:14:86:8d:49:cd:69:e1:
                    59:29:3e:db:19:7d:6b:ed:b5:fc:4a:9d:53:3c:45:
                    2b:ca:d5:39:1f:ac:27:d6:e9:fa:d6:8b:7b:b6:d5:
                    3f:b3:ac:70:a6:d4:56:02:64:5c:ca:44:fa:f8:6a:
                    fe:6a:8d:b5:98:03:73:4c:05:86:3e:9f:e5:7e:49:
                    78:d7:95:25:b2:e4:92:de:d9:0c:57:86:70:82:82:
                    7b:ce:77:42:60:d5:cb:fe:51:ec:2f:35:83:d9:ae:
                    4d:d3:fd:7f:66:c9:04:f2:e4:62:66:ad:d4:7e:0c:
                    ee:c9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F9:53:1F:8D:B2:C1:9C:91:EC:C5:1C:99:42:23:4D:8E:9D:F9:3D:8B
            X509v3 Authority Key Identifier:
                keyid:42:E7:15:61:2A:6A:69:71:4F:5E:3F:2E:4C:BC:48:FC:E8:4A:6F:52

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QucVYSpqaXFPXj8uTLxI_OhKb1I.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/6fb9c3-6c9c-439e-8cca-d99a2198a68d/1/QucVYSpqaXFPXj8uTLxI_OhKb1I.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/6fb9c3-6c9c-439e-8cca-d99a2198a68d/1/QucVYSpqaXFPXj8uTLxI_OhKb1I.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         17:00:4d:7d:19:e1:a3:13:8f:4b:a4:54:72:b6:22:c0:7d:ce:
         de:6d:58:41:f9:89:8c:c0:f2:09:3a:6d:b1:d3:d1:d3:51:64:
         f9:2c:52:42:47:bd:1a:5a:a1:e5:08:d7:02:40:6d:eb:48:65:
         45:83:51:54:7e:7a:29:b8:86:91:bf:2e:a5:de:94:4e:c7:90:
         3f:aa:ab:9c:54:e9:fd:b7:05:0e:b0:12:f3:6b:cc:57:59:a4:
         bc:fd:bc:f4:76:9d:2b:e4:fd:f8:c1:01:e9:99:f3:6a:4d:de:
         4c:f3:c8:74:e3:db:e4:13:1f:5c:ad:46:1e:c6:84:9e:bc:08:
         ac:9e:41:1c:0c:5f:13:73:fb:09:0a:fc:bb:2d:76:c4:52:b2:
         64:06:f7:48:4d:db:73:96:a5:e6:98:66:e0:e0:c7:c3:1b:9b:
         e5:45:94:b3:33:06:df:d0:4f:b8:f9:63:ac:6f:8a:40:88:e1:
         86:74:1b:5a:1c:ca:5d:59:32:ff:ba:3d:d7:8d:b1:de:5d:c1:
         ba:2d:6e:ee:12:fd:d2:ea:97:ad:a1:b5:33:f8:79:60:be:16:
         74:6f:01:e9:74:fa:a2:ef:42:24:02:8a:a2:42:79:50:b4:58:
         ec:2b:09:b1:ba:6b:0c:cc:a7:78:af:5f:52:b9:fc:2d:a5:8e:
         d2:14:fe:e0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn8WF0sZ5o99bsba8oEiMMvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQyZTcxNTYxMmE2YTY5NzE0ZjVlM2YyZTRjYmM0OGZjZTg0
YTZmNTIwHhcNMjUxMDE5MTIwMTEzWhcNMjUxMDIwMTIwMTEzWjAzMTEwLwYDVQQD
EyhmOTUzMWY4ZGIyYzE5YzkxZWNjNTFjOTk0MjIzNGQ4ZTlkZjkzZDhiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsZQXAFkb4N/vvDnf8oakgicrs4IH
5JWw0aL4TrEfEg6M3GqzGen+uBWCc89eiVKhx8R6vqclWYkyjaGfEIRtZgzD2uVv
9gd3G/JgRYZKk9ZjuDXhx9hZ5l8dCEDBkWQ8c9qwE9PtuzvdWtvFvMD/hy6Mtfvx
lbZgYbdZMNo8lpZf8JOxEpdaNYISvMe7pRSGjUnNaeFZKT7bGX1r7bX8Sp1TPEUr
ytU5H6wn1un61ot7ttU/s6xwptRWAmRcykT6+Gr+ao21mANzTAWGPp/lfkl415Ul
suSS3tkMV4ZwgoJ7zndCYNXL/lHsLzWD2a5N0/1/ZskE8uRiZq3UfgzuyQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPlTH42ywZyR7MUcmUIjTY6d+T2LMB8GA1UdIwQY
MBaAFELnFWEqamlxT14/Lky8SPzoSm9SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXVjVllTcHFhWEZQWGo4dVRMeElfT2hLYjFJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMy82ZmI5YzMtNmM5Yy00MzllLThjY2Et
ZDk5YTIxOThhNjhkLzEvUXVjVllTcHFhWEZQWGo4dVRMeElfT2hLYjFJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMy82ZmI5YzMtNmM5Yy00MzllLThjY2EtZDk5YTIxOThhNjhk
LzEvUXVjVllTcHFhWEZQWGo4dVRMeElfT2hLYjFJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAFwBNfRnh
oxOPS6RUcrYiwH3O3m1YQfmJjMDyCTptsdPR01Fk+SxSQke9Glqh5QjXAkBt60hl
RYNRVH56KbiGkb8upd6UTseQP6qrnFTp/bcFDrAS82vMV1mkvP289HadK+T9+MEB
6Znzak3eTPPIdOPb5BMfXK1GHsaEnrwIrJ5BHAxfE3P7CQr8uy12xFKyZAb3SE3b
c5al5phm4ODHwxub5UWUszMG39BPuPljrG+KQIjhhnQbWhzKXVky/7o9142x3l3B
ui1u7hL90uqXraG1M/h5YL4WdG8B6XT6ou9CJAKKokJ5ULRY7CsJsbprDMyneK9f
Urn8LaWO0hT+4A==
-----END CERTIFICATE-----
Generated at Sun Oct 19 15:19:19 2025 by rpki-client