Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/d4469a-13a8-472c-b46f-4bb414623a14/1/iaBBZwABZgo3ILd9dk2DaFIZATg.mft
File:                     iaBBZwABZgo3ILd9dk2DaFIZATg.mft (raw, json)
Hash identifier:          /TXqYKX6qsZSYORwtKnzJ68eEBn1jJoCwAKnPfWtKMs=
Subject key identifier:   10:7F:1B:A4:38:B2:DF:A7:93:48:65:23:C0:D8:2E:8E:BD:D4:16:68
Authority key identifier: 89:A0:41:67:00:01:66:0A:37:20:B7:7D:76:4D:83:68:52:19:01:38
Certificate issuer:       /CN=89a041670001660a3720b77d764d836852190138
Certificate serial:       0199FBEA8D6E34FA8932BCA553C2EC5E33D7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/iaBBZwABZgo3ILd9dk2DaFIZATg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/00/d4469a-13a8-472c-b46f-4bb414623a14/1/iaBBZwABZgo3ILd9dk2DaFIZATg.mft
Manifest number:          04E7
Signing time:             Sun 19 Oct 2025 10:01:16 +0000
Manifest this update:     Sun 19 Oct 2025 10:01:16 +0000
Manifest next update:     Mon 20 Oct 2025 10:01:16 +0000
Files and hashes:         1: ZFhZ1BqFreky-hMCFILR09_VVoM.roa (hash: qamEtLvOwpZ40vLyeg6d8oLlWWQ1GcUWvt7i4vqtvFc=)
                          2: iaBBZwABZgo3ILd9dk2DaFIZATg.crl (hash: fBtLJlJFK9oGWUouYrfrNGR+Cty1gJOR4koKnAXwRmE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/00/d4469a-13a8-472c-b46f-4bb414623a14/1/iaBBZwABZgo3ILd9dk2DaFIZATg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/00/d4469a-13a8-472c-b46f-4bb414623a14/1/iaBBZwABZgo3ILd9dk2DaFIZATg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/iaBBZwABZgo3ILd9dk2DaFIZATg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 06:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fb:ea:8d:6e:34:fa:89:32:bc:a5:53:c2:ec:5e:33:d7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=89a041670001660a3720b77d764d836852190138
        Validity
            Not Before: Oct 19 10:01:16 2025 GMT
            Not After : Oct 20 10:01:16 2025 GMT
        Subject: CN=107f1ba438b2dfa793486523c0d82e8ebdd41668
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9e:13:84:5b:68:af:ad:77:e1:8c:d6:27:29:35:
                    f6:2d:b3:c7:f1:5d:be:68:fa:0f:7a:50:b6:1c:7f:
                    49:e7:c5:46:58:46:a3:0f:c9:e0:fe:e4:92:24:54:
                    5f:8b:f7:3a:e1:8f:b8:94:a4:e5:df:2f:27:59:fe:
                    da:79:3e:81:38:cb:4f:d8:b3:08:2e:cf:32:1e:1a:
                    83:33:47:e0:45:43:fa:5d:5a:c5:fd:2e:28:4f:d4:
                    b3:8b:4d:24:0f:95:4d:03:8d:75:ee:3b:e8:13:c5:
                    11:9b:f7:f6:80:3f:ec:66:dd:a8:c4:0b:e1:78:18:
                    4a:cf:80:0c:1f:85:76:d7:ff:04:3a:2a:b3:82:e7:
                    29:f7:1a:6b:8d:c2:83:30:39:43:7d:04:03:53:e9:
                    67:cc:d1:fb:8b:96:37:5e:d8:c3:b3:8f:aa:47:a8:
                    9f:32:fa:0e:f2:7f:17:53:81:85:0a:84:90:a9:fb:
                    31:a4:47:9e:e0:47:8f:88:ae:d6:84:d1:7c:57:99:
                    03:92:f5:b3:01:90:7c:e4:37:7f:04:e4:d7:8c:f0:
                    8b:04:2a:13:d0:53:e5:88:6b:53:06:dc:ca:18:74:
                    29:bd:d3:b6:32:83:93:60:e1:2a:c3:0e:1d:31:a3:
                    93:0a:9a:03:76:c6:20:78:41:c0:ee:5d:96:d3:27:
                    bc:a1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                10:7F:1B:A4:38:B2:DF:A7:93:48:65:23:C0:D8:2E:8E:BD:D4:16:68
            X509v3 Authority Key Identifier:
                keyid:89:A0:41:67:00:01:66:0A:37:20:B7:7D:76:4D:83:68:52:19:01:38

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iaBBZwABZgo3ILd9dk2DaFIZATg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/d4469a-13a8-472c-b46f-4bb414623a14/1/iaBBZwABZgo3ILd9dk2DaFIZATg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/00/d4469a-13a8-472c-b46f-4bb414623a14/1/iaBBZwABZgo3ILd9dk2DaFIZATg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         c0:75:58:65:f1:f7:19:39:a4:1f:2e:02:9d:25:8e:02:17:8d:
         c6:c2:21:f1:53:4d:bc:72:b9:21:a9:42:51:89:4c:93:8a:fe:
         57:37:c4:5c:49:c9:1f:29:ea:f4:93:b0:b5:32:eb:ad:a7:7d:
         e1:41:ff:5d:37:9b:9d:d7:9e:79:7c:31:f4:bc:94:fe:0e:3d:
         6c:a5:f9:a6:8d:59:6b:e3:f4:98:a0:c1:75:87:60:08:ec:bb:
         3b:42:bd:06:8c:64:c7:b9:f7:65:41:ba:16:fd:ce:04:e9:b4:
         37:d9:19:68:f9:6f:c4:13:fc:5a:ba:01:a7:cf:c1:03:a8:e6:
         ad:f7:6a:63:9f:8f:e9:7c:b6:ab:41:86:7f:5c:3c:50:f9:4c:
         d1:d6:c7:d4:a3:cf:fb:d4:e6:f5:3e:75:92:c1:cf:f2:f0:95:
         93:04:e6:d8:61:07:a3:41:27:d0:1e:2f:ce:03:c9:24:ad:1f:
         48:69:51:c7:69:f3:b4:fa:2d:70:8f:e3:f0:0c:11:38:b6:2a:
         62:d5:be:9a:4f:7d:99:78:d9:73:38:59:f0:18:16:75:4b:bd:
         2a:70:19:5b:17:f9:af:4b:72:ad:8d:b1:90:fc:84:6f:ec:de:
         2f:ad:77:66:83:98:2c:a0:e0:13:04:12:8d:f7:c8:fc:cf:36:
         40:1b:cd:fa
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn76o1uNPqJMrylU8LsXjPXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg5YTA0MTY3MDAwMTY2MGEzNzIwYjc3ZDc2NGQ4MzY4NTIx
OTAxMzgwHhcNMjUxMDE5MTAwMTE2WhcNMjUxMDIwMTAwMTE2WjAzMTEwLwYDVQQD
EygxMDdmMWJhNDM4YjJkZmE3OTM0ODY1MjNjMGQ4MmU4ZWJkZDQxNjY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnhOEW2ivrXfhjNYnKTX2LbPH8V2+
aPoPelC2HH9J58VGWEajD8ng/uSSJFRfi/c64Y+4lKTl3y8nWf7aeT6BOMtP2LMI
Ls8yHhqDM0fgRUP6XVrF/S4oT9Szi00kD5VNA4117jvoE8URm/f2gD/sZt2oxAvh
eBhKz4AMH4V21/8EOiqzgucp9xprjcKDMDlDfQQDU+lnzNH7i5Y3XtjDs4+qR6if
MvoO8n8XU4GFCoSQqfsxpEee4EePiK7WhNF8V5kDkvWzAZB85Dd/BOTXjPCLBCoT
0FPliGtTBtzKGHQpvdO2MoOTYOEqww4dMaOTCpoDdsYgeEHA7l2W0ye8oQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBB/G6Q4st+nk0hlI8DYLo691BZoMB8GA1UdIwQY
MBaAFImgQWcAAWYKNyC3fXZNg2hSGQE4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaWFCQlp3QUJaZ28zSUxkOWRrMkRhRklaQVRnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9kNDQ2OWEtMTNhOC00NzJjLWI0NmYt
NGJiNDE0NjIzYTE0LzEvaWFCQlp3QUJaZ28zSUxkOWRrMkRhRklaQVRnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9kNDQ2OWEtMTNhOC00NzJjLWI0NmYtNGJiNDE0NjIzYTE0
LzEvaWFCQlp3QUJaZ28zSUxkOWRrMkRhRklaQVRnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAwHVYZfH3
GTmkHy4CnSWOAheNxsIh8VNNvHK5IalCUYlMk4r+VzfEXEnJHynq9JOwtTLrrad9
4UH/XTebndeeeXwx9LyU/g49bKX5po1Za+P0mKDBdYdgCOy7O0K9Boxkx7n3ZUG6
Fv3OBOm0N9kZaPlvxBP8WroBp8/BA6jmrfdqY5+P6Xy2q0GGf1w8UPlM0dbH1KPP
+9Tm9T51ksHP8vCVkwTm2GEHo0En0B4vzgPJJK0fSGlRx2nztPotcI/j8AwROLYq
YtW+mk99mXjZczhZ8BgWdUu9KnAZWxf5r0tyrY2xkPyEb+zeL613ZoOYLKDgEwQS
jffI/M82QBvN+g==
-----END CERTIFICATE-----
Generated at Sun Oct 19 13:06:02 2025 by rpki-client