Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/7a13ee-b731-4ff9-bef0-4b1581f09d3b/1/S-iWpBlThdS5S3KVmIzPv6ismcU.mft
File:                     S-iWpBlThdS5S3KVmIzPv6ismcU.mft (raw, json)
Hash identifier:          MSkbU3LaU8HuRxpbjUnX7mv0P52CEj3YUq1i0xguAN4=
Subject key identifier:   C3:27:B8:72:E4:C4:9D:F3:8B:42:47:75:09:EE:BC:28:F4:8C:E6:C2
Authority key identifier: 4B:E8:96:A4:19:53:85:D4:B9:4B:72:95:98:8C:CF:BF:A8:AC:99:C5
Certificate issuer:       /CN=4be896a4195385d4b94b7295988ccfbfa8ac99c5
Certificate serial:       0199FC21877E180DBD361A2FC88C79213309
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/S-iWpBlThdS5S3KVmIzPv6ismcU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/01/7a13ee-b731-4ff9-bef0-4b1581f09d3b/1/S-iWpBlThdS5S3KVmIzPv6ismcU.mft
Manifest number:          0D76
Signing time:             Sun 19 Oct 2025 11:01:19 +0000
Manifest this update:     Sun 19 Oct 2025 11:01:19 +0000
Manifest next update:     Mon 20 Oct 2025 11:01:19 +0000
Files and hashes:         1: 6KASjwCz7ilKa_zbYR8rA5RUBrc.roa (hash: T4+QVQXXLI7KFzCBe08m6pD6fADi9vWJFsV+O2tzwnA=)
                          2: S-iWpBlThdS5S3KVmIzPv6ismcU.crl (hash: D9PyEaxhRFgQlnptnIvCqCMEdCee9yZuS+zX5a5K1Kc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/01/7a13ee-b731-4ff9-bef0-4b1581f09d3b/1/S-iWpBlThdS5S3KVmIzPv6ismcU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/01/7a13ee-b731-4ff9-bef0-4b1581f09d3b/1/S-iWpBlThdS5S3KVmIzPv6ismcU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/S-iWpBlThdS5S3KVmIzPv6ismcU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 06:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fc:21:87:7e:18:0d:bd:36:1a:2f:c8:8c:79:21:33:09
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4be896a4195385d4b94b7295988ccfbfa8ac99c5
        Validity
            Not Before: Oct 19 11:01:19 2025 GMT
            Not After : Oct 20 11:01:19 2025 GMT
        Subject: CN=c327b872e4c49df38b42477509eebc28f48ce6c2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:59:85:4a:47:9c:25:51:5a:41:62:f5:f5:2a:
                    a8:08:fe:a8:03:36:8b:3c:f9:05:ee:b4:42:a8:2b:
                    8c:8a:e0:2c:cb:19:2b:fe:bd:b6:3e:bc:c1:e2:40:
                    3c:c3:18:e2:a3:c6:ff:fe:40:92:0b:de:ec:77:f3:
                    a8:5d:cf:ea:d5:00:66:b3:9b:21:94:cd:47:fa:ab:
                    fe:76:12:88:82:4b:92:ed:f6:6f:2d:a7:4e:78:c5:
                    f6:88:a6:27:52:1a:7c:c4:31:de:1e:9d:cb:66:f7:
                    a7:6a:4d:fe:e6:69:f4:42:5d:df:ff:07:63:83:c9:
                    a7:2b:46:9e:0d:29:40:0a:00:92:3c:7c:d7:31:53:
                    91:9f:be:99:74:7f:95:f4:b9:e2:cc:44:83:48:f2:
                    3d:93:f6:bb:89:0d:1b:3e:c7:0a:66:b0:1f:df:fb:
                    79:4d:6a:68:1a:f4:33:d6:be:97:36:ce:b1:54:bb:
                    cb:0c:1b:62:5d:b2:ea:7f:ee:10:d1:e3:52:3a:e9:
                    70:cf:41:fd:66:0e:21:9e:93:e0:b8:70:dc:f1:31:
                    d9:9d:e9:75:59:92:ec:c4:86:99:ee:b6:f7:c0:62:
                    9c:b6:c0:a8:25:d5:d8:33:93:9b:dc:10:1e:4d:7e:
                    73:7d:4e:ce:d2:ea:5b:db:fa:e9:a0:50:be:5a:a5:
                    18:95
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C3:27:B8:72:E4:C4:9D:F3:8B:42:47:75:09:EE:BC:28:F4:8C:E6:C2
            X509v3 Authority Key Identifier:
                keyid:4B:E8:96:A4:19:53:85:D4:B9:4B:72:95:98:8C:CF:BF:A8:AC:99:C5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/S-iWpBlThdS5S3KVmIzPv6ismcU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/7a13ee-b731-4ff9-bef0-4b1581f09d3b/1/S-iWpBlThdS5S3KVmIzPv6ismcU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/01/7a13ee-b731-4ff9-bef0-4b1581f09d3b/1/S-iWpBlThdS5S3KVmIzPv6ismcU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         85:3f:7d:1a:ac:44:e1:a4:92:f7:5e:91:fd:ce:19:7a:55:4e:
         27:4a:8a:e8:82:6b:44:b5:b1:28:21:33:09:d4:87:74:71:39:
         40:e6:9e:59:15:ed:dd:3c:e8:5a:fa:72:02:2e:a6:f7:ec:3c:
         9f:a5:ad:ba:62:b0:c7:24:48:96:53:bc:64:af:15:26:1d:a5:
         f5:3e:86:d8:b2:11:6a:44:19:0e:e4:af:ce:7c:4d:86:d4:b3:
         df:38:85:ca:65:0d:95:2f:d0:5b:c6:83:ec:16:a9:49:fd:19:
         86:49:ea:34:6d:0d:00:1b:c8:44:76:85:2a:a2:60:a3:ff:e4:
         1f:8d:08:e0:30:89:53:0b:6b:ec:6b:d2:7e:08:1c:bd:0b:8c:
         1f:61:f8:11:09:f0:19:0d:a4:fd:25:49:80:d3:04:c3:e4:fd:
         3e:ad:55:e5:3e:e8:f0:02:76:ca:79:1d:d0:c2:bd:13:f0:7f:
         44:d4:8a:00:96:f9:2a:86:6c:39:04:4e:1a:67:94:0b:d1:ca:
         da:bf:96:60:34:79:ed:51:3d:62:7f:4b:00:ad:5e:46:d5:0a:
         54:bc:95:5c:67:bf:27:1a:36:8f:fa:18:50:1d:62:00:b6:59:
         da:52:11:38:08:1e:79:51:36:db:77:a7:c0:3a:e3:c5:86:e6:
         29:b1:9c:55
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn8IYd+GA29NhovyIx5ITMJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRiZTg5NmE0MTk1Mzg1ZDRiOTRiNzI5NTk4OGNjZmJmYThh
Yzk5YzUwHhcNMjUxMDE5MTEwMTE5WhcNMjUxMDIwMTEwMTE5WjAzMTEwLwYDVQQD
EyhjMzI3Yjg3MmU0YzQ5ZGYzOGI0MjQ3NzUwOWVlYmMyOGY0OGNlNmMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvFmFSkecJVFaQWL19SqoCP6oAzaL
PPkF7rRCqCuMiuAsyxkr/r22PrzB4kA8wxjio8b//kCSC97sd/OoXc/q1QBms5sh
lM1H+qv+dhKIgkuS7fZvLadOeMX2iKYnUhp8xDHeHp3LZvenak3+5mn0Ql3f/wdj
g8mnK0aeDSlACgCSPHzXMVORn76ZdH+V9LnizESDSPI9k/a7iQ0bPscKZrAf3/t5
TWpoGvQz1r6XNs6xVLvLDBtiXbLqf+4Q0eNSOulwz0H9Zg4hnpPguHDc8THZnel1
WZLsxIaZ7rb3wGKctsCoJdXYM5Ob3BAeTX5zfU7O0upb2/rpoFC+WqUYlQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMMnuHLkxJ3zi0JHdQnuvCj0jObCMB8GA1UdIwQY
MBaAFEvolqQZU4XUuUtylZiMz7+orJnFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUy1pV3BCbFRoZFM1UzNLVm1JelB2NmlzbWNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMS83YTEzZWUtYjczMS00ZmY5LWJlZjAt
NGIxNTgxZjA5ZDNiLzEvUy1pV3BCbFRoZFM1UzNLVm1JelB2NmlzbWNVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMS83YTEzZWUtYjczMS00ZmY5LWJlZjAtNGIxNTgxZjA5ZDNi
LzEvUy1pV3BCbFRoZFM1UzNLVm1JelB2NmlzbWNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhT99GqxE
4aSS916R/c4ZelVOJ0qK6IJrRLWxKCEzCdSHdHE5QOaeWRXt3TzoWvpyAi6m9+w8
n6WtumKwxyRIllO8ZK8VJh2l9T6G2LIRakQZDuSvznxNhtSz3ziFymUNlS/QW8aD
7BapSf0ZhknqNG0NABvIRHaFKqJgo//kH40I4DCJUwtr7GvSfggcvQuMH2H4EQnw
GQ2k/SVJgNMEw+T9Pq1V5T7o8AJ2ynkd0MK9E/B/RNSKAJb5KoZsOQROGmeUC9HK
2r+WYDR57VE9Yn9LAK1eRtUKVLyVXGe/Jxo2j/oYUB1iALZZ2lIROAgeeVE223en
wDrjxYbmKbGcVQ==
-----END CERTIFICATE-----
Generated at Sun Oct 19 15:12:45 2025 by rpki-client