Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/08/7abdef-91ab-46fb-82e2-56085c9e522e/1/2NYGQYZJDYzqI0f_ejqCSS0feXc.mft
File:                     2NYGQYZJDYzqI0f_ejqCSS0feXc.mft (raw, json)
Hash identifier:          4tAxNHMBxbNmgx0LnPpkjf2D/CrZN7cWGabGCpJd+WQ=
Subject key identifier:   A1:C1:57:30:52:32:1E:61:EC:86:C9:A7:3B:DA:EC:1B:35:0B:61:51
Authority key identifier: D8:D6:06:41:86:49:0D:8C:EA:23:47:FF:7A:3A:82:49:2D:1F:79:77
Certificate issuer:       /CN=d8d6064186490d8cea2347ff7a3a82492d1f7977
Certificate serial:       0199FC8F3FDA30AE8BDB631209A0A104667A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2NYGQYZJDYzqI0f_ejqCSS0feXc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/08/7abdef-91ab-46fb-82e2-56085c9e522e/1/2NYGQYZJDYzqI0f_ejqCSS0feXc.mft
Manifest number:          16E3
Signing time:             Sun 19 Oct 2025 13:01:10 +0000
Manifest this update:     Sun 19 Oct 2025 13:01:10 +0000
Manifest next update:     Mon 20 Oct 2025 13:01:10 +0000
Files and hashes:         1: 2NYGQYZJDYzqI0f_ejqCSS0feXc.crl (hash: B8puDrTK3iPjsrSdqHUuM1gvj0GW3dBWPRchrJJyKdQ=)
                          2: fRvh8sX1Hi5S8M4nM9SL76qC4pw.roa (hash: BU70IeuzZkqToqE9mDUdKtq0A+ixKO/u5mFIegNEZGk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/08/7abdef-91ab-46fb-82e2-56085c9e522e/1/2NYGQYZJDYzqI0f_ejqCSS0feXc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/08/7abdef-91ab-46fb-82e2-56085c9e522e/1/2NYGQYZJDYzqI0f_ejqCSS0feXc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2NYGQYZJDYzqI0f_ejqCSS0feXc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 06:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fc:8f:3f:da:30:ae:8b:db:63:12:09:a0:a1:04:66:7a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d8d6064186490d8cea2347ff7a3a82492d1f7977
        Validity
            Not Before: Oct 19 13:01:10 2025 GMT
            Not After : Oct 20 13:01:10 2025 GMT
        Subject: CN=a1c1573052321e61ec86c9a73bdaec1b350b6151
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:1b:03:f3:4f:64:19:0a:8b:27:34:83:5e:e4:
                    89:3c:08:df:14:28:b9:a2:f8:45:2a:51:e3:72:d1:
                    af:b0:e3:71:39:bf:f5:bd:0b:2d:47:8c:e6:39:b8:
                    d5:4c:26:b9:4a:af:78:dd:4b:77:f5:e1:d1:50:1f:
                    da:aa:ce:bd:17:75:7f:a3:90:d6:e7:c5:8a:b3:c0:
                    bb:09:75:75:d9:8d:d0:f3:e3:a0:8a:fe:bb:b2:6e:
                    3b:d4:6c:2b:4d:c4:f6:bd:a9:f8:bc:65:cc:fa:24:
                    d6:b3:b7:7c:0b:00:9a:cb:c1:56:7b:99:f0:02:f5:
                    c5:ab:06:a5:d5:35:52:29:48:52:63:cd:77:9a:52:
                    a7:db:13:50:ae:a8:a0:63:aa:34:c0:2d:08:37:0d:
                    c0:31:75:60:ce:05:2c:3d:fd:43:23:3e:a1:83:06:
                    40:bc:f6:2c:ba:49:25:0f:c2:db:3e:bf:26:e4:a8:
                    8b:98:bb:80:0e:ec:fc:8a:2a:29:99:3f:ab:00:fa:
                    08:70:83:e4:91:38:25:18:03:c5:57:0c:3c:ba:2a:
                    ce:08:bb:91:b7:af:02:34:c8:67:a7:41:1d:ef:62:
                    af:2c:86:b8:ac:4b:56:b9:55:d0:d3:de:38:49:c8:
                    13:0c:82:5c:e7:75:2a:ca:e1:29:a1:78:e6:3e:54:
                    4b:0b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A1:C1:57:30:52:32:1E:61:EC:86:C9:A7:3B:DA:EC:1B:35:0B:61:51
            X509v3 Authority Key Identifier:
                keyid:D8:D6:06:41:86:49:0D:8C:EA:23:47:FF:7A:3A:82:49:2D:1F:79:77

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2NYGQYZJDYzqI0f_ejqCSS0feXc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/08/7abdef-91ab-46fb-82e2-56085c9e522e/1/2NYGQYZJDYzqI0f_ejqCSS0feXc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/08/7abdef-91ab-46fb-82e2-56085c9e522e/1/2NYGQYZJDYzqI0f_ejqCSS0feXc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0b:78:f4:1b:f3:7c:58:9d:82:88:42:de:8e:11:f0:f4:c7:b6:
         8c:fa:78:cf:eb:bc:2d:b0:a6:da:ef:be:b8:98:c9:11:e7:c4:
         1e:8c:81:d0:4f:df:a8:38:ff:4a:29:f5:90:68:ee:6f:f2:00:
         5a:10:0a:37:ff:f6:70:19:a7:2d:01:53:e2:a3:8e:a3:29:cc:
         4a:02:32:21:7b:1c:47:ec:e2:0c:81:32:83:28:01:86:fe:2b:
         cb:3d:b9:5a:e8:f1:18:5e:90:e2:6a:75:8f:8f:b4:dc:eb:a7:
         ca:80:c5:83:93:df:e5:a7:ac:88:1f:b5:65:cd:8d:cd:50:22:
         e0:9e:6c:11:b9:0b:4a:90:2f:5c:34:7c:ee:ca:0a:06:e7:08:
         75:1a:9c:80:25:5f:7f:2c:76:10:9a:1b:41:6f:bb:b1:3a:ed:
         c2:59:5a:dd:b1:83:f9:c2:f5:45:4e:d0:0b:86:09:0e:c7:da:
         56:ff:23:1e:5d:fa:ef:84:ef:7c:a3:0e:0d:ce:f3:c0:ca:c5:
         1e:7b:bb:24:2c:fa:f3:53:09:00:e4:09:c6:f7:4e:12:01:0a:
         8a:6f:45:d9:41:80:fc:17:03:59:54:a9:4e:10:c2:78:10:2f:
         c1:49:31:fb:23:dc:1a:48:9f:9c:ea:5b:8d:f5:bd:ee:e8:06:
         64:c7:51:06
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn8jz/aMK6L22MSCaChBGZ6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4ZDYwNjQxODY0OTBkOGNlYTIzNDdmZjdhM2E4MjQ5MmQx
Zjc5NzcwHhcNMjUxMDE5MTMwMTEwWhcNMjUxMDIwMTMwMTEwWjAzMTEwLwYDVQQD
EyhhMWMxNTczMDUyMzIxZTYxZWM4NmM5YTczYmRhZWMxYjM1MGI2MTUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuhsD809kGQqLJzSDXuSJPAjfFCi5
ovhFKlHjctGvsONxOb/1vQstR4zmObjVTCa5Sq943Ut39eHRUB/aqs69F3V/o5DW
58WKs8C7CXV12Y3Q8+Ogiv67sm471GwrTcT2van4vGXM+iTWs7d8CwCay8FWe5nw
AvXFqwal1TVSKUhSY813mlKn2xNQrqigY6o0wC0INw3AMXVgzgUsPf1DIz6hgwZA
vPYsukklD8LbPr8m5KiLmLuADuz8iiopmT+rAPoIcIPkkTglGAPFVww8uirOCLuR
t68CNMhnp0Ed72KvLIa4rEtWuVXQ0944ScgTDIJc53UqyuEpoXjmPlRLCwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKHBVzBSMh5h7IbJpzva7Bs1C2FRMB8GA1UdIwQY
MBaAFNjWBkGGSQ2M6iNH/3o6gkktH3l3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMk5ZR1FZWkpEWXpxSTBmX2VqcUNTUzBmZVhjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOC83YWJkZWYtOTFhYi00NmZiLTgyZTIt
NTYwODVjOWU1MjJlLzEvMk5ZR1FZWkpEWXpxSTBmX2VqcUNTUzBmZVhjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOC83YWJkZWYtOTFhYi00NmZiLTgyZTItNTYwODVjOWU1MjJl
LzEvMk5ZR1FZWkpEWXpxSTBmX2VqcUNTUzBmZVhjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAC3j0G/N8
WJ2CiELejhHw9Me2jPp4z+u8LbCm2u++uJjJEefEHoyB0E/fqDj/Sin1kGjub/IA
WhAKN//2cBmnLQFT4qOOoynMSgIyIXscR+ziDIEygygBhv4ryz25WujxGF6Q4mp1
j4+03OunyoDFg5Pf5aesiB+1Zc2NzVAi4J5sEbkLSpAvXDR87soKBucIdRqcgCVf
fyx2EJobQW+7sTrtwlla3bGD+cL1RU7QC4YJDsfaVv8jHl3674TvfKMODc7zwMrF
Hnu7JCz681MJAOQJxvdOEgEKim9F2UGA/BcDWVSpThDCeBAvwUkx+yPcGkifnOpb
jfW97ugGZMdRBg==
-----END CERTIFICATE-----
Generated at Sun Oct 19 15:12:51 2025 by rpki-client