Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/a830a2-0271-4de9-bc38-03c82157421a/1/1gTknpKDBavLjzLe8_78A-u83kQ.mft
File:                     1gTknpKDBavLjzLe8_78A-u83kQ.mft (raw, json)
Hash identifier:          u/Zey5XFBK9VGk5XDwccC8uOktHX5kKKzgCW1bJNTPg=
Subject key identifier:   42:1B:33:55:43:1E:98:1A:92:25:4A:D7:CC:3C:0A:2C:C2:AB:18:A6
Authority key identifier: D6:04:E4:9E:92:83:05:AB:CB:8F:32:DE:F3:FE:FC:03:EB:BC:DE:44
Certificate issuer:       /CN=d604e49e928305abcb8f32def3fefc03ebbcde44
Certificate serial:       0199FBEBD9E8515801C5EE317EED777A5674
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/1gTknpKDBavLjzLe8_78A-u83kQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/10/a830a2-0271-4de9-bc38-03c82157421a/1/1gTknpKDBavLjzLe8_78A-u83kQ.mft
Manifest number:          1675
Signing time:             Sun 19 Oct 2025 10:02:41 +0000
Manifest this update:     Sun 19 Oct 2025 10:02:41 +0000
Manifest next update:     Mon 20 Oct 2025 10:02:41 +0000
Files and hashes:         1: 1gTknpKDBavLjzLe8_78A-u83kQ.crl (hash: 5CwlKhLuWZbkxpV88H4AjWJL6y45bvfgsDR+9IZ5lNw=)
                          2: pucl_qoNJsFNHYReBDscEGdx2N0.roa (hash: SiJfUuqs3fjKSI6Mo6WtKDUOtA0gOnKfbqvupwDeWPw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/10/a830a2-0271-4de9-bc38-03c82157421a/1/1gTknpKDBavLjzLe8_78A-u83kQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/10/a830a2-0271-4de9-bc38-03c82157421a/1/1gTknpKDBavLjzLe8_78A-u83kQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/1gTknpKDBavLjzLe8_78A-u83kQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 06:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fb:eb:d9:e8:51:58:01:c5:ee:31:7e:ed:77:7a:56:74
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d604e49e928305abcb8f32def3fefc03ebbcde44
        Validity
            Not Before: Oct 19 10:02:41 2025 GMT
            Not After : Oct 20 10:02:41 2025 GMT
        Subject: CN=421b3355431e981a92254ad7cc3c0a2cc2ab18a6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:29:e8:34:54:c3:f7:4a:f5:fe:a9:a4:fd:2f:
                    2b:c4:e4:31:1f:9e:17:0c:79:cd:f2:9b:3a:a7:87:
                    05:1f:de:fd:2c:a7:17:98:d0:e5:1a:4b:37:e6:ac:
                    ff:ec:99:d8:37:b4:cd:52:0d:4a:08:0f:f6:4f:b9:
                    b3:96:5d:d7:cf:aa:51:ce:f0:aa:28:a1:7a:d0:9d:
                    31:ec:f7:6f:e5:85:3a:d9:f7:ee:c6:fd:07:12:a2:
                    05:de:d7:16:4c:38:78:65:01:b3:98:c2:27:e7:b5:
                    a0:a3:0a:46:0c:0c:57:e5:15:30:25:c5:91:52:a2:
                    20:fb:8b:7c:73:94:71:17:72:0a:1f:14:90:a8:f7:
                    e8:18:91:77:06:b2:f1:80:48:08:df:fd:55:77:43:
                    d5:13:99:f2:27:cd:63:f4:bc:95:8d:5c:95:3e:1b:
                    82:72:ad:25:35:76:99:fd:bd:e5:e5:06:06:41:26:
                    68:3c:1a:6b:e1:d8:6c:03:4b:78:43:45:70:61:05:
                    f1:1d:de:17:0d:10:70:b6:d7:e5:b8:6e:1d:b9:7f:
                    8d:47:15:6c:67:e4:ad:74:65:57:ef:e3:da:69:01:
                    2d:b2:4b:b0:95:bb:16:6d:5b:73:74:f8:5a:d3:e8:
                    b9:c8:60:76:58:bf:3f:5b:f5:44:e0:a7:53:31:26:
                    27:7b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                42:1B:33:55:43:1E:98:1A:92:25:4A:D7:CC:3C:0A:2C:C2:AB:18:A6
            X509v3 Authority Key Identifier:
                keyid:D6:04:E4:9E:92:83:05:AB:CB:8F:32:DE:F3:FE:FC:03:EB:BC:DE:44

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1gTknpKDBavLjzLe8_78A-u83kQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/a830a2-0271-4de9-bc38-03c82157421a/1/1gTknpKDBavLjzLe8_78A-u83kQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/10/a830a2-0271-4de9-bc38-03c82157421a/1/1gTknpKDBavLjzLe8_78A-u83kQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4b:76:09:48:fb:84:74:24:67:68:1d:ad:dc:51:da:ec:21:6c:
         e0:68:f8:eb:f5:a7:c5:5a:4d:0a:47:4c:26:d6:a7:45:89:aa:
         9c:3c:42:5e:15:e4:ed:61:60:e6:39:6c:fa:08:3c:2f:52:7a:
         be:1b:4e:c9:be:76:44:f8:37:7e:89:dd:0c:bf:e2:0d:f7:a9:
         74:a5:ee:30:0c:25:46:29:15:67:49:cb:02:b0:a7:f0:db:d1:
         ce:43:db:b4:ee:17:ed:df:13:15:5a:bd:88:93:b5:22:06:27:
         28:5d:a3:a2:90:52:09:0d:f4:df:de:f4:2f:17:fb:4e:03:a5:
         c5:57:e7:53:a1:d6:02:b8:ef:59:4f:c2:08:34:7e:ec:c0:f2:
         43:a8:b4:58:9a:e8:a9:21:df:c1:b7:b3:17:98:c3:b6:72:fd:
         b9:cd:75:13:ec:64:d1:fd:1e:1d:4e:bf:14:9c:e5:ca:9e:9e:
         25:a1:46:e1:e0:71:34:34:10:59:2b:54:86:32:8f:8f:d3:2e:
         5b:59:ff:1a:04:e6:eb:6f:65:a7:e1:72:d4:0d:ea:10:34:2e:
         93:72:7f:70:5d:81:52:01:71:aa:9a:ca:a5:2b:51:15:4b:d2:
         b6:b8:0f:c4:2f:01:0e:ac:f9:45:61:8d:8f:26:38:f3:f3:3b:
         f7:9e:ba:ea
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn769noUVgBxe4xfu13elZ0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ2MDRlNDllOTI4MzA1YWJjYjhmMzJkZWYzZmVmYzAzZWJi
Y2RlNDQwHhcNMjUxMDE5MTAwMjQxWhcNMjUxMDIwMTAwMjQxWjAzMTEwLwYDVQQD
Eyg0MjFiMzM1NTQzMWU5ODFhOTIyNTRhZDdjYzNjMGEyY2MyYWIxOGE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyCnoNFTD90r1/qmk/S8rxOQxH54X
DHnN8ps6p4cFH979LKcXmNDlGks35qz/7JnYN7TNUg1KCA/2T7mzll3Xz6pRzvCq
KKF60J0x7Pdv5YU62ffuxv0HEqIF3tcWTDh4ZQGzmMIn57WgowpGDAxX5RUwJcWR
UqIg+4t8c5RxF3IKHxSQqPfoGJF3BrLxgEgI3/1Vd0PVE5nyJ81j9LyVjVyVPhuC
cq0lNXaZ/b3l5QYGQSZoPBpr4dhsA0t4Q0VwYQXxHd4XDRBwttfluG4duX+NRxVs
Z+StdGVX7+PaaQEtskuwlbsWbVtzdPha0+i5yGB2WL8/W/VE4KdTMSYnewIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEIbM1VDHpgakiVK18w8CizCqximMB8GA1UdIwQY
MBaAFNYE5J6SgwWry48y3vP+/APrvN5EMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMWdUa25wS0RCYXZManpMZThfNzhBLXU4M2tRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC9hODMwYTItMDI3MS00ZGU5LWJjMzgt
MDNjODIxNTc0MjFhLzEvMWdUa25wS0RCYXZManpMZThfNzhBLXU4M2tRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC9hODMwYTItMDI3MS00ZGU5LWJjMzgtMDNjODIxNTc0MjFh
LzEvMWdUa25wS0RCYXZManpMZThfNzhBLXU4M2tRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAS3YJSPuE
dCRnaB2t3FHa7CFs4Gj46/WnxVpNCkdMJtanRYmqnDxCXhXk7WFg5jls+gg8L1J6
vhtOyb52RPg3fondDL/iDfepdKXuMAwlRikVZ0nLArCn8NvRzkPbtO4X7d8TFVq9
iJO1IgYnKF2jopBSCQ303970Lxf7TgOlxVfnU6HWArjvWU/CCDR+7MDyQ6i0WJro
qSHfwbezF5jDtnL9uc11E+xk0f0eHU6/FJzlyp6eJaFG4eBxNDQQWStUhjKPj9Mu
W1n/GgTm629lp+Fy1A3qEDQuk3J/cF2BUgFxqprKpStRFUvStrgPxC8BDqz5RWGN
jyY48/M795666g==
-----END CERTIFICATE-----
Generated at Sun Oct 19 13:05:34 2025 by rpki-client