Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/45ad5b-3ce1-48f1-bef7-641cfb6e3d9b/1/pOd3fHr7fUObRvaBxMe_aoJS4xU.mft
File:                     pOd3fHr7fUObRvaBxMe_aoJS4xU.mft (raw, json)
Hash identifier:          4mooEKofZVPHd3lE86ce5ZfRHEIJzaPX88mJyxyfGjM=
Subject key identifier:   5D:10:00:6C:1B:63:68:42:45:8C:45:90:8D:28:69:FF:4C:E7:D0:73
Authority key identifier: A4:E7:77:7C:7A:FB:7D:43:9B:46:F6:81:C4:C7:BF:6A:82:52:E3:15
Certificate issuer:       /CN=a4e7777c7afb7d439b46f681c4c7bf6a8252e315
Certificate serial:       0199FBEB01280152120E8C14CB9401885149
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/pOd3fHr7fUObRvaBxMe_aoJS4xU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/11/45ad5b-3ce1-48f1-bef7-641cfb6e3d9b/1/pOd3fHr7fUObRvaBxMe_aoJS4xU.mft
Manifest number:          0DCD
Signing time:             Sun 19 Oct 2025 10:01:46 +0000
Manifest this update:     Sun 19 Oct 2025 10:01:46 +0000
Manifest next update:     Mon 20 Oct 2025 10:01:46 +0000
Files and hashes:         1: pOd3fHr7fUObRvaBxMe_aoJS4xU.crl (hash: xHq6RiQBJeB05FygwihPjgaoElhvQpW3N0Z7cY0yxSc=)
                          2: z4rUk_E4AGcR7M7P_EXqaAGwIrE.roa (hash: vdPESCF/t7U31UD2O57fuph7iNy0Hlzj8MYZvwZ4bj4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/11/45ad5b-3ce1-48f1-bef7-641cfb6e3d9b/1/pOd3fHr7fUObRvaBxMe_aoJS4xU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/11/45ad5b-3ce1-48f1-bef7-641cfb6e3d9b/1/pOd3fHr7fUObRvaBxMe_aoJS4xU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/pOd3fHr7fUObRvaBxMe_aoJS4xU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 06:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fb:eb:01:28:01:52:12:0e:8c:14:cb:94:01:88:51:49
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a4e7777c7afb7d439b46f681c4c7bf6a8252e315
        Validity
            Not Before: Oct 19 10:01:46 2025 GMT
            Not After : Oct 20 10:01:46 2025 GMT
        Subject: CN=5d10006c1b636842458c45908d2869ff4ce7d073
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:19:fe:ac:4c:30:59:05:56:20:90:b1:8f:bc:
                    38:ad:0f:4a:d1:67:49:7d:0a:ae:0c:b4:17:b6:dc:
                    5c:12:87:17:de:18:de:80:86:6d:44:75:d0:14:8b:
                    77:4e:5c:85:e2:c8:42:8a:de:2b:68:1e:95:24:6a:
                    25:e8:8d:b1:6e:56:68:bc:cf:4c:63:a7:5e:28:22:
                    0e:f3:7a:b7:0e:a0:13:8d:6e:38:9e:91:57:a2:ab:
                    7b:bb:a2:2d:24:c3:0b:b3:a6:c9:da:a9:c7:33:a8:
                    16:e9:a5:7a:7a:e1:b0:99:f4:81:54:c2:06:e1:f2:
                    53:b2:7e:86:96:3f:a2:64:26:53:9e:da:1a:63:5a:
                    18:96:15:98:08:fa:e8:45:5f:71:5d:dc:89:a6:b7:
                    e8:8d:56:96:5e:6c:76:cd:91:15:b7:9b:ab:1b:3e:
                    a2:67:d8:25:b1:23:42:6b:12:95:61:8c:1d:8e:ce:
                    39:6d:ba:a9:d2:80:79:f7:94:79:70:36:47:b6:c1:
                    6e:b0:7b:cf:2f:79:51:4b:2f:64:e5:7e:a6:da:8f:
                    70:ef:7b:f9:e2:3d:b3:50:01:e0:06:24:29:d6:6e:
                    8b:9e:04:e5:f0:99:76:b0:83:77:92:e2:68:76:5a:
                    47:6c:d2:47:97:74:5b:8e:93:7e:10:36:cc:46:40:
                    1a:e9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5D:10:00:6C:1B:63:68:42:45:8C:45:90:8D:28:69:FF:4C:E7:D0:73
            X509v3 Authority Key Identifier:
                keyid:A4:E7:77:7C:7A:FB:7D:43:9B:46:F6:81:C4:C7:BF:6A:82:52:E3:15

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pOd3fHr7fUObRvaBxMe_aoJS4xU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/45ad5b-3ce1-48f1-bef7-641cfb6e3d9b/1/pOd3fHr7fUObRvaBxMe_aoJS4xU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/11/45ad5b-3ce1-48f1-bef7-641cfb6e3d9b/1/pOd3fHr7fUObRvaBxMe_aoJS4xU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2a:cc:34:f4:44:e2:e4:89:ec:71:68:85:78:76:d8:be:db:8d:
         59:e0:9f:2e:24:c8:5a:f7:7f:4d:da:bf:13:af:6f:e5:8d:e0:
         e4:37:36:49:c8:f4:68:71:12:36:c5:71:7a:5a:3f:b0:3d:25:
         a6:2e:91:ca:aa:7b:e0:c4:0f:29:c4:d5:c7:91:81:53:f4:03:
         3c:96:d4:e1:fd:d4:e6:df:40:e6:5e:37:04:23:9b:57:f9:68:
         d5:a1:5f:4d:16:d7:0e:02:d6:4b:fd:73:a7:f4:03:40:2b:44:
         17:c3:05:88:59:3f:99:bc:f5:24:1e:d4:b3:4e:30:23:04:0c:
         ab:e0:07:5d:0a:a7:11:06:c3:b2:7b:d3:6b:8a:9b:3a:12:00:
         1f:0b:e5:9e:1c:78:81:58:e0:40:5f:db:d3:d7:aa:8b:f3:38:
         3e:ba:a4:cd:db:12:44:22:e8:24:7d:23:02:e9:3f:30:e0:12:
         09:81:c5:b2:98:8e:a0:05:6e:9d:ee:34:4b:49:ac:22:a8:fc:
         0a:0b:e4:f9:89:68:e3:4a:67:26:0a:2c:80:78:74:65:43:7b:
         50:ce:e4:22:a1:3c:bf:e9:08:07:95:c4:a9:21:1b:6f:58:d6:
         7a:40:f7:a6:ab:98:ea:31:e7:9a:a4:95:e1:f3:bd:b6:f5:eb:
         23:cf:16:15
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn76wEoAVISDowUy5QBiFFJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE0ZTc3NzdjN2FmYjdkNDM5YjQ2ZjY4MWM0YzdiZjZhODI1
MmUzMTUwHhcNMjUxMDE5MTAwMTQ2WhcNMjUxMDIwMTAwMTQ2WjAzMTEwLwYDVQQD
Eyg1ZDEwMDA2YzFiNjM2ODQyNDU4YzQ1OTA4ZDI4NjlmZjRjZTdkMDczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtxn+rEwwWQVWIJCxj7w4rQ9K0WdJ
fQquDLQXttxcEocX3hjegIZtRHXQFIt3TlyF4shCit4raB6VJGol6I2xblZovM9M
Y6deKCIO83q3DqATjW44npFXoqt7u6ItJMMLs6bJ2qnHM6gW6aV6euGwmfSBVMIG
4fJTsn6Glj+iZCZTntoaY1oYlhWYCProRV9xXdyJprfojVaWXmx2zZEVt5urGz6i
Z9glsSNCaxKVYYwdjs45bbqp0oB595R5cDZHtsFusHvPL3lRSy9k5X6m2o9w73v5
4j2zUAHgBiQp1m6LngTl8Jl2sIN3kuJodlpHbNJHl3RbjpN+EDbMRkAa6QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFF0QAGwbY2hCRYxFkI0oaf9M59BzMB8GA1UdIwQY
MBaAFKTnd3x6+31Dm0b2gcTHv2qCUuMVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcE9kM2ZIcjdmVU9iUnZhQnhNZV9hb0pTNHhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS80NWFkNWItM2NlMS00OGYxLWJlZjct
NjQxY2ZiNmUzZDliLzEvcE9kM2ZIcjdmVU9iUnZhQnhNZV9hb0pTNHhVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMS80NWFkNWItM2NlMS00OGYxLWJlZjctNjQxY2ZiNmUzZDli
LzEvcE9kM2ZIcjdmVU9iUnZhQnhNZV9hb0pTNHhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKsw09ETi
5InscWiFeHbYvtuNWeCfLiTIWvd/Tdq/E69v5Y3g5Dc2Scj0aHESNsVxelo/sD0l
pi6Ryqp74MQPKcTVx5GBU/QDPJbU4f3U5t9A5l43BCObV/lo1aFfTRbXDgLWS/1z
p/QDQCtEF8MFiFk/mbz1JB7Us04wIwQMq+AHXQqnEQbDsnvTa4qbOhIAHwvlnhx4
gVjgQF/b09eqi/M4PrqkzdsSRCLoJH0jAuk/MOASCYHFspiOoAVune40S0msIqj8
Cgvk+Ylo40pnJgosgHh0ZUN7UM7kIqE8v+kIB5XEqSEbb1jWekD3pquY6jHnmqSV
4fO9tvXrI88WFQ==
-----END CERTIFICATE-----
Generated at Sun Oct 19 13:06:28 2025 by rpki-client