Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/a9a479-9e2f-4cb0-8ded-7781681077f7/1/ApHU3hMNpqrOIu2ZZQvhgkl-C88.mft
File:                     ApHU3hMNpqrOIu2ZZQvhgkl-C88.mft (raw, json)
Hash identifier:          aumgagHjO6HyKJMMUjYnAFpGPpKfM8dpuzUdNkcpDZw=
Subject key identifier:   6A:F1:99:51:26:13:CA:AF:2D:EC:0B:9D:9A:9F:9B:56:10:C6:F0:11
Authority key identifier: 02:91:D4:DE:13:0D:A6:AA:CE:22:ED:99:65:0B:E1:82:49:7E:0B:CF
Certificate issuer:       /CN=0291d4de130da6aace22ed99650be182497e0bcf
Certificate serial:       019A03A4ED13DC54BF425B9AAC7FDD1F1348
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ApHU3hMNpqrOIu2ZZQvhgkl-C88.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/13/a9a479-9e2f-4cb0-8ded-7781681077f7/1/ApHU3hMNpqrOIu2ZZQvhgkl-C88.mft
Manifest number:          16E5
Signing time:             Mon 20 Oct 2025 22:02:11 +0000
Manifest this update:     Mon 20 Oct 2025 22:02:11 +0000
Manifest next update:     Tue 21 Oct 2025 22:02:11 +0000
Files and hashes:         1: ApHU3hMNpqrOIu2ZZQvhgkl-C88.crl (hash: +mGrSQ1TdHsj/bpdDdlCaANpoNaesYZBQTaNQ0lE48o=)
                          2: Bbv2QAFPf4Szau3NTd0aayAiypc.roa (hash: cRocTgGmyLRnpI3qcdUdz3Vd6OE/CS3oghy6+UyVfVc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/13/a9a479-9e2f-4cb0-8ded-7781681077f7/1/ApHU3hMNpqrOIu2ZZQvhgkl-C88.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/13/a9a479-9e2f-4cb0-8ded-7781681077f7/1/ApHU3hMNpqrOIu2ZZQvhgkl-C88.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ApHU3hMNpqrOIu2ZZQvhgkl-C88.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 21 Oct 2025 22:00:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:03:a4:ed:13:dc:54:bf:42:5b:9a:ac:7f:dd:1f:13:48
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0291d4de130da6aace22ed99650be182497e0bcf
        Validity
            Not Before: Oct 20 22:02:11 2025 GMT
            Not After : Oct 21 22:02:11 2025 GMT
        Subject: CN=6af199512613caaf2dec0b9d9a9f9b5610c6f011
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:e2:f8:65:41:16:a5:3f:8a:f6:e6:53:ce:14:
                    e7:ae:8f:18:67:61:56:70:d6:9c:20:d9:a9:d1:c0:
                    e8:90:fb:35:ca:cf:5b:1f:ee:9f:e5:13:91:3c:8b:
                    5e:da:aa:e6:bd:ec:a7:19:79:84:67:03:6d:58:82:
                    6b:94:6e:4e:ed:dc:81:3f:af:13:bc:ef:00:08:10:
                    2f:09:44:4f:cf:ce:71:4a:29:e0:63:68:52:1e:e5:
                    c5:24:a9:a1:74:b6:78:25:90:c0:4a:81:e7:55:3e:
                    35:a6:21:23:cf:40:b2:b6:18:7e:2c:5f:77:14:61:
                    0f:61:ca:9f:6d:19:9e:06:fa:f2:7e:c1:c1:67:32:
                    3c:7f:8b:10:ab:80:03:fa:42:68:98:58:da:e8:95:
                    4d:34:08:b5:f2:d2:ca:0b:2c:20:7d:e7:61:8d:50:
                    ff:1a:8d:30:d2:4c:65:bf:d1:a9:04:fb:ac:62:6e:
                    7e:27:90:fd:b4:d7:cc:91:1e:6e:ed:e9:c3:58:5a:
                    c7:ba:59:ad:74:1a:b1:42:09:b0:d4:f5:22:17:1c:
                    15:86:cc:4c:c7:74:1e:55:4a:39:be:d0:b7:30:f5:
                    32:b8:dd:47:0d:a5:d3:70:2b:81:50:60:1e:0b:7e:
                    b6:89:80:f8:40:fd:ae:d5:35:74:af:34:d3:30:f7:
                    40:fd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6A:F1:99:51:26:13:CA:AF:2D:EC:0B:9D:9A:9F:9B:56:10:C6:F0:11
            X509v3 Authority Key Identifier:
                keyid:02:91:D4:DE:13:0D:A6:AA:CE:22:ED:99:65:0B:E1:82:49:7E:0B:CF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ApHU3hMNpqrOIu2ZZQvhgkl-C88.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/a9a479-9e2f-4cb0-8ded-7781681077f7/1/ApHU3hMNpqrOIu2ZZQvhgkl-C88.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/13/a9a479-9e2f-4cb0-8ded-7781681077f7/1/ApHU3hMNpqrOIu2ZZQvhgkl-C88.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         8c:e3:da:4e:1b:97:2f:ea:48:a5:7e:c8:34:4e:cf:ea:0f:e7:
         01:3e:52:06:a0:cb:27:83:49:75:9a:5c:00:8c:67:1e:d1:75:
         fd:64:23:9f:cf:27:a2:0a:8b:de:51:f6:a4:e7:db:cd:e3:2c:
         f1:77:a9:1c:2f:06:95:ac:a4:a8:8f:13:49:3f:32:ad:62:ca:
         13:38:e1:c2:b1:e3:08:5d:62:ab:93:cf:03:24:34:c0:00:52:
         c2:d0:c8:a8:20:f3:4b:46:81:b4:57:51:15:c9:ca:18:5e:da:
         d6:8d:00:39:5d:b5:f9:88:03:ee:6a:3f:c9:98:04:96:3c:0a:
         8a:c3:2b:fb:27:fb:6d:43:fa:41:38:37:a0:54:b6:d1:ad:04:
         fa:5a:52:23:08:5f:f4:bf:98:3a:0b:0a:d3:c4:9b:e5:82:fb:
         46:8b:6c:25:6d:3f:97:f5:84:64:e6:35:1d:be:27:88:52:78:
         e5:13:24:07:4d:54:60:52:f3:8e:1e:c3:27:51:45:5d:08:86:
         9c:96:54:f0:e7:7e:7b:a1:6e:26:df:ba:65:95:d2:35:72:41:
         24:bb:d2:7a:42:5a:dc:d0:c8:97:b1:51:fd:ee:37:a9:ae:d9:
         2e:73:31:f2:11:fd:51:1d:a8:34:58:67:82:20:bc:5f:bc:ed:
         41:ab:f5:31
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZoDpO0T3FS/QluarH/dHxNIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAyOTFkNGRlMTMwZGE2YWFjZTIyZWQ5OTY1MGJlMTgyNDk3
ZTBiY2YwHhcNMjUxMDIwMjIwMjExWhcNMjUxMDIxMjIwMjExWjAzMTEwLwYDVQQD
Eyg2YWYxOTk1MTI2MTNjYWFmMmRlYzBiOWQ5YTlmOWI1NjEwYzZmMDExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw+L4ZUEWpT+K9uZTzhTnro8YZ2FW
cNacINmp0cDokPs1ys9bH+6f5RORPIte2qrmveynGXmEZwNtWIJrlG5O7dyBP68T
vO8ACBAvCURPz85xSingY2hSHuXFJKmhdLZ4JZDASoHnVT41piEjz0Cythh+LF93
FGEPYcqfbRmeBvryfsHBZzI8f4sQq4AD+kJomFja6JVNNAi18tLKCywgfedhjVD/
Go0w0kxlv9GpBPusYm5+J5D9tNfMkR5u7enDWFrHulmtdBqxQgmw1PUiFxwVhsxM
x3QeVUo5vtC3MPUyuN1HDaXTcCuBUGAeC362iYD4QP2u1TV0rzTTMPdA/QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGrxmVEmE8qvLewLnZqfm1YQxvARMB8GA1UdIwQY
MBaAFAKR1N4TDaaqziLtmWUL4YJJfgvPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQXBIVTNoTU5wcXJPSXUyWlpRdmhna2wtQzg4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9hOWE0NzktOWUyZi00Y2IwLThkZWQt
Nzc4MTY4MTA3N2Y3LzEvQXBIVTNoTU5wcXJPSXUyWlpRdmhna2wtQzg4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9hOWE0NzktOWUyZi00Y2IwLThkZWQtNzc4MTY4MTA3N2Y3
LzEvQXBIVTNoTU5wcXJPSXUyWlpRdmhna2wtQzg4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAjOPaThuX
L+pIpX7INE7P6g/nAT5SBqDLJ4NJdZpcAIxnHtF1/WQjn88nogqL3lH2pOfbzeMs
8XepHC8GlaykqI8TST8yrWLKEzjhwrHjCF1iq5PPAyQ0wABSwtDIqCDzS0aBtFdR
FcnKGF7a1o0AOV21+YgD7mo/yZgEljwKisMr+yf7bUP6QTg3oFS20a0E+lpSIwhf
9L+YOgsK08Sb5YL7RotsJW0/l/WEZOY1Hb4niFJ45RMkB01UYFLzjh7DJ1FFXQiG
nJZU8Od+e6FuJt+6ZZXSNXJBJLvSekJa3NDIl7FR/e43qa7ZLnMx8hH9UR2oNFhn
giC8X7ztQav1MQ==
-----END CERTIFICATE-----
Generated at Tue Oct 21 07:19:43 2025 by rpki-client