Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/0157c9-3488-4fb8-9b4f-9909ee2f33b2/1/hYYCc-snGSK59-yPSlkQFjVtcys.mft
File:                     hYYCc-snGSK59-yPSlkQFjVtcys.mft (raw, json)
Hash identifier:          3743je3oMP9aEMzQRy89rQnw+HHiZJTKv1I3P3MdumM=
Subject key identifier:   47:81:F2:C4:02:A3:74:55:F9:14:70:CE:ED:2B:EB:76:93:A8:68:25
Authority key identifier: 85:86:02:73:EB:27:19:22:B9:F7:EC:8F:4A:59:10:16:35:6D:73:2B
Certificate issuer:       /CN=85860273eb271922b9f7ec8f4a591016356d732b
Certificate serial:       0199FC2193EA162DF0E41C4FF05842FBAAE3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hYYCc-snGSK59-yPSlkQFjVtcys.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/16/0157c9-3488-4fb8-9b4f-9909ee2f33b2/1/hYYCc-snGSK59-yPSlkQFjVtcys.mft
Manifest number:          0C01
Signing time:             Sun 19 Oct 2025 11:01:22 +0000
Manifest this update:     Sun 19 Oct 2025 11:01:22 +0000
Manifest next update:     Mon 20 Oct 2025 11:01:22 +0000
Files and hashes:         1: hYYCc-snGSK59-yPSlkQFjVtcys.crl (hash: vPX5ACmrUNBHKA7pjHh5tEfbHshXhegsNpoR+XkBCu0=)
                          2: mddF3t4TzWyM7kqwlkCBOdlwjiA.roa (hash: gzOYKSEvkTGbu+QJJsi1Jgy+e4XYPYdTDnUqdEsobA8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/16/0157c9-3488-4fb8-9b4f-9909ee2f33b2/1/hYYCc-snGSK59-yPSlkQFjVtcys.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/16/0157c9-3488-4fb8-9b4f-9909ee2f33b2/1/hYYCc-snGSK59-yPSlkQFjVtcys.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/hYYCc-snGSK59-yPSlkQFjVtcys.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 06:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fc:21:93:ea:16:2d:f0:e4:1c:4f:f0:58:42:fb:aa:e3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=85860273eb271922b9f7ec8f4a591016356d732b
        Validity
            Not Before: Oct 19 11:01:22 2025 GMT
            Not After : Oct 20 11:01:22 2025 GMT
        Subject: CN=4781f2c402a37455f91470ceed2beb7693a86825
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e5:09:7a:13:14:d5:36:c7:13:0f:b3:40:4c:36:
                    22:86:84:a5:cf:f3:50:c1:28:4e:ca:b6:4d:59:52:
                    5b:a8:3c:4f:5c:0a:49:01:35:d5:f0:18:ba:1a:fc:
                    95:64:0b:9f:73:9c:af:97:1b:24:81:73:cf:df:d9:
                    2f:dd:e9:6a:6e:03:f0:46:5f:d9:a4:c7:5b:08:72:
                    57:0f:3a:71:2a:ea:c1:24:05:66:64:db:5e:fb:10:
                    03:95:73:3d:3b:97:90:ee:7b:9d:18:e5:37:de:ae:
                    d2:98:28:78:b5:bc:4d:82:cb:e2:1b:42:a9:34:dc:
                    4b:05:df:12:1e:bc:cc:b4:a5:d6:e9:1d:74:b3:0d:
                    af:35:df:9c:89:39:77:5f:29:f4:21:32:8e:04:05:
                    f0:87:d5:2e:1b:c3:59:39:86:99:3d:33:31:b2:bc:
                    09:8b:f8:6b:96:2a:4e:24:49:f2:48:4f:55:10:ed:
                    8c:02:fc:8f:d4:25:9c:22:70:26:22:a2:5d:50:23:
                    2a:67:33:48:cf:3a:4e:99:41:82:9e:e2:ac:a9:3e:
                    cd:07:b1:1e:74:cb:98:52:b9:cf:c9:a0:ef:59:a3:
                    e8:5c:a3:48:62:b8:ee:45:64:8b:e0:ab:97:7a:0c:
                    2f:fb:90:96:ba:a4:da:69:e2:34:ee:92:aa:3e:3d:
                    2f:cf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                47:81:F2:C4:02:A3:74:55:F9:14:70:CE:ED:2B:EB:76:93:A8:68:25
            X509v3 Authority Key Identifier:
                keyid:85:86:02:73:EB:27:19:22:B9:F7:EC:8F:4A:59:10:16:35:6D:73:2B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hYYCc-snGSK59-yPSlkQFjVtcys.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/0157c9-3488-4fb8-9b4f-9909ee2f33b2/1/hYYCc-snGSK59-yPSlkQFjVtcys.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/16/0157c9-3488-4fb8-9b4f-9909ee2f33b2/1/hYYCc-snGSK59-yPSlkQFjVtcys.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         55:59:81:f5:75:38:0a:45:b2:52:44:88:38:bf:08:2e:2c:af:
         72:ec:b9:46:90:94:31:ab:4e:5c:35:1b:ce:00:93:9e:f4:58:
         e5:ad:69:43:61:6c:5a:2a:69:2b:14:49:69:ba:21:75:7a:37:
         43:7c:b2:2e:5d:05:fc:0c:50:fe:ea:15:f0:62:42:91:03:11:
         d6:4e:0e:fe:e2:7a:33:ed:13:2f:ed:9d:74:7d:a5:77:54:5b:
         ec:2f:cf:9a:1f:f4:a6:13:0e:b0:41:42:0f:8d:00:18:f8:a1:
         27:11:0b:cd:34:3e:9c:13:07:46:87:75:a4:bf:ee:93:ed:0e:
         66:64:62:c7:c9:9d:0e:d6:4f:c1:5b:a6:ab:72:d2:a4:28:db:
         a1:ed:2c:96:51:45:8b:cd:45:13:7a:35:5a:4a:ca:8c:ca:84:
         71:67:af:f9:11:4c:ea:88:63:74:07:62:16:86:cf:3a:0a:d7:
         e8:cb:57:d3:1f:4d:78:0b:8f:5d:17:f5:e7:37:5a:0c:e5:01:
         03:09:0d:27:e3:44:45:44:c8:6d:e4:5c:95:86:47:41:fa:04:
         f2:a7:cd:6a:14:c5:74:a5:c2:d2:bb:28:e8:37:a3:d6:62:39:
         ea:72:25:6e:e9:86:92:cc:5f:2a:f4:e0:36:75:12:2e:fc:66:
         03:43:bf:71
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn8IZPqFi3w5BxP8FhC+6rjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1ODYwMjczZWIyNzE5MjJiOWY3ZWM4ZjRhNTkxMDE2MzU2
ZDczMmIwHhcNMjUxMDE5MTEwMTIyWhcNMjUxMDIwMTEwMTIyWjAzMTEwLwYDVQQD
Eyg0NzgxZjJjNDAyYTM3NDU1ZjkxNDcwY2VlZDJiZWI3NjkzYTg2ODI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5Ql6ExTVNscTD7NATDYihoSlz/NQ
wShOyrZNWVJbqDxPXApJATXV8Bi6GvyVZAufc5yvlxskgXPP39kv3elqbgPwRl/Z
pMdbCHJXDzpxKurBJAVmZNte+xADlXM9O5eQ7nudGOU33q7SmCh4tbxNgsviG0Kp
NNxLBd8SHrzMtKXW6R10sw2vNd+ciTl3Xyn0ITKOBAXwh9UuG8NZOYaZPTMxsrwJ
i/hrlipOJEnySE9VEO2MAvyP1CWcInAmIqJdUCMqZzNIzzpOmUGCnuKsqT7NB7Ee
dMuYUrnPyaDvWaPoXKNIYrjuRWSL4KuXegwv+5CWuqTaaeI07pKqPj0vzwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEeB8sQCo3RV+RRwzu0r63aTqGglMB8GA1UdIwQY
MBaAFIWGAnPrJxkiuffsj0pZEBY1bXMrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaFlZQ2Mtc25HU0s1OS15UFNsa1FGalZ0Y3lzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi8wMTU3YzktMzQ4OC00ZmI4LTliNGYt
OTkwOWVlMmYzM2IyLzEvaFlZQ2Mtc25HU0s1OS15UFNsa1FGalZ0Y3lzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi8wMTU3YzktMzQ4OC00ZmI4LTliNGYtOTkwOWVlMmYzM2Iy
LzEvaFlZQ2Mtc25HU0s1OS15UFNsa1FGalZ0Y3lzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVVmB9XU4
CkWyUkSIOL8ILiyvcuy5RpCUMatOXDUbzgCTnvRY5a1pQ2FsWippKxRJabohdXo3
Q3yyLl0F/AxQ/uoV8GJCkQMR1k4O/uJ6M+0TL+2ddH2ld1Rb7C/Pmh/0phMOsEFC
D40AGPihJxELzTQ+nBMHRod1pL/uk+0OZmRix8mdDtZPwVumq3LSpCjboe0sllFF
i81FE3o1WkrKjMqEcWev+RFM6ohjdAdiFobPOgrX6MtX0x9NeAuPXRf15zdaDOUB
AwkNJ+NERUTIbeRclYZHQfoE8qfNahTFdKXC0rso6Dej1mI56nIlbumGksxfKvTg
NnUSLvxmA0O/cQ==
-----END CERTIFICATE-----
Generated at Sun Oct 19 13:07:19 2025 by rpki-client