Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/1f1cbd-fea6-4553-8db6-4e09f9e85723/1/nUkl6XatC_tz4JfaaRfoD1vObIw.mft
File:                     nUkl6XatC_tz4JfaaRfoD1vObIw.mft (raw, json)
Hash identifier:          VWaYGh3/cYR2QuIKmBzYXUvNEoFU0Fzu1oWEITN9fTM=
Subject key identifier:   B5:47:11:8B:87:1D:FB:4F:CD:EF:FB:AF:CB:4F:EF:F2:AA:99:16:EE
Authority key identifier: 9D:49:25:E9:76:AD:0B:FB:73:E0:97:DA:69:17:E8:0F:5B:CE:6C:8C
Certificate issuer:       /CN=9d4925e976ad0bfb73e097da6917e80f5bce6c8c
Certificate serial:       0199FBEB39A02355B671520C93CD23F37E9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/nUkl6XatC_tz4JfaaRfoD1vObIw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/17/1f1cbd-fea6-4553-8db6-4e09f9e85723/1/nUkl6XatC_tz4JfaaRfoD1vObIw.mft
Manifest number:          1140
Signing time:             Sun 19 Oct 2025 10:02:00 +0000
Manifest this update:     Sun 19 Oct 2025 10:02:00 +0000
Manifest next update:     Mon 20 Oct 2025 10:02:00 +0000
Files and hashes:         1: 7Wfm8N_BNNM1ZIAzk65u_y1CoxQ.roa (hash: vGKhwTsZ6bUD5wem1afZhHCNpuoU8y3whIP7i2K9fc8=)
                          2: nUkl6XatC_tz4JfaaRfoD1vObIw.crl (hash: SXWGkfhPFESl87IIGhZN/JTUiCFBsrsxLhfBVxiDJfU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/17/1f1cbd-fea6-4553-8db6-4e09f9e85723/1/nUkl6XatC_tz4JfaaRfoD1vObIw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/17/1f1cbd-fea6-4553-8db6-4e09f9e85723/1/nUkl6XatC_tz4JfaaRfoD1vObIw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/nUkl6XatC_tz4JfaaRfoD1vObIw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 06:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fb:eb:39:a0:23:55:b6:71:52:0c:93:cd:23:f3:7e:9b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9d4925e976ad0bfb73e097da6917e80f5bce6c8c
        Validity
            Not Before: Oct 19 10:02:00 2025 GMT
            Not After : Oct 20 10:02:00 2025 GMT
        Subject: CN=b547118b871dfb4fcdeffbafcb4feff2aa9916ee
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:35:7b:2b:cf:89:a7:85:b9:9b:c3:b5:c7:3e:
                    c7:69:63:b7:fb:69:75:a2:8f:11:00:93:8a:39:6e:
                    f9:e0:0b:c8:c9:35:04:e8:f3:e5:b2:9e:bb:a4:f5:
                    48:3b:42:20:59:d4:37:0a:7a:45:99:0c:6c:9b:9c:
                    b6:e1:53:ea:51:d9:06:af:99:3c:71:9b:2d:73:78:
                    71:ef:7b:9c:f5:11:d9:b0:d9:d7:a4:04:19:68:38:
                    eb:1b:ce:00:f3:e8:18:58:8c:c4:5b:79:2c:04:83:
                    29:13:9f:06:fc:a2:fb:10:63:78:a4:d1:33:b3:fc:
                    61:e7:f9:89:7f:f5:ae:3e:ac:6c:c9:78:b8:cf:da:
                    81:e8:c6:c9:ed:3e:7e:56:bb:2c:cf:38:2d:05:d7:
                    21:29:f1:ff:9a:da:62:23:3c:ae:ca:a5:07:8f:63:
                    76:31:0a:21:95:3a:22:4a:35:76:a2:9e:82:22:32:
                    1d:0b:ce:02:a3:2d:7d:68:74:c3:b8:26:f8:22:71:
                    d8:57:3f:47:29:13:a1:20:59:6c:93:75:e5:9a:05:
                    5e:fb:b8:01:89:47:f6:1d:3c:49:5c:20:69:b2:65:
                    19:9c:3f:81:91:9f:73:c8:b7:bc:1b:83:d2:6e:eb:
                    76:9a:12:a6:b6:2e:02:13:a5:22:74:35:a9:db:cf:
                    15:cb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B5:47:11:8B:87:1D:FB:4F:CD:EF:FB:AF:CB:4F:EF:F2:AA:99:16:EE
            X509v3 Authority Key Identifier:
                keyid:9D:49:25:E9:76:AD:0B:FB:73:E0:97:DA:69:17:E8:0F:5B:CE:6C:8C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nUkl6XatC_tz4JfaaRfoD1vObIw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/1f1cbd-fea6-4553-8db6-4e09f9e85723/1/nUkl6XatC_tz4JfaaRfoD1vObIw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/17/1f1cbd-fea6-4553-8db6-4e09f9e85723/1/nUkl6XatC_tz4JfaaRfoD1vObIw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         71:5b:7a:e4:b1:3d:ef:fc:97:76:59:1d:18:38:fa:c9:28:7c:
         f5:49:79:54:cc:f0:10:f9:84:6d:86:6e:7c:42:ee:a4:86:35:
         e1:7d:8e:7a:82:33:cd:7d:43:50:19:d8:35:71:f3:c7:3c:0d:
         33:49:74:8a:00:24:b5:81:b1:b5:e0:d0:24:91:b9:8c:4f:55:
         22:69:ee:6d:b7:df:2d:e8:c1:9c:61:a8:d4:c0:c1:fb:35:18:
         8e:29:56:67:4b:a9:25:e5:78:0f:9d:37:25:27:3b:40:60:40:
         05:cc:86:d3:d6:f1:4b:73:0b:29:88:4c:22:31:2b:20:c6:41:
         9e:cb:44:74:44:2b:24:87:22:d2:ae:a5:bf:2b:6f:f5:45:a9:
         4a:91:24:65:af:25:11:49:c8:25:60:e1:70:bc:96:bb:cf:62:
         61:c0:7f:6c:f7:c2:b9:2c:96:e7:5f:c4:b6:e2:f9:3b:99:c1:
         96:09:1d:4c:71:ee:80:00:19:9e:8a:e6:08:d1:4d:2c:bd:ac:
         cb:dc:e6:cd:b1:b4:5b:58:4a:94:92:63:0a:55:49:c3:9e:2c:
         47:a4:02:e9:61:6a:d8:55:d0:41:5f:b7:0c:d3:88:3e:3a:04:
         0a:0c:fe:68:4f:47:25:84:cd:3d:8d:ad:4b:fc:b0:9a:f9:e8:
         43:f0:94:64
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn76zmgI1W2cVIMk80j836bMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkNDkyNWU5NzZhZDBiZmI3M2UwOTdkYTY5MTdlODBmNWJj
ZTZjOGMwHhcNMjUxMDE5MTAwMjAwWhcNMjUxMDIwMTAwMjAwWjAzMTEwLwYDVQQD
EyhiNTQ3MTE4Yjg3MWRmYjRmY2RlZmZiYWZjYjRmZWZmMmFhOTkxNmVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwTV7K8+Jp4W5m8O1xz7HaWO3+2l1
oo8RAJOKOW754AvIyTUE6PPlsp67pPVIO0IgWdQ3CnpFmQxsm5y24VPqUdkGr5k8
cZstc3hx73uc9RHZsNnXpAQZaDjrG84A8+gYWIzEW3ksBIMpE58G/KL7EGN4pNEz
s/xh5/mJf/WuPqxsyXi4z9qB6MbJ7T5+VrsszzgtBdchKfH/mtpiIzyuyqUHj2N2
MQohlToiSjV2op6CIjIdC84Coy19aHTDuCb4InHYVz9HKROhIFlsk3XlmgVe+7gB
iUf2HTxJXCBpsmUZnD+BkZ9zyLe8G4PSbut2mhKmti4CE6UidDWp288VywIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLVHEYuHHftPze/7r8tP7/KqmRbuMB8GA1UdIwQY
MBaAFJ1JJel2rQv7c+CX2mkX6A9bzmyMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblVrbDZYYXRDX3R6NEpmYWFSZm9EMXZPYkl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy8xZjFjYmQtZmVhNi00NTUzLThkYjYt
NGUwOWY5ZTg1NzIzLzEvblVrbDZYYXRDX3R6NEpmYWFSZm9EMXZPYkl3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy8xZjFjYmQtZmVhNi00NTUzLThkYjYtNGUwOWY5ZTg1NzIz
LzEvblVrbDZYYXRDX3R6NEpmYWFSZm9EMXZPYkl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAcVt65LE9
7/yXdlkdGDj6ySh89Ul5VMzwEPmEbYZufELupIY14X2OeoIzzX1DUBnYNXHzxzwN
M0l0igAktYGxteDQJJG5jE9VImnubbffLejBnGGo1MDB+zUYjilWZ0upJeV4D503
JSc7QGBABcyG09bxS3MLKYhMIjErIMZBnstEdEQrJIci0q6lvytv9UWpSpEkZa8l
EUnIJWDhcLyWu89iYcB/bPfCuSyW51/EtuL5O5nBlgkdTHHugAAZnormCNFNLL2s
y9zmzbG0W1hKlJJjClVJw54sR6QC6WFq2FXQQV+3DNOIPjoECgz+aE9HJYTNPY2t
S/ywmvnoQ/CUZA==
-----END CERTIFICATE-----
Generated at Sun Oct 19 15:15:19 2025 by rpki-client