Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/4eca4d-3a2e-4a84-a789-01577a927fa9/1/nSP0y0urXBCAGncGWN-JHPuMaMY.mft
File:                     nSP0y0urXBCAGncGWN-JHPuMaMY.mft (raw, json)
Hash identifier:          xnGgkmy2T9Z0kOusGN2Lr8md2c6gVgcvIwmt3jXh+oI=
Subject key identifier:   A7:EE:56:A5:B6:6C:67:4C:FA:9C:EC:C4:EE:62:89:B1:35:DA:D7:44
Authority key identifier: 9D:23:F4:CB:4B:AB:5C:10:80:1A:77:06:58:DF:89:1C:FB:8C:68:C6
Certificate issuer:       /CN=9d23f4cb4bab5c10801a770658df891cfb8c68c6
Certificate serial:       0199FFFE782E6A4869777192CCACEF426E9A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/nSP0y0urXBCAGncGWN-JHPuMaMY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1a/4eca4d-3a2e-4a84-a789-01577a927fa9/1/nSP0y0urXBCAGncGWN-JHPuMaMY.mft
Manifest number:          16C3
Signing time:             Mon 20 Oct 2025 05:01:30 +0000
Manifest this update:     Mon 20 Oct 2025 05:01:30 +0000
Manifest next update:     Tue 21 Oct 2025 05:01:30 +0000
Files and hashes:         1: 7OjUVrWvd7B0o85DaKLfYgEDYYg.roa (hash: ElsP3+WGZy5wELbMJiGSwWwzyGB160S3FayAOyAR3A0=)
                          2: 8fw2tBPm8-dk07FF86WEj68NsSM.roa (hash: 9R57W9brfUx0SayL8ULp3+gRula33F2inaK6dFDPaew=)
                          3: JUWn6tZ6js3OQBG2kVmBzCYaASs.roa (hash: ZWaMncDoxletMNjHKIW8FwbEakDn9YubUJeGI0AcYdQ=)
                          4: miGTaFk5Cl8OYVzdHPitg-4uIW0.roa (hash: AGqT78lBpkV9yA91ZQMLyqGPYCLhxFGELYf24q65eEw=)
                          5: nSP0y0urXBCAGncGWN-JHPuMaMY.crl (hash: 80T0TbCRZD6Lua6/oIZWC+QErGsavU/9Yyrs1uxymGE=)
                          6: q06qTUv5-JCRpItbJ_9COQqHH6A.roa (hash: elj4UEL+GeLcIcxtH4+ahp+BuvQR4jhMQkNkTFsz2eM=)
                          7: zn7RiYTFSuY_H6EW4hkd0ugXhg4.roa (hash: TjPxbEKTKC4G0EExaKEE++vAM3LyoGQfvbpHNfpM9R0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/1a/4eca4d-3a2e-4a84-a789-01577a927fa9/1/nSP0y0urXBCAGncGWN-JHPuMaMY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/1a/4eca4d-3a2e-4a84-a789-01577a927fa9/1/nSP0y0urXBCAGncGWN-JHPuMaMY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/nSP0y0urXBCAGncGWN-JHPuMaMY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 21 Oct 2025 05:01:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:ff:fe:78:2e:6a:48:69:77:71:92:cc:ac:ef:42:6e:9a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9d23f4cb4bab5c10801a770658df891cfb8c68c6
        Validity
            Not Before: Oct 20 05:01:30 2025 GMT
            Not After : Oct 21 05:01:30 2025 GMT
        Subject: CN=a7ee56a5b66c674cfa9cecc4ee6289b135dad744
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:4c:53:b9:4f:57:28:86:ed:80:69:f3:f6:d4:
                    1b:c3:78:af:56:b1:a2:32:3c:63:30:d5:a5:68:d7:
                    79:cb:5a:ad:23:03:f6:d7:df:80:0d:80:45:5e:68:
                    73:a1:80:90:f4:58:0a:e6:6e:1b:13:59:a9:64:62:
                    5e:9b:ae:93:a6:8e:0f:1e:e7:35:f9:80:bd:3d:4c:
                    6b:61:f9:56:3f:21:39:87:69:f7:73:25:94:b6:bd:
                    54:70:62:00:19:0a:28:f1:e4:43:ce:e1:cb:87:c2:
                    ac:ca:4f:8c:36:31:17:44:c1:93:01:9a:05:6a:fe:
                    b0:d8:fd:6c:f5:f6:fe:e7:54:20:66:9a:6f:19:5b:
                    f1:41:14:54:03:26:a7:44:2f:97:09:58:55:30:14:
                    62:aa:5b:c7:37:36:7b:97:f0:97:c0:b1:20:44:03:
                    2c:51:a4:72:0c:bc:75:8b:48:28:d4:fb:eb:3d:1e:
                    8f:d2:53:bf:51:f2:5a:5f:5f:70:b0:f2:5d:69:60:
                    ff:1e:dd:cf:ed:88:f8:fc:45:7f:39:15:3d:86:0d:
                    71:a7:7e:97:da:d6:40:be:05:07:1d:a4:22:f1:62:
                    e2:0e:55:50:c7:ee:14:6d:99:e3:f1:19:25:b3:35:
                    4a:4d:d4:c3:fe:d9:b9:20:9a:0a:3e:af:e1:63:c3:
                    7b:77
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A7:EE:56:A5:B6:6C:67:4C:FA:9C:EC:C4:EE:62:89:B1:35:DA:D7:44
            X509v3 Authority Key Identifier:
                keyid:9D:23:F4:CB:4B:AB:5C:10:80:1A:77:06:58:DF:89:1C:FB:8C:68:C6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSP0y0urXBCAGncGWN-JHPuMaMY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/4eca4d-3a2e-4a84-a789-01577a927fa9/1/nSP0y0urXBCAGncGWN-JHPuMaMY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/4eca4d-3a2e-4a84-a789-01577a927fa9/1/nSP0y0urXBCAGncGWN-JHPuMaMY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3e:05:f7:1e:46:35:56:33:a3:25:8c:71:e9:0c:81:66:c9:e9:
         78:fe:2c:40:00:dd:34:3c:36:7d:ec:1b:c2:6e:ce:a3:e1:ed:
         ca:6a:77:35:9d:b4:04:f4:41:a7:7e:90:ea:6f:c8:c1:1c:5e:
         2a:77:d9:65:5e:39:42:89:8b:7f:ce:ed:24:0c:c4:0b:9a:b8:
         e3:af:62:6b:38:eb:9d:aa:3e:1c:51:72:ce:2a:14:87:0f:f1:
         2f:9e:1a:df:70:94:22:8e:ae:a1:42:d8:5a:c9:3c:ca:8e:4f:
         6a:fb:55:b8:ac:6b:e5:dd:1c:c2:b5:9e:42:b9:a6:4d:d4:32:
         d8:fb:a6:b4:89:9b:80:1a:c5:ee:71:19:3e:43:c1:79:b5:68:
         e6:b5:05:d2:e7:43:a7:4f:d4:b0:73:40:4b:23:80:d8:c4:fa:
         b2:f2:b6:da:aa:ce:b2:63:0c:46:bd:b7:9c:03:a2:f4:0c:10:
         72:c6:b5:65:86:87:18:2e:1a:a8:98:45:89:d1:4b:bf:4e:76:
         19:1e:7f:87:1f:00:70:0c:3e:ed:77:4f:59:77:00:7e:e8:dd:
         49:d8:03:5a:2c:8e:a2:00:74:0e:ec:d2:a1:6e:44:18:de:d5:
         af:ea:a6:3f:a9:66:5f:57:17:17:27:5c:b9:e4:3e:91:bf:38:
         17:ea:b6:b5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn//nguakhpd3GSzKzvQm6aMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMjNmNGNiNGJhYjVjMTA4MDFhNzcwNjU4ZGY4OTFjZmI4
YzY4YzYwHhcNMjUxMDIwMDUwMTMwWhcNMjUxMDIxMDUwMTMwWjAzMTEwLwYDVQQD
EyhhN2VlNTZhNWI2NmM2NzRjZmE5Y2VjYzRlZTYyODliMTM1ZGFkNzQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArExTuU9XKIbtgGnz9tQbw3ivVrGi
MjxjMNWlaNd5y1qtIwP219+ADYBFXmhzoYCQ9FgK5m4bE1mpZGJem66Tpo4PHuc1
+YC9PUxrYflWPyE5h2n3cyWUtr1UcGIAGQoo8eRDzuHLh8Ksyk+MNjEXRMGTAZoF
av6w2P1s9fb+51QgZppvGVvxQRRUAyanRC+XCVhVMBRiqlvHNzZ7l/CXwLEgRAMs
UaRyDLx1i0go1PvrPR6P0lO/UfJaX19wsPJdaWD/Ht3P7Yj4/EV/ORU9hg1xp36X
2tZAvgUHHaQi8WLiDlVQx+4UbZnj8RklszVKTdTD/tm5IJoKPq/hY8N7dwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKfuVqW2bGdM+pzsxO5iibE12tdEMB8GA1UdIwQY
MBaAFJ0j9MtLq1wQgBp3BljfiRz7jGjGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNQMHkwdXJYQkNBR25jR1dOLUpIUHVNYU1ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYS80ZWNhNGQtM2EyZS00YTg0LWE3ODkt
MDE1NzdhOTI3ZmE5LzEvblNQMHkwdXJYQkNBR25jR1dOLUpIUHVNYU1ZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYS80ZWNhNGQtM2EyZS00YTg0LWE3ODktMDE1NzdhOTI3ZmE5
LzEvblNQMHkwdXJYQkNBR25jR1dOLUpIUHVNYU1ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAPgX3HkY1
VjOjJYxx6QyBZsnpeP4sQADdNDw2fewbwm7Oo+Htymp3NZ20BPRBp36Q6m/IwRxe
KnfZZV45QomLf87tJAzEC5q4469iazjrnao+HFFyzioUhw/xL54a33CUIo6uoULY
Wsk8yo5PavtVuKxr5d0cwrWeQrmmTdQy2PumtImbgBrF7nEZPkPBebVo5rUF0udD
p0/UsHNASyOA2MT6svK22qrOsmMMRr23nAOi9AwQcsa1ZYaHGC4aqJhFidFLv052
GR5/hx8AcAw+7XdPWXcAfujdSdgDWiyOogB0DuzSoW5EGN7Vr+qmP6lmX1cXFydc
ueQ+kb84F+q2tQ==
-----END CERTIFICATE-----
Generated at Mon Oct 20 12:36:31 2025 by rpki-client