Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/6ec943-70e2-4335-84fe-c79d4eeb5ad6/1/4kCgJeDmGkTZPkqAHjiIsm570kE.mft
File:                     4kCgJeDmGkTZPkqAHjiIsm570kE.mft (raw, json)
Hash identifier:          os9AhxfAhy+rNW6JA/c8vocUXVQHo9I4akMHJ9RU380=
Subject key identifier:   A0:F7:80:D3:B6:1A:CD:6E:A5:C8:A4:C5:09:8B:98:3E:36:9F:02:C5
Authority key identifier: E2:40:A0:25:E0:E6:1A:44:D9:3E:4A:80:1E:38:88:B2:6E:7B:D2:41
Certificate issuer:       /CN=e240a025e0e61a44d93e4a801e3888b26e7bd241
Certificate serial:       0199FF22BA1755EE81120A23E8B34733FBB6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/4kCgJeDmGkTZPkqAHjiIsm570kE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1a/6ec943-70e2-4335-84fe-c79d4eeb5ad6/1/4kCgJeDmGkTZPkqAHjiIsm570kE.mft
Manifest number:          16E6
Signing time:             Mon 20 Oct 2025 01:01:29 +0000
Manifest this update:     Mon 20 Oct 2025 01:01:29 +0000
Manifest next update:     Tue 21 Oct 2025 01:01:29 +0000
Files and hashes:         1: 4kCgJeDmGkTZPkqAHjiIsm570kE.crl (hash: r07SPBERTfRfBYSsiC1AZ3otS1LBGfmG5v+nYeXVskg=)
                          2: K7SH4zYCXr-cp1q6N2Mp-Gdj1PU.roa (hash: fOTEXpl4gYkXzMjvkhlooQdp3U8U0Z9lMps20TcryK0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/1a/6ec943-70e2-4335-84fe-c79d4eeb5ad6/1/4kCgJeDmGkTZPkqAHjiIsm570kE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/1a/6ec943-70e2-4335-84fe-c79d4eeb5ad6/1/4kCgJeDmGkTZPkqAHjiIsm570kE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/4kCgJeDmGkTZPkqAHjiIsm570kE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 21 Oct 2025 00:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:ff:22:ba:17:55:ee:81:12:0a:23:e8:b3:47:33:fb:b6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e240a025e0e61a44d93e4a801e3888b26e7bd241
        Validity
            Not Before: Oct 20 01:01:29 2025 GMT
            Not After : Oct 21 01:01:29 2025 GMT
        Subject: CN=a0f780d3b61acd6ea5c8a4c5098b983e369f02c5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d7:66:c2:98:17:0a:76:0a:57:bf:5a:b7:6b:62:
                    69:e0:85:2d:ab:9b:a1:fd:c1:d0:08:44:e9:cc:57:
                    cc:09:2e:b6:d4:d6:d2:7e:c6:42:4e:20:fc:e6:17:
                    b6:ae:c5:12:e2:3e:db:1d:78:5d:08:b7:b4:60:80:
                    de:04:35:a6:b3:3e:a4:d6:59:4c:e7:41:8f:25:2b:
                    dd:1f:50:c5:7b:7c:f1:04:33:72:a6:f8:80:d5:2b:
                    80:1e:96:c4:51:0b:b0:c7:75:78:16:bf:65:2d:e3:
                    bf:3f:a6:a0:d0:ec:13:3e:35:87:79:c5:1e:92:99:
                    90:7e:e0:fa:f5:7d:ed:34:3f:63:fb:37:db:1a:bb:
                    db:d8:79:72:c4:7e:10:07:d8:97:22:e1:ee:bf:93:
                    1a:91:93:5d:44:6e:7e:0d:3d:06:f9:1f:37:4d:a0:
                    86:c6:04:18:34:91:6a:fd:2a:c8:54:a8:0b:c5:52:
                    d4:b9:fe:5f:e3:c5:b6:4d:a1:b1:be:da:27:4f:1d:
                    65:95:f8:44:07:44:2b:c6:c6:68:81:eb:72:b9:42:
                    be:ac:4c:d0:56:e2:c2:b6:00:f6:65:92:ad:b9:64:
                    26:4b:14:09:bb:ba:ca:44:e4:4c:04:fb:b6:06:3f:
                    51:87:93:83:0d:b0:a9:f0:81:59:6d:8c:69:0d:1b:
                    77:7d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A0:F7:80:D3:B6:1A:CD:6E:A5:C8:A4:C5:09:8B:98:3E:36:9F:02:C5
            X509v3 Authority Key Identifier:
                keyid:E2:40:A0:25:E0:E6:1A:44:D9:3E:4A:80:1E:38:88:B2:6E:7B:D2:41

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4kCgJeDmGkTZPkqAHjiIsm570kE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/6ec943-70e2-4335-84fe-c79d4eeb5ad6/1/4kCgJeDmGkTZPkqAHjiIsm570kE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/6ec943-70e2-4335-84fe-c79d4eeb5ad6/1/4kCgJeDmGkTZPkqAHjiIsm570kE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0e:b1:2f:44:f3:ce:8f:b6:6f:ea:87:fc:76:69:52:9e:b4:98:
         e2:2e:3a:5c:93:85:4b:32:40:7f:a1:37:f8:43:d2:1b:b3:d5:
         50:a2:b8:39:8f:a5:9c:3d:c7:98:47:7e:1d:53:79:2e:9b:22:
         d8:68:91:d2:f6:bf:ad:c3:c5:0e:69:db:fc:3b:a4:c5:93:09:
         08:3d:ab:02:82:d6:21:20:dd:6b:cf:b8:68:c2:41:48:3d:04:
         3a:9b:5c:72:de:37:c0:21:21:64:f5:89:32:1d:4c:85:61:57:
         2a:a4:3d:02:c3:8d:2c:07:df:bc:86:01:bb:74:fc:41:fd:86:
         b4:af:19:a0:de:c4:66:ef:01:7f:04:cc:9a:98:32:08:3b:e5:
         e0:94:be:45:da:9f:9b:a7:45:9a:d1:c6:f6:c4:4b:d9:06:62:
         92:86:f9:2b:30:99:bd:7e:ca:89:cf:5e:d1:8b:f4:8b:1f:72:
         e0:bb:8c:6e:97:c1:27:cf:c1:fa:08:53:6a:41:3d:59:42:dd:
         f0:0e:a3:ca:87:7a:e9:aa:f8:9e:10:41:7e:d9:0c:7e:0c:33:
         94:28:9e:e5:37:e7:67:a0:f5:e1:57:7f:7a:00:7b:f9:9a:8d:
         8b:a2:41:2e:08:fd:36:2b:80:3c:e0:f8:da:ef:e2:27:65:79:
         c4:f6:0a:62
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn/IroXVe6BEgoj6LNHM/u2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUyNDBhMDI1ZTBlNjFhNDRkOTNlNGE4MDFlMzg4OGIyNmU3
YmQyNDEwHhcNMjUxMDIwMDEwMTI5WhcNMjUxMDIxMDEwMTI5WjAzMTEwLwYDVQQD
EyhhMGY3ODBkM2I2MWFjZDZlYTVjOGE0YzUwOThiOTgzZTM2OWYwMmM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA12bCmBcKdgpXv1q3a2Jp4IUtq5uh
/cHQCETpzFfMCS621NbSfsZCTiD85he2rsUS4j7bHXhdCLe0YIDeBDWmsz6k1llM
50GPJSvdH1DFe3zxBDNypviA1SuAHpbEUQuwx3V4Fr9lLeO/P6ag0OwTPjWHecUe
kpmQfuD69X3tND9j+zfbGrvb2HlyxH4QB9iXIuHuv5MakZNdRG5+DT0G+R83TaCG
xgQYNJFq/SrIVKgLxVLUuf5f48W2TaGxvtonTx1llfhEB0QrxsZogetyuUK+rEzQ
VuLCtgD2ZZKtuWQmSxQJu7rKRORMBPu2Bj9Rh5ODDbCp8IFZbYxpDRt3fQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKD3gNO2Gs1upcikxQmLmD42nwLFMB8GA1UdIwQY
MBaAFOJAoCXg5hpE2T5KgB44iLJue9JBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNGtDZ0plRG1Ha1RaUGtxQUhqaUlzbTU3MGtFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYS82ZWM5NDMtNzBlMi00MzM1LTg0ZmUt
Yzc5ZDRlZWI1YWQ2LzEvNGtDZ0plRG1Ha1RaUGtxQUhqaUlzbTU3MGtFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYS82ZWM5NDMtNzBlMi00MzM1LTg0ZmUtYzc5ZDRlZWI1YWQ2
LzEvNGtDZ0plRG1Ha1RaUGtxQUhqaUlzbTU3MGtFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADrEvRPPO
j7Zv6of8dmlSnrSY4i46XJOFSzJAf6E3+EPSG7PVUKK4OY+lnD3HmEd+HVN5Lpsi
2GiR0va/rcPFDmnb/DukxZMJCD2rAoLWISDda8+4aMJBSD0EOptcct43wCEhZPWJ
Mh1MhWFXKqQ9AsONLAffvIYBu3T8Qf2GtK8ZoN7EZu8BfwTMmpgyCDvl4JS+Rdqf
m6dFmtHG9sRL2QZikob5KzCZvX7Kic9e0Yv0ix9y4LuMbpfBJ8/B+ghTakE9WULd
8A6jyod66ar4nhBBftkMfgwzlCie5TfnZ6D14Vd/egB7+ZqNi6JBLgj9NiuAPOD4
2u/iJ2V5xPYKYg==
-----END CERTIFICATE-----
Generated at Mon Oct 20 08:11:55 2025 by rpki-client