Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/6ec943-70e2-4335-84fe-c79d4eeb5ad6/1/4kCgJeDmGkTZPkqAHjiIsm570kE.mft
File:                     4kCgJeDmGkTZPkqAHjiIsm570kE.mft (raw, json)
Hash identifier:          VWP1BSJdsxE/DQi+pgk5RmU4PlRFdK55veYnUfhxlZo=
Subject key identifier:   61:29:B2:82:20:00:3C:21:9B:7C:79:3A:1D:64:DA:8F:D4:8B:2F:E6
Authority key identifier: E2:40:A0:25:E0:E6:1A:44:D9:3E:4A:80:1E:38:88:B2:6E:7B:D2:41
Certificate issuer:       /CN=e240a025e0e61a44d93e4a801e3888b26e7bd241
Certificate serial:       019A011127A7F0F00F4EB52CFBFEF3EF3F0C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/4kCgJeDmGkTZPkqAHjiIsm570kE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1a/6ec943-70e2-4335-84fe-c79d4eeb5ad6/1/4kCgJeDmGkTZPkqAHjiIsm570kE.mft
Manifest number:          16E7
Signing time:             Mon 20 Oct 2025 10:01:32 +0000
Manifest this update:     Mon 20 Oct 2025 10:01:32 +0000
Manifest next update:     Tue 21 Oct 2025 10:01:32 +0000
Files and hashes:         1: 4kCgJeDmGkTZPkqAHjiIsm570kE.crl (hash: EfmU3v80r/6IZUEJiR2/3M4UR1S5NJLmKyIHThFNfN4=)
                          2: K7SH4zYCXr-cp1q6N2Mp-Gdj1PU.roa (hash: fOTEXpl4gYkXzMjvkhlooQdp3U8U0Z9lMps20TcryK0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/1a/6ec943-70e2-4335-84fe-c79d4eeb5ad6/1/4kCgJeDmGkTZPkqAHjiIsm570kE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/1a/6ec943-70e2-4335-84fe-c79d4eeb5ad6/1/4kCgJeDmGkTZPkqAHjiIsm570kE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/4kCgJeDmGkTZPkqAHjiIsm570kE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 21 Oct 2025 10:01:32 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:01:11:27:a7:f0:f0:0f:4e:b5:2c:fb:fe:f3:ef:3f:0c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e240a025e0e61a44d93e4a801e3888b26e7bd241
        Validity
            Not Before: Oct 20 10:01:32 2025 GMT
            Not After : Oct 21 10:01:32 2025 GMT
        Subject: CN=6129b28220003c219b7c793a1d64da8fd48b2fe6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e3:33:e6:64:e2:e7:b5:fa:d1:e4:d3:6a:ca:87:
                    5b:5d:25:13:a7:3a:12:ae:dd:ae:a0:7d:e0:d0:71:
                    7c:26:06:ba:59:cd:81:7d:50:33:15:50:f9:54:4e:
                    c6:c8:4d:80:cf:86:87:fd:8e:b9:a9:93:8c:0f:65:
                    2c:e3:df:91:52:34:ba:7a:07:c4:9d:f6:b2:4a:d9:
                    5c:c0:d7:02:fd:40:01:7d:c2:13:2a:da:2f:a1:c7:
                    c9:43:8e:9e:82:f8:47:fc:a8:33:54:fe:24:1e:87:
                    26:9f:83:ae:a9:7e:76:ed:a0:74:04:2e:ee:1c:54:
                    cf:65:d4:61:58:9d:76:f4:81:43:fc:6a:57:89:49:
                    89:0c:ff:f6:85:b5:80:6b:d0:2b:d4:8d:a2:96:3e:
                    8a:f1:65:d0:1a:b8:85:a5:a6:80:10:1e:82:d1:2b:
                    bb:ae:b0:08:a1:b0:d0:93:2e:37:33:fe:91:99:80:
                    fb:57:78:1e:9a:47:63:f0:92:dc:93:16:11:06:5b:
                    f7:96:b6:6a:e0:f0:bd:c0:fa:11:7e:7b:91:83:3f:
                    29:55:38:7a:eb:af:57:1f:f0:29:40:ad:33:23:91:
                    0b:df:7a:79:5f:3f:ff:8f:3e:bc:6d:f7:57:ca:da:
                    56:8a:d0:0d:38:3a:e2:25:50:b2:1c:51:2f:c6:4d:
                    4d:43
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                61:29:B2:82:20:00:3C:21:9B:7C:79:3A:1D:64:DA:8F:D4:8B:2F:E6
            X509v3 Authority Key Identifier:
                keyid:E2:40:A0:25:E0:E6:1A:44:D9:3E:4A:80:1E:38:88:B2:6E:7B:D2:41

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4kCgJeDmGkTZPkqAHjiIsm570kE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/6ec943-70e2-4335-84fe-c79d4eeb5ad6/1/4kCgJeDmGkTZPkqAHjiIsm570kE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/6ec943-70e2-4335-84fe-c79d4eeb5ad6/1/4kCgJeDmGkTZPkqAHjiIsm570kE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         8c:27:34:7a:ff:77:77:0c:e1:3f:31:c5:7a:02:ca:07:3f:66:
         20:29:7b:dd:f9:6c:a1:f9:16:89:17:34:df:2b:86:f1:25:67:
         22:69:53:b3:3f:d6:34:b2:3e:99:b0:4a:50:1d:e7:1b:3a:32:
         4c:9f:e5:dd:ac:b5:b4:59:2a:be:78:e8:82:8f:7f:8b:4b:97:
         ec:b7:db:31:d6:41:f4:44:8c:a0:fd:e2:45:ee:ba:54:b2:f4:
         30:1e:23:95:7b:24:63:f1:fd:0d:a0:4b:b9:ae:35:23:41:79:
         63:e2:1d:f5:ad:f7:c5:b2:bf:47:f7:c5:2c:bd:d9:1d:36:35:
         84:c2:5a:91:29:56:7f:dd:6a:1f:41:22:df:64:b2:6d:46:54:
         8f:f1:16:f2:50:11:08:b3:02:64:e8:e2:e0:d3:c7:f2:1c:26:
         35:d6:84:82:d1:cc:7d:79:85:d1:d5:85:73:2b:a1:5a:e7:43:
         a7:4e:58:b4:4c:99:c6:84:74:77:de:4f:5e:06:bd:a4:80:4b:
         05:78:db:1c:80:83:04:94:ac:53:fd:0d:b8:b7:8d:6f:35:98:
         8c:eb:f3:7c:4b:0f:3d:49:d2:c9:ca:1d:6d:1c:fe:28:3f:94:
         4f:cc:32:33:46:51:38:26:ad:50:1c:61:2d:c7:b7:dd:b8:1d:
         bf:c6:ae:35
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZoBESen8PAPTrUs+/7z7z8MMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUyNDBhMDI1ZTBlNjFhNDRkOTNlNGE4MDFlMzg4OGIyNmU3
YmQyNDEwHhcNMjUxMDIwMTAwMTMyWhcNMjUxMDIxMTAwMTMyWjAzMTEwLwYDVQQD
Eyg2MTI5YjI4MjIwMDAzYzIxOWI3Yzc5M2ExZDY0ZGE4ZmQ0OGIyZmU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4zPmZOLntfrR5NNqyodbXSUTpzoS
rt2uoH3g0HF8Jga6Wc2BfVAzFVD5VE7GyE2Az4aH/Y65qZOMD2Us49+RUjS6egfE
nfayStlcwNcC/UABfcITKtovocfJQ46egvhH/KgzVP4kHocmn4OuqX527aB0BC7u
HFTPZdRhWJ129IFD/GpXiUmJDP/2hbWAa9Ar1I2ilj6K8WXQGriFpaaAEB6C0Su7
rrAIobDQky43M/6RmYD7V3gemkdj8JLckxYRBlv3lrZq4PC9wPoRfnuRgz8pVTh6
669XH/ApQK0zI5EL33p5Xz//jz68bfdXytpWitANODriJVCyHFEvxk1NQwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGEpsoIgADwhm3x5Oh1k2o/Uiy/mMB8GA1UdIwQY
MBaAFOJAoCXg5hpE2T5KgB44iLJue9JBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNGtDZ0plRG1Ha1RaUGtxQUhqaUlzbTU3MGtFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYS82ZWM5NDMtNzBlMi00MzM1LTg0ZmUt
Yzc5ZDRlZWI1YWQ2LzEvNGtDZ0plRG1Ha1RaUGtxQUhqaUlzbTU3MGtFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYS82ZWM5NDMtNzBlMi00MzM1LTg0ZmUtYzc5ZDRlZWI1YWQ2
LzEvNGtDZ0plRG1Ha1RaUGtxQUhqaUlzbTU3MGtFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAjCc0ev93
dwzhPzHFegLKBz9mICl73flsofkWiRc03yuG8SVnImlTsz/WNLI+mbBKUB3nGzoy
TJ/l3ay1tFkqvnjogo9/i0uX7LfbMdZB9ESMoP3iRe66VLL0MB4jlXskY/H9DaBL
ua41I0F5Y+Id9a33xbK/R/fFLL3ZHTY1hMJakSlWf91qH0Ei32SybUZUj/EW8lAR
CLMCZOji4NPH8hwmNdaEgtHMfXmF0dWFcyuhWudDp05YtEyZxoR0d95PXga9pIBL
BXjbHICDBJSsU/0NuLeNbzWYjOvzfEsPPUnSycodbRz+KD+UT8wyM0ZROCatUBxh
Lce33bgdv8auNQ==
-----END CERTIFICATE-----
Generated at Mon Oct 20 15:56:29 2025 by rpki-client