Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/ab65f6-31be-4149-a6e3-ae5fa53b93b2/1/IbgvyO2I-ZyrV9doAxdusnqfC_o.mft
File:                     IbgvyO2I-ZyrV9doAxdusnqfC_o.mft (raw, json)
Hash identifier:          2cbqfAEuFTAVR+JYpi2bK+oCtghqCsCPHMoTIQlW4ZY=
Subject key identifier:   64:F4:21:45:03:88:65:09:A2:FF:8A:88:9C:92:04:8C:17:59:A6:F0
Authority key identifier: 21:B8:2F:C8:ED:88:F9:9C:AB:57:D7:68:03:17:6E:B2:7A:9F:0B:FA
Certificate issuer:       /CN=21b82fc8ed88f99cab57d76803176eb27a9f0bfa
Certificate serial:       0199FFC85E248609FCA5FA604B0F97D1D079
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IbgvyO2I-ZyrV9doAxdusnqfC_o.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1a/ab65f6-31be-4149-a6e3-ae5fa53b93b2/1/IbgvyO2I-ZyrV9doAxdusnqfC_o.mft
Manifest number:          0E70
Signing time:             Mon 20 Oct 2025 04:02:25 +0000
Manifest this update:     Mon 20 Oct 2025 04:02:25 +0000
Manifest next update:     Tue 21 Oct 2025 04:02:25 +0000
Files and hashes:         1: IbgvyO2I-ZyrV9doAxdusnqfC_o.crl (hash: UhChn7cQgkvHQpk/xdtOkGgyY/4GPrj7LAjOTDJnakc=)
                          2: ItUhScrgPwKkKUyhqEMMP6UQG5o.roa (hash: gmpeHaOEVGgSYmwc/n6Xey1Y6I6lJR2qqLtWqmrTzmc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/1a/ab65f6-31be-4149-a6e3-ae5fa53b93b2/1/IbgvyO2I-ZyrV9doAxdusnqfC_o.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/1a/ab65f6-31be-4149-a6e3-ae5fa53b93b2/1/IbgvyO2I-ZyrV9doAxdusnqfC_o.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/IbgvyO2I-ZyrV9doAxdusnqfC_o.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 21 Oct 2025 00:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:ff:c8:5e:24:86:09:fc:a5:fa:60:4b:0f:97:d1:d0:79
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=21b82fc8ed88f99cab57d76803176eb27a9f0bfa
        Validity
            Not Before: Oct 20 04:02:25 2025 GMT
            Not After : Oct 21 04:02:25 2025 GMT
        Subject: CN=64f4214503886509a2ff8a889c92048c1759a6f0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:fc:91:d0:66:4d:e9:ce:ed:21:dd:a2:44:12:
                    1c:60:b3:6d:23:de:06:e2:28:64:b5:ae:5e:0c:34:
                    69:1c:47:2e:47:74:00:87:d9:d3:c5:1b:fe:b7:fc:
                    a3:13:c0:6e:13:52:f2:a6:3a:0e:ab:a0:1a:3d:38:
                    92:3c:09:75:24:ff:14:79:d6:8c:a8:2e:0b:02:8d:
                    0d:a3:73:f7:ea:6d:05:f6:37:97:c9:0b:c3:b1:91:
                    eb:b3:7c:6c:b3:6b:12:d9:46:bf:66:03:fb:64:b6:
                    ac:9e:86:7d:b3:08:0f:29:c4:3a:30:64:15:e3:c5:
                    9a:17:2f:e1:af:7e:7d:a6:39:26:22:7d:29:e8:9d:
                    75:a7:a6:b6:58:4a:5e:89:af:e1:bb:a4:b7:96:3c:
                    33:cd:26:0c:e3:55:c6:cd:a5:f4:17:1d:e5:18:c4:
                    c7:b2:c0:0a:9b:4c:74:6e:da:a5:90:f0:ee:dd:45:
                    b8:69:78:9a:90:4a:f2:a4:f1:c5:24:bb:b1:34:8d:
                    1a:ec:64:80:89:f9:01:bc:18:5f:c2:79:94:4d:fb:
                    b1:7d:f9:dc:67:d4:f8:23:2a:83:74:e3:e0:fb:bf:
                    a3:b2:44:85:6c:6d:bc:bc:c5:9c:d6:7b:8a:fe:63:
                    9e:61:73:34:a5:32:c9:f0:e4:fa:8e:02:8e:23:6e:
                    89:ed
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                64:F4:21:45:03:88:65:09:A2:FF:8A:88:9C:92:04:8C:17:59:A6:F0
            X509v3 Authority Key Identifier:
                keyid:21:B8:2F:C8:ED:88:F9:9C:AB:57:D7:68:03:17:6E:B2:7A:9F:0B:FA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IbgvyO2I-ZyrV9doAxdusnqfC_o.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/ab65f6-31be-4149-a6e3-ae5fa53b93b2/1/IbgvyO2I-ZyrV9doAxdusnqfC_o.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/ab65f6-31be-4149-a6e3-ae5fa53b93b2/1/IbgvyO2I-ZyrV9doAxdusnqfC_o.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2e:c3:ba:af:3b:e3:b6:4c:4c:38:2a:9d:4b:89:08:60:3d:6e:
         c0:1f:1b:cd:7a:73:bb:d5:d8:62:8d:c6:47:5a:3e:02:77:41:
         42:04:f5:5d:8d:9d:05:17:02:f9:aa:22:10:b1:f1:75:b4:ad:
         96:69:36:c5:00:02:2b:63:b3:db:46:24:83:1f:e5:06:5f:5c:
         53:e4:fd:9b:75:65:e0:1c:b0:7e:6b:20:43:dd:5c:dd:6c:d1:
         c7:5d:ed:ac:1f:12:3d:d3:eb:ec:1f:42:e9:e2:b5:76:78:55:
         62:68:80:67:4a:6c:b1:9e:4f:ad:9e:92:0d:23:6d:22:85:b2:
         f5:f2:26:78:d3:c0:cb:ae:d1:63:16:08:68:e6:b5:06:0c:70:
         0e:0a:ff:70:17:4a:3a:c5:94:fc:39:7c:8f:be:8d:19:ba:dc:
         64:49:c1:d9:6b:cc:b2:47:cf:71:b3:a5:c0:75:ad:0b:a8:ed:
         59:01:61:b3:cb:da:ee:ba:77:66:dc:62:ad:fc:f2:8c:92:3c:
         97:39:ff:f0:7b:77:2b:ce:e3:54:47:f9:69:3d:23:b7:7a:d7:
         f3:b0:e0:fe:7b:fe:10:4c:e4:67:89:ba:0f:ec:d7:9b:82:07:
         12:73:02:af:84:2d:dc:a1:8e:dd:c6:a8:bc:3c:75:48:11:6c:
         89:29:91:e2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn/yF4khgn8pfpgSw+X0dB5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxYjgyZmM4ZWQ4OGY5OWNhYjU3ZDc2ODAzMTc2ZWIyN2E5
ZjBiZmEwHhcNMjUxMDIwMDQwMjI1WhcNMjUxMDIxMDQwMjI1WjAzMTEwLwYDVQQD
Eyg2NGY0MjE0NTAzODg2NTA5YTJmZjhhODg5YzkyMDQ4YzE3NTlhNmYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr/yR0GZN6c7tId2iRBIcYLNtI94G
4ihkta5eDDRpHEcuR3QAh9nTxRv+t/yjE8BuE1LypjoOq6AaPTiSPAl1JP8UedaM
qC4LAo0No3P36m0F9jeXyQvDsZHrs3xss2sS2Ua/ZgP7ZLasnoZ9swgPKcQ6MGQV
48WaFy/hr359pjkmIn0p6J11p6a2WEpeia/hu6S3ljwzzSYM41XGzaX0Fx3lGMTH
ssAKm0x0btqlkPDu3UW4aXiakErypPHFJLuxNI0a7GSAifkBvBhfwnmUTfuxffnc
Z9T4IyqDdOPg+7+jskSFbG28vMWc1nuK/mOeYXM0pTLJ8OT6jgKOI26J7QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGT0IUUDiGUJov+KiJySBIwXWabwMB8GA1UdIwQY
MBaAFCG4L8jtiPmcq1fXaAMXbrJ6nwv6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSWJndnlPMkktWnlyVjlkb0F4ZHVzbnFmQ19vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYS9hYjY1ZjYtMzFiZS00MTQ5LWE2ZTMt
YWU1ZmE1M2I5M2IyLzEvSWJndnlPMkktWnlyVjlkb0F4ZHVzbnFmQ19vLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYS9hYjY1ZjYtMzFiZS00MTQ5LWE2ZTMtYWU1ZmE1M2I5M2Iy
LzEvSWJndnlPMkktWnlyVjlkb0F4ZHVzbnFmQ19vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALsO6rzvj
tkxMOCqdS4kIYD1uwB8bzXpzu9XYYo3GR1o+AndBQgT1XY2dBRcC+aoiELHxdbSt
lmk2xQACK2Oz20Ykgx/lBl9cU+T9m3Vl4BywfmsgQ91c3WzRx13trB8SPdPr7B9C
6eK1dnhVYmiAZ0pssZ5PrZ6SDSNtIoWy9fImeNPAy67RYxYIaOa1BgxwDgr/cBdK
OsWU/Dl8j76NGbrcZEnB2WvMskfPcbOlwHWtC6jtWQFhs8va7rp3ZtxirfzyjJI8
lzn/8Ht3K87jVEf5aT0jt3rX87Dg/nv+EEzkZ4m6D+zXm4IHEnMCr4Qt3KGO3cao
vDx1SBFsiSmR4g==
-----END CERTIFICATE-----
Generated at Mon Oct 20 07:52:46 2025 by rpki-client