Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/45890e-6f71-4d36-988a-65bf79b0a989/1/y2bnZjRVc9cVnWeU7a7bc5okH48.mft
File:                     y2bnZjRVc9cVnWeU7a7bc5okH48.mft (raw, json)
Hash identifier:          T8HiSuv/gBJcaQIUvn1+/FyhygPrEc4zbt2uSXNKmKg=
Subject key identifier:   48:01:EE:0E:78:A5:FB:95:18:BC:30:F1:56:1E:9A:4A:00:AC:8E:46
Authority key identifier: CB:66:E7:66:34:55:73:D7:15:9D:67:94:ED:AE:DB:73:9A:24:1F:8F
Certificate issuer:       /CN=cb66e766345573d7159d6794edaedb739a241f8f
Certificate serial:       019A01114940B8B5CD46457D966C2C65F609
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/y2bnZjRVc9cVnWeU7a7bc5okH48.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/22/45890e-6f71-4d36-988a-65bf79b0a989/1/y2bnZjRVc9cVnWeU7a7bc5okH48.mft
Manifest number:          0733
Signing time:             Mon 20 Oct 2025 10:01:41 +0000
Manifest this update:     Mon 20 Oct 2025 10:01:41 +0000
Manifest next update:     Tue 21 Oct 2025 10:01:41 +0000
Files and hashes:         1: GP-mcsPVfkxFR6BakAdLWMHzvnk.roa (hash: 46Gy5AnSQQR4RzlnLScg9/HmedHrQU8V47NDaOoaI7E=)
                          2: y2bnZjRVc9cVnWeU7a7bc5okH48.crl (hash: zjb2OwtPjei13GCLI+Pu39fWTQSMgLUc2PhS7dP66+I=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/22/45890e-6f71-4d36-988a-65bf79b0a989/1/y2bnZjRVc9cVnWeU7a7bc5okH48.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/22/45890e-6f71-4d36-988a-65bf79b0a989/1/y2bnZjRVc9cVnWeU7a7bc5okH48.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/y2bnZjRVc9cVnWeU7a7bc5okH48.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 21 Oct 2025 10:01:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:01:11:49:40:b8:b5:cd:46:45:7d:96:6c:2c:65:f6:09
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cb66e766345573d7159d6794edaedb739a241f8f
        Validity
            Not Before: Oct 20 10:01:41 2025 GMT
            Not After : Oct 21 10:01:41 2025 GMT
        Subject: CN=4801ee0e78a5fb9518bc30f1561e9a4a00ac8e46
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8e:d1:19:d7:34:61:66:4c:cd:16:9a:ab:55:a9:
                    d5:81:b8:76:a7:28:dc:3b:0f:cd:31:88:1d:93:89:
                    ef:09:71:4d:2c:33:22:54:15:8e:14:92:f0:15:56:
                    78:1c:a7:f1:fe:8a:0a:e0:de:c6:41:13:88:46:85:
                    7d:c1:06:67:29:0a:7e:ea:ac:c8:5c:3d:36:85:4b:
                    18:6d:f2:d0:bc:09:a4:36:fc:94:a5:c7:1e:bd:50:
                    5f:36:b6:75:27:87:48:d4:8f:4c:0c:14:ac:b9:d9:
                    48:ad:ac:13:81:01:40:4b:cc:8f:d9:a5:a9:83:a1:
                    b5:4c:d5:43:05:76:c2:ac:27:06:1e:95:46:e3:b7:
                    c8:45:a9:f8:8b:be:b4:25:e3:3b:a3:24:97:1f:ce:
                    f6:ad:27:57:2c:14:34:e4:52:67:32:ad:e0:9a:0c:
                    74:29:ae:4d:00:91:19:25:fc:26:05:9e:d1:f4:d0:
                    ae:f4:79:b6:fa:b4:7d:af:0e:3c:80:14:1b:4b:82:
                    6b:e7:13:a7:11:b9:a3:73:94:c4:cb:f5:4d:46:27:
                    c4:1b:a8:db:91:3c:7c:2e:f5:2f:3a:df:c3:4c:b5:
                    43:1a:8f:07:49:e3:b1:95:ba:89:12:e2:92:1d:78:
                    95:b9:94:9a:4f:c7:5c:90:64:f9:fb:5e:4e:5b:57:
                    ae:a7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                48:01:EE:0E:78:A5:FB:95:18:BC:30:F1:56:1E:9A:4A:00:AC:8E:46
            X509v3 Authority Key Identifier:
                keyid:CB:66:E7:66:34:55:73:D7:15:9D:67:94:ED:AE:DB:73:9A:24:1F:8F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/y2bnZjRVc9cVnWeU7a7bc5okH48.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/45890e-6f71-4d36-988a-65bf79b0a989/1/y2bnZjRVc9cVnWeU7a7bc5okH48.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/22/45890e-6f71-4d36-988a-65bf79b0a989/1/y2bnZjRVc9cVnWeU7a7bc5okH48.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         60:ae:07:c2:bc:e0:be:82:80:62:a2:c5:89:c7:41:b5:45:86:
         61:e8:73:85:6c:7a:1c:01:b6:d3:1b:c0:ab:26:8e:ee:10:56:
         b4:e9:6e:e1:02:89:b9:9c:4f:ae:d2:ed:ec:7a:20:d2:c5:80:
         e4:af:29:5c:62:2c:e0:21:88:6a:5b:34:eb:0f:13:09:68:30:
         53:c7:9a:ca:af:84:ba:4a:bc:99:f5:16:4d:d8:4c:43:46:a3:
         02:a2:07:30:b0:01:1e:27:76:f8:3f:23:e4:ba:2b:ef:62:e9:
         2d:02:c8:08:2b:72:bb:3c:64:39:ec:54:20:15:bc:99:a9:85:
         3e:8d:34:5a:86:ec:39:3d:c1:56:8b:12:bd:df:2e:e0:95:a9:
         38:23:db:38:ae:c4:20:66:3a:5b:fa:81:9c:d9:38:6b:35:ca:
         e3:87:e6:11:7d:c1:78:f2:54:21:95:9a:5f:d1:eb:8d:7d:3b:
         66:c3:87:90:d6:14:fe:ed:44:da:a6:b2:c5:e6:ad:6a:e6:ce:
         0a:11:ce:a0:87:3e:bf:2e:50:64:3c:76:b6:f7:4a:21:34:3a:
         f0:63:99:bd:ec:73:39:94:34:95:76:fb:50:4a:30:2c:e4:4c:
         c9:bb:6c:12:17:25:b1:39:b5:aa:ba:6a:eb:9a:bd:53:a8:68:
         b1:72:de:72
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZoBEUlAuLXNRkV9lmwsZfYJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNiNjZlNzY2MzQ1NTczZDcxNTlkNjc5NGVkYWVkYjczOWEy
NDFmOGYwHhcNMjUxMDIwMTAwMTQxWhcNMjUxMDIxMTAwMTQxWjAzMTEwLwYDVQQD
Eyg0ODAxZWUwZTc4YTVmYjk1MThiYzMwZjE1NjFlOWE0YTAwYWM4ZTQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjtEZ1zRhZkzNFpqrVanVgbh2pyjc
Ow/NMYgdk4nvCXFNLDMiVBWOFJLwFVZ4HKfx/ooK4N7GQROIRoV9wQZnKQp+6qzI
XD02hUsYbfLQvAmkNvyUpccevVBfNrZ1J4dI1I9MDBSsudlIrawTgQFAS8yP2aWp
g6G1TNVDBXbCrCcGHpVG47fIRan4i760JeM7oySXH872rSdXLBQ05FJnMq3gmgx0
Ka5NAJEZJfwmBZ7R9NCu9Hm2+rR9rw48gBQbS4Jr5xOnEbmjc5TEy/VNRifEG6jb
kTx8LvUvOt/DTLVDGo8HSeOxlbqJEuKSHXiVuZSaT8dckGT5+15OW1eupwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEgB7g54pfuVGLww8VYemkoArI5GMB8GA1UdIwQY
MBaAFMtm52Y0VXPXFZ1nlO2u23OaJB+PMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveTJiblpqUlZjOWNWbldlVTdhN2JjNW9rSDQ4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMi80NTg5MGUtNmY3MS00ZDM2LTk4OGEt
NjViZjc5YjBhOTg5LzEveTJiblpqUlZjOWNWbldlVTdhN2JjNW9rSDQ4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMi80NTg5MGUtNmY3MS00ZDM2LTk4OGEtNjViZjc5YjBhOTg5
LzEveTJiblpqUlZjOWNWbldlVTdhN2JjNW9rSDQ4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYK4Hwrzg
voKAYqLFicdBtUWGYehzhWx6HAG20xvAqyaO7hBWtOlu4QKJuZxPrtLt7Hog0sWA
5K8pXGIs4CGIals06w8TCWgwU8eayq+Eukq8mfUWTdhMQ0ajAqIHMLABHid2+D8j
5Lor72LpLQLICCtyuzxkOexUIBW8mamFPo00WobsOT3BVosSvd8u4JWpOCPbOK7E
IGY6W/qBnNk4azXK44fmEX3BePJUIZWaX9HrjX07ZsOHkNYU/u1E2qayxeataubO
ChHOoIc+vy5QZDx2tvdKITQ68GOZvexzOZQ0lXb7UEowLORMybtsEhclsTm1qrpq
65q9U6hosXLecg==
-----END CERTIFICATE-----
Generated at Mon Oct 20 15:41:31 2025 by rpki-client