Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/e445e4-26bd-48c9-83db-7a0ece9c0af8/1/iq2cDOW6OQW0GXCgTlGXYHbGfgA.mft
File:                     iq2cDOW6OQW0GXCgTlGXYHbGfgA.mft (raw, json)
Hash identifier:          Axf3h99P8YiVhDdMGKJHTrDygT3z+mrektM4VO/FPX4=
Subject key identifier:   16:94:7F:7F:2A:FD:FA:08:A0:E6:7F:33:35:33:2C:2A:09:FE:0B:BE
Authority key identifier: 8A:AD:9C:0C:E5:BA:39:05:B4:19:70:A0:4E:51:97:60:76:C6:7E:00
Certificate issuer:       /CN=8aad9c0ce5ba3905b41970a04e51976076c67e00
Certificate serial:       0199FDD9935658292DB75406B2DA52129B61
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/iq2cDOW6OQW0GXCgTlGXYHbGfgA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/22/e445e4-26bd-48c9-83db-7a0ece9c0af8/1/iq2cDOW6OQW0GXCgTlGXYHbGfgA.mft
Manifest number:          0A42
Signing time:             Sun 19 Oct 2025 19:01:58 +0000
Manifest this update:     Sun 19 Oct 2025 19:01:58 +0000
Manifest next update:     Mon 20 Oct 2025 19:01:58 +0000
Files and hashes:         1: 2N-Ad_PjuCdbWMhOkKca0e_4aH4.roa (hash: mX5PwA+5z3mRrepVsPYas6Uu6jFtb6sejxlwArRN7qw=)
                          2: 9qSGcGsaAT-Orj-BviLbbFBnobc.roa (hash: KGQdMGZUYXqZM3Cup0R+gwjVZv7t7VL1nDYpfpe2mMo=)
                          3: C6v3z8kGbpGtAYhEGvbIA9POeJ4.roa (hash: dVnxKmSOxpULCnBph8ARAXzts2lzvI7njmrNqMweylU=)
                          4: Q3cz4EEEExax1nv4wtLZZPPEgSk.roa (hash: ML1oxtfPutOEqYHFMGiG3+QvRpl8345MdKNoHGmCBSQ=)
                          5: iq2cDOW6OQW0GXCgTlGXYHbGfgA.crl (hash: oQ+9OtY0Fgr4oPBOUzyN1/jmhVY4JPE5apQu6sF4iSc=)
                          6: raR6qfZ5L-9hzvpYVK9us-1wIug.roa (hash: ARfa5iwtjYV/gUtHJTALBEg3MfK/IBejlaZvsXofCl8=)
                          7: tBuToTypjDQ6u5RK5DBD-fEJHi4.roa (hash: iFrIeR1iIdBgXE0Q5UKDG34iIF6/jJkNwFYF+l/o72M=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/22/e445e4-26bd-48c9-83db-7a0ece9c0af8/1/iq2cDOW6OQW0GXCgTlGXYHbGfgA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/22/e445e4-26bd-48c9-83db-7a0ece9c0af8/1/iq2cDOW6OQW0GXCgTlGXYHbGfgA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/iq2cDOW6OQW0GXCgTlGXYHbGfgA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 15:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fd:d9:93:56:58:29:2d:b7:54:06:b2:da:52:12:9b:61
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8aad9c0ce5ba3905b41970a04e51976076c67e00
        Validity
            Not Before: Oct 19 19:01:58 2025 GMT
            Not After : Oct 20 19:01:58 2025 GMT
        Subject: CN=16947f7f2afdfa08a0e67f3335332c2a09fe0bbe
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:2e:40:72:09:52:03:b1:27:9e:06:5a:73:fd:
                    9b:5f:a9:d1:82:2f:91:32:d8:f5:50:07:54:bf:15:
                    9a:72:21:67:11:ef:57:b0:ac:d4:62:6b:7c:dd:e0:
                    b2:89:16:80:22:aa:16:f3:7e:d6:8d:b0:e8:e2:60:
                    90:1b:b0:6e:27:5c:d0:bc:95:a9:a7:d7:60:cb:2f:
                    87:8d:40:4e:bb:50:8a:0c:2c:4c:85:61:1d:72:72:
                    e7:52:93:cb:49:12:0d:05:24:3c:b5:c4:47:51:ea:
                    f8:12:f6:e7:0d:62:46:ae:30:6b:b1:3a:0e:2c:81:
                    58:35:c0:19:87:46:12:ac:f9:f6:f7:3d:7a:72:7e:
                    47:f9:ff:7d:26:e7:4d:26:f9:7a:4d:aa:01:a0:5f:
                    29:3e:73:87:27:e8:80:9c:af:72:75:25:06:43:9f:
                    38:fd:84:95:c1:8f:ba:d6:80:f4:dd:6e:91:29:15:
                    de:75:43:aa:24:35:1c:43:5d:88:8b:03:bf:04:43:
                    92:50:ae:0b:be:c3:7c:fe:a1:87:35:b4:21:47:12:
                    3d:4f:bc:cd:ce:f0:cd:8d:fb:3c:f5:0f:52:fe:35:
                    e9:0e:f2:a3:5c:d0:ef:5a:2d:ae:6b:92:34:32:cc:
                    31:44:5f:aa:32:d7:84:a8:a1:7b:46:c1:fa:88:eb:
                    e7:75
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                16:94:7F:7F:2A:FD:FA:08:A0:E6:7F:33:35:33:2C:2A:09:FE:0B:BE
            X509v3 Authority Key Identifier:
                keyid:8A:AD:9C:0C:E5:BA:39:05:B4:19:70:A0:4E:51:97:60:76:C6:7E:00

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iq2cDOW6OQW0GXCgTlGXYHbGfgA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/e445e4-26bd-48c9-83db-7a0ece9c0af8/1/iq2cDOW6OQW0GXCgTlGXYHbGfgA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/22/e445e4-26bd-48c9-83db-7a0ece9c0af8/1/iq2cDOW6OQW0GXCgTlGXYHbGfgA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         68:c7:62:80:eb:9c:ac:22:10:f6:5e:ae:bd:ed:b7:65:ef:4d:
         f8:0e:c4:f5:aa:c6:4b:c9:51:3d:5f:4b:96:6b:c3:45:9d:da:
         ec:b6:13:74:2c:d2:19:2d:ec:60:90:c1:fc:7e:4c:fb:4d:61:
         87:30:8e:39:83:06:a0:cd:c2:aa:3f:84:77:8f:8c:5c:a7:ea:
         4b:47:11:27:a9:c9:e2:cd:d3:87:e5:ab:36:c3:41:fc:5a:98:
         f0:07:0a:c5:35:cf:6d:01:7a:a3:84:39:07:de:67:f2:98:34:
         1f:75:6f:eb:ab:d4:61:e7:e4:e7:d5:e7:04:c2:39:2f:9e:09:
         e9:0e:f9:a5:b7:a6:64:82:98:95:30:c2:7d:ca:41:9f:80:8d:
         f0:07:36:86:b6:cb:00:4c:41:da:50:c8:23:dc:d4:f3:b0:01:
         c7:36:1f:54:e6:4c:8b:44:24:c1:0f:ab:26:ab:23:1b:9d:78:
         09:c5:9f:cb:f9:40:ef:b3:f9:e3:0e:80:8d:db:8b:53:ea:b3:
         58:79:2e:e3:1f:a9:25:6f:f7:fc:83:9a:f9:b4:3d:0f:1a:81:
         36:2a:e3:e2:5d:72:60:76:1c:95:8a:af:63:01:56:2e:73:92:
         31:2f:af:02:ca:e6:e0:d6:08:c3:62:37:cf:bb:f7:1f:50:7a:
         40:71:9a:67
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn92ZNWWCktt1QGstpSEpthMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhhYWQ5YzBjZTViYTM5MDViNDE5NzBhMDRlNTE5NzYwNzZj
NjdlMDAwHhcNMjUxMDE5MTkwMTU4WhcNMjUxMDIwMTkwMTU4WjAzMTEwLwYDVQQD
EygxNjk0N2Y3ZjJhZmRmYTA4YTBlNjdmMzMzNTMzMmMyYTA5ZmUwYmJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsy5AcglSA7EnngZac/2bX6nRgi+R
Mtj1UAdUvxWaciFnEe9XsKzUYmt83eCyiRaAIqoW837WjbDo4mCQG7BuJ1zQvJWp
p9dgyy+HjUBOu1CKDCxMhWEdcnLnUpPLSRINBSQ8tcRHUer4EvbnDWJGrjBrsToO
LIFYNcAZh0YSrPn29z16cn5H+f99JudNJvl6TaoBoF8pPnOHJ+iAnK9ydSUGQ584
/YSVwY+61oD03W6RKRXedUOqJDUcQ12IiwO/BEOSUK4LvsN8/qGHNbQhRxI9T7zN
zvDNjfs89Q9S/jXpDvKjXNDvWi2ua5I0MswxRF+qMteEqKF7RsH6iOvndQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBaUf38q/foIoOZ/MzUzLCoJ/gu+MB8GA1UdIwQY
MBaAFIqtnAzlujkFtBlwoE5Rl2B2xn4AMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaXEyY0RPVzZPUVcwR1hDZ1RsR1hZSGJHZmdBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMi9lNDQ1ZTQtMjZiZC00OGM5LTgzZGIt
N2EwZWNlOWMwYWY4LzEvaXEyY0RPVzZPUVcwR1hDZ1RsR1hZSGJHZmdBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMi9lNDQ1ZTQtMjZiZC00OGM5LTgzZGItN2EwZWNlOWMwYWY4
LzEvaXEyY0RPVzZPUVcwR1hDZ1RsR1hZSGJHZmdBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAaMdigOuc
rCIQ9l6uve23Ze9N+A7E9arGS8lRPV9LlmvDRZ3a7LYTdCzSGS3sYJDB/H5M+01h
hzCOOYMGoM3Cqj+Ed4+MXKfqS0cRJ6nJ4s3Th+WrNsNB/FqY8AcKxTXPbQF6o4Q5
B95n8pg0H3Vv66vUYefk59XnBMI5L54J6Q75pbemZIKYlTDCfcpBn4CN8Ac2hrbL
AExB2lDII9zU87ABxzYfVOZMi0QkwQ+rJqsjG514CcWfy/lA77P54w6AjduLU+qz
WHku4x+pJW/3/IOa+bQ9DxqBNirj4l1yYHYclYqvYwFWLnOSMS+vAsrm4NYIw2I3
z7v3H1B6QHGaZw==
-----END CERTIFICATE-----
Generated at Sun Oct 19 23:50:14 2025 by rpki-client