Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/e445e4-26bd-48c9-83db-7a0ece9c0af8/1/iq2cDOW6OQW0GXCgTlGXYHbGfgA.mft
File:                     iq2cDOW6OQW0GXCgTlGXYHbGfgA.mft (raw, json)
Hash identifier:          QsoNd6L5jKNeUGJzx/g2yX8AzQ+jwWpG7l1pOA0a9Ew=
Subject key identifier:   AA:E9:C8:EE:AA:A5:48:96:18:2B:E0:F0:43:60:68:4A:1B:88:05:EF
Authority key identifier: 8A:AD:9C:0C:E5:BA:39:05:B4:19:70:A0:4E:51:97:60:76:C6:7E:00
Certificate issuer:       /CN=8aad9c0ce5ba3905b41970a04e51976076c67e00
Certificate serial:       0199FFC81D155CB5A9156A4FF1B58C23155C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/iq2cDOW6OQW0GXCgTlGXYHbGfgA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/22/e445e4-26bd-48c9-83db-7a0ece9c0af8/1/iq2cDOW6OQW0GXCgTlGXYHbGfgA.mft
Manifest number:          0A43
Signing time:             Mon 20 Oct 2025 04:02:08 +0000
Manifest this update:     Mon 20 Oct 2025 04:02:08 +0000
Manifest next update:     Tue 21 Oct 2025 04:02:08 +0000
Files and hashes:         1: 2N-Ad_PjuCdbWMhOkKca0e_4aH4.roa (hash: mX5PwA+5z3mRrepVsPYas6Uu6jFtb6sejxlwArRN7qw=)
                          2: 9qSGcGsaAT-Orj-BviLbbFBnobc.roa (hash: KGQdMGZUYXqZM3Cup0R+gwjVZv7t7VL1nDYpfpe2mMo=)
                          3: C6v3z8kGbpGtAYhEGvbIA9POeJ4.roa (hash: dVnxKmSOxpULCnBph8ARAXzts2lzvI7njmrNqMweylU=)
                          4: Q3cz4EEEExax1nv4wtLZZPPEgSk.roa (hash: ML1oxtfPutOEqYHFMGiG3+QvRpl8345MdKNoHGmCBSQ=)
                          5: iq2cDOW6OQW0GXCgTlGXYHbGfgA.crl (hash: UZEVcWSoRSpUtISEmYI/jYVwBwfngzrEwOtXh/zZmEY=)
                          6: raR6qfZ5L-9hzvpYVK9us-1wIug.roa (hash: ARfa5iwtjYV/gUtHJTALBEg3MfK/IBejlaZvsXofCl8=)
                          7: tBuToTypjDQ6u5RK5DBD-fEJHi4.roa (hash: iFrIeR1iIdBgXE0Q5UKDG34iIF6/jJkNwFYF+l/o72M=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/22/e445e4-26bd-48c9-83db-7a0ece9c0af8/1/iq2cDOW6OQW0GXCgTlGXYHbGfgA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/22/e445e4-26bd-48c9-83db-7a0ece9c0af8/1/iq2cDOW6OQW0GXCgTlGXYHbGfgA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/iq2cDOW6OQW0GXCgTlGXYHbGfgA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 21 Oct 2025 04:02:08 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:ff:c8:1d:15:5c:b5:a9:15:6a:4f:f1:b5:8c:23:15:5c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8aad9c0ce5ba3905b41970a04e51976076c67e00
        Validity
            Not Before: Oct 20 04:02:08 2025 GMT
            Not After : Oct 21 04:02:08 2025 GMT
        Subject: CN=aae9c8eeaaa54896182be0f04360684a1b8805ef
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:ac:c1:9c:5b:9d:60:89:85:d2:4f:46:bb:dd:
                    df:e3:ad:cc:2e:6e:8c:b8:52:8d:6c:93:43:92:5c:
                    30:a6:71:11:87:a7:fd:e2:2d:b7:8b:6a:94:e4:58:
                    35:0b:29:be:82:46:c9:0a:dd:a4:80:95:b3:55:e0:
                    ba:97:a3:15:c9:33:6a:e1:14:1c:98:bd:7c:63:80:
                    1a:97:9d:7c:23:b4:ed:9f:1e:6b:dc:41:34:a5:f8:
                    04:8d:3c:6d:83:52:07:2c:b7:0b:f9:7c:19:a8:84:
                    da:5a:52:6b:dd:6c:31:bb:de:79:96:2f:94:78:ae:
                    58:8b:ce:60:3b:9a:b6:e0:33:02:cd:5e:9a:b3:7b:
                    3d:34:47:ca:34:cb:4d:ce:80:8d:e3:fc:4b:7d:fc:
                    a9:c1:8f:56:ad:fb:f1:c8:0b:08:33:be:55:93:24:
                    2d:73:a8:7e:18:1d:93:80:c3:b7:76:e8:e0:30:b2:
                    1d:fc:13:54:33:d2:2e:7d:89:b2:86:82:08:19:9b:
                    f2:10:51:e2:9c:58:85:aa:6f:b1:76:b3:45:be:96:
                    bb:76:6d:4f:78:bb:ed:22:b8:69:bd:48:ee:8c:38:
                    12:99:d8:69:20:a2:42:36:5e:16:83:aa:11:5c:35:
                    4e:72:34:49:c1:5e:4f:01:07:12:22:ce:c0:99:32:
                    18:83
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AA:E9:C8:EE:AA:A5:48:96:18:2B:E0:F0:43:60:68:4A:1B:88:05:EF
            X509v3 Authority Key Identifier:
                keyid:8A:AD:9C:0C:E5:BA:39:05:B4:19:70:A0:4E:51:97:60:76:C6:7E:00

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iq2cDOW6OQW0GXCgTlGXYHbGfgA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/e445e4-26bd-48c9-83db-7a0ece9c0af8/1/iq2cDOW6OQW0GXCgTlGXYHbGfgA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/22/e445e4-26bd-48c9-83db-7a0ece9c0af8/1/iq2cDOW6OQW0GXCgTlGXYHbGfgA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0c:82:bc:4b:0d:3d:16:ed:25:67:6d:ae:ef:58:27:8e:1a:50:
         67:2a:37:87:f9:76:0d:c7:a7:1e:4f:1c:1a:70:64:e8:a8:a8:
         ef:82:b4:46:65:0c:2b:2e:ca:0d:0b:34:85:26:fd:b5:6d:14:
         9c:74:6d:32:f4:0e:ea:43:ee:ad:9c:d4:09:ae:83:b1:7c:b4:
         27:b3:b0:fe:18:29:f2:9c:80:f9:00:4e:49:35:70:5a:c7:d6:
         e3:09:9c:90:3b:b5:cb:7d:c9:90:78:b5:3f:23:94:15:02:99:
         78:32:22:41:3b:58:05:63:4f:d1:19:6f:6c:16:5a:11:4a:74:
         44:7a:d3:b7:4a:63:37:5c:41:7b:60:ca:8f:5c:71:2c:0b:b1:
         17:42:96:b7:7a:d5:8d:97:1f:07:b1:42:45:1f:9d:be:66:f7:
         e2:a9:e2:61:88:f0:5b:c0:4f:18:67:91:f9:8e:f1:23:dd:aa:
         27:b0:c5:2e:3a:4c:40:bb:7f:54:a5:51:4d:f8:f3:27:48:82:
         fb:45:08:6c:6f:76:54:bd:a9:18:45:77:5a:19:f0:ae:56:70:
         e7:6e:7c:42:fe:0f:a7:01:8d:f2:3e:7b:c3:64:d8:da:7d:7d:
         88:2e:68:a6:6d:88:80:4d:0a:ce:d5:5c:c2:aa:9d:14:02:73:
         d9:3d:c0:a5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn/yB0VXLWpFWpP8bWMIxVcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhhYWQ5YzBjZTViYTM5MDViNDE5NzBhMDRlNTE5NzYwNzZj
NjdlMDAwHhcNMjUxMDIwMDQwMjA4WhcNMjUxMDIxMDQwMjA4WjAzMTEwLwYDVQQD
EyhhYWU5YzhlZWFhYTU0ODk2MTgyYmUwZjA0MzYwNjg0YTFiODgwNWVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArKzBnFudYImF0k9Gu93f463MLm6M
uFKNbJNDklwwpnERh6f94i23i2qU5Fg1Cym+gkbJCt2kgJWzVeC6l6MVyTNq4RQc
mL18Y4Aal518I7Ttnx5r3EE0pfgEjTxtg1IHLLcL+XwZqITaWlJr3Wwxu955li+U
eK5Yi85gO5q24DMCzV6as3s9NEfKNMtNzoCN4/xLffypwY9WrfvxyAsIM75VkyQt
c6h+GB2TgMO3dujgMLId/BNUM9IufYmyhoIIGZvyEFHinFiFqm+xdrNFvpa7dm1P
eLvtIrhpvUjujDgSmdhpIKJCNl4Wg6oRXDVOcjRJwV5PAQcSIs7AmTIYgwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKrpyO6qpUiWGCvg8ENgaEobiAXvMB8GA1UdIwQY
MBaAFIqtnAzlujkFtBlwoE5Rl2B2xn4AMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaXEyY0RPVzZPUVcwR1hDZ1RsR1hZSGJHZmdBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMi9lNDQ1ZTQtMjZiZC00OGM5LTgzZGIt
N2EwZWNlOWMwYWY4LzEvaXEyY0RPVzZPUVcwR1hDZ1RsR1hZSGJHZmdBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMi9lNDQ1ZTQtMjZiZC00OGM5LTgzZGItN2EwZWNlOWMwYWY4
LzEvaXEyY0RPVzZPUVcwR1hDZ1RsR1hZSGJHZmdBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADIK8Sw09
Fu0lZ22u71gnjhpQZyo3h/l2DcenHk8cGnBk6Kio74K0RmUMKy7KDQs0hSb9tW0U
nHRtMvQO6kPurZzUCa6DsXy0J7Ow/hgp8pyA+QBOSTVwWsfW4wmckDu1y33JkHi1
PyOUFQKZeDIiQTtYBWNP0RlvbBZaEUp0RHrTt0pjN1xBe2DKj1xxLAuxF0KWt3rV
jZcfB7FCRR+dvmb34qniYYjwW8BPGGeR+Y7xI92qJ7DFLjpMQLt/VKVRTfjzJ0iC
+0UIbG92VL2pGEV3WhnwrlZw5258Qv4PpwGN8j57w2TY2n19iC5opm2IgE0KztVc
wqqdFAJz2T3ApQ==
-----END CERTIFICATE-----
Generated at Mon Oct 20 14:58:06 2025 by rpki-client