Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/755c55-c4f5-4cb7-871d-69c68e2ef27d/1/2pxnKeHomJmE3YAtGpDonOL-Nzw.mft
File:                     2pxnKeHomJmE3YAtGpDonOL-Nzw.mft (raw, json)
Hash identifier:          9gELKfEEG/StjlVtgq43xmzYs6Vj/I+N7/RESRnpUSs=
Subject key identifier:   EE:AA:B7:10:31:3C:0A:7A:98:E3:94:CA:80:E5:20:6E:00:70:98:E7
Authority key identifier: DA:9C:67:29:E1:E8:98:99:84:DD:80:2D:1A:90:E8:9C:E2:FE:37:3C
Certificate issuer:       /CN=da9c6729e1e8989984dd802d1a90e89ce2fe373c
Certificate serial:       019A00D9F623E05EF5786C8D8FE035D867E4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2pxnKeHomJmE3YAtGpDonOL-Nzw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/28/755c55-c4f5-4cb7-871d-69c68e2ef27d/1/2pxnKeHomJmE3YAtGpDonOL-Nzw.mft
Manifest number:          16E4
Signing time:             Mon 20 Oct 2025 09:01:15 +0000
Manifest this update:     Mon 20 Oct 2025 09:01:15 +0000
Manifest next update:     Tue 21 Oct 2025 09:01:15 +0000
Files and hashes:         1: 24_mmtOlkG05yQ7mb26MLLzNTPk.roa (hash: NN9FJFjMrEoXgY4DCGNqxgbjsbFf0mQojMZSGAkFQFg=)
                          2: 2pxnKeHomJmE3YAtGpDonOL-Nzw.crl (hash: UXbCGlvJmnd4AXgl97tLnAtns1Id2n3nuh8FsJxSzVQ=)
                          3: bhkCmw6Utz1WDIi1a3ZQnDXW25w.roa (hash: vuvSrc/xAi8bu4mOjDMbPo9yb6kp8ev2fK1dkeS76Yo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/28/755c55-c4f5-4cb7-871d-69c68e2ef27d/1/2pxnKeHomJmE3YAtGpDonOL-Nzw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/28/755c55-c4f5-4cb7-871d-69c68e2ef27d/1/2pxnKeHomJmE3YAtGpDonOL-Nzw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2pxnKeHomJmE3YAtGpDonOL-Nzw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 21 Oct 2025 09:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:00:d9:f6:23:e0:5e:f5:78:6c:8d:8f:e0:35:d8:67:e4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=da9c6729e1e8989984dd802d1a90e89ce2fe373c
        Validity
            Not Before: Oct 20 09:01:15 2025 GMT
            Not After : Oct 21 09:01:15 2025 GMT
        Subject: CN=eeaab710313c0a7a98e394ca80e5206e007098e7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:b2:b5:96:cd:71:a5:bf:f2:6c:38:a9:ca:8c:
                    97:5c:ff:df:d4:ea:84:6f:b3:61:e0:29:c5:c4:c3:
                    83:99:71:2b:8a:d3:9a:38:57:27:0e:ed:de:ec:94:
                    82:49:98:4b:bc:2d:86:72:c1:13:eb:37:44:5a:63:
                    26:64:9b:cc:de:73:e6:e8:56:c4:7a:f7:ec:de:7d:
                    ca:ba:fc:a4:11:35:d8:56:eb:92:18:f2:2b:d1:f2:
                    7e:e8:05:ba:64:76:02:91:22:d0:13:b3:1b:ca:26:
                    b2:90:d1:61:bf:95:43:32:d7:34:69:a2:c3:5f:65:
                    62:c9:e7:bf:4d:9a:00:98:f2:7a:33:46:77:7f:4d:
                    5e:ee:a6:06:04:5b:ad:6e:94:56:33:7c:e2:8a:be:
                    4b:0c:8f:c5:04:20:90:bb:e7:71:1a:b8:ab:63:46:
                    93:fa:93:38:3e:37:66:29:b1:be:1e:af:43:c4:8e:
                    8a:d8:8c:a9:c1:15:59:65:21:06:24:61:61:c3:3c:
                    27:04:09:ae:87:1f:0d:1a:bc:6f:5b:46:5f:f7:11:
                    db:7c:25:eb:38:28:ca:30:91:7c:d0:b0:fb:4d:45:
                    fc:53:22:79:85:f6:30:f7:ac:4f:09:68:98:32:97:
                    56:21:e7:62:0d:e1:ce:95:47:3f:94:fd:bb:b9:af:
                    30:55
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EE:AA:B7:10:31:3C:0A:7A:98:E3:94:CA:80:E5:20:6E:00:70:98:E7
            X509v3 Authority Key Identifier:
                keyid:DA:9C:67:29:E1:E8:98:99:84:DD:80:2D:1A:90:E8:9C:E2:FE:37:3C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2pxnKeHomJmE3YAtGpDonOL-Nzw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/755c55-c4f5-4cb7-871d-69c68e2ef27d/1/2pxnKeHomJmE3YAtGpDonOL-Nzw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/28/755c55-c4f5-4cb7-871d-69c68e2ef27d/1/2pxnKeHomJmE3YAtGpDonOL-Nzw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         89:7e:8e:59:71:0b:a3:bb:9d:9f:46:6f:3b:f8:50:04:5a:de:
         73:c0:c6:c3:23:35:d9:8b:3f:51:7b:c5:05:e8:1b:d3:2e:04:
         64:a2:16:d0:50:93:bd:29:2d:44:a3:50:12:46:8b:52:c3:c1:
         f4:88:3e:f3:f7:36:de:56:71:2f:b4:3d:66:1e:fd:98:5a:39:
         94:e7:57:6c:65:0f:53:a6:54:36:24:95:2a:88:93:6d:80:96:
         0e:38:b1:8f:38:30:d2:79:81:c7:39:bb:97:9a:20:86:a2:ef:
         ba:94:5a:fa:15:a5:5e:5f:76:31:56:c8:de:e0:49:37:a0:77:
         a4:11:27:13:77:db:45:20:3f:fd:31:f5:ce:6a:43:ee:f9:c5:
         b8:32:ea:f5:10:1c:9b:c7:62:bd:92:ce:79:02:f6:6b:d7:ba:
         9d:47:c7:8d:cf:13:21:ad:71:d3:df:45:6a:a3:17:d3:99:7b:
         8b:1b:cf:41:89:55:90:7a:82:f3:5b:00:e4:f7:3b:df:70:51:
         24:07:9e:b4:b4:58:cb:92:7e:ee:6e:3a:30:f7:74:a4:e1:2f:
         2b:c8:51:78:01:ca:71:1b:47:40:0c:81:34:46:14:50:a7:93:
         f0:f1:8a:88:a7:a3:41:3f:e5:8b:7e:5b:86:dc:96:1a:86:2f:
         2f:12:8c:16
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZoA2fYj4F71eGyNj+A12GfkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhOWM2NzI5ZTFlODk4OTk4NGRkODAyZDFhOTBlODljZTJm
ZTM3M2MwHhcNMjUxMDIwMDkwMTE1WhcNMjUxMDIxMDkwMTE1WjAzMTEwLwYDVQQD
EyhlZWFhYjcxMDMxM2MwYTdhOThlMzk0Y2E4MGU1MjA2ZTAwNzA5OGU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArrK1ls1xpb/ybDipyoyXXP/f1OqE
b7Nh4CnFxMODmXEritOaOFcnDu3e7JSCSZhLvC2GcsET6zdEWmMmZJvM3nPm6FbE
evfs3n3KuvykETXYVuuSGPIr0fJ+6AW6ZHYCkSLQE7MbyiaykNFhv5VDMtc0aaLD
X2Viyee/TZoAmPJ6M0Z3f01e7qYGBFutbpRWM3ziir5LDI/FBCCQu+dxGrirY0aT
+pM4PjdmKbG+Hq9DxI6K2IypwRVZZSEGJGFhwzwnBAmuhx8NGrxvW0Zf9xHbfCXr
OCjKMJF80LD7TUX8UyJ5hfYw96xPCWiYMpdWIediDeHOlUc/lP27ua8wVQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFO6qtxAxPAp6mOOUyoDlIG4AcJjnMB8GA1UdIwQY
MBaAFNqcZynh6JiZhN2ALRqQ6Jzi/jc8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMnB4bktlSG9tSm1FM1lBdEdwRG9uT0wtTnp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC83NTVjNTUtYzRmNS00Y2I3LTg3MWQt
NjljNjhlMmVmMjdkLzEvMnB4bktlSG9tSm1FM1lBdEdwRG9uT0wtTnp3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC83NTVjNTUtYzRmNS00Y2I3LTg3MWQtNjljNjhlMmVmMjdk
LzEvMnB4bktlSG9tSm1FM1lBdEdwRG9uT0wtTnp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAiX6OWXEL
o7udn0ZvO/hQBFrec8DGwyM12Ys/UXvFBegb0y4EZKIW0FCTvSktRKNQEkaLUsPB
9Ig+8/c23lZxL7Q9Zh79mFo5lOdXbGUPU6ZUNiSVKoiTbYCWDjixjzgw0nmBxzm7
l5oghqLvupRa+hWlXl92MVbI3uBJN6B3pBEnE3fbRSA//TH1zmpD7vnFuDLq9RAc
m8divZLOeQL2a9e6nUfHjc8TIa1x099FaqMX05l7ixvPQYlVkHqC81sA5Pc733BR
JAeetLRYy5J+7m46MPd0pOEvK8hReAHKcRtHQAyBNEYUUKeT8PGKiKejQT/li35b
htyWGoYvLxKMFg==
-----END CERTIFICATE-----
Generated at Mon Oct 20 12:40:47 2025 by rpki-client