Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/d568ed-1780-4d60-a6f7-5a8360dea3a3/1/sdLmgf8j3d89UXhY4cZKHa0phyk.mft
File:                     sdLmgf8j3d89UXhY4cZKHa0phyk.mft (raw, json)
Hash identifier:          8trBI91UsPOhOESreyN5/FqjwwQ6wvOH7ne9xyIVlFg=
Subject key identifier:   56:BE:89:3B:B7:AD:F0:52:C7:85:02:E4:12:F9:81:A4:8C:17:BA:A5
Authority key identifier: B1:D2:E6:81:FF:23:DD:DF:3D:51:78:58:E1:C6:4A:1D:AD:29:87:29
Certificate issuer:       /CN=b1d2e681ff23dddf3d517858e1c64a1dad298729
Certificate serial:       0199FBEC32399962EA872C5E4B1249AC6FFD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/sdLmgf8j3d89UXhY4cZKHa0phyk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/33/d568ed-1780-4d60-a6f7-5a8360dea3a3/1/sdLmgf8j3d89UXhY4cZKHa0phyk.mft
Manifest number:          152F
Signing time:             Sun 19 Oct 2025 10:03:04 +0000
Manifest this update:     Sun 19 Oct 2025 10:03:04 +0000
Manifest next update:     Mon 20 Oct 2025 10:03:04 +0000
Files and hashes:         1: hDoqXFR8UibPRuqFY2xn-m_-15I.roa (hash: qknu8HOpVZZ1hKraF3WMV/fgLgKt1U80KJN/d09ixdI=)
                          2: sdLmgf8j3d89UXhY4cZKHa0phyk.crl (hash: DPNcmylEKDOS/lG75WXGHLI1eJXmwbRYNtvIxf4SDws=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/33/d568ed-1780-4d60-a6f7-5a8360dea3a3/1/sdLmgf8j3d89UXhY4cZKHa0phyk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/33/d568ed-1780-4d60-a6f7-5a8360dea3a3/1/sdLmgf8j3d89UXhY4cZKHa0phyk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/sdLmgf8j3d89UXhY4cZKHa0phyk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 06:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fb:ec:32:39:99:62:ea:87:2c:5e:4b:12:49:ac:6f:fd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b1d2e681ff23dddf3d517858e1c64a1dad298729
        Validity
            Not Before: Oct 19 10:03:04 2025 GMT
            Not After : Oct 20 10:03:04 2025 GMT
        Subject: CN=56be893bb7adf052c78502e412f981a48c17baa5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:bd:9d:d7:a6:d3:7a:53:0e:f3:41:1a:b8:74:
                    49:0c:e4:05:fe:7e:c0:3d:ae:b6:4e:23:b1:8f:c6:
                    0f:11:9a:ae:45:7a:3d:e5:45:04:83:0d:0d:bd:3b:
                    83:f8:10:f4:81:e9:4c:1a:2f:00:1d:27:0c:5c:ef:
                    40:cd:05:18:cb:1c:2e:b5:e8:c5:f7:7a:5c:a1:74:
                    e8:25:69:db:d3:88:c5:01:6e:b3:5c:d4:b4:56:08:
                    6d:a3:79:6f:bb:8a:8d:de:21:37:aa:d3:3c:07:74:
                    1c:0e:99:9d:52:d1:58:52:79:d3:4c:5b:30:c4:25:
                    72:b1:c9:1e:ab:f9:25:3d:9f:0c:8e:aa:f2:01:e3:
                    50:eb:a3:76:52:ac:0d:08:dd:f5:53:0e:13:e8:eb:
                    09:d3:41:35:17:c8:86:95:e0:51:ea:82:88:9c:d0:
                    26:10:c7:ce:69:a0:93:8e:32:95:f4:bc:5a:e4:c9:
                    d8:c1:5e:92:d4:d2:82:ff:bf:32:d2:3d:08:e8:0f:
                    c7:62:e9:44:fa:bf:21:d8:f8:7b:6c:8f:79:7e:1a:
                    b4:3e:e3:20:82:53:65:df:87:6d:49:6a:9c:a0:64:
                    7e:e9:98:87:a3:f2:29:aa:f8:26:f5:33:07:43:20:
                    c4:0e:78:54:e7:7e:e9:26:d6:51:bf:08:26:41:d7:
                    2b:dd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                56:BE:89:3B:B7:AD:F0:52:C7:85:02:E4:12:F9:81:A4:8C:17:BA:A5
            X509v3 Authority Key Identifier:
                keyid:B1:D2:E6:81:FF:23:DD:DF:3D:51:78:58:E1:C6:4A:1D:AD:29:87:29

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sdLmgf8j3d89UXhY4cZKHa0phyk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/d568ed-1780-4d60-a6f7-5a8360dea3a3/1/sdLmgf8j3d89UXhY4cZKHa0phyk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/33/d568ed-1780-4d60-a6f7-5a8360dea3a3/1/sdLmgf8j3d89UXhY4cZKHa0phyk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0e:ff:1b:db:02:19:e5:24:f1:ca:cc:25:55:8a:9f:f2:be:33:
         86:35:9b:df:2a:d5:51:c6:69:65:bf:be:ea:87:03:e8:4b:e5:
         83:b3:ec:da:c8:90:e7:a2:17:27:14:86:a2:e9:05:2c:84:7e:
         d9:50:2d:e5:2a:ad:c4:5e:00:91:07:d8:fc:93:03:3f:65:a8:
         49:95:c9:18:b8:58:8f:88:ca:3f:a8:7a:da:9f:83:c5:75:b6:
         88:ed:38:04:dd:a0:31:e8:f1:4b:d5:e0:29:16:18:98:5a:f6:
         11:33:6c:d9:63:79:14:02:d3:7d:af:a7:bb:57:87:c2:76:0b:
         a8:16:8a:db:4e:b6:ee:01:d5:47:fb:26:69:b7:23:c1:d8:83:
         ce:23:37:07:f6:ca:4e:8e:aa:1f:7d:29:3c:0a:1c:10:51:16:
         4a:df:13:46:72:c1:33:ac:9f:41:21:07:a6:8b:b1:d3:35:75:
         09:67:c3:9c:ba:de:cd:71:d2:c8:cb:c2:53:79:31:ac:2c:e8:
         32:65:71:1e:8f:f8:17:7a:8f:6c:6a:32:82:ff:27:82:d7:aa:
         b6:81:1f:5c:8d:c7:50:01:9e:65:4f:21:ed:d8:4b:b6:19:f2:
         0a:cd:de:00:df:a4:5f:2e:ff:31:f7:fd:b2:9d:f0:91:00:f3:
         6b:ef:e4:f1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn77DI5mWLqhyxeSxJJrG/9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxZDJlNjgxZmYyM2RkZGYzZDUxNzg1OGUxYzY0YTFkYWQy
OTg3MjkwHhcNMjUxMDE5MTAwMzA0WhcNMjUxMDIwMTAwMzA0WjAzMTEwLwYDVQQD
Eyg1NmJlODkzYmI3YWRmMDUyYzc4NTAyZTQxMmY5ODFhNDhjMTdiYWE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp72d16bTelMO80EauHRJDOQF/n7A
Pa62TiOxj8YPEZquRXo95UUEgw0NvTuD+BD0gelMGi8AHScMXO9AzQUYyxwutejF
93pcoXToJWnb04jFAW6zXNS0Vghto3lvu4qN3iE3qtM8B3QcDpmdUtFYUnnTTFsw
xCVysckeq/klPZ8MjqryAeNQ66N2UqwNCN31Uw4T6OsJ00E1F8iGleBR6oKInNAm
EMfOaaCTjjKV9Lxa5MnYwV6S1NKC/78y0j0I6A/HYulE+r8h2Ph7bI95fhq0PuMg
glNl34dtSWqcoGR+6ZiHo/Ipqvgm9TMHQyDEDnhU537pJtZRvwgmQdcr3QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFa+iTu3rfBSx4UC5BL5gaSMF7qlMB8GA1UdIwQY
MBaAFLHS5oH/I93fPVF4WOHGSh2tKYcpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc2RMbWdmOGozZDg5VVhoWTRjWktIYTBwaHlrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy9kNTY4ZWQtMTc4MC00ZDYwLWE2Zjct
NWE4MzYwZGVhM2EzLzEvc2RMbWdmOGozZDg5VVhoWTRjWktIYTBwaHlrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMy9kNTY4ZWQtMTc4MC00ZDYwLWE2ZjctNWE4MzYwZGVhM2Ez
LzEvc2RMbWdmOGozZDg5VVhoWTRjWktIYTBwaHlrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADv8b2wIZ
5STxyswlVYqf8r4zhjWb3yrVUcZpZb++6ocD6Evlg7Ps2siQ56IXJxSGoukFLIR+
2VAt5SqtxF4AkQfY/JMDP2WoSZXJGLhYj4jKP6h62p+DxXW2iO04BN2gMejxS9Xg
KRYYmFr2ETNs2WN5FALTfa+nu1eHwnYLqBaK20627gHVR/smabcjwdiDziM3B/bK
To6qH30pPAocEFEWSt8TRnLBM6yfQSEHpoux0zV1CWfDnLrezXHSyMvCU3kxrCzo
MmVxHo/4F3qPbGoygv8ngteqtoEfXI3HUAGeZU8h7dhLthnyCs3eAN+kXy7/Mff9
sp3wkQDza+/k8Q==
-----END CERTIFICATE-----
Generated at Sun Oct 19 13:05:23 2025 by rpki-client