Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/38/a41edb-9df5-40f9-9ece-b59198b9155d/1/3RiOwuSayUWFJFtLh0Whu3oc3GY.mft
File:                     3RiOwuSayUWFJFtLh0Whu3oc3GY.mft (raw, json)
Hash identifier:          FcR7g37B2GR+w7RL0RxvySKPn15uqDCJOz8JK5Jy2Ug=
Subject key identifier:   EB:02:9D:15:18:73:86:D9:36:9B:4B:9A:EA:55:C4:8A:66:7B:0D:DF
Authority key identifier: DD:18:8E:C2:E4:9A:C9:45:85:24:5B:4B:87:45:A1:BB:7A:1C:DC:66
Certificate issuer:       /CN=dd188ec2e49ac94585245b4b8745a1bb7a1cdc66
Certificate serial:       0199FBEC59424D05C203EFFCDEEA4D056742
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3RiOwuSayUWFJFtLh0Whu3oc3GY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/38/a41edb-9df5-40f9-9ece-b59198b9155d/1/3RiOwuSayUWFJFtLh0Whu3oc3GY.mft
Manifest number:          0954
Signing time:             Sun 19 Oct 2025 10:03:14 +0000
Manifest this update:     Sun 19 Oct 2025 10:03:14 +0000
Manifest next update:     Mon 20 Oct 2025 10:03:14 +0000
Files and hashes:         1: 3RiOwuSayUWFJFtLh0Whu3oc3GY.crl (hash: 8HHVxRewiGHts9qqP4iEiOKOAFFFahRQ6Lv7tGaXybA=)
                          2: pDLly0sn53PLZlgmqVTYD5L2Et0.roa (hash: MLKk0AIXSDvV1SnhwkIbUGP+qcSM6FHopsKcU6yMV74=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/38/a41edb-9df5-40f9-9ece-b59198b9155d/1/3RiOwuSayUWFJFtLh0Whu3oc3GY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/38/a41edb-9df5-40f9-9ece-b59198b9155d/1/3RiOwuSayUWFJFtLh0Whu3oc3GY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3RiOwuSayUWFJFtLh0Whu3oc3GY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 06:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fb:ec:59:42:4d:05:c2:03:ef:fc:de:ea:4d:05:67:42
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dd188ec2e49ac94585245b4b8745a1bb7a1cdc66
        Validity
            Not Before: Oct 19 10:03:14 2025 GMT
            Not After : Oct 20 10:03:14 2025 GMT
        Subject: CN=eb029d15187386d9369b4b9aea55c48a667b0ddf
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c6:b4:75:ba:f8:d4:f3:4b:4f:d1:1b:54:47:91:
                    c3:6a:0e:90:3c:59:e7:d7:71:e8:c7:a6:b4:f6:67:
                    b7:7f:ec:3f:bd:f8:e7:77:b1:a0:ef:02:34:17:1d:
                    49:00:38:46:a0:f1:93:54:26:fd:b8:db:8b:aa:61:
                    a3:67:d1:19:d1:aa:ad:aa:8c:a8:af:52:c5:fb:cd:
                    76:01:aa:9e:18:d3:cc:90:26:bd:8e:4e:1a:f2:8f:
                    08:d1:e4:7a:38:0f:b1:a8:5a:f6:74:68:ef:31:13:
                    6e:ef:49:b8:b4:dd:82:f3:f4:0d:c1:ec:da:59:ef:
                    90:d9:fe:87:a7:a4:98:09:f4:57:95:17:72:93:4a:
                    20:71:f6:1d:7b:57:4e:b7:6e:ec:d7:eb:44:6d:f3:
                    51:68:76:e3:62:43:1b:26:9c:bf:f6:d0:24:fc:ff:
                    8a:79:ad:28:7d:a4:a5:15:d7:c2:40:5e:cf:41:56:
                    63:01:26:1c:45:41:eb:73:e8:00:bf:76:c9:c5:0d:
                    4e:0d:58:99:88:61:9c:dd:c6:b6:07:85:29:1b:e8:
                    38:cd:b9:2c:e6:fb:69:d1:bc:60:bf:de:95:50:63:
                    c0:9b:60:32:f0:d9:c6:8a:fc:c0:d8:6b:5b:6b:f7:
                    35:6f:5e:10:b0:f4:7d:e4:79:7e:4d:ef:12:2b:f3:
                    bc:af
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EB:02:9D:15:18:73:86:D9:36:9B:4B:9A:EA:55:C4:8A:66:7B:0D:DF
            X509v3 Authority Key Identifier:
                keyid:DD:18:8E:C2:E4:9A:C9:45:85:24:5B:4B:87:45:A1:BB:7A:1C:DC:66

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3RiOwuSayUWFJFtLh0Whu3oc3GY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/38/a41edb-9df5-40f9-9ece-b59198b9155d/1/3RiOwuSayUWFJFtLh0Whu3oc3GY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/38/a41edb-9df5-40f9-9ece-b59198b9155d/1/3RiOwuSayUWFJFtLh0Whu3oc3GY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         03:0c:a6:24:a1:dc:11:ed:1b:6e:0e:c8:4d:87:b2:82:f0:80:
         42:26:e2:25:5d:82:88:8f:fc:14:82:6b:88:6f:6b:f2:87:27:
         f4:42:41:c4:6b:6b:45:75:b9:50:94:28:5a:c1:3a:c3:ab:37:
         1f:f2:00:5b:8e:54:e2:b0:ca:74:fd:4e:fa:ac:a0:bb:d0:d7:
         34:bd:05:6d:04:01:f3:dd:4b:7a:4f:29:6b:6b:c2:cd:da:1e:
         3f:04:d2:66:5d:ca:8d:e5:01:5f:90:2c:04:e4:5d:3c:4e:65:
         f1:95:80:21:25:46:af:28:52:ca:61:98:34:2d:66:1d:af:34:
         ad:cf:8e:4f:4b:6b:c2:c4:ad:24:1e:7d:a0:82:5d:15:90:ea:
         b4:8a:67:66:77:f1:c7:6a:0f:27:20:ce:70:8e:7e:cb:bd:92:
         af:09:4b:8d:19:63:b4:69:7f:aa:bf:d7:63:8f:0d:5e:c9:34:
         c2:13:78:bf:1d:2b:eb:3b:8e:e9:12:83:60:f2:0e:85:fc:7e:
         41:4e:e0:5f:39:5a:7e:c0:04:d2:33:bf:8a:5e:71:b2:af:85:
         f6:1b:94:cc:de:b2:44:eb:66:81:d3:e2:8b:aa:ce:e4:63:1a:
         a2:b9:20:6f:be:4e:97:49:53:8f:bd:a7:7f:2c:d1:c2:72:62:
         ac:ef:c5:9f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn77FlCTQXCA+/83upNBWdCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkMTg4ZWMyZTQ5YWM5NDU4NTI0NWI0Yjg3NDVhMWJiN2Ex
Y2RjNjYwHhcNMjUxMDE5MTAwMzE0WhcNMjUxMDIwMTAwMzE0WjAzMTEwLwYDVQQD
EyhlYjAyOWQxNTE4NzM4NmQ5MzY5YjRiOWFlYTU1YzQ4YTY2N2IwZGRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxrR1uvjU80tP0RtUR5HDag6QPFnn
13Hox6a09me3f+w/vfjnd7Gg7wI0Fx1JADhGoPGTVCb9uNuLqmGjZ9EZ0aqtqoyo
r1LF+812AaqeGNPMkCa9jk4a8o8I0eR6OA+xqFr2dGjvMRNu70m4tN2C8/QNweza
We+Q2f6Hp6SYCfRXlRdyk0ogcfYde1dOt27s1+tEbfNRaHbjYkMbJpy/9tAk/P+K
ea0ofaSlFdfCQF7PQVZjASYcRUHrc+gAv3bJxQ1ODViZiGGc3ca2B4UpG+g4zbks
5vtp0bxgv96VUGPAm2Ay8NnGivzA2Gtba/c1b14QsPR95Hl+Te8SK/O8rwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOsCnRUYc4bZNptLmupVxIpmew3fMB8GA1UdIwQY
MBaAFN0YjsLkmslFhSRbS4dFobt6HNxmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM1JpT3d1U2F5VVdGSkZ0TGgwV2h1M29jM0dZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOC9hNDFlZGItOWRmNS00MGY5LTllY2Ut
YjU5MTk4YjkxNTVkLzEvM1JpT3d1U2F5VVdGSkZ0TGgwV2h1M29jM0dZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOC9hNDFlZGItOWRmNS00MGY5LTllY2UtYjU5MTk4YjkxNTVk
LzEvM1JpT3d1U2F5VVdGSkZ0TGgwV2h1M29jM0dZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAAwymJKHc
Ee0bbg7ITYeygvCAQibiJV2CiI/8FIJriG9r8ocn9EJBxGtrRXW5UJQoWsE6w6s3
H/IAW45U4rDKdP1O+qygu9DXNL0FbQQB891Lek8pa2vCzdoePwTSZl3KjeUBX5As
BORdPE5l8ZWAISVGryhSymGYNC1mHa80rc+OT0trwsStJB59oIJdFZDqtIpnZnfx
x2oPJyDOcI5+y72SrwlLjRljtGl/qr/XY48NXsk0whN4vx0r6zuO6RKDYPIOhfx+
QU7gXzlafsAE0jO/il5xsq+F9huUzN6yROtmgdPii6rO5GMaorkgb75Ol0lTj72n
fyzRwnJirO/Fnw==
-----END CERTIFICATE-----
Generated at Sun Oct 19 15:14:41 2025 by rpki-client