Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/89ff47-0b7b-4309-a8af-2cbd55f9a8ee/1/aaKML4THXo0DiGlDVRUt0rcx8kk.mft
File:                     aaKML4THXo0DiGlDVRUt0rcx8kk.mft (raw, json)
Hash identifier:          R9dPYYXXP3p85G57+mRZxLy30O2NMsrRJVgtUSwHRS4=
Subject key identifier:   D4:10:7C:CE:84:CF:02:FE:39:23:CE:17:30:8B:1C:0E:4F:41:FA:BE
Authority key identifier: 69:A2:8C:2F:84:C7:5E:8D:03:88:69:43:55:15:2D:D2:B7:31:F2:49
Certificate issuer:       /CN=69a28c2f84c75e8d0388694355152dd2b731f249
Certificate serial:       0199FB46179CB2BC930A43FFD0ED982476E1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/aaKML4THXo0DiGlDVRUt0rcx8kk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3a/89ff47-0b7b-4309-a8af-2cbd55f9a8ee/1/aaKML4THXo0DiGlDVRUt0rcx8kk.mft
Manifest number:          16E4
Signing time:             Sun 19 Oct 2025 07:01:38 +0000
Manifest this update:     Sun 19 Oct 2025 07:01:38 +0000
Manifest next update:     Mon 20 Oct 2025 07:01:38 +0000
Files and hashes:         1: WdYc6wSLVkfUe7irxf4uyXxEIsM.roa (hash: dpYwLA3RR3eH0lZ7/JtVVQoaXF1Y2bKy7GfyH86APlE=)
                          2: aaKML4THXo0DiGlDVRUt0rcx8kk.crl (hash: L/S7tLqfqB9S3qa5ugschem6W3Y4sFkZlu7brh+Gz84=)
                          3: tUMiGCgmsKV0vxqojlEA4oJxpRM.roa (hash: UydNeJbpnz/tc0fGV+RmvBf+BwmLoVjaXgDPrRLbpVY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3a/89ff47-0b7b-4309-a8af-2cbd55f9a8ee/1/aaKML4THXo0DiGlDVRUt0rcx8kk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3a/89ff47-0b7b-4309-a8af-2cbd55f9a8ee/1/aaKML4THXo0DiGlDVRUt0rcx8kk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/aaKML4THXo0DiGlDVRUt0rcx8kk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 06:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fb:46:17:9c:b2:bc:93:0a:43:ff:d0:ed:98:24:76:e1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=69a28c2f84c75e8d0388694355152dd2b731f249
        Validity
            Not Before: Oct 19 07:01:38 2025 GMT
            Not After : Oct 20 07:01:38 2025 GMT
        Subject: CN=d4107cce84cf02fe3923ce17308b1c0e4f41fabe
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9a:c3:c9:71:dc:19:13:4b:01:d9:17:c4:0d:d7:
                    0f:a2:44:00:a2:4a:d5:e1:91:24:75:f9:2d:0c:b6:
                    cd:00:bc:9c:9b:c6:c1:bd:70:64:68:28:65:ba:72:
                    a7:27:41:0b:e5:ef:01:1f:83:84:b3:5a:e3:45:f0:
                    28:30:71:cc:11:e2:90:e8:93:60:e9:a5:a7:bf:2b:
                    49:57:da:d7:e9:c5:22:fb:59:1d:3f:a3:cb:aa:e6:
                    f1:50:61:a4:0b:ff:48:13:ec:43:8a:9e:e8:45:7c:
                    1b:09:a0:27:bc:22:cb:c5:23:6b:a1:00:83:7d:cb:
                    d2:4b:53:8c:89:c3:69:cb:7f:fa:44:cc:7d:20:c4:
                    12:b3:5e:d1:19:68:9a:88:e3:e8:98:49:6b:14:5a:
                    d6:9d:b0:1b:da:70:11:97:a5:1c:da:2e:76:52:3a:
                    10:3c:ba:39:d4:ed:38:f1:d3:0f:41:da:10:07:fe:
                    0f:88:a8:0b:c0:f6:73:65:56:d7:bd:82:d7:d0:a4:
                    b0:c5:3b:69:f0:13:fd:a1:0e:74:93:f8:7b:b1:d7:
                    ec:30:1d:61:f8:1d:02:34:09:2b:87:65:11:ed:68:
                    cc:7f:cc:bb:98:d4:d0:8e:d8:40:06:4d:11:d3:3f:
                    5b:ee:fb:a1:03:e4:bd:8a:de:f6:d3:f0:be:2e:9f:
                    98:8b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D4:10:7C:CE:84:CF:02:FE:39:23:CE:17:30:8B:1C:0E:4F:41:FA:BE
            X509v3 Authority Key Identifier:
                keyid:69:A2:8C:2F:84:C7:5E:8D:03:88:69:43:55:15:2D:D2:B7:31:F2:49

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aaKML4THXo0DiGlDVRUt0rcx8kk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/89ff47-0b7b-4309-a8af-2cbd55f9a8ee/1/aaKML4THXo0DiGlDVRUt0rcx8kk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/89ff47-0b7b-4309-a8af-2cbd55f9a8ee/1/aaKML4THXo0DiGlDVRUt0rcx8kk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         14:4a:48:8f:e7:62:e5:db:47:26:36:6e:ec:bf:69:f9:60:bf:
         38:76:80:bd:a6:bc:37:87:a3:f9:e3:dc:94:fb:c6:28:fe:20:
         32:98:4d:2c:c7:84:67:71:71:97:8a:0f:49:8e:e5:ca:77:c3:
         0d:43:b1:f2:16:23:86:f6:e4:cd:11:b6:47:ad:d7:88:22:2c:
         8e:ff:5e:17:a2:c2:3d:64:90:e4:1a:8e:ca:a4:8c:07:22:a9:
         81:d3:b0:e0:16:2b:72:fb:90:eb:66:7b:55:8e:1c:e4:d1:d7:
         25:17:f5:b2:b9:a5:fb:01:90:3e:dd:3d:38:d5:61:ef:0f:93:
         ba:e4:29:a3:fa:6b:39:d1:36:09:e4:da:81:0a:ce:05:22:9b:
         61:ce:13:ce:49:cd:0a:94:6c:e4:84:9f:d7:d3:92:c0:fa:79:
         14:f8:12:45:7f:19:90:46:81:85:ee:fb:89:a8:dd:28:d5:7c:
         ba:01:79:88:1d:6a:95:c4:5a:bd:76:1c:97:af:1a:1f:9a:b2:
         e7:07:7c:0d:eb:21:d2:22:2b:16:16:df:8f:e5:18:bc:c5:8f:
         03:23:5a:62:2e:73:b9:f6:52:a2:37:60:5d:81:47:06:a0:45:
         bb:6e:cf:df:74:b3:a4:ae:71:bd:af:39:3c:dc:0b:1a:4d:84:
         ca:c7:4a:2b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn7RhecsryTCkP/0O2YJHbhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY5YTI4YzJmODRjNzVlOGQwMzg4Njk0MzU1MTUyZGQyYjcz
MWYyNDkwHhcNMjUxMDE5MDcwMTM4WhcNMjUxMDIwMDcwMTM4WjAzMTEwLwYDVQQD
EyhkNDEwN2NjZTg0Y2YwMmZlMzkyM2NlMTczMDhiMWMwZTRmNDFmYWJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmsPJcdwZE0sB2RfEDdcPokQAokrV
4ZEkdfktDLbNALycm8bBvXBkaChlunKnJ0EL5e8BH4OEs1rjRfAoMHHMEeKQ6JNg
6aWnvytJV9rX6cUi+1kdP6PLqubxUGGkC/9IE+xDip7oRXwbCaAnvCLLxSNroQCD
fcvSS1OMicNpy3/6RMx9IMQSs17RGWiaiOPomElrFFrWnbAb2nARl6Uc2i52UjoQ
PLo51O048dMPQdoQB/4PiKgLwPZzZVbXvYLX0KSwxTtp8BP9oQ50k/h7sdfsMB1h
+B0CNAkrh2UR7WjMf8y7mNTQjthABk0R0z9b7vuhA+S9it720/C+Lp+YiwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNQQfM6EzwL+OSPOFzCLHA5PQfq+MB8GA1UdIwQY
MBaAFGmijC+Ex16NA4hpQ1UVLdK3MfJJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYWFLTUw0VEhYbzBEaUdsRFZSVXQwcmN4OGtrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS84OWZmNDctMGI3Yi00MzA5LWE4YWYt
MmNiZDU1ZjlhOGVlLzEvYWFLTUw0VEhYbzBEaUdsRFZSVXQwcmN4OGtrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS84OWZmNDctMGI3Yi00MzA5LWE4YWYtMmNiZDU1ZjlhOGVl
LzEvYWFLTUw0VEhYbzBEaUdsRFZSVXQwcmN4OGtrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAFEpIj+di
5dtHJjZu7L9p+WC/OHaAvaa8N4ej+ePclPvGKP4gMphNLMeEZ3Fxl4oPSY7lynfD
DUOx8hYjhvbkzRG2R63XiCIsjv9eF6LCPWSQ5BqOyqSMByKpgdOw4BYrcvuQ62Z7
VY4c5NHXJRf1srml+wGQPt09ONVh7w+TuuQpo/prOdE2CeTagQrOBSKbYc4TzknN
CpRs5ISf19OSwPp5FPgSRX8ZkEaBhe77iajdKNV8ugF5iB1qlcRavXYcl68aH5qy
5wd8Desh0iIrFhbfj+UYvMWPAyNaYi5zufZSojdgXYFHBqBFu27P33SzpK5xva85
PNwLGk2EysdKKw==
-----END CERTIFICATE-----
Generated at Sun Oct 19 15:19:18 2025 by rpki-client