Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/44/058509-2fe7-486b-b4ad-8c74f9dd67fc/1/itkoGq_vyDda2LS35gSJlVWVIjc.mft
File:                     itkoGq_vyDda2LS35gSJlVWVIjc.mft (raw, json)
Hash identifier:          Ik2j5u72Aut4dGlKIbJ0Bfj7C8BQr9sHUwnRwY55AzY=
Subject key identifier:   81:5B:CA:0A:FD:88:9B:18:45:19:CF:2C:68:6E:10:CD:0C:0A:87:0F
Authority key identifier: 8A:D9:28:1A:AF:EF:C8:37:5A:D8:B4:B7:E6:04:89:95:55:95:22:37
Certificate issuer:       /CN=8ad9281aafefc8375ad8b4b7e604899555952237
Certificate serial:       0199FBEB8C205D3988AE72CF7D5F8B1600C6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/itkoGq_vyDda2LS35gSJlVWVIjc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/44/058509-2fe7-486b-b4ad-8c74f9dd67fc/1/itkoGq_vyDda2LS35gSJlVWVIjc.mft
Manifest number:          16E2
Signing time:             Sun 19 Oct 2025 10:02:21 +0000
Manifest this update:     Sun 19 Oct 2025 10:02:21 +0000
Manifest next update:     Mon 20 Oct 2025 10:02:21 +0000
Files and hashes:         1: S5poUcmm58bh9LYHwgnRXNYgnoA.roa (hash: lYdAfaTYBlu17YVjsaWJtgDfvkSUWB0Kx0isvQs/8cw=)
                          2: UH7ERX2uEAwiuiu2EIP73IUUkwI.roa (hash: 71rfZI37bB6WKWLPGXn68iFKAbS6rOx+kOHCTWBrP9Q=)
                          3: cFWMX2o_ui2JzGo_3BwtmNDE6Xg.roa (hash: XCpyD2PZhsa33O69EMpxJ6xZIifq0UTk39opm80d+zI=)
                          4: itkoGq_vyDda2LS35gSJlVWVIjc.crl (hash: dCwWwrNBacwx90ZxlXSpl49yu7TuriStk2Kk3XMTT4U=)
                          5: sShD_q4ceLwxQ66Q2G4C6NLHOns.roa (hash: BiX0Ojf2DbZMT20uSZBtFAbZP4As97iO/AHVcU+bzqI=)
                          6: tk3p5E2XBBz_gCKcQbPuR2gwU6g.roa (hash: /uRgiUmwXV30g9CXl0HkFIaUTifbBZ9DvHMj/iIVKLM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/44/058509-2fe7-486b-b4ad-8c74f9dd67fc/1/itkoGq_vyDda2LS35gSJlVWVIjc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/44/058509-2fe7-486b-b4ad-8c74f9dd67fc/1/itkoGq_vyDda2LS35gSJlVWVIjc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/itkoGq_vyDda2LS35gSJlVWVIjc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 06:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fb:eb:8c:20:5d:39:88:ae:72:cf:7d:5f:8b:16:00:c6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8ad9281aafefc8375ad8b4b7e604899555952237
        Validity
            Not Before: Oct 19 10:02:21 2025 GMT
            Not After : Oct 20 10:02:21 2025 GMT
        Subject: CN=815bca0afd889b184519cf2c686e10cd0c0a870f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:f1:06:88:d2:92:57:31:52:76:c4:ab:ef:24:
                    77:39:74:85:40:70:03:fd:b0:f1:1a:cc:ec:80:fe:
                    13:e6:5e:8d:da:d0:4c:27:43:f2:9f:43:b4:d6:b3:
                    87:23:f4:9d:7b:46:83:63:e5:c3:1e:f9:2b:75:18:
                    74:87:49:9d:5c:e5:eb:1c:1b:cd:bf:fc:3e:1d:9d:
                    75:53:69:1b:88:df:ca:66:88:ef:c4:34:f9:8f:ac:
                    79:5f:f1:70:15:cf:1e:b9:73:d2:93:c3:ef:59:2f:
                    72:2c:b6:6f:e7:11:60:18:f0:d8:9a:93:c1:e5:06:
                    56:43:be:a0:71:8f:cd:a7:7a:29:5a:ff:a0:34:b8:
                    2a:3a:3c:10:d2:cf:d3:fe:43:83:70:28:95:26:55:
                    07:f0:b3:8b:bf:2e:31:a7:69:ea:67:11:3d:07:df:
                    04:5d:bb:3b:64:b0:ee:42:58:2d:0a:2f:6a:a5:85:
                    1e:f1:d2:00:c9:a9:84:ce:96:37:f8:67:e0:ac:11:
                    94:9e:a2:02:3f:a1:61:e7:a9:b6:13:9c:20:3a:81:
                    4e:3b:9e:7b:6b:ad:21:96:50:e7:aa:27:02:21:b6:
                    bf:ed:13:d8:84:ba:65:c8:7c:e7:57:b6:cc:81:81:
                    cf:74:19:13:cd:cd:31:5b:bb:b7:07:11:39:5d:a8:
                    39:c9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                81:5B:CA:0A:FD:88:9B:18:45:19:CF:2C:68:6E:10:CD:0C:0A:87:0F
            X509v3 Authority Key Identifier:
                keyid:8A:D9:28:1A:AF:EF:C8:37:5A:D8:B4:B7:E6:04:89:95:55:95:22:37

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/itkoGq_vyDda2LS35gSJlVWVIjc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/44/058509-2fe7-486b-b4ad-8c74f9dd67fc/1/itkoGq_vyDda2LS35gSJlVWVIjc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/44/058509-2fe7-486b-b4ad-8c74f9dd67fc/1/itkoGq_vyDda2LS35gSJlVWVIjc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         43:7c:63:f5:7c:50:91:47:28:56:59:23:e4:68:57:20:bc:f4:
         6d:51:4f:61:9f:6c:37:83:0d:ba:6c:b5:95:fa:34:5d:a6:97:
         5b:e7:71:27:c6:b8:11:d5:30:80:fa:79:48:be:8d:65:1f:6a:
         c0:23:32:d5:f3:76:8d:66:44:ff:be:2c:b8:74:4e:a5:21:b6:
         3d:94:3d:47:5d:42:d1:19:bb:ae:9c:03:47:ca:15:19:95:d3:
         1c:9c:d8:53:0c:3d:4c:87:49:e0:66:ca:51:04:8d:b7:4a:2f:
         fd:22:04:d0:7a:cc:64:d0:ce:86:30:63:87:34:ec:01:91:cb:
         24:06:17:f7:21:f6:1f:78:54:4b:f6:c5:92:d7:1c:01:dc:fa:
         7d:13:9a:97:25:7f:65:f7:e6:c5:86:53:0a:d3:d7:f8:9c:48:
         6f:41:83:68:a1:5e:2c:1c:7a:75:1c:10:6d:32:26:e9:59:4a:
         10:f6:d2:6d:07:e0:80:eb:3b:23:1a:d0:95:f3:99:d9:f6:19:
         d8:44:a0:b2:86:20:a6:ee:5d:17:37:ce:02:1f:1a:a2:d4:50:
         8c:eb:24:59:19:77:dd:5c:36:31:3a:31:ed:15:58:ac:46:1d:
         4e:98:8e:ec:b3:e9:b5:80:be:a4:c5:03:26:81:0b:a0:77:fa:
         3c:05:1a:14
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn764wgXTmIrnLPfV+LFgDGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhhZDkyODFhYWZlZmM4Mzc1YWQ4YjRiN2U2MDQ4OTk1NTU5
NTIyMzcwHhcNMjUxMDE5MTAwMjIxWhcNMjUxMDIwMTAwMjIxWjAzMTEwLwYDVQQD
Eyg4MTViY2EwYWZkODg5YjE4NDUxOWNmMmM2ODZlMTBjZDBjMGE4NzBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp/EGiNKSVzFSdsSr7yR3OXSFQHAD
/bDxGszsgP4T5l6N2tBMJ0Pyn0O01rOHI/Sde0aDY+XDHvkrdRh0h0mdXOXrHBvN
v/w+HZ11U2kbiN/KZojvxDT5j6x5X/FwFc8euXPSk8PvWS9yLLZv5xFgGPDYmpPB
5QZWQ76gcY/Np3opWv+gNLgqOjwQ0s/T/kODcCiVJlUH8LOLvy4xp2nqZxE9B98E
Xbs7ZLDuQlgtCi9qpYUe8dIAyamEzpY3+GfgrBGUnqICP6Fh56m2E5wgOoFOO557
a60hllDnqicCIba/7RPYhLplyHznV7bMgYHPdBkTzc0xW7u3BxE5Xag5yQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIFbygr9iJsYRRnPLGhuEM0MCocPMB8GA1UdIwQY
MBaAFIrZKBqv78g3Wti0t+YEiZVVlSI3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaXRrb0dxX3Z5RGRhMkxTMzVnU0psVldWSWpjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NC8wNTg1MDktMmZlNy00ODZiLWI0YWQt
OGM3NGY5ZGQ2N2ZjLzEvaXRrb0dxX3Z5RGRhMkxTMzVnU0psVldWSWpjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NC8wNTg1MDktMmZlNy00ODZiLWI0YWQtOGM3NGY5ZGQ2N2Zj
LzEvaXRrb0dxX3Z5RGRhMkxTMzVnU0psVldWSWpjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQ3xj9XxQ
kUcoVlkj5GhXILz0bVFPYZ9sN4MNumy1lfo0XaaXW+dxJ8a4EdUwgPp5SL6NZR9q
wCMy1fN2jWZE/74suHROpSG2PZQ9R11C0Rm7rpwDR8oVGZXTHJzYUww9TIdJ4GbK
UQSNt0ov/SIE0HrMZNDOhjBjhzTsAZHLJAYX9yH2H3hUS/bFktccAdz6fROalyV/
ZffmxYZTCtPX+JxIb0GDaKFeLBx6dRwQbTIm6VlKEPbSbQfggOs7IxrQlfOZ2fYZ
2ESgsoYgpu5dFzfOAh8aotRQjOskWRl33Vw2MTox7RVYrEYdTpiO7LPptYC+pMUD
JoELoHf6PAUaFA==
-----END CERTIFICATE-----
Generated at Sun Oct 19 13:05:50 2025 by rpki-client