Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/03c99d-93c5-4508-b54a-ed38c47fbac6/1/jmOEMlhq5gL_Datn0JsZUVJOggU.mft
File:                     jmOEMlhq5gL_Datn0JsZUVJOggU.mft (raw, json)
Hash identifier:          Hrj7cRLK3Izf9S3sSo+WBFpVVvx5zG2E5a+imfES3uo=
Subject key identifier:   CA:76:40:D7:39:2F:BB:D6:AC:41:6E:F1:03:09:63:C8:DA:54:FD:94
Authority key identifier: 8E:63:84:32:58:6A:E6:02:FF:0D:AB:67:D0:9B:19:51:52:4E:82:05
Certificate issuer:       /CN=8e638432586ae602ff0dab67d09b1951524e8205
Certificate serial:       019A02FEBFC61512B2884DE105A78FC373E1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/jmOEMlhq5gL_Datn0JsZUVJOggU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/50/03c99d-93c5-4508-b54a-ed38c47fbac6/1/jmOEMlhq5gL_Datn0JsZUVJOggU.mft
Manifest number:          0108
Signing time:             Mon 20 Oct 2025 19:00:40 +0000
Manifest this update:     Mon 20 Oct 2025 19:00:40 +0000
Manifest next update:     Tue 21 Oct 2025 19:00:40 +0000
Files and hashes:         1: jmOEMlhq5gL_Datn0JsZUVJOggU.crl (hash: 4LZ4OZYzXvbp8+Pigf136g8jUwdH7e0P1ftCe44e7Qo=)
                          2: lRoCCR7d7sV8zan-pzAzhXIb0yk.roa (hash: zsjWkEr7wbMEPevuos7iGWcpCUsff/MP3ODrwkUVgTo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/50/03c99d-93c5-4508-b54a-ed38c47fbac6/1/jmOEMlhq5gL_Datn0JsZUVJOggU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/50/03c99d-93c5-4508-b54a-ed38c47fbac6/1/jmOEMlhq5gL_Datn0JsZUVJOggU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/jmOEMlhq5gL_Datn0JsZUVJOggU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 21 Oct 2025 19:00:40 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:02:fe:bf:c6:15:12:b2:88:4d:e1:05:a7:8f:c3:73:e1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8e638432586ae602ff0dab67d09b1951524e8205
        Validity
            Not Before: Oct 20 19:00:40 2025 GMT
            Not After : Oct 21 19:00:40 2025 GMT
        Subject: CN=ca7640d7392fbbd6ac416ef1030963c8da54fd94
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:ee:08:c7:7d:a8:42:37:c7:40:1f:3d:fb:b7:
                    f6:ed:c1:56:f5:b9:3c:00:d4:3e:79:df:ad:26:e3:
                    03:eb:7c:20:6b:27:27:85:64:5b:83:dd:f6:4a:47:
                    71:ac:f8:bd:47:89:4b:8d:f6:96:7e:f3:92:2f:06:
                    61:e5:c1:0d:93:d9:8b:7b:2a:a6:e8:45:9e:c6:3c:
                    79:ee:e1:de:e3:ce:25:66:be:7c:24:ec:ad:c3:a3:
                    46:56:b5:e7:c9:63:6d:61:84:57:01:b3:e2:93:ad:
                    21:31:f7:fa:59:18:06:2f:a8:20:3c:c9:1f:f9:f5:
                    99:ae:56:ad:70:7a:c7:04:b0:6a:ba:4d:f7:e0:35:
                    c6:e5:0e:c7:18:f3:48:24:94:f1:7f:80:1e:52:1a:
                    3a:d0:71:de:92:3c:21:d6:69:42:82:9d:83:a4:98:
                    8c:98:55:49:1f:ad:8c:fb:7e:8a:1f:f7:a8:1a:ae:
                    70:70:20:9f:36:44:d0:4f:e1:62:02:62:19:17:63:
                    16:28:45:f0:35:2a:56:70:2b:04:81:5d:16:07:e9:
                    62:ad:af:f5:45:32:5a:4f:6a:ee:5d:9b:2a:1f:a2:
                    a1:e8:e9:21:05:9d:42:0f:00:76:ee:20:83:da:40:
                    23:6d:f9:9d:49:7d:68:c8:e9:63:6a:e3:7d:e3:c3:
                    df:a1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CA:76:40:D7:39:2F:BB:D6:AC:41:6E:F1:03:09:63:C8:DA:54:FD:94
            X509v3 Authority Key Identifier:
                keyid:8E:63:84:32:58:6A:E6:02:FF:0D:AB:67:D0:9B:19:51:52:4E:82:05

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jmOEMlhq5gL_Datn0JsZUVJOggU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/03c99d-93c5-4508-b54a-ed38c47fbac6/1/jmOEMlhq5gL_Datn0JsZUVJOggU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/50/03c99d-93c5-4508-b54a-ed38c47fbac6/1/jmOEMlhq5gL_Datn0JsZUVJOggU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2c:7f:dc:c9:47:43:0f:31:a1:da:1f:8e:50:26:83:10:7e:fb:
         fe:8b:b7:49:7d:d5:d2:c2:2b:f6:5a:fb:8e:d6:bb:2a:63:b4:
         de:19:bf:df:8d:81:88:8e:88:e8:fc:72:ff:05:70:2d:91:3b:
         68:43:0f:c1:82:6a:e4:f2:a2:84:49:0b:a7:70:3e:f8:69:a0:
         6f:ca:67:17:ac:9d:29:ba:d5:77:1e:95:d4:ef:86:6f:88:1c:
         41:49:2a:0b:f0:15:28:46:a9:e6:1b:bb:13:03:35:6b:32:d6:
         91:23:a5:a9:21:68:71:0c:28:30:90:63:ca:d9:25:87:b8:c0:
         fa:2f:2b:b4:d4:a7:c3:4a:a8:15:4f:62:6b:b0:35:95:05:e9:
         5c:4f:c6:8a:6f:4d:31:d2:3c:8a:4f:16:13:c9:09:1e:da:4f:
         f1:85:68:72:1c:95:56:c1:f1:86:98:1d:3d:b9:d8:e3:b0:01:
         b5:45:82:35:cd:53:c3:6c:94:df:f8:51:8d:ba:ff:ca:a6:7b:
         3a:f2:a6:d3:ba:b7:45:41:60:b3:33:6d:23:9c:9f:08:c1:ca:
         7c:96:9a:af:80:8d:91:f4:6e:e9:3a:2b:57:40:52:46:d2:dd:
         19:19:6d:67:da:9e:51:7f:1d:82:46:34:93:9a:61:23:fa:3a:
         60:b8:d2:2c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZoC/r/GFRKyiE3hBaePw3PhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhlNjM4NDMyNTg2YWU2MDJmZjBkYWI2N2QwOWIxOTUxNTI0
ZTgyMDUwHhcNMjUxMDIwMTkwMDQwWhcNMjUxMDIxMTkwMDQwWjAzMTEwLwYDVQQD
EyhjYTc2NDBkNzM5MmZiYmQ2YWM0MTZlZjEwMzA5NjNjOGRhNTRmZDk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtu4Ix32oQjfHQB89+7f27cFW9bk8
ANQ+ed+tJuMD63wgaycnhWRbg932SkdxrPi9R4lLjfaWfvOSLwZh5cENk9mLeyqm
6EWexjx57uHe484lZr58JOytw6NGVrXnyWNtYYRXAbPik60hMff6WRgGL6ggPMkf
+fWZrlatcHrHBLBquk334DXG5Q7HGPNIJJTxf4AeUho60HHekjwh1mlCgp2DpJiM
mFVJH62M+36KH/eoGq5wcCCfNkTQT+FiAmIZF2MWKEXwNSpWcCsEgV0WB+lira/1
RTJaT2ruXZsqH6Kh6OkhBZ1CDwB27iCD2kAjbfmdSX1oyOljauN948PfoQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMp2QNc5L7vWrEFu8QMJY8jaVP2UMB8GA1UdIwQY
MBaAFI5jhDJYauYC/w2rZ9CbGVFSToIFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvam1PRU1saHE1Z0xfRGF0bjBKc1pVVkpPZ2dVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MC8wM2M5OWQtOTNjNS00NTA4LWI1NGEt
ZWQzOGM0N2ZiYWM2LzEvam1PRU1saHE1Z0xfRGF0bjBKc1pVVkpPZ2dVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MC8wM2M5OWQtOTNjNS00NTA4LWI1NGEtZWQzOGM0N2ZiYWM2
LzEvam1PRU1saHE1Z0xfRGF0bjBKc1pVVkpPZ2dVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALH/cyUdD
DzGh2h+OUCaDEH77/ou3SX3V0sIr9lr7jta7KmO03hm/342BiI6I6Pxy/wVwLZE7
aEMPwYJq5PKihEkLp3A++Gmgb8pnF6ydKbrVdx6V1O+Gb4gcQUkqC/AVKEap5hu7
EwM1azLWkSOlqSFocQwoMJBjytklh7jA+i8rtNSnw0qoFU9ia7A1lQXpXE/Gim9N
MdI8ik8WE8kJHtpP8YVochyVVsHxhpgdPbnY47ABtUWCNc1Tw2yU3/hRjbr/yqZ7
OvKm07q3RUFgszNtI5yfCMHKfJaar4CNkfRu6TorV0BSRtLdGRltZ9qeUX8dgkY0
k5phI/o6YLjSLA==
-----END CERTIFICATE-----
Generated at Tue Oct 21 03:11:36 2025 by rpki-client