Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/55/a10ddf-bb6e-4bb0-beff-0e68000b3537/1/iZOf8Sk7fiJ3n8VbTIPxPlLpRCg.mft
File:                     iZOf8Sk7fiJ3n8VbTIPxPlLpRCg.mft (raw, json)
Hash identifier:          djqztg80B5JdgV3KIh8XA/7CwtoBAmwVE93p/JroFnM=
Subject key identifier:   22:5A:8C:23:C7:9B:B9:8F:57:48:28:8C:D6:13:20:92:24:81:16:DA
Authority key identifier: 89:93:9F:F1:29:3B:7E:22:77:9F:C5:5B:4C:83:F1:3E:52:E9:44:28
Certificate issuer:       /CN=89939ff1293b7e22779fc55b4c83f13e52e94428
Certificate serial:       019A0147BD67756998575789253F148A2D09
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/iZOf8Sk7fiJ3n8VbTIPxPlLpRCg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/55/a10ddf-bb6e-4bb0-beff-0e68000b3537/1/iZOf8Sk7fiJ3n8VbTIPxPlLpRCg.mft
Manifest number:          16BB
Signing time:             Mon 20 Oct 2025 11:01:10 +0000
Manifest this update:     Mon 20 Oct 2025 11:01:10 +0000
Manifest next update:     Tue 21 Oct 2025 11:01:10 +0000
Files and hashes:         1: QdF_t5GM6hFZDI7Ycz1kPbhRE0s.roa (hash: gZA+5nFU0e3J+dZOb0p/gBtvIfB/51rVDEOTe4nlfP8=)
                          2: iZOf8Sk7fiJ3n8VbTIPxPlLpRCg.crl (hash: nBDjZvgd3dI7DW3W4EZgrEr7c0t76sbfBObIXYQQ/uQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/55/a10ddf-bb6e-4bb0-beff-0e68000b3537/1/iZOf8Sk7fiJ3n8VbTIPxPlLpRCg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/55/a10ddf-bb6e-4bb0-beff-0e68000b3537/1/iZOf8Sk7fiJ3n8VbTIPxPlLpRCg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/iZOf8Sk7fiJ3n8VbTIPxPlLpRCg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 21 Oct 2025 09:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:01:47:bd:67:75:69:98:57:57:89:25:3f:14:8a:2d:09
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=89939ff1293b7e22779fc55b4c83f13e52e94428
        Validity
            Not Before: Oct 20 11:01:10 2025 GMT
            Not After : Oct 21 11:01:10 2025 GMT
        Subject: CN=225a8c23c79bb98f5748288cd6132092248116da
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a1:66:48:09:a3:61:5c:44:de:cd:71:8c:54:e1:
                    61:e3:c6:dc:29:62:80:2a:e4:c4:8d:5d:eb:f7:01:
                    72:a3:35:d1:95:33:04:d6:49:d0:6c:0e:f3:4f:4d:
                    01:39:cd:8b:34:de:25:79:42:79:c5:80:39:6a:1a:
                    d1:08:03:fc:92:2e:c9:77:f6:cd:94:9d:ab:41:d5:
                    51:e5:18:2e:18:12:8f:52:f2:54:45:0a:c6:71:9d:
                    cb:4f:30:e9:ec:a1:24:2a:40:9d:3a:03:c1:26:34:
                    7c:86:97:62:ba:a6:de:ae:4d:75:6b:6a:40:0d:82:
                    3c:40:16:af:1c:81:58:4e:36:81:81:99:27:77:b8:
                    2d:94:e0:57:f9:04:d7:09:99:92:3e:cd:1e:ed:49:
                    64:c8:2c:37:2b:ac:c0:65:d3:9f:e3:f8:f6:a2:6d:
                    5c:d6:b1:73:de:5a:1c:f9:41:63:d6:3c:b1:bf:31:
                    85:dd:c8:d0:9b:d8:e4:56:b3:e3:c4:3d:a9:b8:e7:
                    1a:b8:f6:4d:e0:36:9e:64:99:bf:e3:57:ce:a8:a0:
                    01:99:7c:8f:b4:cd:6c:ad:9c:9c:41:37:8a:8f:2b:
                    ef:95:75:f1:f9:84:30:89:53:9d:c5:d1:63:76:9c:
                    91:c6:16:44:4e:cf:90:ec:0a:5e:7f:18:eb:c3:b0:
                    60:c9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                22:5A:8C:23:C7:9B:B9:8F:57:48:28:8C:D6:13:20:92:24:81:16:DA
            X509v3 Authority Key Identifier:
                keyid:89:93:9F:F1:29:3B:7E:22:77:9F:C5:5B:4C:83:F1:3E:52:E9:44:28

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iZOf8Sk7fiJ3n8VbTIPxPlLpRCg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/55/a10ddf-bb6e-4bb0-beff-0e68000b3537/1/iZOf8Sk7fiJ3n8VbTIPxPlLpRCg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/55/a10ddf-bb6e-4bb0-beff-0e68000b3537/1/iZOf8Sk7fiJ3n8VbTIPxPlLpRCg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         24:2c:22:5b:c1:b8:ff:c7:80:50:1d:81:28:16:05:7b:90:b4:
         72:f7:c1:7a:57:bf:8c:a9:b7:fa:d4:04:66:05:90:eb:be:5f:
         32:0b:84:3a:d8:4f:63:3e:b0:dc:82:1b:52:cc:24:8a:94:3a:
         70:0d:f9:be:6a:87:5e:35:83:8b:94:b4:dd:4c:dc:72:be:87:
         4e:74:bf:11:e6:84:83:89:33:6f:0d:0a:38:48:8f:f2:e0:bc:
         9f:fb:2b:16:86:10:33:33:44:69:fc:f4:00:61:5b:11:75:3d:
         5e:05:c4:bf:61:aa:46:41:ae:ca:43:4c:61:63:33:36:76:0b:
         59:5f:44:99:e4:66:cf:c2:94:ff:b8:fd:51:ad:1e:dd:94:ca:
         59:ff:10:12:3c:cc:c5:32:25:6c:fe:d6:0f:29:9d:09:1b:45:
         2e:21:e4:bf:f4:1f:93:99:54:34:3f:62:af:ad:f0:61:c2:ac:
         96:d3:07:ba:d3:fb:e1:82:d8:6b:f4:60:b6:17:23:1c:f7:25:
         6f:ed:80:5b:da:94:97:a9:23:2d:51:b9:cd:5b:ec:4d:87:63:
         bb:12:a4:ed:4a:f6:42:a3:5e:aa:91:74:8e:d5:a1:98:d3:9d:
         d1:98:64:3d:3b:e3:cc:8c:d2:ea:08:52:cf:81:34:5b:ce:54:
         ff:16:cd:d0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZoBR71ndWmYV1eJJT8Uii0JMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg5OTM5ZmYxMjkzYjdlMjI3NzlmYzU1YjRjODNmMTNlNTJl
OTQ0MjgwHhcNMjUxMDIwMTEwMTEwWhcNMjUxMDIxMTEwMTEwWjAzMTEwLwYDVQQD
EygyMjVhOGMyM2M3OWJiOThmNTc0ODI4OGNkNjEzMjA5MjI0ODExNmRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoWZICaNhXETezXGMVOFh48bcKWKA
KuTEjV3r9wFyozXRlTME1knQbA7zT00BOc2LNN4leUJ5xYA5ahrRCAP8ki7Jd/bN
lJ2rQdVR5RguGBKPUvJURQrGcZ3LTzDp7KEkKkCdOgPBJjR8hpdiuqberk11a2pA
DYI8QBavHIFYTjaBgZknd7gtlOBX+QTXCZmSPs0e7UlkyCw3K6zAZdOf4/j2om1c
1rFz3loc+UFj1jyxvzGF3cjQm9jkVrPjxD2puOcauPZN4DaeZJm/41fOqKABmXyP
tM1srZycQTeKjyvvlXXx+YQwiVOdxdFjdpyRxhZETs+Q7Apefxjrw7BgyQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCJajCPHm7mPV0gojNYTIJIkgRbaMB8GA1UdIwQY
MBaAFImTn/EpO34id5/FW0yD8T5S6UQoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaVpPZjhTazdmaUozbjhWYlRJUHhQbExwUkNnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NS9hMTBkZGYtYmI2ZS00YmIwLWJlZmYt
MGU2ODAwMGIzNTM3LzEvaVpPZjhTazdmaUozbjhWYlRJUHhQbExwUkNnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NS9hMTBkZGYtYmI2ZS00YmIwLWJlZmYtMGU2ODAwMGIzNTM3
LzEvaVpPZjhTazdmaUozbjhWYlRJUHhQbExwUkNnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJCwiW8G4
/8eAUB2BKBYFe5C0cvfBele/jKm3+tQEZgWQ675fMguEOthPYz6w3IIbUswkipQ6
cA35vmqHXjWDi5S03Uzccr6HTnS/EeaEg4kzbw0KOEiP8uC8n/srFoYQMzNEafz0
AGFbEXU9XgXEv2GqRkGuykNMYWMzNnYLWV9EmeRmz8KU/7j9Ua0e3ZTKWf8QEjzM
xTIlbP7WDymdCRtFLiHkv/Qfk5lUND9ir63wYcKsltMHutP74YLYa/RgthcjHPcl
b+2AW9qUl6kjLVG5zVvsTYdjuxKk7Ur2QqNeqpF0jtWhmNOd0ZhkPTvjzIzS6ghS
z4E0W85U/xbN0A==
-----END CERTIFICATE-----
Generated at Mon Oct 20 12:56:04 2025 by rpki-client