Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/682b07-773f-46fd-82e2-b9211e1fc1ac/1/yda1mpPjJAg_vKQjfkfp9evzcas.mft
File:                     yda1mpPjJAg_vKQjfkfp9evzcas.mft (raw, json)
Hash identifier:          bThQSwrjFTENPjXmq04RRTy0xY8QxMKgbt8KZT32fE8=
Subject key identifier:   B1:6A:96:35:68:C7:BF:C4:A8:23:CF:42:0C:7E:D0:8A:87:07:BA:E9
Authority key identifier: C9:D6:B5:9A:93:E3:24:08:3F:BC:A4:23:7E:47:E9:F5:EB:F3:71:AB
Certificate issuer:       /CN=c9d6b59a93e324083fbca4237e47e9f5ebf371ab
Certificate serial:       0199FF22E995B7BA7BB6CBB6EF5301B1F432
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/yda1mpPjJAg_vKQjfkfp9evzcas.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/57/682b07-773f-46fd-82e2-b9211e1fc1ac/1/yda1mpPjJAg_vKQjfkfp9evzcas.mft
Manifest number:          170A
Signing time:             Mon 20 Oct 2025 01:01:42 +0000
Manifest this update:     Mon 20 Oct 2025 01:01:42 +0000
Manifest next update:     Tue 21 Oct 2025 01:01:42 +0000
Files and hashes:         1: N1MG3ptUi6lRkgCQgC4sjQwbS5E.roa (hash: JXk8TsLqv4eNpEsTxzdAoUG6ec7BUvgM4Lyhjc+WI9U=)
                          2: pMIZZEHYcO0IlQ8lJ-JaDY1xnJs.roa (hash: KI7tUZnJYI1JaBjFs0d5L727l5SVVoE+xByQFUZQZZI=)
                          3: uiLIHzK4-mf16_OjnZc2yUpW0us.roa (hash: RlQY7OlYxlif+RwnDDphDKPVhonzC8U4YVG2wYszXJM=)
                          4: wmxHtvcKqJtTUqnf5sR3cyCPMeg.roa (hash: /EPsVJFiMZ3O3IoH+IOAZdQSfyIhjr2V/FlxWvt6e5c=)
                          5: xF5VKoGOYu4SuTkWFtzR0bzZqmI.roa (hash: rdwu1BaRed5RxmIo/GH4jXiyNp3cFaIjeNX4kVrFm70=)
                          6: yda1mpPjJAg_vKQjfkfp9evzcas.crl (hash: L4OtQMgYsWBQEcQ+FeiZhgI2+kPBdRij/wDbnsUEs2k=)
                          7: zPFc5xzrxxMWf2K11uBlgIiWqTo.roa (hash: 3x/T35aDdfP5Wrtlu3UJYc2NEgecLDM5KH+dyoNyYx0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/57/682b07-773f-46fd-82e2-b9211e1fc1ac/1/yda1mpPjJAg_vKQjfkfp9evzcas.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/57/682b07-773f-46fd-82e2-b9211e1fc1ac/1/yda1mpPjJAg_vKQjfkfp9evzcas.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/yda1mpPjJAg_vKQjfkfp9evzcas.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 20:00:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:ff:22:e9:95:b7:ba:7b:b6:cb:b6:ef:53:01:b1:f4:32
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c9d6b59a93e324083fbca4237e47e9f5ebf371ab
        Validity
            Not Before: Oct 20 01:01:42 2025 GMT
            Not After : Oct 21 01:01:42 2025 GMT
        Subject: CN=b16a963568c7bfc4a823cf420c7ed08a8707bae9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ca:5c:74:d5:03:86:fd:fb:62:6c:ce:11:76:21:
                    26:ca:71:66:c4:26:d7:5e:9b:f2:52:88:a4:75:23:
                    a4:05:d4:a0:96:ee:31:2c:74:bc:26:8a:d8:63:d3:
                    e1:38:9a:86:f1:d7:38:39:0b:59:4a:19:9f:6d:61:
                    14:ad:4b:a4:7d:d0:12:a3:7d:24:27:fb:72:54:34:
                    b9:42:80:f0:64:f4:16:d6:db:23:09:3e:ed:03:d2:
                    99:a6:5b:eb:75:89:6a:af:95:f5:fb:01:9c:06:e2:
                    e6:af:fd:eb:92:d5:a6:0d:8e:f5:1e:f4:20:3a:3e:
                    05:97:56:69:c2:bc:06:42:cf:61:a3:1f:6d:d4:48:
                    bc:55:01:26:ca:b1:d4:8e:75:4d:6b:29:d5:b4:41:
                    64:1a:18:24:2c:5b:f8:ce:44:9d:c3:bd:72:ab:2e:
                    0f:4d:2c:f6:71:6a:08:5a:14:6b:57:d3:ad:8a:95:
                    62:a6:fe:28:fc:77:4d:03:df:10:aa:60:50:e2:20:
                    39:84:ea:d7:0f:a9:e5:66:78:a4:76:5e:9e:d9:d7:
                    18:15:26:ba:0d:d3:b7:d7:dc:9b:b0:af:23:be:95:
                    1c:3e:d2:41:b9:59:3f:bc:b4:07:ec:a0:1d:aa:e7:
                    af:57:46:59:04:94:49:12:de:2c:70:22:5b:2f:70:
                    de:33
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B1:6A:96:35:68:C7:BF:C4:A8:23:CF:42:0C:7E:D0:8A:87:07:BA:E9
            X509v3 Authority Key Identifier:
                keyid:C9:D6:B5:9A:93:E3:24:08:3F:BC:A4:23:7E:47:E9:F5:EB:F3:71:AB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yda1mpPjJAg_vKQjfkfp9evzcas.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/682b07-773f-46fd-82e2-b9211e1fc1ac/1/yda1mpPjJAg_vKQjfkfp9evzcas.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/57/682b07-773f-46fd-82e2-b9211e1fc1ac/1/yda1mpPjJAg_vKQjfkfp9evzcas.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         da:f9:c1:1d:ea:c9:1b:dd:7e:0b:96:ec:6c:bb:88:b0:23:89:
         6a:16:32:ff:91:1f:01:a2:45:77:a1:03:86:c1:ce:f7:c5:09:
         75:03:e0:6b:0c:8b:fa:a6:62:73:41:b2:7a:2a:02:d2:aa:5f:
         10:25:f2:de:b5:25:9d:c7:fb:e2:86:b7:7b:c7:34:26:8a:af:
         f3:de:04:5e:2e:e2:22:0f:74:ce:06:46:bd:0e:43:27:7d:77:
         b1:ca:68:4f:61:6f:b3:2c:60:6f:1e:35:91:28:e3:6d:93:2d:
         a6:89:1d:d7:2b:c3:5b:d2:60:02:3f:c5:b0:87:b2:a6:21:a0:
         55:b7:34:be:ac:48:96:52:d8:9b:92:2f:4b:13:bd:a9:7f:62:
         fa:fa:08:25:9d:1f:1f:4e:57:72:1b:ff:2e:af:49:ba:ed:30:
         f0:f9:ee:6e:83:30:b0:a7:48:1b:96:ae:b6:94:4e:a1:19:e3:
         24:e1:10:10:e7:4f:2e:23:6b:62:77:67:cb:89:86:41:ba:79:
         4b:be:74:66:be:ed:46:0f:61:21:2a:f0:29:ea:39:0d:7a:5c:
         c1:c1:b5:a7:33:cc:88:7e:c0:5c:6c:1f:fa:55:b7:a8:a9:36:
         c6:b9:58:5b:fd:cd:5e:c4:17:45:4d:da:ce:69:65:8e:82:d8:
         ce:58:a3:c0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn/IumVt7p7tsu271MBsfQyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM5ZDZiNTlhOTNlMzI0MDgzZmJjYTQyMzdlNDdlOWY1ZWJm
MzcxYWIwHhcNMjUxMDIwMDEwMTQyWhcNMjUxMDIxMDEwMTQyWjAzMTEwLwYDVQQD
EyhiMTZhOTYzNTY4YzdiZmM0YTgyM2NmNDIwYzdlZDA4YTg3MDdiYWU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAylx01QOG/ftibM4RdiEmynFmxCbX
XpvyUoikdSOkBdSglu4xLHS8JorYY9PhOJqG8dc4OQtZShmfbWEUrUukfdASo30k
J/tyVDS5QoDwZPQW1tsjCT7tA9KZplvrdYlqr5X1+wGcBuLmr/3rktWmDY71HvQg
Oj4Fl1ZpwrwGQs9hox9t1Ei8VQEmyrHUjnVNaynVtEFkGhgkLFv4zkSdw71yqy4P
TSz2cWoIWhRrV9OtipVipv4o/HdNA98QqmBQ4iA5hOrXD6nlZnikdl6e2dcYFSa6
DdO319ybsK8jvpUcPtJBuVk/vLQH7KAdquevV0ZZBJRJEt4scCJbL3DeMwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLFqljVox7/EqCPPQgx+0IqHB7rpMB8GA1UdIwQY
MBaAFMnWtZqT4yQIP7ykI35H6fXr83GrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWRhMW1wUGpKQWdfdktRamZrZnA5ZXZ6Y2FzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny82ODJiMDctNzczZi00NmZkLTgyZTIt
YjkyMTFlMWZjMWFjLzEveWRhMW1wUGpKQWdfdktRamZrZnA5ZXZ6Y2FzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny82ODJiMDctNzczZi00NmZkLTgyZTItYjkyMTFlMWZjMWFj
LzEveWRhMW1wUGpKQWdfdktRamZrZnA5ZXZ6Y2FzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEA2vnBHerJ
G91+C5bsbLuIsCOJahYy/5EfAaJFd6EDhsHO98UJdQPgawyL+qZic0GyeioC0qpf
ECXy3rUlncf74oa3e8c0Joqv894EXi7iIg90zgZGvQ5DJ313scpoT2Fvsyxgbx41
kSjjbZMtpokd1yvDW9JgAj/FsIeypiGgVbc0vqxIllLYm5IvSxO9qX9i+voIJZ0f
H05Xchv/Lq9Juu0w8PnuboMwsKdIG5autpROoRnjJOEQEOdPLiNrYndny4mGQbp5
S750Zr7tRg9hISrwKeo5DXpcwcG1pzPMiH7AXGwf+lW3qKk2xrlYW/3NXsQXRU3a
zmlljoLYzlijwA==
-----END CERTIFICATE-----
Generated at Mon Oct 20 03:41:48 2025 by rpki-client