Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/682b07-773f-46fd-82e2-b9211e1fc1ac/1/yda1mpPjJAg_vKQjfkfp9evzcas.mft
File:                     yda1mpPjJAg_vKQjfkfp9evzcas.mft (raw, json)
Hash identifier:          mOVPOmmSaDC+3rvb6Y6WhU2aHQC4j0ERVxjnZtamTq8=
Subject key identifier:   B8:13:AA:B8:13:D8:1A:55:5C:43:4E:27:6D:57:D6:D4:03:D3:0C:30
Authority key identifier: C9:D6:B5:9A:93:E3:24:08:3F:BC:A4:23:7E:47:E9:F5:EB:F3:71:AB
Certificate issuer:       /CN=c9d6b59a93e324083fbca4237e47e9f5ebf371ab
Certificate serial:       0199FD342D14E1012A8B941A0B69CCC27C3F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/yda1mpPjJAg_vKQjfkfp9evzcas.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/57/682b07-773f-46fd-82e2-b9211e1fc1ac/1/yda1mpPjJAg_vKQjfkfp9evzcas.mft
Manifest number:          1709
Signing time:             Sun 19 Oct 2025 16:01:19 +0000
Manifest this update:     Sun 19 Oct 2025 16:01:19 +0000
Manifest next update:     Mon 20 Oct 2025 16:01:19 +0000
Files and hashes:         1: N1MG3ptUi6lRkgCQgC4sjQwbS5E.roa (hash: JXk8TsLqv4eNpEsTxzdAoUG6ec7BUvgM4Lyhjc+WI9U=)
                          2: pMIZZEHYcO0IlQ8lJ-JaDY1xnJs.roa (hash: KI7tUZnJYI1JaBjFs0d5L727l5SVVoE+xByQFUZQZZI=)
                          3: uiLIHzK4-mf16_OjnZc2yUpW0us.roa (hash: RlQY7OlYxlif+RwnDDphDKPVhonzC8U4YVG2wYszXJM=)
                          4: wmxHtvcKqJtTUqnf5sR3cyCPMeg.roa (hash: /EPsVJFiMZ3O3IoH+IOAZdQSfyIhjr2V/FlxWvt6e5c=)
                          5: xF5VKoGOYu4SuTkWFtzR0bzZqmI.roa (hash: rdwu1BaRed5RxmIo/GH4jXiyNp3cFaIjeNX4kVrFm70=)
                          6: yda1mpPjJAg_vKQjfkfp9evzcas.crl (hash: z/p5glYG1GNVNPubv/97xruNYJm+ETaIolKnJz3K8Lk=)
                          7: zPFc5xzrxxMWf2K11uBlgIiWqTo.roa (hash: 3x/T35aDdfP5Wrtlu3UJYc2NEgecLDM5KH+dyoNyYx0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/57/682b07-773f-46fd-82e2-b9211e1fc1ac/1/yda1mpPjJAg_vKQjfkfp9evzcas.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/57/682b07-773f-46fd-82e2-b9211e1fc1ac/1/yda1mpPjJAg_vKQjfkfp9evzcas.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/yda1mpPjJAg_vKQjfkfp9evzcas.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 11:18:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fd:34:2d:14:e1:01:2a:8b:94:1a:0b:69:cc:c2:7c:3f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c9d6b59a93e324083fbca4237e47e9f5ebf371ab
        Validity
            Not Before: Oct 19 16:01:19 2025 GMT
            Not After : Oct 20 16:01:19 2025 GMT
        Subject: CN=b813aab813d81a555c434e276d57d6d403d30c30
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ec:79:71:42:ed:89:26:26:0d:d2:b6:80:ae:2f:
                    f0:a6:84:2c:09:26:f3:0b:62:a6:4f:94:1d:08:5c:
                    8c:76:ff:a4:fd:6b:3f:4c:b9:2d:47:30:5a:5e:f5:
                    1e:aa:31:b7:da:d9:7a:be:51:f5:98:2b:fd:6f:30:
                    4a:59:61:04:60:99:23:9d:84:34:c3:e9:f7:36:46:
                    a8:2a:0f:07:47:79:3c:1e:ba:be:b1:9c:dd:95:cc:
                    cf:7d:68:33:a8:29:dc:39:2d:f7:68:f3:c5:b5:38:
                    a5:e7:d8:19:a2:f3:6c:f0:05:20:8e:6c:a3:67:41:
                    0b:8e:51:a6:3b:9f:2f:63:52:f0:eb:16:42:ac:98:
                    4d:ef:35:00:22:bd:d7:ee:cc:b8:0c:75:cb:c9:af:
                    64:8c:7d:64:27:a9:5b:f6:06:b4:8a:38:98:c5:d1:
                    b3:1f:99:9c:50:67:c0:a0:e8:1d:9c:ac:d9:49:a8:
                    ec:22:fa:4f:cf:3f:c9:08:77:a6:a7:80:7e:ce:46:
                    f8:8a:41:80:71:9e:97:c4:82:2c:2d:40:89:ac:f3:
                    e5:8d:d5:01:9f:01:45:b3:40:18:6a:95:fd:66:43:
                    9f:8a:bb:b3:e6:9e:70:a8:01:3c:c9:ae:0c:68:32:
                    2e:77:cb:9b:c2:6a:47:da:9b:e9:ca:77:5d:14:39:
                    a2:a7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B8:13:AA:B8:13:D8:1A:55:5C:43:4E:27:6D:57:D6:D4:03:D3:0C:30
            X509v3 Authority Key Identifier:
                keyid:C9:D6:B5:9A:93:E3:24:08:3F:BC:A4:23:7E:47:E9:F5:EB:F3:71:AB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yda1mpPjJAg_vKQjfkfp9evzcas.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/682b07-773f-46fd-82e2-b9211e1fc1ac/1/yda1mpPjJAg_vKQjfkfp9evzcas.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/57/682b07-773f-46fd-82e2-b9211e1fc1ac/1/yda1mpPjJAg_vKQjfkfp9evzcas.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5f:66:80:03:79:f2:8b:fd:27:91:e1:b6:10:08:c5:82:d4:38:
         06:c5:8a:e4:17:cd:c3:30:19:e6:36:61:d3:b2:1e:48:f3:9b:
         d0:f4:e3:2f:01:63:be:46:1d:0f:70:09:47:c4:d9:c8:54:7f:
         51:f1:09:97:60:eb:06:19:97:83:ad:fa:51:52:3a:94:46:a5:
         98:d4:ee:c8:0a:f7:02:47:5b:f0:04:4c:41:c1:51:bf:66:9f:
         9a:fe:5c:92:49:66:c0:2b:ae:f0:38:b9:97:60:36:f1:c3:07:
         b7:c0:52:76:10:6c:3c:af:1c:94:d8:c5:68:c9:37:ad:02:9d:
         7e:0c:c4:00:26:4f:24:46:c2:74:6f:83:6c:53:35:2c:0a:42:
         57:dd:f2:45:4f:6f:f5:37:47:db:d6:20:d0:bc:ae:32:2c:0f:
         b9:0a:2a:05:85:62:59:00:e7:e7:40:18:1a:43:2d:49:c5:ff:
         d6:3c:26:e7:5d:87:f9:11:ea:18:17:74:2c:b6:f4:c3:e7:f3:
         08:91:9d:3c:46:49:7d:89:33:ae:7e:17:00:d7:89:98:78:94:
         c8:c3:eb:63:f6:52:bc:7e:38:9e:31:59:26:d4:92:19:ee:60:
         d4:18:4e:31:2a:4b:3a:f2:94:49:51:78:e4:f8:78:12:d0:67:
         0d:9a:f8:60
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn9NC0U4QEqi5QaC2nMwnw/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM5ZDZiNTlhOTNlMzI0MDgzZmJjYTQyMzdlNDdlOWY1ZWJm
MzcxYWIwHhcNMjUxMDE5MTYwMTE5WhcNMjUxMDIwMTYwMTE5WjAzMTEwLwYDVQQD
EyhiODEzYWFiODEzZDgxYTU1NWM0MzRlMjc2ZDU3ZDZkNDAzZDMwYzMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7HlxQu2JJiYN0raAri/wpoQsCSbz
C2KmT5QdCFyMdv+k/Ws/TLktRzBaXvUeqjG32tl6vlH1mCv9bzBKWWEEYJkjnYQ0
w+n3NkaoKg8HR3k8Hrq+sZzdlczPfWgzqCncOS33aPPFtTil59gZovNs8AUgjmyj
Z0ELjlGmO58vY1Lw6xZCrJhN7zUAIr3X7sy4DHXLya9kjH1kJ6lb9ga0ijiYxdGz
H5mcUGfAoOgdnKzZSajsIvpPzz/JCHemp4B+zkb4ikGAcZ6XxIIsLUCJrPPljdUB
nwFFs0AYapX9ZkOfiruz5p5wqAE8ya4MaDIud8ubwmpH2pvpynddFDmipwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLgTqrgT2BpVXENOJ21X1tQD0wwwMB8GA1UdIwQY
MBaAFMnWtZqT4yQIP7ykI35H6fXr83GrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWRhMW1wUGpKQWdfdktRamZrZnA5ZXZ6Y2FzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny82ODJiMDctNzczZi00NmZkLTgyZTIt
YjkyMTFlMWZjMWFjLzEveWRhMW1wUGpKQWdfdktRamZrZnA5ZXZ6Y2FzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny82ODJiMDctNzczZi00NmZkLTgyZTItYjkyMTFlMWZjMWFj
LzEveWRhMW1wUGpKQWdfdktRamZrZnA5ZXZ6Y2FzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAX2aAA3ny
i/0nkeG2EAjFgtQ4BsWK5BfNwzAZ5jZh07IeSPOb0PTjLwFjvkYdD3AJR8TZyFR/
UfEJl2DrBhmXg636UVI6lEalmNTuyAr3Akdb8ARMQcFRv2afmv5ckklmwCuu8Di5
l2A28cMHt8BSdhBsPK8clNjFaMk3rQKdfgzEACZPJEbCdG+DbFM1LApCV93yRU9v
9TdH29Yg0LyuMiwPuQoqBYViWQDn50AYGkMtScX/1jwm512H+RHqGBd0LLb0w+fz
CJGdPEZJfYkzrn4XANeJmHiUyMPrY/ZSvH44njFZJtSSGe5g1BhOMSpLOvKUSVF4
5Ph4EtBnDZr4YA==
-----END CERTIFICATE-----
Generated at Sun Oct 19 17:30:30 2025 by rpki-client