Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/e155ea-88cd-4414-aab6-23ab58d6415a/1/XeRY8h1AZGa99oJA9QXu_Rl7qTY.mft
File:                     XeRY8h1AZGa99oJA9QXu_Rl7qTY.mft (raw, json)
Hash identifier:          gPNbBjCeRb3tSeDIn9T5NuPZ/CkTNpV82UnMhjRNASQ=
Subject key identifier:   A4:69:71:63:E4:85:FA:F0:A6:AD:84:A9:3F:2D:52:54:4E:89:30:5D
Authority key identifier: 5D:E4:58:F2:1D:40:64:66:BD:F6:82:40:F5:05:EE:FD:19:7B:A9:36
Certificate issuer:       /CN=5de458f21d406466bdf68240f505eefd197ba936
Certificate serial:       0199FB45C91A8CD4D171A2DED29F28398D0A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/XeRY8h1AZGa99oJA9QXu_Rl7qTY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/59/e155ea-88cd-4414-aab6-23ab58d6415a/1/XeRY8h1AZGa99oJA9QXu_Rl7qTY.mft
Manifest number:          16E4
Signing time:             Sun 19 Oct 2025 07:01:18 +0000
Manifest this update:     Sun 19 Oct 2025 07:01:18 +0000
Manifest next update:     Mon 20 Oct 2025 07:01:18 +0000
Files and hashes:         1: 8x6SWTgZKaQldoz2iRV_QSdqbtg.roa (hash: LzTLrE8ZLdriPR/s+lretToH9KQur6QiGymJnQCIGiw=)
                          2: XeRY8h1AZGa99oJA9QXu_Rl7qTY.crl (hash: MsN9D0kP1Sc+IR/GeXKTTtG6cYLruuXOu2C9EGRjvKQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/59/e155ea-88cd-4414-aab6-23ab58d6415a/1/XeRY8h1AZGa99oJA9QXu_Rl7qTY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/59/e155ea-88cd-4414-aab6-23ab58d6415a/1/XeRY8h1AZGa99oJA9QXu_Rl7qTY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/XeRY8h1AZGa99oJA9QXu_Rl7qTY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 06:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fb:45:c9:1a:8c:d4:d1:71:a2:de:d2:9f:28:39:8d:0a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5de458f21d406466bdf68240f505eefd197ba936
        Validity
            Not Before: Oct 19 07:01:18 2025 GMT
            Not After : Oct 20 07:01:18 2025 GMT
        Subject: CN=a4697163e485faf0a6ad84a93f2d52544e89305d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e1:ba:f0:5a:56:a4:db:ff:cd:e4:1d:c0:db:e1:
                    6b:f1:2b:47:4a:8a:80:39:35:b0:ea:e8:c5:23:54:
                    26:76:9f:bc:ab:90:3b:64:fb:b0:11:8c:28:f1:86:
                    c6:64:12:31:0b:21:6c:ee:46:7e:2c:dc:13:55:0a:
                    13:d5:11:ec:a7:c8:ba:99:21:de:4f:d8:8f:2a:af:
                    2f:10:db:eb:9b:b8:8a:63:28:00:b8:bc:f7:93:54:
                    f5:d7:04:c7:60:8c:19:86:ee:8e:98:54:46:d8:91:
                    88:1d:6c:8e:4d:eb:72:e0:90:93:bc:be:70:79:c1:
                    6a:ff:ba:f5:b6:89:1a:35:25:fe:f7:5d:e0:1a:aa:
                    ff:0e:13:23:f3:a5:4f:8e:66:84:3a:a3:48:4c:99:
                    27:d9:df:a3:b9:3b:78:1f:1d:b7:53:6d:28:ab:46:
                    fc:7c:7e:b1:28:3c:af:c5:bc:ba:23:02:15:d8:02:
                    92:f4:01:3a:1f:57:e5:a6:29:fd:b5:f4:72:6a:a1:
                    ec:ff:3d:99:4e:ad:be:94:52:5c:ae:24:ec:5d:84:
                    1b:43:4d:00:f0:fa:0a:4e:50:58:3c:b1:2f:57:56:
                    d8:9b:05:6e:ce:73:10:97:15:0b:b8:fb:93:c3:50:
                    f1:a0:83:1d:31:fe:c9:b8:9d:a7:fe:62:d5:16:29:
                    f7:d5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A4:69:71:63:E4:85:FA:F0:A6:AD:84:A9:3F:2D:52:54:4E:89:30:5D
            X509v3 Authority Key Identifier:
                keyid:5D:E4:58:F2:1D:40:64:66:BD:F6:82:40:F5:05:EE:FD:19:7B:A9:36

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XeRY8h1AZGa99oJA9QXu_Rl7qTY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/e155ea-88cd-4414-aab6-23ab58d6415a/1/XeRY8h1AZGa99oJA9QXu_Rl7qTY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/59/e155ea-88cd-4414-aab6-23ab58d6415a/1/XeRY8h1AZGa99oJA9QXu_Rl7qTY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2d:bb:a1:02:3f:48:56:51:e4:84:da:51:2b:e7:df:02:a3:53:
         f3:f7:e6:4b:9d:80:d7:03:d0:7c:2b:49:45:6b:41:87:97:5c:
         94:3b:01:1c:e6:89:02:1c:e7:11:16:9b:b2:44:7d:d3:30:ba:
         2a:04:f2:e1:67:9e:50:64:fc:60:f1:06:3e:9c:f6:b4:7d:5a:
         02:0b:e9:94:ee:ad:d2:bb:9f:73:33:03:2e:d1:d5:ec:6a:06:
         0e:99:9d:f9:71:fd:dd:be:97:6e:0c:9a:bb:e3:e6:a8:d7:d5:
         61:31:08:b4:b7:77:49:b8:3a:8c:5d:cb:35:6e:89:88:9d:11:
         4a:bb:54:66:61:d6:dd:a5:11:63:86:d3:96:46:f2:f6:05:5c:
         00:6a:e3:ce:b8:54:fc:99:b7:7a:8f:08:7c:47:0b:fb:48:c1:
         26:00:98:c0:c5:a0:2a:a8:16:94:87:17:a8:54:82:7f:0c:26:
         6d:d3:2c:a3:00:e6:6c:70:eb:e6:93:14:d7:98:f7:a4:e4:74:
         8c:27:6c:96:aa:45:67:c6:95:a3:00:e6:1f:eb:47:cc:48:e9:
         2f:4a:2a:ad:9d:82:f8:86:85:b2:02:4e:d9:27:7f:3f:ae:28:
         3a:c5:41:2b:40:e7:bd:3e:d1:a7:5b:46:bb:76:83:6b:81:ab:
         3a:6c:6e:fc
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn7RckajNTRcaLe0p8oOY0KMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkZTQ1OGYyMWQ0MDY0NjZiZGY2ODI0MGY1MDVlZWZkMTk3
YmE5MzYwHhcNMjUxMDE5MDcwMTE4WhcNMjUxMDIwMDcwMTE4WjAzMTEwLwYDVQQD
EyhhNDY5NzE2M2U0ODVmYWYwYTZhZDg0YTkzZjJkNTI1NDRlODkzMDVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4brwWlak2//N5B3A2+Fr8StHSoqA
OTWw6ujFI1Qmdp+8q5A7ZPuwEYwo8YbGZBIxCyFs7kZ+LNwTVQoT1RHsp8i6mSHe
T9iPKq8vENvrm7iKYygAuLz3k1T11wTHYIwZhu6OmFRG2JGIHWyOTety4JCTvL5w
ecFq/7r1tokaNSX+913gGqr/DhMj86VPjmaEOqNITJkn2d+juTt4Hx23U20oq0b8
fH6xKDyvxby6IwIV2AKS9AE6H1flpin9tfRyaqHs/z2ZTq2+lFJcriTsXYQbQ00A
8PoKTlBYPLEvV1bYmwVuznMQlxULuPuTw1DxoIMdMf7JuJ2n/mLVFin31QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKRpcWPkhfrwpq2EqT8tUlROiTBdMB8GA1UdIwQY
MBaAFF3kWPIdQGRmvfaCQPUF7v0Ze6k2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGVSWThoMUFaR2E5OW9KQTlRWHVfUmw3cVRZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OS9lMTU1ZWEtODhjZC00NDE0LWFhYjYt
MjNhYjU4ZDY0MTVhLzEvWGVSWThoMUFaR2E5OW9KQTlRWHVfUmw3cVRZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OS9lMTU1ZWEtODhjZC00NDE0LWFhYjYtMjNhYjU4ZDY0MTVh
LzEvWGVSWThoMUFaR2E5OW9KQTlRWHVfUmw3cVRZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALbuhAj9I
VlHkhNpRK+ffAqNT8/fmS52A1wPQfCtJRWtBh5dclDsBHOaJAhznERabskR90zC6
KgTy4WeeUGT8YPEGPpz2tH1aAgvplO6t0rufczMDLtHV7GoGDpmd+XH93b6Xbgya
u+PmqNfVYTEItLd3Sbg6jF3LNW6JiJ0RSrtUZmHW3aURY4bTlkby9gVcAGrjzrhU
/Jm3eo8IfEcL+0jBJgCYwMWgKqgWlIcXqFSCfwwmbdMsowDmbHDr5pMU15j3pOR0
jCdslqpFZ8aVowDmH+tHzEjpL0oqrZ2C+IaFsgJO2Sd/P64oOsVBK0DnvT7Rp1tG
u3aDa4GrOmxu/A==
-----END CERTIFICATE-----
Generated at Sun Oct 19 15:18:45 2025 by rpki-client