Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5c/0d1089-d967-43b5-bc30-17502d3df95f/1/rwlQP8rAF2lRWhny3CZX2S_TUN8.mft
File:                     rwlQP8rAF2lRWhny3CZX2S_TUN8.mft (raw, json)
Hash identifier:          e1vLZq2ONZ0+gFzvX/VajTP6bZi2zbnF0H1sTrDP0fM=
Subject key identifier:   AB:89:38:60:4C:1D:EA:F5:82:3A:EC:EA:1F:17:52:05:A2:5E:A2:CD
Authority key identifier: AF:09:50:3F:CA:C0:17:69:51:5A:19:F2:DC:26:57:D9:2F:D3:50:DF
Certificate issuer:       /CN=af09503fcac01769515a19f2dc2657d92fd350df
Certificate serial:       0199FC58EA16F678AD1A07EE3F1572B81B64
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/rwlQP8rAF2lRWhny3CZX2S_TUN8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5c/0d1089-d967-43b5-bc30-17502d3df95f/1/rwlQP8rAF2lRWhny3CZX2S_TUN8.mft
Manifest number:          1675
Signing time:             Sun 19 Oct 2025 12:01:49 +0000
Manifest this update:     Sun 19 Oct 2025 12:01:49 +0000
Manifest next update:     Mon 20 Oct 2025 12:01:49 +0000
Files and hashes:         1: bI5hqVT8m0qS2JmySaAVyieiKDc.roa (hash: Ur47592mLsTtDVQWZDc8e3eMtHnqyDHoxs3kpjL/ez4=)
                          2: rwlQP8rAF2lRWhny3CZX2S_TUN8.crl (hash: zqmRmwloiMV/oqBRpa2wpIbNEwUdtv8feXYSdRxYwWs=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5c/0d1089-d967-43b5-bc30-17502d3df95f/1/rwlQP8rAF2lRWhny3CZX2S_TUN8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5c/0d1089-d967-43b5-bc30-17502d3df95f/1/rwlQP8rAF2lRWhny3CZX2S_TUN8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/rwlQP8rAF2lRWhny3CZX2S_TUN8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 11:18:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fc:58:ea:16:f6:78:ad:1a:07:ee:3f:15:72:b8:1b:64
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=af09503fcac01769515a19f2dc2657d92fd350df
        Validity
            Not Before: Oct 19 12:01:49 2025 GMT
            Not After : Oct 20 12:01:49 2025 GMT
        Subject: CN=ab8938604c1deaf5823aecea1f175205a25ea2cd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:1b:00:32:16:6b:42:0a:fd:a0:c7:da:49:74:
                    2f:dd:8a:51:32:ba:37:fa:05:18:ab:ae:8f:f2:00:
                    30:75:de:6a:80:ee:a2:e6:a5:c9:b3:0d:c2:a1:51:
                    50:a2:ec:75:4b:68:28:ac:01:a5:35:5a:e6:2c:02:
                    29:4f:4e:ed:ee:fd:a4:a3:b8:f0:3f:68:af:62:14:
                    b4:12:69:95:b8:b3:ff:25:e1:a0:16:f6:f9:fb:d0:
                    1b:e3:48:bd:92:95:86:48:6d:e3:e7:cc:f9:1a:75:
                    cb:f9:84:b7:e2:f2:0e:22:bb:0c:2b:0b:26:64:9e:
                    86:6a:b8:5b:73:20:be:93:13:0c:b5:4f:97:35:89:
                    5a:6a:ed:6f:d4:08:18:e2:2b:9f:77:eb:6a:71:a1:
                    de:c4:f6:15:2d:db:8f:a0:25:59:4f:a2:a8:f0:7c:
                    fc:b6:20:57:72:36:16:3e:57:c5:0c:1b:57:e5:a0:
                    62:34:6e:7b:f1:8d:21:bd:6c:a8:61:4f:d4:a0:1f:
                    28:d2:2f:1a:04:13:f3:bb:6f:ee:4f:6c:8a:9e:7a:
                    63:b1:4a:fe:cd:71:5a:26:74:33:34:c5:3f:d1:6a:
                    a8:ac:cd:3c:a0:78:0e:0b:7b:a6:e3:b2:7f:f6:e9:
                    58:0c:81:c9:07:63:60:b2:a2:b4:f6:3c:36:5f:20:
                    53:11
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AB:89:38:60:4C:1D:EA:F5:82:3A:EC:EA:1F:17:52:05:A2:5E:A2:CD
            X509v3 Authority Key Identifier:
                keyid:AF:09:50:3F:CA:C0:17:69:51:5A:19:F2:DC:26:57:D9:2F:D3:50:DF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rwlQP8rAF2lRWhny3CZX2S_TUN8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/0d1089-d967-43b5-bc30-17502d3df95f/1/rwlQP8rAF2lRWhny3CZX2S_TUN8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/0d1089-d967-43b5-bc30-17502d3df95f/1/rwlQP8rAF2lRWhny3CZX2S_TUN8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4a:35:05:1a:c2:04:14:6d:eb:ef:2a:82:c3:7a:1e:8e:e5:50:
         3c:08:03:4e:ba:3e:1f:6a:b1:3f:02:1d:34:d6:b3:c4:a1:97:
         c9:a5:01:b6:cb:fe:e4:14:97:0c:4e:0e:c1:5c:11:20:eb:f4:
         ec:01:05:05:94:8f:0c:71:04:6d:5e:69:fa:75:3f:3d:80:92:
         be:7d:5e:c5:2d:04:a5:3e:e5:7a:e8:ca:d3:8f:f1:95:64:ac:
         eb:ee:32:f2:7c:66:7a:20:3c:19:37:78:45:7e:ea:6d:9c:f1:
         ba:e7:8b:43:59:de:6d:fd:01:49:d1:b4:04:9f:f9:6b:6c:2f:
         bd:8b:af:b3:0c:d9:00:5b:18:01:66:da:c4:a1:3d:19:45:9c:
         69:0d:53:14:0f:ab:1e:4c:41:f5:8a:12:bd:cb:32:f6:d8:e3:
         3d:cc:4e:ae:41:c5:87:e6:97:43:01:0f:e2:f8:12:e7:7a:81:
         2c:b7:99:e9:9c:a2:11:3a:81:35:38:13:39:31:29:f9:9f:1b:
         ea:72:51:b2:6e:ed:f0:40:1b:58:27:cc:ed:0a:55:2a:b9:3c:
         4f:a8:3d:e6:07:10:24:c5:07:13:57:3d:ff:f8:6e:96:9c:b9:
         ec:c2:81:8d:6d:09:e2:34:b6:ce:4f:2b:b9:22:d8:ff:66:5c:
         1c:6c:0f:62
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn8WOoW9nitGgfuPxVyuBtkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmMDk1MDNmY2FjMDE3Njk1MTVhMTlmMmRjMjY1N2Q5MmZk
MzUwZGYwHhcNMjUxMDE5MTIwMTQ5WhcNMjUxMDIwMTIwMTQ5WjAzMTEwLwYDVQQD
EyhhYjg5Mzg2MDRjMWRlYWY1ODIzYWVjZWExZjE3NTIwNWEyNWVhMmNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoxsAMhZrQgr9oMfaSXQv3YpRMro3
+gUYq66P8gAwdd5qgO6i5qXJsw3CoVFQoux1S2gorAGlNVrmLAIpT07t7v2ko7jw
P2ivYhS0EmmVuLP/JeGgFvb5+9Ab40i9kpWGSG3j58z5GnXL+YS34vIOIrsMKwsm
ZJ6GarhbcyC+kxMMtU+XNYlaau1v1AgY4iufd+tqcaHexPYVLduPoCVZT6Ko8Hz8
tiBXcjYWPlfFDBtX5aBiNG578Y0hvWyoYU/UoB8o0i8aBBPzu2/uT2yKnnpjsUr+
zXFaJnQzNMU/0WqorM08oHgOC3um47J/9ulYDIHJB2NgsqK09jw2XyBTEQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKuJOGBMHer1gjrs6h8XUgWiXqLNMB8GA1UdIwQY
MBaAFK8JUD/KwBdpUVoZ8twmV9kv01DfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcndsUVA4ckFGMmxSV2hueTNDWlgyU19UVU44LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yy8wZDEwODktZDk2Ny00M2I1LWJjMzAt
MTc1MDJkM2RmOTVmLzEvcndsUVA4ckFGMmxSV2hueTNDWlgyU19UVU44Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yy8wZDEwODktZDk2Ny00M2I1LWJjMzAtMTc1MDJkM2RmOTVm
LzEvcndsUVA4ckFGMmxSV2hueTNDWlgyU19UVU44LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEASjUFGsIE
FG3r7yqCw3oejuVQPAgDTro+H2qxPwIdNNazxKGXyaUBtsv+5BSXDE4OwVwRIOv0
7AEFBZSPDHEEbV5p+nU/PYCSvn1exS0EpT7leujK04/xlWSs6+4y8nxmeiA8GTd4
RX7qbZzxuueLQ1nebf0BSdG0BJ/5a2wvvYuvswzZAFsYAWbaxKE9GUWcaQ1TFA+r
HkxB9YoSvcsy9tjjPcxOrkHFh+aXQwEP4vgS53qBLLeZ6ZyiETqBNTgTOTEp+Z8b
6nJRsm7t8EAbWCfM7QpVKrk8T6g95gcQJMUHE1c9//hulpy57MKBjW0J4jS2zk8r
uSLY/2ZcHGwPYg==
-----END CERTIFICATE-----
Generated at Sun Oct 19 18:21:36 2025 by rpki-client