Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/3ac44b-565a-4286-a40c-d7e01ac02a75/1/RIFOp-g7QBm_1Xl-upidoG3ZDjM.mft
File:                     RIFOp-g7QBm_1Xl-upidoG3ZDjM.mft (raw, json)
Hash identifier:          G3aXa15DE5/YGeYJaKU+F1OzlpCHJDzpwRzBo2hR5vg=
Subject key identifier:   DC:82:4D:28:20:2A:5F:4E:2A:94:CF:67:81:47:CF:37:A3:76:2A:14
Authority key identifier: 44:81:4E:A7:E8:3B:40:19:BF:D5:79:7E:BA:98:9D:A0:6D:D9:0E:33
Certificate issuer:       /CN=44814ea7e83b4019bfd5797eba989da06dd90e33
Certificate serial:       0199FAD7F814DBE8C4C151735D3E9170D449
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/RIFOp-g7QBm_1Xl-upidoG3ZDjM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/60/3ac44b-565a-4286-a40c-d7e01ac02a75/1/RIFOp-g7QBm_1Xl-upidoG3ZDjM.mft
Manifest number:          0EA8
Signing time:             Sun 19 Oct 2025 05:01:21 +0000
Manifest this update:     Sun 19 Oct 2025 05:01:21 +0000
Manifest next update:     Mon 20 Oct 2025 05:01:21 +0000
Files and hashes:         1: RIFOp-g7QBm_1Xl-upidoG3ZDjM.crl (hash: a2vJaId3QhORoREimU729LH6nSoA6+Dv5XB95HdEMp4=)
                          2: UjkL1yTwH0Ugfy2br2JpH0C8VqU.roa (hash: byfiFTAulr+F8qmR9o1/fYHwOTE6vMHjzS05/tD7xBQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/60/3ac44b-565a-4286-a40c-d7e01ac02a75/1/RIFOp-g7QBm_1Xl-upidoG3ZDjM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/60/3ac44b-565a-4286-a40c-d7e01ac02a75/1/RIFOp-g7QBm_1Xl-upidoG3ZDjM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/RIFOp-g7QBm_1Xl-upidoG3ZDjM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 05:01:21 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fa:d7:f8:14:db:e8:c4:c1:51:73:5d:3e:91:70:d4:49
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=44814ea7e83b4019bfd5797eba989da06dd90e33
        Validity
            Not Before: Oct 19 05:01:21 2025 GMT
            Not After : Oct 20 05:01:21 2025 GMT
        Subject: CN=dc824d28202a5f4e2a94cf678147cf37a3762a14
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c9:1e:e7:18:f3:7b:f0:93:0d:05:a7:24:bf:8d:
                    08:e0:44:20:cf:6f:12:cc:03:4b:61:3c:dd:ae:52:
                    7c:fd:79:0e:ca:9a:c1:2e:9a:d7:88:34:16:c1:42:
                    0a:e7:8e:55:45:2f:1a:09:0c:70:09:02:26:85:44:
                    41:d5:66:5c:94:52:ed:35:8f:27:30:6d:ff:6d:1a:
                    03:db:cb:f1:2d:e1:e6:d0:40:23:ef:8c:e1:2b:04:
                    3a:8f:c5:a5:bb:fa:b8:83:5e:d2:b2:4b:fc:66:a3:
                    d8:6e:e0:ff:2a:ba:de:7f:98:3f:e1:97:61:ad:4f:
                    13:62:a2:bf:b1:e1:9e:1d:33:b5:03:2b:9c:1b:ed:
                    21:bc:a5:5c:b0:83:9c:ad:8e:1c:bc:11:f2:f4:b6:
                    a8:28:b3:ea:d8:bc:e5:a7:ef:1c:a2:54:8e:1e:b8:
                    06:53:3b:d6:31:3d:75:bd:f3:bf:92:69:cb:5c:c9:
                    3a:7b:d7:d8:08:1f:78:bd:ac:9d:44:35:2a:d1:99:
                    14:03:43:ca:2a:22:62:28:4e:fe:ff:83:be:ba:c4:
                    0c:97:36:89:63:27:04:1a:9a:7e:df:43:1d:f0:d8:
                    de:78:44:c4:90:89:08:97:e1:2b:55:7f:59:53:4f:
                    7a:43:ed:19:fd:9d:be:b8:08:ed:1a:33:53:88:55:
                    87:87
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DC:82:4D:28:20:2A:5F:4E:2A:94:CF:67:81:47:CF:37:A3:76:2A:14
            X509v3 Authority Key Identifier:
                keyid:44:81:4E:A7:E8:3B:40:19:BF:D5:79:7E:BA:98:9D:A0:6D:D9:0E:33

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RIFOp-g7QBm_1Xl-upidoG3ZDjM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/3ac44b-565a-4286-a40c-d7e01ac02a75/1/RIFOp-g7QBm_1Xl-upidoG3ZDjM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/60/3ac44b-565a-4286-a40c-d7e01ac02a75/1/RIFOp-g7QBm_1Xl-upidoG3ZDjM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         97:24:1f:b9:41:84:78:c3:dc:73:2f:95:25:28:b2:db:d6:cd:
         af:f1:82:0f:d1:a9:c2:64:13:d9:a8:92:da:b8:5f:1e:08:5e:
         e5:7f:4a:f9:e8:4a:09:be:c7:1b:21:c2:89:d9:c2:c1:05:b9:
         7e:2d:5a:7d:e4:2c:5e:fa:55:f3:73:c7:06:93:1d:e0:b1:80:
         0f:53:b5:0f:86:3d:30:3a:b6:fa:8a:17:b0:15:90:c4:2f:30:
         c9:91:60:7b:b2:c0:8e:f2:00:cd:87:b9:b4:98:a1:87:a8:02:
         0f:ed:22:5e:64:5e:36:3e:77:fb:0c:fe:60:9a:21:90:f9:45:
         49:79:00:bd:59:2c:e4:8a:a1:46:8c:78:ae:6b:e4:b6:30:cb:
         63:66:3b:30:db:3d:2c:c6:64:ed:7c:fd:32:86:2b:99:a8:40:
         69:ec:5f:3d:98:3e:8d:41:f6:44:ec:49:0f:42:d1:2c:bf:b5:
         eb:c7:20:fe:92:27:07:a6:d2:ae:74:cf:c6:44:c5:85:29:5b:
         5d:11:00:0a:ac:66:b2:a4:3a:9c:83:a0:47:9e:97:39:cd:ac:
         3d:96:28:06:4a:bd:1f:97:2e:c6:6c:e2:40:1f:ce:3f:24:b4:
         27:5d:2f:6c:b1:32:81:0c:14:b8:d6:45:c8:5f:46:8c:70:9b:
         ef:11:47:7d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn61/gU2+jEwVFzXT6RcNRJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ0ODE0ZWE3ZTgzYjQwMTliZmQ1Nzk3ZWJhOTg5ZGEwNmRk
OTBlMzMwHhcNMjUxMDE5MDUwMTIxWhcNMjUxMDIwMDUwMTIxWjAzMTEwLwYDVQQD
EyhkYzgyNGQyODIwMmE1ZjRlMmE5NGNmNjc4MTQ3Y2YzN2EzNzYyYTE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyR7nGPN78JMNBackv40I4EQgz28S
zANLYTzdrlJ8/XkOyprBLprXiDQWwUIK545VRS8aCQxwCQImhURB1WZclFLtNY8n
MG3/bRoD28vxLeHm0EAj74zhKwQ6j8Wlu/q4g17Sskv8ZqPYbuD/Krref5g/4Zdh
rU8TYqK/seGeHTO1AyucG+0hvKVcsIOcrY4cvBHy9LaoKLPq2Lzlp+8colSOHrgG
UzvWMT11vfO/kmnLXMk6e9fYCB94vaydRDUq0ZkUA0PKKiJiKE7+/4O+usQMlzaJ
YycEGpp+30Md8NjeeETEkIkIl+ErVX9ZU096Q+0Z/Z2+uAjtGjNTiFWHhwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNyCTSggKl9OKpTPZ4FHzzejdioUMB8GA1UdIwQY
MBaAFESBTqfoO0AZv9V5frqYnaBt2Q4zMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUklGT3AtZzdRQm1fMVhsLXVwaWRvRzNaRGpNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC8zYWM0NGItNTY1YS00Mjg2LWE0MGMt
ZDdlMDFhYzAyYTc1LzEvUklGT3AtZzdRQm1fMVhsLXVwaWRvRzNaRGpNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MC8zYWM0NGItNTY1YS00Mjg2LWE0MGMtZDdlMDFhYzAyYTc1
LzEvUklGT3AtZzdRQm1fMVhsLXVwaWRvRzNaRGpNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAlyQfuUGE
eMPccy+VJSiy29bNr/GCD9GpwmQT2aiS2rhfHghe5X9K+ehKCb7HGyHCidnCwQW5
fi1afeQsXvpV83PHBpMd4LGAD1O1D4Y9MDq2+ooXsBWQxC8wyZFge7LAjvIAzYe5
tJihh6gCD+0iXmReNj53+wz+YJohkPlFSXkAvVks5IqhRox4rmvktjDLY2Y7MNs9
LMZk7Xz9MoYrmahAaexfPZg+jUH2ROxJD0LRLL+168cg/pInB6bSrnTPxkTFhSlb
XREACqxmsqQ6nIOgR56XOc2sPZYoBkq9H5cuxmziQB/OPyS0J10vbLEygQwUuNZF
yF9GjHCb7xFHfQ==
-----END CERTIFICATE-----
Generated at Sun Oct 19 15:22:11 2025 by rpki-client