Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/deca0e-dd4c-44ef-bf77-05dbe3df98f6/1/UIqaCKvvdNzFEAT0-uAmbWIDleM.mft
File:                     UIqaCKvvdNzFEAT0-uAmbWIDleM.mft (raw, json)
Hash identifier:          5gtP9N4Kt7NN7UNfIPzBZVyb5GD/qQzD3ivh89eUIm4=
Subject key identifier:   4B:46:B4:88:DE:B0:71:02:FC:56:98:C7:AC:E2:90:17:F4:43:6F:F7
Authority key identifier: 50:8A:9A:08:AB:EF:74:DC:C5:10:04:F4:FA:E0:26:6D:62:03:95:E3
Certificate issuer:       /CN=508a9a08abef74dcc51004f4fae0266d620395e3
Certificate serial:       0199FC5878CC9B33A30E7C0802965FD4906C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/UIqaCKvvdNzFEAT0-uAmbWIDleM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/64/deca0e-dd4c-44ef-bf77-05dbe3df98f6/1/UIqaCKvvdNzFEAT0-uAmbWIDleM.mft
Manifest number:          0ED6
Signing time:             Sun 19 Oct 2025 12:01:20 +0000
Manifest this update:     Sun 19 Oct 2025 12:01:20 +0000
Manifest next update:     Mon 20 Oct 2025 12:01:20 +0000
Files and hashes:         1: 8CmFhnWxaCeDeglOctNQZC1ZN84.roa (hash: mRPJMJZCvcTnlYvn8UFVdthp3gWoolEvhKxuWOWcGDk=)
                          2: UIqaCKvvdNzFEAT0-uAmbWIDleM.crl (hash: ePdBE9YtsssQfCO4LXo8Ik2HpE4oeQIX8uYL126ryTQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/64/deca0e-dd4c-44ef-bf77-05dbe3df98f6/1/UIqaCKvvdNzFEAT0-uAmbWIDleM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/64/deca0e-dd4c-44ef-bf77-05dbe3df98f6/1/UIqaCKvvdNzFEAT0-uAmbWIDleM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/UIqaCKvvdNzFEAT0-uAmbWIDleM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 06:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fc:58:78:cc:9b:33:a3:0e:7c:08:02:96:5f:d4:90:6c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=508a9a08abef74dcc51004f4fae0266d620395e3
        Validity
            Not Before: Oct 19 12:01:20 2025 GMT
            Not After : Oct 20 12:01:20 2025 GMT
        Subject: CN=4b46b488deb07102fc5698c7ace29017f4436ff7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d9:28:40:1f:bb:76:fe:64:05:2f:ca:be:27:36:
                    83:f0:07:fc:df:8e:a0:fd:0e:28:e9:f4:f6:05:be:
                    e7:06:72:d2:86:ec:1d:40:f9:93:4a:cc:3a:f0:8a:
                    c1:57:e8:4d:97:02:3f:95:6c:1f:40:43:f4:20:1c:
                    b3:43:0f:81:ea:04:03:3f:4e:b5:5d:3e:97:f5:ae:
                    66:aa:9a:6d:56:ac:a1:f8:21:d6:5e:05:4c:97:c9:
                    6f:75:03:ac:fb:99:a9:18:59:16:82:ea:f1:7b:67:
                    d1:86:35:07:32:6b:5a:34:b9:e3:b8:d5:87:c5:d3:
                    27:a2:93:4f:34:09:54:f8:44:0e:1e:c9:c7:44:7f:
                    49:a9:c0:12:d9:3c:d5:25:8b:b2:bc:18:93:7d:67:
                    9c:8d:3e:62:79:e7:4c:43:0a:32:82:b6:d6:a6:c9:
                    c2:a7:1e:97:2a:38:50:ad:fe:3c:00:f9:c2:0f:f0:
                    1c:56:56:54:7f:14:2e:fd:16:09:dd:33:94:50:ff:
                    ca:66:49:cb:89:c2:53:8f:26:ca:9f:21:6d:49:e5:
                    65:54:d6:d7:19:a5:51:5e:c3:bb:b1:e6:e1:e8:59:
                    34:43:7d:91:76:39:68:07:78:6f:82:07:b7:36:7c:
                    c4:ae:f5:be:49:72:e5:c9:d0:9d:c5:45:dd:a7:f4:
                    bd:8b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4B:46:B4:88:DE:B0:71:02:FC:56:98:C7:AC:E2:90:17:F4:43:6F:F7
            X509v3 Authority Key Identifier:
                keyid:50:8A:9A:08:AB:EF:74:DC:C5:10:04:F4:FA:E0:26:6D:62:03:95:E3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UIqaCKvvdNzFEAT0-uAmbWIDleM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/deca0e-dd4c-44ef-bf77-05dbe3df98f6/1/UIqaCKvvdNzFEAT0-uAmbWIDleM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/64/deca0e-dd4c-44ef-bf77-05dbe3df98f6/1/UIqaCKvvdNzFEAT0-uAmbWIDleM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         8c:a6:33:a1:7f:2c:30:12:4c:89:85:5e:60:da:57:47:92:f4:
         d9:b7:6f:68:68:a8:19:ed:69:ea:2a:aa:38:fc:2f:a1:06:b0:
         97:ef:c1:7f:03:26:9c:d4:20:81:df:a9:69:0d:f5:fd:df:44:
         0c:e9:5a:63:5b:8c:2c:4c:21:54:f8:b7:55:86:77:aa:e4:6c:
         aa:03:64:a1:37:b8:96:be:33:39:46:fb:58:48:96:ef:b5:95:
         66:7b:e4:60:be:00:d1:35:00:ac:f8:7d:04:0e:98:3c:cd:8a:
         de:c8:f9:28:60:87:f8:e2:ee:4e:bd:3c:73:bc:6f:f1:c6:6f:
         d5:cc:fe:5c:aa:ba:40:bc:da:af:3f:a7:6a:19:0a:e1:f6:e7:
         bd:3d:e8:1b:21:a7:dd:e9:62:28:f4:a8:db:45:4e:b9:b7:19:
         c0:89:e1:90:1d:8b:36:db:b3:58:3a:73:d6:ce:c0:0a:95:0e:
         a9:b6:a5:1b:25:a6:43:35:52:3a:42:b7:62:09:70:5c:48:ba:
         9b:28:6f:37:47:2b:0c:93:4b:eb:e0:5a:2e:d3:c7:63:2d:d5:
         c3:e7:9f:76:71:d8:a8:9e:a2:85:a3:62:d0:54:34:78:9d:4e:
         44:40:08:bf:18:1f:26:31:76:78:0a:a6:8e:84:66:32:a1:e2:
         a3:71:62:46
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn8WHjMmzOjDnwIApZf1JBsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUwOGE5YTA4YWJlZjc0ZGNjNTEwMDRmNGZhZTAyNjZkNjIw
Mzk1ZTMwHhcNMjUxMDE5MTIwMTIwWhcNMjUxMDIwMTIwMTIwWjAzMTEwLwYDVQQD
Eyg0YjQ2YjQ4OGRlYjA3MTAyZmM1Njk4YzdhY2UyOTAxN2Y0NDM2ZmY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2ShAH7t2/mQFL8q+JzaD8Af8346g
/Q4o6fT2Bb7nBnLShuwdQPmTSsw68IrBV+hNlwI/lWwfQEP0IByzQw+B6gQDP061
XT6X9a5mqpptVqyh+CHWXgVMl8lvdQOs+5mpGFkWgurxe2fRhjUHMmtaNLnjuNWH
xdMnopNPNAlU+EQOHsnHRH9JqcAS2TzVJYuyvBiTfWecjT5ieedMQwoygrbWpsnC
px6XKjhQrf48APnCD/AcVlZUfxQu/RYJ3TOUUP/KZknLicJTjybKnyFtSeVlVNbX
GaVRXsO7sebh6Fk0Q32RdjloB3hvgge3NnzErvW+SXLlydCdxUXdp/S9iwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEtGtIjesHEC/FaYx6zikBf0Q2/3MB8GA1UdIwQY
MBaAFFCKmgir73TcxRAE9PrgJm1iA5XjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVUlxYUNLdnZkTnpGRUFUMC11QW1iV0lEbGVNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC9kZWNhMGUtZGQ0Yy00NGVmLWJmNzct
MDVkYmUzZGY5OGY2LzEvVUlxYUNLdnZkTnpGRUFUMC11QW1iV0lEbGVNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC9kZWNhMGUtZGQ0Yy00NGVmLWJmNzctMDVkYmUzZGY5OGY2
LzEvVUlxYUNLdnZkTnpGRUFUMC11QW1iV0lEbGVNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAjKYzoX8s
MBJMiYVeYNpXR5L02bdvaGioGe1p6iqqOPwvoQawl+/BfwMmnNQggd+paQ31/d9E
DOlaY1uMLEwhVPi3VYZ3quRsqgNkoTe4lr4zOUb7WEiW77WVZnvkYL4A0TUArPh9
BA6YPM2K3sj5KGCH+OLuTr08c7xv8cZv1cz+XKq6QLzarz+nahkK4fbnvT3oGyGn
3eliKPSo20VOubcZwInhkB2LNtuzWDpz1s7ACpUOqbalGyWmQzVSOkK3YglwXEi6
myhvN0crDJNL6+BaLtPHYy3Vw+efdnHYqJ6ihaNi0FQ0eJ1OREAIvxgfJjF2eAqm
joRmMqHio3FiRg==
-----END CERTIFICATE-----
Generated at Sun Oct 19 15:13:18 2025 by rpki-client