Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/67/a7980b-cef8-4b53-a031-c5e0faca4a5e/1/hpwOc330guiapnJs3YqZWKp0ER4.mft
File:                     hpwOc330guiapnJs3YqZWKp0ER4.mft (raw, json)
Hash identifier:          ziP72ET02uAAuaZNNSbubxx6Vs8IvDkZ82QBZEgH5kI=
Subject key identifier:   2B:29:64:AD:C0:1E:F0:5B:FA:1E:03:F3:1D:43:4A:99:35:78:70:E2
Authority key identifier: 86:9C:0E:73:7D:F4:82:E8:9A:A6:72:6C:DD:8A:99:58:AA:74:11:1E
Certificate issuer:       /CN=869c0e737df482e89aa6726cdd8a9958aa74111e
Certificate serial:       0199FE10051EF5987849A3830324AAD9980D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hpwOc330guiapnJs3YqZWKp0ER4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/67/a7980b-cef8-4b53-a031-c5e0faca4a5e/1/hpwOc330guiapnJs3YqZWKp0ER4.mft
Manifest number:          0146
Signing time:             Sun 19 Oct 2025 20:01:26 +0000
Manifest this update:     Sun 19 Oct 2025 20:01:26 +0000
Manifest next update:     Mon 20 Oct 2025 20:01:26 +0000
Files and hashes:         1: f9MGnlddFQ2IMf-Uoo2fTYxJ_co.roa (hash: kPIpbLqEj4dHSmVPx7WOIcV4CWQtCce8UvwQXn1AUT0=)
                          2: hpwOc330guiapnJs3YqZWKp0ER4.crl (hash: cv0HZpyCD5QJgND+YNSQ3MHfF+nf40rPFoZG+VWeriM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/67/a7980b-cef8-4b53-a031-c5e0faca4a5e/1/hpwOc330guiapnJs3YqZWKp0ER4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/67/a7980b-cef8-4b53-a031-c5e0faca4a5e/1/hpwOc330guiapnJs3YqZWKp0ER4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/hpwOc330guiapnJs3YqZWKp0ER4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 20:00:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fe:10:05:1e:f5:98:78:49:a3:83:03:24:aa:d9:98:0d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=869c0e737df482e89aa6726cdd8a9958aa74111e
        Validity
            Not Before: Oct 19 20:01:26 2025 GMT
            Not After : Oct 20 20:01:26 2025 GMT
        Subject: CN=2b2964adc01ef05bfa1e03f31d434a99357870e2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:52:d7:b7:88:f4:d1:dc:a9:8e:d9:8b:f6:e0:
                    97:bd:0a:f5:dc:4d:0a:95:3c:87:f6:b6:4f:a8:18:
                    83:ba:69:36:10:58:ea:8c:2d:21:27:cb:11:d2:17:
                    8f:00:b2:94:4b:e8:9b:22:df:7c:b4:79:0b:bb:7a:
                    67:12:87:69:cf:f6:1b:cc:6d:15:30:e6:bb:11:68:
                    74:85:2c:a8:7b:bf:63:23:9c:70:75:1a:ca:81:4b:
                    84:d1:ef:93:5c:27:7d:f4:af:30:49:7f:3b:d1:42:
                    6d:4c:81:ba:54:ab:28:39:c5:b1:eb:99:f5:ac:6a:
                    03:ce:66:a9:e5:3b:16:64:80:06:b8:e7:75:3d:60:
                    af:23:e4:03:15:3d:6a:93:6e:13:49:8b:de:5d:f9:
                    1a:28:2f:f4:be:75:0f:4c:bb:b1:32:4a:6e:7e:1f:
                    45:d7:69:05:e6:07:9f:a8:56:19:ca:cf:5d:f3:e7:
                    d6:c4:d3:0f:7e:d5:57:80:67:c0:e2:60:60:52:8a:
                    e6:2e:76:8f:e6:07:e0:b4:c6:0e:57:5f:42:0d:93:
                    ba:e4:13:53:49:91:e2:01:b3:db:f6:9b:9b:19:55:
                    91:c1:ec:c9:54:0e:b8:c9:2d:2a:e8:da:89:56:89:
                    3b:71:e8:0a:e6:fe:bd:ff:3b:2a:66:ac:18:ba:d7:
                    50:6d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2B:29:64:AD:C0:1E:F0:5B:FA:1E:03:F3:1D:43:4A:99:35:78:70:E2
            X509v3 Authority Key Identifier:
                keyid:86:9C:0E:73:7D:F4:82:E8:9A:A6:72:6C:DD:8A:99:58:AA:74:11:1E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hpwOc330guiapnJs3YqZWKp0ER4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/67/a7980b-cef8-4b53-a031-c5e0faca4a5e/1/hpwOc330guiapnJs3YqZWKp0ER4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/67/a7980b-cef8-4b53-a031-c5e0faca4a5e/1/hpwOc330guiapnJs3YqZWKp0ER4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         24:6f:de:bb:95:74:00:76:24:b9:4d:76:8c:1c:04:d1:e1:92:
         54:44:d6:46:25:a2:55:b2:f5:f3:f5:72:f5:54:6c:3a:80:0f:
         52:35:18:49:6e:4d:2f:69:cc:34:2b:9f:76:1d:b8:80:cc:6e:
         d6:49:c0:81:f8:22:30:00:15:54:a1:6d:51:c8:7b:c8:28:ec:
         e2:68:f7:ff:d9:1d:3e:97:80:35:d1:fe:36:ab:b3:5d:69:b5:
         5b:3d:28:45:30:f4:d9:e5:9b:5c:c8:8d:bf:88:42:99:b0:40:
         a8:93:86:8d:5b:98:b2:a1:60:16:87:b9:57:01:04:ac:84:57:
         48:d1:d4:4f:d4:de:16:54:52:eb:b4:53:9f:bc:ee:c6:60:c0:
         8f:08:6c:87:20:9c:c9:75:c7:a2:fb:d6:40:a4:75:b5:9f:53:
         15:86:24:a0:80:44:80:d4:05:bc:dd:22:23:f6:96:f7:11:d2:
         cb:a5:df:1c:12:29:0e:7d:77:6b:68:b4:ac:70:91:bf:b3:2e:
         f8:a6:c2:2a:09:8a:57:13:f9:09:6f:e0:c2:2f:a6:83:22:70:
         66:a0:d3:f8:1a:0d:af:e0:10:c9:ba:59:b6:e4:a0:0f:0f:f7:
         b0:42:28:9d:2a:0d:6e:6b:1d:54:cb:1f:89:f8:bf:ed:b6:a5:
         22:25:72:52
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn+EAUe9Zh4SaODAySq2ZgNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2OWMwZTczN2RmNDgyZTg5YWE2NzI2Y2RkOGE5OTU4YWE3
NDExMWUwHhcNMjUxMDE5MjAwMTI2WhcNMjUxMDIwMjAwMTI2WjAzMTEwLwYDVQQD
EygyYjI5NjRhZGMwMWVmMDViZmExZTAzZjMxZDQzNGE5OTM1Nzg3MGUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoFLXt4j00dypjtmL9uCXvQr13E0K
lTyH9rZPqBiDumk2EFjqjC0hJ8sR0hePALKUS+ibIt98tHkLu3pnEodpz/YbzG0V
MOa7EWh0hSyoe79jI5xwdRrKgUuE0e+TXCd99K8wSX870UJtTIG6VKsoOcWx65n1
rGoDzmap5TsWZIAGuOd1PWCvI+QDFT1qk24TSYveXfkaKC/0vnUPTLuxMkpufh9F
12kF5gefqFYZys9d8+fWxNMPftVXgGfA4mBgUormLnaP5gfgtMYOV19CDZO65BNT
SZHiAbPb9pubGVWRwezJVA64yS0q6NqJVok7cegK5v69/zsqZqwYutdQbQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCspZK3AHvBb+h4D8x1DSpk1eHDiMB8GA1UdIwQY
MBaAFIacDnN99ILomqZybN2KmViqdBEeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHB3T2MzMzBndWlhcG5KczNZcVpXS3AwRVI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ny9hNzk4MGItY2VmOC00YjUzLWEwMzEt
YzVlMGZhY2E0YTVlLzEvaHB3T2MzMzBndWlhcG5KczNZcVpXS3AwRVI0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ny9hNzk4MGItY2VmOC00YjUzLWEwMzEtYzVlMGZhY2E0YTVl
LzEvaHB3T2MzMzBndWlhcG5KczNZcVpXS3AwRVI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJG/eu5V0
AHYkuU12jBwE0eGSVETWRiWiVbL18/Vy9VRsOoAPUjUYSW5NL2nMNCufdh24gMxu
1knAgfgiMAAVVKFtUch7yCjs4mj3/9kdPpeANdH+NquzXWm1Wz0oRTD02eWbXMiN
v4hCmbBAqJOGjVuYsqFgFoe5VwEErIRXSNHUT9TeFlRS67RTn7zuxmDAjwhshyCc
yXXHovvWQKR1tZ9TFYYkoIBEgNQFvN0iI/aW9xHSy6XfHBIpDn13a2i0rHCRv7Mu
+KbCKgmKVxP5CW/gwi+mgyJwZqDT+BoNr+AQybpZtuSgDw/3sEIonSoNbmsdVMsf
ifi/7balIiVyUg==
-----END CERTIFICATE-----
Generated at Mon Oct 20 05:24:10 2025 by rpki-client