Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/75/a9399b-f867-4802-8c67-dbf2b3769445/1/CpfAyBiGg3PEAUcVBTra9hrx2h0.mft
File:                     CpfAyBiGg3PEAUcVBTra9hrx2h0.mft (raw, json)
Hash identifier:          AT5SUgbdJ172+BJL60fu7QNqaEBJrdwsdcj6EFaVaA4=
Subject key identifier:   2A:06:54:60:49:2C:D3:1A:FA:4E:BA:9D:D6:2D:D6:D0:BC:29:7C:1B
Authority key identifier: 0A:97:C0:C8:18:86:83:73:C4:01:47:15:05:3A:DA:F6:1A:F1:DA:1D
Certificate issuer:       /CN=0a97c0c818868373c4014715053adaf61af1da1d
Certificate serial:       0199FB7CFE75478321F90756791E534F511B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/CpfAyBiGg3PEAUcVBTra9hrx2h0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/75/a9399b-f867-4802-8c67-dbf2b3769445/1/CpfAyBiGg3PEAUcVBTra9hrx2h0.mft
Manifest number:          16E2
Signing time:             Sun 19 Oct 2025 08:01:36 +0000
Manifest this update:     Sun 19 Oct 2025 08:01:36 +0000
Manifest next update:     Mon 20 Oct 2025 08:01:36 +0000
Files and hashes:         1: CpfAyBiGg3PEAUcVBTra9hrx2h0.crl (hash: cKJ+viIoNqX6Rf9JAd4KoUZ4+xtkKNFfGfV38+ypVgk=)
                          2: _qAUmpmDNefd9UH0oGsDdu0Dm10.roa (hash: dhnP4xuQumbVUsoW5XRDL/9RukaAPXCZivf9aCXaQyU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/75/a9399b-f867-4802-8c67-dbf2b3769445/1/CpfAyBiGg3PEAUcVBTra9hrx2h0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/75/a9399b-f867-4802-8c67-dbf2b3769445/1/CpfAyBiGg3PEAUcVBTra9hrx2h0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/CpfAyBiGg3PEAUcVBTra9hrx2h0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 06:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fb:7c:fe:75:47:83:21:f9:07:56:79:1e:53:4f:51:1b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0a97c0c818868373c4014715053adaf61af1da1d
        Validity
            Not Before: Oct 19 08:01:36 2025 GMT
            Not After : Oct 20 08:01:36 2025 GMT
        Subject: CN=2a065460492cd31afa4eba9dd62dd6d0bc297c1b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8b:a3:a8:6c:c0:25:12:b4:da:16:a2:14:be:87:
                    d9:2e:8e:07:72:9d:7c:3b:79:19:39:71:0a:91:ae:
                    8b:fb:f4:ff:9d:f7:30:78:5b:29:d7:d2:5a:82:29:
                    9f:cc:d0:c3:48:fe:fc:82:ad:b9:8a:97:cb:83:f6:
                    0f:62:06:3d:ce:e3:8f:07:03:39:79:58:fd:4b:99:
                    31:48:b4:50:26:d1:60:0f:8d:50:3c:ce:84:61:14:
                    a6:53:85:d3:ec:16:af:de:50:ae:3e:8f:58:6f:33:
                    3f:99:03:4a:24:1e:c2:f7:a6:5a:c9:09:9c:e8:07:
                    88:24:16:5a:c5:4c:92:ba:6c:95:e4:b6:37:eb:6b:
                    cb:ec:83:18:ff:5f:df:e2:e9:e4:2e:1b:e9:61:a5:
                    e3:bf:2d:3e:31:39:92:3d:73:00:87:94:ed:4f:ad:
                    fa:3f:bb:14:01:39:ed:81:10:21:1f:de:c5:4a:96:
                    50:5d:27:a1:79:bc:a8:b8:66:fa:9c:e7:6c:68:76:
                    c7:3e:f7:82:b3:7c:ac:13:f6:e5:54:36:e1:24:ad:
                    08:cb:76:a2:6d:9e:13:fa:94:f9:d0:aa:4d:51:64:
                    ec:08:70:2d:b0:4f:07:cf:5a:0c:48:c7:e2:ef:09:
                    66:ef:29:1c:58:be:40:bd:7d:0d:ae:98:06:82:3a:
                    93:e9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2A:06:54:60:49:2C:D3:1A:FA:4E:BA:9D:D6:2D:D6:D0:BC:29:7C:1B
            X509v3 Authority Key Identifier:
                keyid:0A:97:C0:C8:18:86:83:73:C4:01:47:15:05:3A:DA:F6:1A:F1:DA:1D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CpfAyBiGg3PEAUcVBTra9hrx2h0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/a9399b-f867-4802-8c67-dbf2b3769445/1/CpfAyBiGg3PEAUcVBTra9hrx2h0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/75/a9399b-f867-4802-8c67-dbf2b3769445/1/CpfAyBiGg3PEAUcVBTra9hrx2h0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         12:f8:c4:47:4a:af:67:15:e6:67:91:d8:4b:82:3a:9f:30:cf:
         13:2a:e0:03:c3:4e:fb:4c:a7:3c:38:03:63:56:4d:1c:fd:a6:
         36:24:2c:47:0a:74:90:ec:2e:ed:20:33:16:d7:0a:e0:29:b4:
         d5:15:73:79:6d:5e:14:52:e7:74:74:36:4a:7d:30:89:fd:c5:
         27:6c:1a:d7:d8:44:43:35:cd:63:2a:94:ef:71:b6:97:9e:4a:
         19:59:39:d7:47:fc:a6:08:91:23:b9:62:e8:e0:13:ad:d7:3c:
         49:41:49:24:0a:8e:b5:b2:bf:58:78:3b:d5:e8:3f:6a:09:6b:
         b1:a1:61:9f:e8:7d:3e:e9:7f:81:f2:4f:44:9a:52:3c:cf:3e:
         ef:5d:67:3b:89:6b:59:e7:40:2a:d8:d9:e3:3d:5b:ea:61:60:
         d5:23:95:75:fd:0a:35:61:65:dd:96:0b:f1:2f:0d:c1:d8:cd:
         94:38:57:86:65:4d:d5:ac:e8:ed:05:5d:f7:1e:2f:10:1a:ce:
         0e:37:6c:a8:3d:62:c9:c9:d0:aa:de:f2:e8:7f:44:ba:a9:2a:
         eb:64:bd:9c:26:65:6f:47:cd:31:b0:e9:c7:46:92:9e:3c:f7:
         cc:af:ec:77:40:13:18:87:7d:c5:ae:96:b9:89:3c:f9:1d:00:
         42:0a:73:91
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn7fP51R4Mh+QdWeR5TT1EbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBhOTdjMGM4MTg4NjgzNzNjNDAxNDcxNTA1M2FkYWY2MWFm
MWRhMWQwHhcNMjUxMDE5MDgwMTM2WhcNMjUxMDIwMDgwMTM2WjAzMTEwLwYDVQQD
EygyYTA2NTQ2MDQ5MmNkMzFhZmE0ZWJhOWRkNjJkZDZkMGJjMjk3YzFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi6OobMAlErTaFqIUvofZLo4Hcp18
O3kZOXEKka6L+/T/nfcweFsp19JagimfzNDDSP78gq25ipfLg/YPYgY9zuOPBwM5
eVj9S5kxSLRQJtFgD41QPM6EYRSmU4XT7Bav3lCuPo9YbzM/mQNKJB7C96ZayQmc
6AeIJBZaxUySumyV5LY362vL7IMY/1/f4unkLhvpYaXjvy0+MTmSPXMAh5TtT636
P7sUATntgRAhH97FSpZQXSehebyouGb6nOdsaHbHPveCs3ysE/blVDbhJK0Iy3ai
bZ4T+pT50KpNUWTsCHAtsE8Hz1oMSMfi7wlm7ykcWL5AvX0NrpgGgjqT6QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCoGVGBJLNMa+k66ndYt1tC8KXwbMB8GA1UdIwQY
MBaAFAqXwMgYhoNzxAFHFQU62vYa8dodMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ3BmQXlCaUdnM1BFQVVjVkJUcmE5aHJ4MmgwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NS9hOTM5OWItZjg2Ny00ODAyLThjNjct
ZGJmMmIzNzY5NDQ1LzEvQ3BmQXlCaUdnM1BFQVVjVkJUcmE5aHJ4MmgwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NS9hOTM5OWItZjg2Ny00ODAyLThjNjctZGJmMmIzNzY5NDQ1
LzEvQ3BmQXlCaUdnM1BFQVVjVkJUcmE5aHJ4MmgwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAEvjER0qv
ZxXmZ5HYS4I6nzDPEyrgA8NO+0ynPDgDY1ZNHP2mNiQsRwp0kOwu7SAzFtcK4Cm0
1RVzeW1eFFLndHQ2Sn0wif3FJ2wa19hEQzXNYyqU73G2l55KGVk510f8pgiRI7li
6OATrdc8SUFJJAqOtbK/WHg71eg/aglrsaFhn+h9Pul/gfJPRJpSPM8+711nO4lr
WedAKtjZ4z1b6mFg1SOVdf0KNWFl3ZYL8S8NwdjNlDhXhmVN1azo7QVd9x4vEBrO
DjdsqD1iycnQqt7y6H9Euqkq62S9nCZlb0fNMbDpx0aSnjz3zK/sd0ATGId9xa6W
uYk8+R0AQgpzkQ==
-----END CERTIFICATE-----
Generated at Sun Oct 19 13:07:03 2025 by rpki-client