Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7c/761b48-69ea-40e4-8d7c-64cd194f7f4f/1/z2hDzhUimoAj2X-iejflkniyv9c.mft
File:                     z2hDzhUimoAj2X-iejflkniyv9c.mft (raw, json)
Hash identifier:          mhipYYG0F2o9Xqmep0d7bIT6QMMwnyzEmQEYZF8OT1Y=
Subject key identifier:   10:8C:9C:B5:26:90:FF:78:9C:78:A6:55:5F:A9:60:04:0E:DF:03:B6
Authority key identifier: CF:68:43:CE:15:22:9A:80:23:D9:7F:A2:7A:37:E5:92:78:B2:BF:D7
Certificate issuer:       /CN=cf6843ce15229a8023d97fa27a37e59278b2bfd7
Certificate serial:       0199FB7C98E004A5880B1D2B1634062FF761
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/z2hDzhUimoAj2X-iejflkniyv9c.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/7c/761b48-69ea-40e4-8d7c-64cd194f7f4f/1/z2hDzhUimoAj2X-iejflkniyv9c.mft
Manifest number:          0CCF
Signing time:             Sun 19 Oct 2025 08:01:10 +0000
Manifest this update:     Sun 19 Oct 2025 08:01:10 +0000
Manifest next update:     Mon 20 Oct 2025 08:01:10 +0000
Files and hashes:         1: pZ2-rl1wvNOlZXWq6r9tiMcpCLE.roa (hash: UTgRZg+3/3Y1WSaSgU/Ax1MIkqu5a18zaZd2IsaahgY=)
                          2: z2hDzhUimoAj2X-iejflkniyv9c.crl (hash: ZhaChdXGouFGADIeYSffJHAxBDSGphDyxhO19vlxHW8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/7c/761b48-69ea-40e4-8d7c-64cd194f7f4f/1/z2hDzhUimoAj2X-iejflkniyv9c.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/7c/761b48-69ea-40e4-8d7c-64cd194f7f4f/1/z2hDzhUimoAj2X-iejflkniyv9c.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/z2hDzhUimoAj2X-iejflkniyv9c.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 06:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fb:7c:98:e0:04:a5:88:0b:1d:2b:16:34:06:2f:f7:61
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cf6843ce15229a8023d97fa27a37e59278b2bfd7
        Validity
            Not Before: Oct 19 08:01:10 2025 GMT
            Not After : Oct 20 08:01:10 2025 GMT
        Subject: CN=108c9cb52690ff789c78a6555fa960040edf03b6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c2:21:88:a9:34:e5:9b:d0:fe:e7:1c:4c:65:b9:
                    8e:e8:35:69:38:6f:5d:54:09:95:7c:3d:72:1a:1a:
                    78:9f:11:95:5c:69:a3:bc:36:81:1f:8c:f3:93:86:
                    2a:d3:33:37:93:f0:05:b5:c1:86:d9:89:95:41:67:
                    ef:a8:a0:72:c0:2c:ac:ed:be:2f:2e:c7:87:10:92:
                    08:8b:8b:8a:ad:a0:85:3a:85:8d:bf:9a:c7:fe:aa:
                    08:96:f2:74:83:72:02:74:ee:ba:ea:2f:44:72:4e:
                    05:b5:3c:cb:fa:7f:c6:8a:89:db:98:28:9f:3f:cc:
                    ff:fd:5c:b9:1b:55:73:e1:98:b0:d3:c8:5a:95:1f:
                    0e:53:73:11:c6:ab:70:bd:35:58:27:9d:ae:49:cf:
                    b3:fb:fe:37:8c:3f:9f:d3:4a:70:cf:4a:05:e7:dc:
                    b7:7f:02:f5:ca:03:c2:7b:e0:1d:71:f4:4b:55:c0:
                    24:11:f7:e2:0d:52:24:bf:95:c3:3b:58:a8:10:5b:
                    68:81:58:0e:77:5e:4a:8c:ec:7d:44:cb:1e:08:6c:
                    89:44:f9:2e:35:ff:cf:9e:68:03:ef:9c:1d:25:b9:
                    09:ea:11:06:5a:f4:97:aa:b0:c4:e7:dc:a7:6d:e6:
                    cf:a4:86:ce:6a:cb:5a:bd:37:52:d4:cc:21:e3:78:
                    76:53
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                10:8C:9C:B5:26:90:FF:78:9C:78:A6:55:5F:A9:60:04:0E:DF:03:B6
            X509v3 Authority Key Identifier:
                keyid:CF:68:43:CE:15:22:9A:80:23:D9:7F:A2:7A:37:E5:92:78:B2:BF:D7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/z2hDzhUimoAj2X-iejflkniyv9c.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/761b48-69ea-40e4-8d7c-64cd194f7f4f/1/z2hDzhUimoAj2X-iejflkniyv9c.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/761b48-69ea-40e4-8d7c-64cd194f7f4f/1/z2hDzhUimoAj2X-iejflkniyv9c.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a0:f3:2e:2e:7f:33:d1:a4:3c:e4:df:fb:3f:6f:8b:7b:ce:39:
         c4:1b:47:58:b0:33:de:20:05:e8:6d:4f:79:4f:af:e3:81:85:
         fa:78:ea:bb:3a:83:18:bc:c0:86:33:83:e8:ed:8e:6a:cc:ec:
         ad:7c:c7:a8:91:07:97:d2:fe:49:af:96:79:7e:78:8a:57:17:
         22:fb:2b:69:bc:b7:13:e2:ae:1b:c3:27:23:ec:e0:46:45:25:
         bc:18:48:91:1e:3c:ee:b0:50:03:e3:4a:e0:c9:63:b7:74:52:
         ba:75:95:04:f4:e0:62:33:3a:3e:bd:6c:83:98:8d:eb:87:16:
         8d:5b:fb:a7:aa:e0:b7:b4:78:3c:0c:53:57:bd:bc:59:17:95:
         33:f5:34:7c:56:08:40:c2:ed:d9:b6:68:7d:c7:37:dc:f0:c8:
         0b:86:e1:c2:3a:ec:3f:66:99:92:5d:6d:fb:08:df:c0:53:aa:
         5b:33:5c:6f:56:9d:52:0d:7b:ed:94:a3:ca:96:e5:56:39:83:
         44:e1:a8:0a:13:d3:a8:85:ec:7b:34:f8:a9:00:35:46:38:e5:
         2d:a7:11:5e:5b:b0:4d:d7:48:34:59:8a:a4:2a:14:85:a0:1d:
         11:af:7b:7f:5b:52:e8:e8:8e:7f:aa:37:a7:0e:3c:f7:5e:ca:
         ee:0f:3e:b7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn7fJjgBKWICx0rFjQGL/dhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNmNjg0M2NlMTUyMjlhODAyM2Q5N2ZhMjdhMzdlNTkyNzhi
MmJmZDcwHhcNMjUxMDE5MDgwMTEwWhcNMjUxMDIwMDgwMTEwWjAzMTEwLwYDVQQD
EygxMDhjOWNiNTI2OTBmZjc4OWM3OGE2NTU1ZmE5NjAwNDBlZGYwM2I2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwiGIqTTlm9D+5xxMZbmO6DVpOG9d
VAmVfD1yGhp4nxGVXGmjvDaBH4zzk4Yq0zM3k/AFtcGG2YmVQWfvqKBywCys7b4v
LseHEJIIi4uKraCFOoWNv5rH/qoIlvJ0g3ICdO666i9Eck4FtTzL+n/GionbmCif
P8z//Vy5G1Vz4Ziw08halR8OU3MRxqtwvTVYJ52uSc+z+/43jD+f00pwz0oF59y3
fwL1ygPCe+AdcfRLVcAkEffiDVIkv5XDO1ioEFtogVgOd15KjOx9RMseCGyJRPku
Nf/PnmgD75wdJbkJ6hEGWvSXqrDE59ynbebPpIbOastavTdS1Mwh43h2UwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBCMnLUmkP94nHimVV+pYAQO3wO2MB8GA1UdIwQY
MBaAFM9oQ84VIpqAI9l/ono35ZJ4sr/XMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvejJoRHpoVWltb0FqMlgtaWVqZmxrbml5djljLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yy83NjFiNDgtNjllYS00MGU0LThkN2Mt
NjRjZDE5NGY3ZjRmLzEvejJoRHpoVWltb0FqMlgtaWVqZmxrbml5djljLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yy83NjFiNDgtNjllYS00MGU0LThkN2MtNjRjZDE5NGY3ZjRm
LzEvejJoRHpoVWltb0FqMlgtaWVqZmxrbml5djljLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAoPMuLn8z
0aQ85N/7P2+Le845xBtHWLAz3iAF6G1PeU+v44GF+njquzqDGLzAhjOD6O2Oaszs
rXzHqJEHl9L+Sa+WeX54ilcXIvsraby3E+KuG8MnI+zgRkUlvBhIkR487rBQA+NK
4Mljt3RSunWVBPTgYjM6Pr1sg5iN64cWjVv7p6rgt7R4PAxTV728WReVM/U0fFYI
QMLt2bZofcc33PDIC4bhwjrsP2aZkl1t+wjfwFOqWzNcb1adUg177ZSjypblVjmD
ROGoChPTqIXsezT4qQA1RjjlLacRXluwTddINFmKpCoUhaAdEa97f1tS6OiOf6o3
pw48917K7g8+tw==
-----END CERTIFICATE-----
Generated at Sun Oct 19 13:06:54 2025 by rpki-client