Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/83/798889-29d4-4f53-a041-50acbaeec7ca/1/8zXtZqwB15F1zk149nKh_kcgN4A.mft
File:                     8zXtZqwB15F1zk149nKh_kcgN4A.mft (raw, json)
Hash identifier:          BHBdYCL+2YLFcmYTZuzeieoBpSPEa1XH0+hq7pIrxUY=
Subject key identifier:   B8:4C:99:F7:AF:83:EF:AB:4C:72:8E:6E:1A:04:2B:03:6A:67:F4:AC
Authority key identifier: F3:35:ED:66:AC:01:D7:91:75:CE:4D:78:F6:72:A1:FE:47:20:37:80
Certificate issuer:       /CN=f335ed66ac01d79175ce4d78f672a1fe47203780
Certificate serial:       0199FE0FDC9CA3061D1DF6EF67722B450A09
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/8zXtZqwB15F1zk149nKh_kcgN4A.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/83/798889-29d4-4f53-a041-50acbaeec7ca/1/8zXtZqwB15F1zk149nKh_kcgN4A.mft
Manifest number:          A8
Signing time:             Sun 19 Oct 2025 20:01:16 +0000
Manifest this update:     Sun 19 Oct 2025 20:01:16 +0000
Manifest next update:     Mon 20 Oct 2025 20:01:16 +0000
Files and hashes:         1: 8zXtZqwB15F1zk149nKh_kcgN4A.crl (hash: RTKMVOeCPgsTgCjcgbYDgKBsjfessFkqG3RmSauXHBQ=)
                          2: Gc7bIWg_002hRPQXdkZu34Nt1hk.roa (hash: rYe2LH24NobxlRDRXW8nW9SeQn4FShUkG8Kt27Qhtsg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/83/798889-29d4-4f53-a041-50acbaeec7ca/1/8zXtZqwB15F1zk149nKh_kcgN4A.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/83/798889-29d4-4f53-a041-50acbaeec7ca/1/8zXtZqwB15F1zk149nKh_kcgN4A.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/8zXtZqwB15F1zk149nKh_kcgN4A.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 15:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fe:0f:dc:9c:a3:06:1d:1d:f6:ef:67:72:2b:45:0a:09
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f335ed66ac01d79175ce4d78f672a1fe47203780
        Validity
            Not Before: Oct 19 20:01:16 2025 GMT
            Not After : Oct 20 20:01:16 2025 GMT
        Subject: CN=b84c99f7af83efab4c728e6e1a042b036a67f4ac
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:92:d3:29:c0:cb:54:59:66:66:8d:58:3e:d4:34:
                    7f:35:d5:c9:57:a2:4f:73:0f:af:6a:19:71:da:e1:
                    2c:38:4a:89:c1:8c:0e:6a:bc:4f:e3:c8:6e:be:96:
                    01:ac:63:f3:88:51:f3:51:72:47:24:19:14:78:56:
                    af:39:99:d9:cf:95:c5:04:81:c2:58:d5:85:e8:5c:
                    99:2c:6d:22:4a:6a:99:2e:38:38:4b:3e:67:95:f6:
                    9f:56:8d:23:93:43:2c:34:9a:b8:00:5d:b3:17:88:
                    58:42:9c:78:02:b8:cf:a4:3e:81:c0:89:66:69:63:
                    c7:18:b0:2e:9a:d7:e9:47:7f:65:80:18:83:b9:60:
                    40:af:ea:f9:89:02:42:2a:dd:d4:51:34:67:8b:fd:
                    cb:1b:40:a1:ed:c3:36:e2:9e:ce:4e:2b:f5:58:cc:
                    e3:e8:2e:0f:d4:cc:a5:b4:36:8a:69:ba:5d:db:84:
                    45:52:02:6d:9f:7b:f0:a9:88:a2:85:47:89:cc:ca:
                    02:32:7f:5b:d3:5a:4a:8d:87:44:77:4f:b3:62:d5:
                    ec:d9:3b:e8:ad:ee:fc:34:57:c7:67:d5:e0:a6:8a:
                    25:32:e3:85:0e:c9:34:57:24:4a:cd:43:9d:62:a6:
                    5b:2b:c7:ae:6d:9f:74:e7:9f:44:0f:41:b4:5b:ea:
                    1a:fd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B8:4C:99:F7:AF:83:EF:AB:4C:72:8E:6E:1A:04:2B:03:6A:67:F4:AC
            X509v3 Authority Key Identifier:
                keyid:F3:35:ED:66:AC:01:D7:91:75:CE:4D:78:F6:72:A1:FE:47:20:37:80

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8zXtZqwB15F1zk149nKh_kcgN4A.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/83/798889-29d4-4f53-a041-50acbaeec7ca/1/8zXtZqwB15F1zk149nKh_kcgN4A.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/83/798889-29d4-4f53-a041-50acbaeec7ca/1/8zXtZqwB15F1zk149nKh_kcgN4A.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         23:f0:78:ae:8d:b7:fb:06:0e:29:00:fd:a4:11:8f:f2:a1:53:
         12:6e:b5:a4:9e:b3:af:9a:cf:78:26:39:fd:4c:82:80:f5:f7:
         e4:0f:ca:a2:67:e9:3b:2d:fc:d3:dc:31:e0:97:75:ed:fe:71:
         04:17:6a:78:9c:3e:fb:9b:a0:e8:64:ee:f6:2d:6b:02:42:8c:
         8e:ea:a1:80:91:ac:35:df:8c:94:60:dd:7a:6d:40:7b:9c:8c:
         db:73:cc:a0:ee:9e:57:a8:f6:30:0a:b1:2e:9e:45:d7:1d:f5:
         08:b3:82:59:f2:90:11:49:f0:87:40:35:dc:40:1b:5f:cb:c3:
         90:55:d7:44:4d:52:d0:85:b3:9e:82:75:3c:a4:d4:0b:4c:37:
         ce:44:21:93:d8:fa:8f:d8:47:65:cf:36:5a:d6:7b:67:ea:ed:
         77:3c:64:7a:5d:36:c8:9f:4d:b0:35:e9:0c:c0:2e:b4:df:54:
         af:15:3f:b7:f6:ad:1c:ff:31:8b:c4:11:d4:8a:8c:d8:9b:dd:
         08:89:35:45:3e:96:94:e3:74:d3:f8:34:8d:27:0f:f7:28:24:
         e2:02:64:44:31:fa:3b:ce:77:07:a2:3e:1c:af:4f:e2:7e:e7:
         7d:82:de:d0:2d:81:d2:23:c7:d4:0d:4e:5b:60:27:2e:2a:a9:
         e6:ff:36:7c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn+D9ycowYdHfbvZ3IrRQoJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYzMzVlZDY2YWMwMWQ3OTE3NWNlNGQ3OGY2NzJhMWZlNDcy
MDM3ODAwHhcNMjUxMDE5MjAwMTE2WhcNMjUxMDIwMjAwMTE2WjAzMTEwLwYDVQQD
EyhiODRjOTlmN2FmODNlZmFiNGM3MjhlNmUxYTA0MmIwMzZhNjdmNGFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAktMpwMtUWWZmjVg+1DR/NdXJV6JP
cw+vahlx2uEsOEqJwYwOarxP48huvpYBrGPziFHzUXJHJBkUeFavOZnZz5XFBIHC
WNWF6FyZLG0iSmqZLjg4Sz5nlfafVo0jk0MsNJq4AF2zF4hYQpx4ArjPpD6BwIlm
aWPHGLAumtfpR39lgBiDuWBAr+r5iQJCKt3UUTRni/3LG0Ch7cM24p7OTiv1WMzj
6C4P1MyltDaKabpd24RFUgJtn3vwqYiihUeJzMoCMn9b01pKjYdEd0+zYtXs2Tvo
re78NFfHZ9XgpoolMuOFDsk0VyRKzUOdYqZbK8eubZ90559ED0G0W+oa/QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLhMmfevg++rTHKObhoEKwNqZ/SsMB8GA1UdIwQY
MBaAFPM17WasAdeRdc5NePZyof5HIDeAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOHpYdFpxd0IxNUYxemsxNDluS2hfa2NnTjRBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84My83OTg4ODktMjlkNC00ZjUzLWEwNDEt
NTBhY2JhZWVjN2NhLzEvOHpYdFpxd0IxNUYxemsxNDluS2hfa2NnTjRBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84My83OTg4ODktMjlkNC00ZjUzLWEwNDEtNTBhY2JhZWVjN2Nh
LzEvOHpYdFpxd0IxNUYxemsxNDluS2hfa2NnTjRBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAI/B4ro23
+wYOKQD9pBGP8qFTEm61pJ6zr5rPeCY5/UyCgPX35A/KomfpOy3809wx4Jd17f5x
BBdqeJw++5ug6GTu9i1rAkKMjuqhgJGsNd+MlGDdem1Ae5yM23PMoO6eV6j2MAqx
Lp5F1x31CLOCWfKQEUnwh0A13EAbX8vDkFXXRE1S0IWznoJ1PKTUC0w3zkQhk9j6
j9hHZc82WtZ7Z+rtdzxkel02yJ9NsDXpDMAutN9UrxU/t/atHP8xi8QR1IqM2Jvd
CIk1RT6WlON00/g0jScP9ygk4gJkRDH6O853B6I+HK9P4n7nfYLe0C2B0iPH1A1O
W2AnLiqp5v82fA==
-----END CERTIFICATE-----
Generated at Mon Oct 20 00:03:40 2025 by rpki-client