Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/84/8e23e5-db28-45ed-b67f-2add5e797c75/1/zdpbTOlfoL32BUFp53rvyCZd28Q.mft
File:                     zdpbTOlfoL32BUFp53rvyCZd28Q.mft (raw, json)
Hash identifier:          HLISkh1r/bUGNQC+9m40flXKCHgxX3uU/dvztuMYsM4=
Subject key identifier:   DD:7E:23:37:81:E2:B7:9D:70:6F:99:43:60:D1:86:A6:7A:44:BB:48
Authority key identifier: CD:DA:5B:4C:E9:5F:A0:BD:F6:05:41:69:E7:7A:EF:C8:26:5D:DB:C4
Certificate issuer:       /CN=cdda5b4ce95fa0bdf6054169e77aefc8265ddbc4
Certificate serial:       0199FB0EE04D27EA39BD71555C2D773C89C9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/zdpbTOlfoL32BUFp53rvyCZd28Q.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/84/8e23e5-db28-45ed-b67f-2add5e797c75/1/zdpbTOlfoL32BUFp53rvyCZd28Q.mft
Manifest number:          1674
Signing time:             Sun 19 Oct 2025 06:01:20 +0000
Manifest this update:     Sun 19 Oct 2025 06:01:20 +0000
Manifest next update:     Mon 20 Oct 2025 06:01:20 +0000
Files and hashes:         1: 40_j8EnMOslOGeaUGeLQNCGHg64.roa (hash: BOU6u1kQjKsVBkJf+h9lI/7YbpbYLn1ZXJQhHit/Gyg=)
                          2: zdpbTOlfoL32BUFp53rvyCZd28Q.crl (hash: U8vtccqd5dbnYL9Len3oeFMhbDoyx7Pf/HLYANq+Vps=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/84/8e23e5-db28-45ed-b67f-2add5e797c75/1/zdpbTOlfoL32BUFp53rvyCZd28Q.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/84/8e23e5-db28-45ed-b67f-2add5e797c75/1/zdpbTOlfoL32BUFp53rvyCZd28Q.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/zdpbTOlfoL32BUFp53rvyCZd28Q.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 06:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fb:0e:e0:4d:27:ea:39:bd:71:55:5c:2d:77:3c:89:c9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cdda5b4ce95fa0bdf6054169e77aefc8265ddbc4
        Validity
            Not Before: Oct 19 06:01:20 2025 GMT
            Not After : Oct 20 06:01:20 2025 GMT
        Subject: CN=dd7e233781e2b79d706f994360d186a67a44bb48
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:32:9d:5e:21:29:40:df:33:66:c6:ca:67:5d:
                    1f:73:01:22:b1:eb:76:dc:b3:b2:df:02:f0:e5:23:
                    cd:40:ca:8f:69:d5:fc:d7:f2:ab:a4:17:4e:68:89:
                    38:65:6d:80:21:30:95:dd:e0:49:9a:17:26:bf:ff:
                    3d:a9:1a:db:4e:c8:47:07:0d:3f:77:ff:b9:65:1d:
                    86:07:44:fd:e3:3b:63:ac:f2:4c:2a:62:5f:71:dc:
                    5f:0d:32:f5:15:8c:86:4b:9f:66:d0:76:c4:21:d6:
                    be:a6:42:dc:22:56:f7:b8:11:34:6f:35:0d:c7:cd:
                    20:bc:0c:04:31:fa:fd:1b:dd:0c:fc:2b:f3:e6:59:
                    7f:34:59:88:a2:ba:8b:9b:9a:da:09:41:d0:b3:9b:
                    c9:d4:7d:7b:48:b3:90:d5:e3:91:88:8f:7d:84:92:
                    17:7b:da:48:cf:a2:7c:8b:20:0b:48:3b:fe:a9:4b:
                    f7:0d:cf:b3:3a:bc:0c:e5:c2:07:22:ba:9d:91:4b:
                    39:f0:c9:f9:69:ce:ad:07:6a:cd:b0:b2:59:eb:bf:
                    fb:3e:88:20:ba:fa:67:ab:1a:4b:85:12:fb:56:99:
                    81:3b:05:59:cc:2a:57:f4:b9:91:a7:64:4c:4e:8b:
                    a2:1e:bc:e7:94:4e:1f:38:04:dc:e6:95:d0:56:4a:
                    7a:99
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DD:7E:23:37:81:E2:B7:9D:70:6F:99:43:60:D1:86:A6:7A:44:BB:48
            X509v3 Authority Key Identifier:
                keyid:CD:DA:5B:4C:E9:5F:A0:BD:F6:05:41:69:E7:7A:EF:C8:26:5D:DB:C4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zdpbTOlfoL32BUFp53rvyCZd28Q.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/84/8e23e5-db28-45ed-b67f-2add5e797c75/1/zdpbTOlfoL32BUFp53rvyCZd28Q.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/84/8e23e5-db28-45ed-b67f-2add5e797c75/1/zdpbTOlfoL32BUFp53rvyCZd28Q.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4c:59:8e:db:d1:b3:85:3e:4a:4b:17:aa:04:3d:5e:dd:6d:56:
         49:e9:9a:cf:2f:ad:8f:38:26:70:8c:18:22:95:5b:c4:6b:00:
         43:1d:ec:e0:2f:5e:9e:9c:b7:cc:66:b3:ee:da:92:ae:bc:70:
         e4:ec:57:e1:45:9d:73:db:2b:63:26:dc:09:c4:e9:1a:9a:7a:
         41:d6:5d:3e:40:9b:ef:1c:3e:d2:a2:d4:3d:78:79:8a:d8:a8:
         86:11:9d:48:63:9a:c9:e1:49:b1:d8:43:5d:e5:e0:6f:f9:58:
         e0:d2:7b:fb:e2:59:52:72:b1:ad:e7:8a:f7:22:9e:ef:89:35:
         8b:d1:f4:77:be:d8:05:cf:8a:f3:94:4a:70:9c:15:93:41:3f:
         d3:8d:e8:bb:22:79:a1:8c:1e:94:11:7e:17:06:6a:79:a0:34:
         07:e0:d0:71:84:28:3d:1c:b9:62:00:80:ac:54:ce:38:84:b0:
         ad:8b:fb:4e:a4:da:2f:ec:fb:59:51:e1:58:9d:2f:12:14:b5:
         83:e9:17:86:ea:e3:38:81:b9:29:40:df:ac:30:16:b2:9e:92:
         b8:95:c3:f9:7f:ec:de:bf:92:bc:ce:85:89:2c:cd:4b:6b:5f:
         c8:5d:cc:f9:1c:4b:a8:10:bc:59:de:6d:47:5e:3d:25:a3:4a:
         b2:5f:84:72
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn7DuBNJ+o5vXFVXC13PInJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkZGE1YjRjZTk1ZmEwYmRmNjA1NDE2OWU3N2FlZmM4MjY1
ZGRiYzQwHhcNMjUxMDE5MDYwMTIwWhcNMjUxMDIwMDYwMTIwWjAzMTEwLwYDVQQD
EyhkZDdlMjMzNzgxZTJiNzlkNzA2Zjk5NDM2MGQxODZhNjdhNDRiYjQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsjKdXiEpQN8zZsbKZ10fcwEiset2
3LOy3wLw5SPNQMqPadX81/KrpBdOaIk4ZW2AITCV3eBJmhcmv/89qRrbTshHBw0/
d/+5ZR2GB0T94ztjrPJMKmJfcdxfDTL1FYyGS59m0HbEIda+pkLcIlb3uBE0bzUN
x80gvAwEMfr9G90M/Cvz5ll/NFmIorqLm5raCUHQs5vJ1H17SLOQ1eORiI99hJIX
e9pIz6J8iyALSDv+qUv3Dc+zOrwM5cIHIrqdkUs58Mn5ac6tB2rNsLJZ67/7Pogg
uvpnqxpLhRL7VpmBOwVZzCpX9LmRp2RMTouiHrznlE4fOATc5pXQVkp6mQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFN1+IzeB4redcG+ZQ2DRhqZ6RLtIMB8GA1UdIwQY
MBaAFM3aW0zpX6C99gVBaed678gmXdvEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemRwYlRPbGZvTDMyQlVGcDUzcnZ5Q1pkMjhRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NC84ZTIzZTUtZGIyOC00NWVkLWI2N2Yt
MmFkZDVlNzk3Yzc1LzEvemRwYlRPbGZvTDMyQlVGcDUzcnZ5Q1pkMjhRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NC84ZTIzZTUtZGIyOC00NWVkLWI2N2YtMmFkZDVlNzk3Yzc1
LzEvemRwYlRPbGZvTDMyQlVGcDUzcnZ5Q1pkMjhRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATFmO29Gz
hT5KSxeqBD1e3W1WSemazy+tjzgmcIwYIpVbxGsAQx3s4C9enpy3zGaz7tqSrrxw
5OxX4UWdc9srYybcCcTpGpp6QdZdPkCb7xw+0qLUPXh5itiohhGdSGOayeFJsdhD
XeXgb/lY4NJ7++JZUnKxreeK9yKe74k1i9H0d77YBc+K85RKcJwVk0E/043ouyJ5
oYwelBF+FwZqeaA0B+DQcYQoPRy5YgCArFTOOISwrYv7TqTaL+z7WVHhWJ0vEhS1
g+kXhurjOIG5KUDfrDAWsp6SuJXD+X/s3r+SvM6FiSzNS2tfyF3M+RxLqBC8Wd5t
R149JaNKsl+Ecg==
-----END CERTIFICATE-----
Generated at Sun Oct 19 13:05:26 2025 by rpki-client