Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/7ae133-d0b6-4b68-8f61-d4d9a2e60e64/1/STKJJW4ziHd9leTVMVZ842cqFJo.mft
File:                     STKJJW4ziHd9leTVMVZ842cqFJo.mft (raw, json)
Hash identifier:          1KEGz+2a2mgs0jBGes8tYUal5CkO6UTVOgKk7i+0owc=
Subject key identifier:   5D:9B:EA:02:F5:90:70:02:50:DE:F8:69:A6:4F:73:52:DB:B3:25:EF
Authority key identifier: 49:32:89:25:6E:33:88:77:7D:95:E4:D5:31:56:7C:E3:67:2A:14:9A
Certificate issuer:       /CN=493289256e3388777d95e4d531567ce3672a149a
Certificate serial:       0199FFFE55666CEBFF7727C618893282850E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/STKJJW4ziHd9leTVMVZ842cqFJo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/86/7ae133-d0b6-4b68-8f61-d4d9a2e60e64/1/STKJJW4ziHd9leTVMVZ842cqFJo.mft
Manifest number:          16E4
Signing time:             Mon 20 Oct 2025 05:01:22 +0000
Manifest this update:     Mon 20 Oct 2025 05:01:22 +0000
Manifest next update:     Tue 21 Oct 2025 05:01:22 +0000
Files and hashes:         1: PDkI417cWn_abbXt0o9HD-0vD6g.roa (hash: mxVaLWpnhSe1agkXL4xYhLyldi4/weSHgH61n+a6Rqk=)
                          2: STKJJW4ziHd9leTVMVZ842cqFJo.crl (hash: t+QMu1kDC9JGoQ0BjIJzameJznEclJvhjcON0xo0/tg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/86/7ae133-d0b6-4b68-8f61-d4d9a2e60e64/1/STKJJW4ziHd9leTVMVZ842cqFJo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/86/7ae133-d0b6-4b68-8f61-d4d9a2e60e64/1/STKJJW4ziHd9leTVMVZ842cqFJo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/STKJJW4ziHd9leTVMVZ842cqFJo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 21 Oct 2025 00:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:ff:fe:55:66:6c:eb:ff:77:27:c6:18:89:32:82:85:0e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=493289256e3388777d95e4d531567ce3672a149a
        Validity
            Not Before: Oct 20 05:01:22 2025 GMT
            Not After : Oct 21 05:01:22 2025 GMT
        Subject: CN=5d9bea02f590700250def869a64f7352dbb325ef
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:d2:16:ea:15:9f:7d:fc:b0:80:de:05:9a:67:
                    65:45:86:ad:4c:3d:a0:69:64:c4:b6:18:06:e7:d0:
                    4e:69:63:66:27:be:c4:0d:49:4d:62:c1:ab:cd:7e:
                    32:bc:a9:e1:2d:30:49:c5:a0:8d:d5:b9:b0:92:ca:
                    d8:e0:ed:10:a4:49:93:15:01:64:3b:3a:e8:99:0f:
                    45:00:9f:de:84:78:64:02:96:d5:c2:1c:94:11:b0:
                    22:bd:6c:b7:b9:4c:6a:11:04:b2:5e:45:b2:37:43:
                    56:f8:1e:61:9c:ab:5d:b6:2e:d3:aa:82:12:d5:a5:
                    0f:e7:15:c1:c5:74:10:81:b1:7d:99:43:24:f8:46:
                    1f:e1:a7:21:aa:53:83:58:25:2e:1a:4b:47:f8:65:
                    66:46:05:c5:30:4e:7d:48:5a:7e:0b:c6:84:36:17:
                    9c:61:94:36:46:b4:87:91:57:95:03:e6:c0:bc:41:
                    5d:68:b0:c4:71:b7:d1:6d:17:20:77:d7:1f:f6:b1:
                    c2:3c:c2:45:7f:94:46:a5:d3:48:9a:1a:c2:da:15:
                    bb:2c:91:98:54:93:49:2f:37:20:01:84:6b:2c:11:
                    ed:71:5c:ab:48:f9:2f:a8:67:5b:51:4e:bd:ea:5e:
                    04:fb:f4:e4:c8:9c:78:7b:fe:3a:de:cb:c9:8c:4f:
                    1c:df
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5D:9B:EA:02:F5:90:70:02:50:DE:F8:69:A6:4F:73:52:DB:B3:25:EF
            X509v3 Authority Key Identifier:
                keyid:49:32:89:25:6E:33:88:77:7D:95:E4:D5:31:56:7C:E3:67:2A:14:9A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/STKJJW4ziHd9leTVMVZ842cqFJo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/7ae133-d0b6-4b68-8f61-d4d9a2e60e64/1/STKJJW4ziHd9leTVMVZ842cqFJo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/86/7ae133-d0b6-4b68-8f61-d4d9a2e60e64/1/STKJJW4ziHd9leTVMVZ842cqFJo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         11:0e:8d:ca:5e:32:11:48:db:36:b3:a3:57:55:ba:42:70:14:
         44:c6:a6:32:e2:f9:25:74:b6:95:90:09:bb:f6:02:18:46:45:
         58:ae:a5:87:ba:a2:2e:46:8b:76:cd:dd:51:a8:5b:ca:38:63:
         4f:79:1a:c3:1b:73:c8:d1:ec:e4:ea:ed:da:9e:9f:33:c8:22:
         df:59:fe:c2:2e:d6:b6:d3:bc:42:76:8a:a3:8f:93:0d:19:c4:
         85:4f:e2:a1:d7:b4:f8:d9:03:bc:92:29:6d:1d:f5:1b:73:b1:
         63:b4:77:6d:98:56:fb:d7:c4:ef:af:c3:2a:41:97:ee:d0:0f:
         1c:61:ec:06:a3:8e:04:d5:69:ef:5e:4b:4d:64:9c:37:04:c3:
         40:df:5a:aa:ca:89:fa:a3:ad:32:7b:84:19:98:5f:4a:68:f3:
         01:ae:47:b6:0e:ed:65:66:38:09:7a:54:91:09:3c:f8:d7:20:
         8e:d9:3b:79:d2:f6:91:91:e3:7c:16:5a:49:e8:ee:17:eb:20:
         80:5f:85:55:2e:26:16:b4:a5:4e:0a:e4:04:39:57:5d:f4:5c:
         59:40:17:16:c0:96:44:0f:bb:7b:de:17:c0:2b:97:83:05:df:
         cd:e2:d0:33:1f:42:21:6a:3c:dc:bf:5b:ca:fd:0b:6e:a9:25:
         a6:9c:1f:b6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn//lVmbOv/dyfGGIkygoUOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5MzI4OTI1NmUzMzg4Nzc3ZDk1ZTRkNTMxNTY3Y2UzNjcy
YTE0OWEwHhcNMjUxMDIwMDUwMTIyWhcNMjUxMDIxMDUwMTIyWjAzMTEwLwYDVQQD
Eyg1ZDliZWEwMmY1OTA3MDAyNTBkZWY4NjlhNjRmNzM1MmRiYjMyNWVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArNIW6hWfffywgN4FmmdlRYatTD2g
aWTEthgG59BOaWNmJ77EDUlNYsGrzX4yvKnhLTBJxaCN1bmwksrY4O0QpEmTFQFk
OzromQ9FAJ/ehHhkApbVwhyUEbAivWy3uUxqEQSyXkWyN0NW+B5hnKtdti7TqoIS
1aUP5xXBxXQQgbF9mUMk+EYf4achqlODWCUuGktH+GVmRgXFME59SFp+C8aENhec
YZQ2RrSHkVeVA+bAvEFdaLDEcbfRbRcgd9cf9rHCPMJFf5RGpdNImhrC2hW7LJGY
VJNJLzcgAYRrLBHtcVyrSPkvqGdbUU696l4E+/TkyJx4e/463svJjE8c3wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFF2b6gL1kHACUN74aaZPc1LbsyXvMB8GA1UdIwQY
MBaAFEkyiSVuM4h3fZXk1TFWfONnKhSaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU1RLSkpXNHppSGQ5bGVUVk1WWjg0MmNxRkpvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni83YWUxMzMtZDBiNi00YjY4LThmNjEt
ZDRkOWEyZTYwZTY0LzEvU1RLSkpXNHppSGQ5bGVUVk1WWjg0MmNxRkpvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni83YWUxMzMtZDBiNi00YjY4LThmNjEtZDRkOWEyZTYwZTY0
LzEvU1RLSkpXNHppSGQ5bGVUVk1WWjg0MmNxRkpvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAEQ6Nyl4y
EUjbNrOjV1W6QnAURMamMuL5JXS2lZAJu/YCGEZFWK6lh7qiLkaLds3dUahbyjhj
T3kawxtzyNHs5Ort2p6fM8gi31n+wi7WttO8QnaKo4+TDRnEhU/iode0+NkDvJIp
bR31G3OxY7R3bZhW+9fE76/DKkGX7tAPHGHsBqOOBNVp715LTWScNwTDQN9aqsqJ
+qOtMnuEGZhfSmjzAa5Htg7tZWY4CXpUkQk8+Ncgjtk7edL2kZHjfBZaSejuF+sg
gF+FVS4mFrSlTgrkBDlXXfRcWUAXFsCWRA+7e94XwCuXgwXfzeLQMx9CIWo83L9b
yv0Lbqklppwftg==
-----END CERTIFICATE-----
Generated at Mon Oct 20 08:46:40 2025 by rpki-client