Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/793805-e4e9-42e2-8386-9f303ea67e65/1/cRc4aXP7-IqGfIKohnsFD8pgsBE.mft
File:                     cRc4aXP7-IqGfIKohnsFD8pgsBE.mft (raw, json)
Hash identifier:          Vf9isDIYv4tX7Yb6bPc5pDfp7T2S7r6+lux391z/n00=
Subject key identifier:   51:7C:D9:A7:B2:94:21:E7:B2:87:DC:55:40:A3:60:E4:C3:0F:AC:AE
Authority key identifier: 71:17:38:69:73:FB:F8:8A:86:7C:82:A8:86:7B:05:0F:CA:60:B0:11
Certificate issuer:       /CN=7117386973fbf88a867c82a8867b050fca60b011
Certificate serial:       0199FBEAF94BA1849A4BD00237741C1E8B56
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/cRc4aXP7-IqGfIKohnsFD8pgsBE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8b/793805-e4e9-42e2-8386-9f303ea67e65/1/cRc4aXP7-IqGfIKohnsFD8pgsBE.mft
Manifest number:          16E2
Signing time:             Sun 19 Oct 2025 10:01:44 +0000
Manifest this update:     Sun 19 Oct 2025 10:01:44 +0000
Manifest next update:     Mon 20 Oct 2025 10:01:44 +0000
Files and hashes:         1: __J8knmzK0D7LeHPBcfH9mDXmDA.roa (hash: KGCws32qTez6CiaSk45QNDqYkcqePM9SEByg+MzKHwo=)
                          2: cRc4aXP7-IqGfIKohnsFD8pgsBE.crl (hash: yzTCwwssMIGcGWwS/UVLikVeBNs40TRUhKJhuGu0TnA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/8b/793805-e4e9-42e2-8386-9f303ea67e65/1/cRc4aXP7-IqGfIKohnsFD8pgsBE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/8b/793805-e4e9-42e2-8386-9f303ea67e65/1/cRc4aXP7-IqGfIKohnsFD8pgsBE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/cRc4aXP7-IqGfIKohnsFD8pgsBE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 06:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fb:ea:f9:4b:a1:84:9a:4b:d0:02:37:74:1c:1e:8b:56
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7117386973fbf88a867c82a8867b050fca60b011
        Validity
            Not Before: Oct 19 10:01:44 2025 GMT
            Not After : Oct 20 10:01:44 2025 GMT
        Subject: CN=517cd9a7b29421e7b287dc5540a360e4c30facae
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:9c:c5:1c:19:a4:0a:41:eb:c6:93:4c:36:a6:
                    0a:41:d9:fd:47:ba:6a:11:2a:f8:40:03:e3:80:a2:
                    9f:92:63:3a:24:cf:4c:4b:99:86:82:44:7d:3e:21:
                    e4:bc:35:6a:57:b2:56:5b:1e:6c:87:d8:9d:b5:d9:
                    8a:8a:13:b2:c6:b3:b7:13:4f:ee:29:48:45:17:3f:
                    fd:f9:8d:88:2a:37:3d:9c:b4:a7:28:eb:f7:63:47:
                    41:fe:ca:21:13:8c:b2:6c:d7:53:77:d5:36:b8:f8:
                    f2:f6:ae:2c:a4:b4:9b:7f:e7:1e:24:73:65:a3:de:
                    5f:39:39:ab:5d:ba:fb:a2:37:d7:30:0e:27:77:54:
                    68:02:b4:b8:cf:8c:a5:65:e5:2a:f1:72:17:02:f1:
                    2c:4f:8d:b3:ae:1a:a3:7a:21:05:1d:1e:de:7d:6f:
                    79:d2:27:77:8f:57:4f:11:fe:87:c3:76:8e:7f:79:
                    3c:61:ad:a9:52:9e:c1:9c:3f:5f:7c:12:aa:2b:93:
                    c4:1f:c7:f1:68:fb:71:09:aa:f1:d9:6a:7a:b7:9a:
                    85:65:82:d9:ae:59:eb:b3:f0:4a:5c:00:1d:83:a9:
                    a7:0d:0d:47:9b:dd:9d:3b:8a:99:e9:58:a7:ee:7f:
                    1f:25:dd:30:0e:f4:53:35:db:59:a8:23:17:66:83:
                    07:05
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                51:7C:D9:A7:B2:94:21:E7:B2:87:DC:55:40:A3:60:E4:C3:0F:AC:AE
            X509v3 Authority Key Identifier:
                keyid:71:17:38:69:73:FB:F8:8A:86:7C:82:A8:86:7B:05:0F:CA:60:B0:11

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cRc4aXP7-IqGfIKohnsFD8pgsBE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/793805-e4e9-42e2-8386-9f303ea67e65/1/cRc4aXP7-IqGfIKohnsFD8pgsBE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/793805-e4e9-42e2-8386-9f303ea67e65/1/cRc4aXP7-IqGfIKohnsFD8pgsBE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5b:b2:ac:d7:53:24:b1:f1:3d:2b:b1:2b:bb:d3:bf:d3:37:aa:
         63:f5:4e:5a:60:98:77:82:ce:23:ea:7a:51:fb:3a:05:06:ea:
         00:3c:a4:bd:4a:df:81:b5:e3:28:2b:53:cb:97:b2:43:0a:51:
         bc:b4:e9:17:3b:a6:cd:29:b0:e0:5a:84:90:4e:d7:ee:4e:da:
         cd:83:8e:80:a3:1d:e9:89:c3:db:61:d8:db:ea:12:a1:a6:38:
         a2:0f:3d:4d:60:46:51:87:6d:b5:36:da:67:df:2a:28:41:6d:
         7e:3c:1b:a2:8d:df:64:28:64:a2:ff:fe:07:c1:e6:b4:9d:9d:
         e9:e0:be:ad:5d:7d:85:b0:70:2a:86:d3:8f:fd:b7:51:4c:00:
         d8:d6:7c:9e:83:cb:73:68:48:47:d6:32:27:6a:21:98:2a:81:
         fe:ae:70:60:df:bf:5a:d1:a1:45:41:4f:e0:0e:c0:26:07:90:
         d2:27:a0:07:3b:ed:4c:84:6e:97:57:4f:37:67:0a:ee:f6:a7:
         d1:4f:81:b0:86:b7:26:7d:8a:fc:1a:d4:59:eb:96:2d:3a:60:
         07:4c:a9:f0:b3:34:4a:67:90:67:a1:2b:12:ee:f0:d9:66:a8:
         03:d0:6f:69:e0:ad:c4:a0:b1:58:7d:36:22:ae:4a:d2:08:8a:
         8b:89:fc:1e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn76vlLoYSaS9ACN3QcHotWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcxMTczODY5NzNmYmY4OGE4NjdjODJhODg2N2IwNTBmY2E2
MGIwMTEwHhcNMjUxMDE5MTAwMTQ0WhcNMjUxMDIwMTAwMTQ0WjAzMTEwLwYDVQQD
Eyg1MTdjZDlhN2IyOTQyMWU3YjI4N2RjNTU0MGEzNjBlNGMzMGZhY2FlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvJzFHBmkCkHrxpNMNqYKQdn9R7pq
ESr4QAPjgKKfkmM6JM9MS5mGgkR9PiHkvDVqV7JWWx5sh9idtdmKihOyxrO3E0/u
KUhFFz/9+Y2IKjc9nLSnKOv3Y0dB/sohE4yybNdTd9U2uPjy9q4spLSbf+ceJHNl
o95fOTmrXbr7ojfXMA4nd1RoArS4z4ylZeUq8XIXAvEsT42zrhqjeiEFHR7efW95
0id3j1dPEf6Hw3aOf3k8Ya2pUp7BnD9ffBKqK5PEH8fxaPtxCarx2Wp6t5qFZYLZ
rlnrs/BKXAAdg6mnDQ1Hm92dO4qZ6Vin7n8fJd0wDvRTNdtZqCMXZoMHBQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFF82aeylCHnsofcVUCjYOTDD6yuMB8GA1UdIwQY
MBaAFHEXOGlz+/iKhnyCqIZ7BQ/KYLARMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY1JjNGFYUDctSXFHZklLb2huc0ZEOHBnc0JFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi83OTM4MDUtZTRlOS00MmUyLTgzODYt
OWYzMDNlYTY3ZTY1LzEvY1JjNGFYUDctSXFHZklLb2huc0ZEOHBnc0JFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi83OTM4MDUtZTRlOS00MmUyLTgzODYtOWYzMDNlYTY3ZTY1
LzEvY1JjNGFYUDctSXFHZklLb2huc0ZEOHBnc0JFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAW7Ks11Mk
sfE9K7Eru9O/0zeqY/VOWmCYd4LOI+p6Ufs6BQbqADykvUrfgbXjKCtTy5eyQwpR
vLTpFzumzSmw4FqEkE7X7k7azYOOgKMd6YnD22HY2+oSoaY4og89TWBGUYdttTba
Z98qKEFtfjwboo3fZChkov/+B8HmtJ2d6eC+rV19hbBwKobTj/23UUwA2NZ8noPL
c2hIR9YyJ2ohmCqB/q5wYN+/WtGhRUFP4A7AJgeQ0iegBzvtTIRul1dPN2cK7van
0U+BsIa3Jn2K/BrUWeuWLTpgB0yp8LM0SmeQZ6ErEu7w2WaoA9BvaeCtxKCxWH02
Iq5K0giKi4n8Hg==
-----END CERTIFICATE-----
Generated at Sun Oct 19 15:22:18 2025 by rpki-client