Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8d/e094bd-091c-433b-bf58-164cc6a4ed1e/1/ybHXw7TuhyMzamWFOapzRvI9Z3I.mft
File:                     ybHXw7TuhyMzamWFOapzRvI9Z3I.mft (raw, json)
Hash identifier:          UeRgEE9Jlfsuj9VWVnW2tPmDk8cKoXSieJB43vBc+mY=
Subject key identifier:   F3:4B:A8:F8:3F:D3:08:00:80:B9:13:08:C2:05:91:F2:25:5F:F7:E9
Authority key identifier: C9:B1:D7:C3:B4:EE:87:23:33:6A:65:85:39:AA:73:46:F2:3D:67:72
Certificate issuer:       /CN=c9b1d7c3b4ee8723336a658539aa7346f23d6772
Certificate serial:       0199FB463280DAE4A8E887B038BD7C65BE56
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ybHXw7TuhyMzamWFOapzRvI9Z3I.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8d/e094bd-091c-433b-bf58-164cc6a4ed1e/1/ybHXw7TuhyMzamWFOapzRvI9Z3I.mft
Manifest number:          1684
Signing time:             Sun 19 Oct 2025 07:01:45 +0000
Manifest this update:     Sun 19 Oct 2025 07:01:45 +0000
Manifest next update:     Mon 20 Oct 2025 07:01:45 +0000
Files and hashes:         1: kqgcpXCz5MkJzwLeAFTCTl_VsMQ.roa (hash: 4evrbQoOmcedQaEfByeB9rC2XxdVu3dPWDCJqrfbW4c=)
                          2: ybHXw7TuhyMzamWFOapzRvI9Z3I.crl (hash: qnwNlJZVWYIFJyT29ZGGz2vaQGQYzkM+tKm+/BGpm7Q=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/8d/e094bd-091c-433b-bf58-164cc6a4ed1e/1/ybHXw7TuhyMzamWFOapzRvI9Z3I.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/8d/e094bd-091c-433b-bf58-164cc6a4ed1e/1/ybHXw7TuhyMzamWFOapzRvI9Z3I.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ybHXw7TuhyMzamWFOapzRvI9Z3I.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 06:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fb:46:32:80:da:e4:a8:e8:87:b0:38:bd:7c:65:be:56
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c9b1d7c3b4ee8723336a658539aa7346f23d6772
        Validity
            Not Before: Oct 19 07:01:45 2025 GMT
            Not After : Oct 20 07:01:45 2025 GMT
        Subject: CN=f34ba8f83fd3080080b91308c20591f2255ff7e9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:c3:95:df:ca:a0:be:04:17:38:06:b7:e1:4d:
                    32:8c:24:fe:ee:cb:bd:4b:94:ef:69:63:d6:5d:31:
                    bb:b4:ed:47:70:4c:ec:0e:2c:71:48:85:54:59:cc:
                    97:da:94:e5:97:4c:df:ef:02:d8:c6:a6:ae:81:23:
                    0b:df:0c:67:89:15:f2:1a:61:96:2b:e9:83:b8:8d:
                    28:cf:05:85:1f:45:68:d2:0b:44:eb:3d:4a:ff:d6:
                    16:07:30:ad:ea:c0:03:8b:4b:d0:13:19:fd:b9:12:
                    a9:eb:6e:76:4c:e7:d0:d0:f0:18:57:a2:55:f5:42:
                    6f:2a:d1:47:62:27:d8:17:4a:ed:ff:a6:7e:14:a1:
                    12:a0:6c:bf:2d:49:5a:ef:a9:e2:c3:40:bc:27:7b:
                    d1:d5:85:fb:8d:ea:38:30:79:cb:3e:2c:22:fc:35:
                    18:6f:c2:92:3d:8c:e0:a7:92:75:55:8a:c5:e5:15:
                    4a:d2:7c:8b:0a:95:a5:45:0f:bc:73:08:84:3d:c1:
                    ec:55:7b:8c:09:d5:34:da:53:f4:f7:f0:73:59:96:
                    a8:35:67:31:ea:d7:aa:3d:de:29:e6:97:0e:95:a6:
                    3f:f6:f1:3a:cf:01:25:cc:95:ea:2f:f8:c7:03:56:
                    20:39:a3:2b:d0:69:3c:5c:d8:85:bc:a4:3b:5e:ac:
                    50:27
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F3:4B:A8:F8:3F:D3:08:00:80:B9:13:08:C2:05:91:F2:25:5F:F7:E9
            X509v3 Authority Key Identifier:
                keyid:C9:B1:D7:C3:B4:EE:87:23:33:6A:65:85:39:AA:73:46:F2:3D:67:72

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ybHXw7TuhyMzamWFOapzRvI9Z3I.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/e094bd-091c-433b-bf58-164cc6a4ed1e/1/ybHXw7TuhyMzamWFOapzRvI9Z3I.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/e094bd-091c-433b-bf58-164cc6a4ed1e/1/ybHXw7TuhyMzamWFOapzRvI9Z3I.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         10:b5:32:29:69:d6:65:0d:78:6a:76:e2:d7:2f:80:90:02:9c:
         bc:0f:14:f4:cf:78:02:a0:07:a5:ca:af:b1:40:ce:d3:58:01:
         cf:f0:60:96:b4:89:fb:4a:41:7a:8e:5c:5c:99:f5:50:19:7c:
         e7:7c:ca:72:52:89:b9:6b:b4:94:3f:cf:5b:80:03:02:73:fc:
         31:9f:58:c4:5b:64:ed:8f:1a:61:fb:2d:7f:50:ff:b2:05:f8:
         8e:08:0a:67:1e:31:f8:50:2f:be:9b:de:de:fd:94:c2:aa:20:
         52:71:e5:70:5c:c5:ce:56:4a:ce:a7:34:81:84:ce:cc:65:ca:
         fb:a7:23:62:8f:c9:31:1a:50:73:f4:06:f1:5e:a5:fa:b8:54:
         a6:6b:f4:9f:89:77:73:3f:20:20:98:a3:d6:12:c2:e0:1f:63:
         d9:d1:57:4c:59:e2:1d:43:92:96:39:e0:24:1d:39:29:ad:e2:
         a7:67:1f:16:08:78:d6:7e:2e:fe:00:28:1e:7a:6c:5b:be:da:
         cb:59:b6:24:c0:c0:23:36:55:cf:f1:45:1c:11:11:35:a9:91:
         7f:d3:3a:07:8d:b8:8a:f7:07:3c:93:34:55:43:e2:d5:2c:95:
         a6:39:4b:16:23:83:ae:8e:42:4a:94:0c:97:39:be:38:fa:71:
         fb:b0:19:08
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn7RjKA2uSo6IewOL18Zb5WMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM5YjFkN2MzYjRlZTg3MjMzMzZhNjU4NTM5YWE3MzQ2ZjIz
ZDY3NzIwHhcNMjUxMDE5MDcwMTQ1WhcNMjUxMDIwMDcwMTQ1WjAzMTEwLwYDVQQD
EyhmMzRiYThmODNmZDMwODAwODBiOTEzMDhjMjA1OTFmMjI1NWZmN2U5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwcOV38qgvgQXOAa34U0yjCT+7su9
S5TvaWPWXTG7tO1HcEzsDixxSIVUWcyX2pTll0zf7wLYxqaugSML3wxniRXyGmGW
K+mDuI0ozwWFH0Vo0gtE6z1K/9YWBzCt6sADi0vQExn9uRKp6252TOfQ0PAYV6JV
9UJvKtFHYifYF0rt/6Z+FKESoGy/LUla76niw0C8J3vR1YX7jeo4MHnLPiwi/DUY
b8KSPYzgp5J1VYrF5RVK0nyLCpWlRQ+8cwiEPcHsVXuMCdU02lP09/BzWZaoNWcx
6teqPd4p5pcOlaY/9vE6zwElzJXqL/jHA1YgOaMr0Gk8XNiFvKQ7XqxQJwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPNLqPg/0wgAgLkTCMIFkfIlX/fpMB8GA1UdIwQY
MBaAFMmx18O07ocjM2plhTmqc0byPWdyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWJIWHc3VHVoeU16YW1XRk9hcHpSdkk5WjNJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZC9lMDk0YmQtMDkxYy00MzNiLWJmNTgt
MTY0Y2M2YTRlZDFlLzEveWJIWHc3VHVoeU16YW1XRk9hcHpSdkk5WjNJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZC9lMDk0YmQtMDkxYy00MzNiLWJmNTgtMTY0Y2M2YTRlZDFl
LzEveWJIWHc3VHVoeU16YW1XRk9hcHpSdkk5WjNJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAELUyKWnW
ZQ14anbi1y+AkAKcvA8U9M94AqAHpcqvsUDO01gBz/BglrSJ+0pBeo5cXJn1UBl8
53zKclKJuWu0lD/PW4ADAnP8MZ9YxFtk7Y8aYfstf1D/sgX4jggKZx4x+FAvvpve
3v2UwqogUnHlcFzFzlZKzqc0gYTOzGXK+6cjYo/JMRpQc/QG8V6l+rhUpmv0n4l3
cz8gIJij1hLC4B9j2dFXTFniHUOSljngJB05Ka3ip2cfFgh41n4u/gAoHnpsW77a
y1m2JMDAIzZVz/FFHBERNamRf9M6B424ivcHPJM0VUPi1SyVpjlLFiODro5CSpQM
lzm+OPpx+7AZCA==
-----END CERTIFICATE-----
Generated at Sun Oct 19 15:19:12 2025 by rpki-client