Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/94/a4a0f7-7dbd-4b03-b7f9-58f2d44ff281/1/PnFWq-5roji5BzFd-cVShlrc2ug.mft
File:                     PnFWq-5roji5BzFd-cVShlrc2ug.mft (raw, json)
Hash identifier:          Gf1qdSl3YyQK0RZ4vfnDb4LHTGF+AX5OYl12bhyqG1w=
Subject key identifier:   C5:CA:A3:D7:EA:45:A4:1A:21:F8:D5:72:D6:23:9D:7D:7E:22:10:1D
Authority key identifier: 3E:71:56:AB:EE:6B:A2:38:B9:07:31:5D:F9:C5:52:86:5A:DC:DA:E8
Certificate issuer:       /CN=3e7156abee6ba238b907315df9c552865adcdae8
Certificate serial:       019A00A36F676817B51BEEE030FEF20F75AA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/PnFWq-5roji5BzFd-cVShlrc2ug.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/94/a4a0f7-7dbd-4b03-b7f9-58f2d44ff281/1/PnFWq-5roji5BzFd-cVShlrc2ug.mft
Manifest number:          0956
Signing time:             Mon 20 Oct 2025 08:01:42 +0000
Manifest this update:     Mon 20 Oct 2025 08:01:42 +0000
Manifest next update:     Tue 21 Oct 2025 08:01:42 +0000
Files and hashes:         1: DRXIRPlz989IQESya6WStEPwwfI.roa (hash: vzHP7wdlF/pn8v84Pbfgox37vxRmFYAJNGZAwD+DkvA=)
                          2: PnFWq-5roji5BzFd-cVShlrc2ug.crl (hash: 4rUFWyy+xwdrrV2kVXZt9Ud+iJVCNRdExJ9SIMxKlng=)
                          3: QWM4nrBr-pa9JzWD2Zz8wHHbmCU.roa (hash: VKweVNYicugh0mCYY3yIR2LnHnKsWIZPY+G4TQfXJ6E=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/94/a4a0f7-7dbd-4b03-b7f9-58f2d44ff281/1/PnFWq-5roji5BzFd-cVShlrc2ug.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/94/a4a0f7-7dbd-4b03-b7f9-58f2d44ff281/1/PnFWq-5roji5BzFd-cVShlrc2ug.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/PnFWq-5roji5BzFd-cVShlrc2ug.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 21 Oct 2025 08:01:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:00:a3:6f:67:68:17:b5:1b:ee:e0:30:fe:f2:0f:75:aa
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3e7156abee6ba238b907315df9c552865adcdae8
        Validity
            Not Before: Oct 20 08:01:42 2025 GMT
            Not After : Oct 21 08:01:42 2025 GMT
        Subject: CN=c5caa3d7ea45a41a21f8d572d6239d7d7e22101d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:96:02:62:46:45:96:73:9f:0e:0a:2f:4c:09:
                    8c:bf:b2:9a:c2:d8:1f:be:69:47:b7:2f:10:8a:01:
                    af:36:d8:72:85:fe:8b:eb:75:50:46:af:9f:49:59:
                    dc:10:36:81:93:15:0b:17:e1:13:f8:de:10:2f:6a:
                    80:9f:fa:71:92:02:9e:63:40:57:61:3b:42:ce:2a:
                    f0:6a:f8:b8:dd:ec:3c:ae:5b:7e:5f:39:88:d4:e4:
                    35:76:0a:e2:5b:98:83:3a:dd:b2:8b:86:4a:4f:65:
                    d5:5a:4f:12:07:4d:7e:b9:e5:0f:d0:05:22:c4:30:
                    d2:db:39:c8:9d:7c:3d:f4:90:b0:e3:63:f7:cb:36:
                    b1:92:00:9c:33:ca:06:73:05:f6:ff:67:07:63:49:
                    de:a5:83:c1:35:26:90:86:8e:e3:17:9a:29:7f:fe:
                    a3:26:e3:61:c4:79:77:b0:28:60:c8:01:92:4f:ad:
                    e7:cb:84:af:91:b1:04:07:b1:a8:53:fd:4a:98:51:
                    dd:76:a0:81:a6:51:a9:24:26:a7:44:ad:28:7a:dc:
                    2e:b6:1a:57:51:0b:f0:a8:e5:d9:c4:6a:77:f0:11:
                    20:dd:45:d5:75:3b:5c:f4:32:95:fc:13:ed:00:3e:
                    f1:ac:70:a9:52:88:ef:a0:c8:bf:ff:66:b0:10:5a:
                    3f:0f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C5:CA:A3:D7:EA:45:A4:1A:21:F8:D5:72:D6:23:9D:7D:7E:22:10:1D
            X509v3 Authority Key Identifier:
                keyid:3E:71:56:AB:EE:6B:A2:38:B9:07:31:5D:F9:C5:52:86:5A:DC:DA:E8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PnFWq-5roji5BzFd-cVShlrc2ug.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/94/a4a0f7-7dbd-4b03-b7f9-58f2d44ff281/1/PnFWq-5roji5BzFd-cVShlrc2ug.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/94/a4a0f7-7dbd-4b03-b7f9-58f2d44ff281/1/PnFWq-5roji5BzFd-cVShlrc2ug.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         20:50:97:a7:69:da:8b:88:23:c8:9d:52:b9:29:6f:48:08:f5:
         b7:10:6a:b1:a4:0a:db:b7:f7:a8:b5:eb:a9:3a:99:d6:1a:40:
         65:f9:77:8b:07:d8:69:ee:bd:51:f9:27:68:43:da:74:14:fb:
         c8:3d:f5:38:a2:d8:25:55:6c:e6:95:b8:2d:93:1d:2b:54:45:
         35:94:bc:e6:bc:5f:5f:c2:3a:91:d2:4e:8f:1e:0f:cb:ca:9a:
         ed:74:9a:ba:fd:3d:82:03:ce:9d:81:12:3f:c8:04:18:7a:fb:
         cd:9e:27:49:b1:09:29:a4:c5:c3:21:0c:4a:9a:bf:91:69:5a:
         31:b9:22:4b:34:19:18:5e:3d:b2:cb:e2:2a:d4:33:e4:bf:d8:
         ce:31:78:f4:be:14:94:f2:e1:60:53:fc:a8:39:71:26:8f:c3:
         1b:5a:dc:d1:9b:20:70:fa:85:19:2d:5f:a1:f5:e1:b2:e4:ca:
         15:19:44:42:9e:f3:3b:61:e1:5c:04:13:e5:d7:eb:5e:0e:a8:
         54:c2:b9:f6:b6:12:80:2d:a2:fc:c0:f6:1d:0b:ac:ef:e5:9e:
         a6:b5:ab:02:1b:51:0b:03:f0:96:e5:b5:35:44:4a:e1:7d:84:
         25:a0:4b:d0:82:fd:ba:78:c2:1c:b7:d0:90:42:a2:fe:9a:19:
         6b:29:e5:5e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZoAo29naBe1G+7gMP7yD3WqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlNzE1NmFiZWU2YmEyMzhiOTA3MzE1ZGY5YzU1Mjg2NWFk
Y2RhZTgwHhcNMjUxMDIwMDgwMTQyWhcNMjUxMDIxMDgwMTQyWjAzMTEwLwYDVQQD
EyhjNWNhYTNkN2VhNDVhNDFhMjFmOGQ1NzJkNjIzOWQ3ZDdlMjIxMDFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt5YCYkZFlnOfDgovTAmMv7Kawtgf
vmlHty8QigGvNthyhf6L63VQRq+fSVncEDaBkxULF+ET+N4QL2qAn/pxkgKeY0BX
YTtCzirwavi43ew8rlt+XzmI1OQ1dgriW5iDOt2yi4ZKT2XVWk8SB01+ueUP0AUi
xDDS2znInXw99JCw42P3yzaxkgCcM8oGcwX2/2cHY0nepYPBNSaQho7jF5opf/6j
JuNhxHl3sChgyAGST63ny4SvkbEEB7GoU/1KmFHddqCBplGpJCanRK0oetwuthpX
UQvwqOXZxGp38BEg3UXVdTtc9DKV/BPtAD7xrHCpUojvoMi//2awEFo/DwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMXKo9fqRaQaIfjVctYjnX1+IhAdMB8GA1UdIwQY
MBaAFD5xVqvua6I4uQcxXfnFUoZa3NroMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUG5GV3EtNXJvamk1QnpGZC1jVlNobHJjMnVnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NC9hNGEwZjctN2RiZC00YjAzLWI3Zjkt
NThmMmQ0NGZmMjgxLzEvUG5GV3EtNXJvamk1QnpGZC1jVlNobHJjMnVnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85NC9hNGEwZjctN2RiZC00YjAzLWI3ZjktNThmMmQ0NGZmMjgx
LzEvUG5GV3EtNXJvamk1QnpGZC1jVlNobHJjMnVnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAIFCXp2na
i4gjyJ1SuSlvSAj1txBqsaQK27f3qLXrqTqZ1hpAZfl3iwfYae69UfknaEPadBT7
yD31OKLYJVVs5pW4LZMdK1RFNZS85rxfX8I6kdJOjx4Py8qa7XSauv09ggPOnYES
P8gEGHr7zZ4nSbEJKaTFwyEMSpq/kWlaMbkiSzQZGF49ssviKtQz5L/YzjF49L4U
lPLhYFP8qDlxJo/DG1rc0ZsgcPqFGS1fofXhsuTKFRlEQp7zO2HhXAQT5dfrXg6o
VMK59rYSgC2i/MD2HQus7+WeprWrAhtRCwPwluW1NURK4X2EJaBL0IL9unjCHLfQ
kEKi/poZaynlXg==
-----END CERTIFICATE-----
Generated at Mon Oct 20 15:00:57 2025 by rpki-client