Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/98/28cb5c-298f-4d8b-815b-e5a3778be3ad/1/umCk2HTZYByBQsNS-AxWpDJ2zUc.mft
File:                     umCk2HTZYByBQsNS-AxWpDJ2zUc.mft (raw, json)
Hash identifier:          bdGFJjcqj92vS4+0SYVlAFfqa4xQCJXPZc4ZG1dzDCk=
Subject key identifier:   03:08:4C:B3:67:FE:E1:CD:C6:88:90:C9:3D:BB:87:3A:37:CA:1A:74
Authority key identifier: BA:60:A4:D8:74:D9:60:1C:81:42:C3:52:F8:0C:56:A4:32:76:CD:47
Certificate issuer:       /CN=ba60a4d874d9601c8142c352f80c56a43276cd47
Certificate serial:       0199FAA1317C73E3284828C95AED69E06A8C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/umCk2HTZYByBQsNS-AxWpDJ2zUc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/98/28cb5c-298f-4d8b-815b-e5a3778be3ad/1/umCk2HTZYByBQsNS-AxWpDJ2zUc.mft
Manifest number:          16F1
Signing time:             Sun 19 Oct 2025 04:01:31 +0000
Manifest this update:     Sun 19 Oct 2025 04:01:31 +0000
Manifest next update:     Mon 20 Oct 2025 04:01:31 +0000
Files and hashes:         1: 5U4MEYVwKErq9FhOsJB89ZvBBuA.roa (hash: NDCcRzRMP/wHXoUUOEq/IXJG3IgwKCj1GS7rUpsjlXY=)
                          2: 60lbisj9EBvEk8CkvIEbp4prM3I.roa (hash: cqYnW2I6KAO2XW2NYFnEXuAIZkVjJlu5WB2aqpTSh88=)
                          3: bHZh-gl2BV9HaE6gMvNJJyeNKUs.roa (hash: sDUjjxYqPfgF3z6qcjo8Ch8x8GHsvhm9yqvWs72G0WI=)
                          4: koXm2_p4F4KWKYlIu0UQERaNMQ8.roa (hash: zXAmEZonvu8xaYLE77bD6JgXELMdseALDrYiTNuQR1E=)
                          5: qerWJ9N0klhuhzcIgvZSrAumV_Y.roa (hash: /vwvzpt6A9BdPc1JxUloTrK4LVtePi7FvbqVFdA3VF8=)
                          6: umCk2HTZYByBQsNS-AxWpDJ2zUc.crl (hash: IPdTYzynTrqJTyK7VBVv15sOTXsV+v4kM+o3ceCVbhY=)
                          7: zMnP4SbXXtzO5Qz_HmHXST-lJbc.roa (hash: x/mXpix8fyVF7pfT27hYA7xsa5opQzKkRx7F0dXWqMU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/98/28cb5c-298f-4d8b-815b-e5a3778be3ad/1/umCk2HTZYByBQsNS-AxWpDJ2zUc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/98/28cb5c-298f-4d8b-815b-e5a3778be3ad/1/umCk2HTZYByBQsNS-AxWpDJ2zUc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/umCk2HTZYByBQsNS-AxWpDJ2zUc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 04:01:31 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fa:a1:31:7c:73:e3:28:48:28:c9:5a:ed:69:e0:6a:8c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ba60a4d874d9601c8142c352f80c56a43276cd47
        Validity
            Not Before: Oct 19 04:01:31 2025 GMT
            Not After : Oct 20 04:01:31 2025 GMT
        Subject: CN=03084cb367fee1cdc68890c93dbb873a37ca1a74
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c2:21:db:e4:1e:4d:10:3c:6c:2a:7c:d5:07:14:
                    9e:59:7e:27:c0:77:03:01:68:54:e2:9d:8d:51:4f:
                    96:36:78:68:96:fc:86:50:01:4e:e8:73:cb:f6:fc:
                    ae:12:11:86:13:84:29:fc:32:fe:29:3d:ce:84:fe:
                    68:14:43:0c:3c:02:b8:64:57:91:0e:ab:3d:a5:dd:
                    00:34:e0:20:c8:38:3a:fc:88:35:15:67:4a:f5:ee:
                    38:ba:0e:78:15:c7:e3:1d:ff:fb:25:f6:a2:b2:05:
                    ef:03:6a:28:ab:87:b1:c1:e0:85:0b:64:d1:95:a6:
                    f6:13:17:84:9f:3b:68:29:3e:68:c7:24:4f:33:3d:
                    91:bf:66:ce:e8:2d:d1:28:1c:a9:8c:7c:ee:43:40:
                    56:36:11:ad:4d:6e:7f:14:94:95:f0:33:2c:40:5f:
                    82:15:32:2d:9f:88:1f:5b:bf:4b:cb:e5:19:37:13:
                    fe:70:f1:0d:1e:0b:ff:d5:ef:9e:ab:00:78:5d:06:
                    2c:bc:11:de:20:35:b3:2e:1c:82:b3:61:ba:16:fe:
                    41:31:ae:87:eb:b5:8a:09:2c:20:22:72:06:e2:3d:
                    bf:df:6c:73:cd:49:d8:5b:35:2a:11:7a:3b:83:a8:
                    e0:9d:5e:b1:23:f6:66:d3:eb:86:cf:76:8c:33:1c:
                    96:53
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                03:08:4C:B3:67:FE:E1:CD:C6:88:90:C9:3D:BB:87:3A:37:CA:1A:74
            X509v3 Authority Key Identifier:
                keyid:BA:60:A4:D8:74:D9:60:1C:81:42:C3:52:F8:0C:56:A4:32:76:CD:47

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/umCk2HTZYByBQsNS-AxWpDJ2zUc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/98/28cb5c-298f-4d8b-815b-e5a3778be3ad/1/umCk2HTZYByBQsNS-AxWpDJ2zUc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/98/28cb5c-298f-4d8b-815b-e5a3778be3ad/1/umCk2HTZYByBQsNS-AxWpDJ2zUc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         40:78:7e:e4:47:12:73:da:1d:88:b8:76:22:80:59:d0:64:6f:
         34:47:14:94:df:f0:58:78:35:79:5b:da:e4:9b:71:af:b7:5e:
         80:5d:a4:5d:59:23:bd:5d:81:e9:3b:0f:4c:91:1f:f2:54:fb:
         9f:64:50:53:8b:02:0d:38:54:56:2d:ee:0b:51:e2:a1:6b:b4:
         3c:ba:53:b6:b0:e7:59:ac:67:9f:a8:b0:bc:bb:49:6f:73:a4:
         86:d1:a5:3b:a4:6a:fb:d0:07:ee:eb:63:9a:0a:f5:34:5f:e9:
         37:b2:02:c7:26:de:6b:9c:78:f6:c0:9c:5e:59:d4:18:78:50:
         d8:06:c4:a6:8b:9f:ce:74:14:cd:4a:68:99:7b:0e:9c:bb:96:
         2a:c2:52:1f:80:d2:79:e7:07:42:8e:d3:df:86:04:50:26:b9:
         6c:9f:51:19:0d:fb:30:4f:c2:41:43:92:4f:97:e0:cb:da:46:
         37:ac:82:bb:d7:95:25:b7:ff:68:ae:f7:30:df:af:9e:44:93:
         4b:a2:cc:2e:df:d1:95:07:94:0e:32:39:36:28:d4:f5:33:56:
         4b:0f:c7:16:13:4e:da:7a:2e:5e:eb:6c:d4:6f:c7:ad:7c:83:
         b8:7c:ca:a1:08:ef:7d:26:1b:26:43:ec:91:81:78:c6:fe:e7:
         9a:b1:cd:cf
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn6oTF8c+MoSCjJWu1p4GqMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJhNjBhNGQ4NzRkOTYwMWM4MTQyYzM1MmY4MGM1NmE0MzI3
NmNkNDcwHhcNMjUxMDE5MDQwMTMxWhcNMjUxMDIwMDQwMTMxWjAzMTEwLwYDVQQD
EygwMzA4NGNiMzY3ZmVlMWNkYzY4ODkwYzkzZGJiODczYTM3Y2ExYTc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwiHb5B5NEDxsKnzVBxSeWX4nwHcD
AWhU4p2NUU+WNnholvyGUAFO6HPL9vyuEhGGE4Qp/DL+KT3OhP5oFEMMPAK4ZFeR
Dqs9pd0ANOAgyDg6/Ig1FWdK9e44ug54FcfjHf/7JfaisgXvA2ooq4exweCFC2TR
lab2ExeEnztoKT5oxyRPMz2Rv2bO6C3RKBypjHzuQ0BWNhGtTW5/FJSV8DMsQF+C
FTItn4gfW79Ly+UZNxP+cPENHgv/1e+eqwB4XQYsvBHeIDWzLhyCs2G6Fv5BMa6H
67WKCSwgInIG4j2/32xzzUnYWzUqEXo7g6jgnV6xI/Zm0+uGz3aMMxyWUwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAMITLNn/uHNxoiQyT27hzo3yhp0MB8GA1UdIwQY
MBaAFLpgpNh02WAcgULDUvgMVqQyds1HMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdW1DazJIVFpZQnlCUXNOUy1BeFdwREoyelVjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OC8yOGNiNWMtMjk4Zi00ZDhiLTgxNWIt
ZTVhMzc3OGJlM2FkLzEvdW1DazJIVFpZQnlCUXNOUy1BeFdwREoyelVjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OC8yOGNiNWMtMjk4Zi00ZDhiLTgxNWItZTVhMzc3OGJlM2Fk
LzEvdW1DazJIVFpZQnlCUXNOUy1BeFdwREoyelVjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQHh+5EcS
c9odiLh2IoBZ0GRvNEcUlN/wWHg1eVva5Jtxr7degF2kXVkjvV2B6TsPTJEf8lT7
n2RQU4sCDThUVi3uC1HioWu0PLpTtrDnWaxnn6iwvLtJb3OkhtGlO6Rq+9AH7utj
mgr1NF/pN7ICxybea5x49sCcXlnUGHhQ2AbEpoufznQUzUpomXsOnLuWKsJSH4DS
eecHQo7T34YEUCa5bJ9RGQ37ME/CQUOST5fgy9pGN6yCu9eVJbf/aK73MN+vnkST
S6LMLt/RlQeUDjI5NijU9TNWSw/HFhNO2nouXuts1G/HrXyDuHzKoQjvfSYbJkPs
kYF4xv7nmrHNzw==
-----END CERTIFICATE-----
Generated at Sun Oct 19 13:05:46 2025 by rpki-client