Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/99/89fe5b-4fda-4d04-99b4-f49764ff48ea/1/JLyY3e79tWGqaeynNJBg2EBZ4ZI.mft
File:                     JLyY3e79tWGqaeynNJBg2EBZ4ZI.mft (raw, json)
Hash identifier:          b5IZKLrB92cf3KTOeJNdu1XkyPVt4zlCVtb9vCKAueQ=
Subject key identifier:   7D:8D:1E:FF:C6:CB:6F:75:11:14:68:05:DD:1E:A0:CA:AC:C2:57:A4
Authority key identifier: 24:BC:98:DD:EE:FD:B5:61:AA:69:EC:A7:34:90:60:D8:40:59:E1:92
Certificate issuer:       /CN=24bc98ddeefdb561aa69eca7349060d84059e192
Certificate serial:       0199FC219A829BFF06144728473B2311C197
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/JLyY3e79tWGqaeynNJBg2EBZ4ZI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/99/89fe5b-4fda-4d04-99b4-f49764ff48ea/1/JLyY3e79tWGqaeynNJBg2EBZ4ZI.mft
Manifest number:          0570
Signing time:             Sun 19 Oct 2025 11:01:24 +0000
Manifest this update:     Sun 19 Oct 2025 11:01:24 +0000
Manifest next update:     Mon 20 Oct 2025 11:01:24 +0000
Files and hashes:         1: 9XlHb8rJg-OmDPMs6N_TKhkkHb8.roa (hash: cpk83kEdrOWJJYVKeP1fpe20g1cPT7sKTkIKvw0KJjI=)
                          2: JLyY3e79tWGqaeynNJBg2EBZ4ZI.crl (hash: n+NakON9S0d7wmzb0LcOgAL0rQrdJtuXtvseNY7t1QA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/99/89fe5b-4fda-4d04-99b4-f49764ff48ea/1/JLyY3e79tWGqaeynNJBg2EBZ4ZI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/99/89fe5b-4fda-4d04-99b4-f49764ff48ea/1/JLyY3e79tWGqaeynNJBg2EBZ4ZI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/JLyY3e79tWGqaeynNJBg2EBZ4ZI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 06:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fc:21:9a:82:9b:ff:06:14:47:28:47:3b:23:11:c1:97
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=24bc98ddeefdb561aa69eca7349060d84059e192
        Validity
            Not Before: Oct 19 11:01:24 2025 GMT
            Not After : Oct 20 11:01:24 2025 GMT
        Subject: CN=7d8d1effc6cb6f7511146805dd1ea0caacc257a4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d9:01:3c:c5:59:4f:f4:56:58:27:c5:c3:d3:51:
                    d2:9f:fa:f7:a0:10:8c:12:03:b1:9a:49:b8:ad:87:
                    f9:ac:90:10:9a:b2:e9:47:49:a1:f0:6b:39:3a:0f:
                    8d:d2:f5:58:cf:5c:cb:c7:28:6a:da:af:97:a5:30:
                    6a:4d:91:47:22:0c:79:f3:28:44:b9:1e:7d:5f:2f:
                    4b:9d:93:de:4f:51:c2:86:39:23:a1:d7:08:80:8f:
                    7c:9a:4d:86:c4:47:c4:d5:4a:7a:01:b4:a6:36:75:
                    a2:7b:eb:e0:ec:82:ba:15:b7:31:46:f4:e9:b7:cb:
                    3d:8b:d7:97:80:3c:88:f5:d5:2a:88:3c:ce:b6:30:
                    7c:47:9d:8f:be:b9:79:bd:64:05:c9:25:af:f4:23:
                    80:19:4b:9e:e6:3a:a9:ac:1c:23:36:82:40:01:82:
                    04:ec:79:09:87:28:db:1b:ba:67:9d:34:ab:7a:dc:
                    68:03:bc:51:5e:5f:61:f5:ba:f3:7f:13:5b:63:ff:
                    82:55:8d:5f:87:3f:5c:1f:63:60:98:1c:be:f3:d6:
                    ba:fb:3d:fc:64:ed:83:af:7f:08:07:5c:4f:e4:e0:
                    75:72:61:0a:7f:dc:bd:82:36:c0:3a:bb:0f:a3:1d:
                    aa:01:ee:97:bd:75:09:4c:a0:8a:52:1a:4e:4a:a5:
                    cf:e3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7D:8D:1E:FF:C6:CB:6F:75:11:14:68:05:DD:1E:A0:CA:AC:C2:57:A4
            X509v3 Authority Key Identifier:
                keyid:24:BC:98:DD:EE:FD:B5:61:AA:69:EC:A7:34:90:60:D8:40:59:E1:92

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JLyY3e79tWGqaeynNJBg2EBZ4ZI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/89fe5b-4fda-4d04-99b4-f49764ff48ea/1/JLyY3e79tWGqaeynNJBg2EBZ4ZI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/99/89fe5b-4fda-4d04-99b4-f49764ff48ea/1/JLyY3e79tWGqaeynNJBg2EBZ4ZI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7a:5e:c6:79:a9:41:f7:94:bf:61:a0:39:6e:47:c9:a4:4f:31:
         69:ae:ec:89:60:80:6b:2f:61:f3:0a:87:d4:95:a8:40:03:b5:
         f1:69:b4:82:4f:0b:a4:18:2b:9b:f3:fb:b4:08:4b:96:9c:5e:
         ad:19:c1:94:61:6e:d2:94:f0:88:b2:d4:a3:1b:71:e9:82:a8:
         8b:4e:a9:6d:e1:fe:02:23:72:0a:1e:a9:9f:45:c0:5b:71:80:
         47:1e:97:e8:4f:6a:45:4f:d0:b2:58:e5:03:e5:f9:9c:05:79:
         52:55:f7:38:18:34:d9:c1:0d:ff:5c:9e:d9:98:25:f4:b5:44:
         44:87:36:ff:b3:6a:a9:10:74:8a:68:dd:e1:e1:f5:4e:89:b4:
         3a:b3:cc:f1:1b:51:e4:65:a3:eb:46:90:34:bf:65:9a:06:70:
         d6:8e:4f:15:65:51:04:d6:53:5b:c8:c1:d9:0f:ae:14:cc:6c:
         3c:c4:eb:d6:36:66:b9:72:d0:46:fa:7b:6b:dc:ff:a0:6f:1c:
         60:90:db:4b:9e:4f:39:48:21:2a:8c:59:64:f8:39:40:49:5f:
         1e:64:79:c5:19:90:97:52:e0:8a:cd:8f:da:51:79:eb:a3:a5:
         46:1f:61:55:9c:0e:d2:12:8e:dc:ac:d9:bc:c6:57:59:58:99:
         75:26:5c:d0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn8IZqCm/8GFEcoRzsjEcGXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI0YmM5OGRkZWVmZGI1NjFhYTY5ZWNhNzM0OTA2MGQ4NDA1
OWUxOTIwHhcNMjUxMDE5MTEwMTI0WhcNMjUxMDIwMTEwMTI0WjAzMTEwLwYDVQQD
Eyg3ZDhkMWVmZmM2Y2I2Zjc1MTExNDY4MDVkZDFlYTBjYWFjYzI1N2E0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2QE8xVlP9FZYJ8XD01HSn/r3oBCM
EgOxmkm4rYf5rJAQmrLpR0mh8Gs5Og+N0vVYz1zLxyhq2q+XpTBqTZFHIgx58yhE
uR59Xy9LnZPeT1HChjkjodcIgI98mk2GxEfE1Up6AbSmNnWie+vg7IK6FbcxRvTp
t8s9i9eXgDyI9dUqiDzOtjB8R52Pvrl5vWQFySWv9COAGUue5jqprBwjNoJAAYIE
7HkJhyjbG7pnnTSretxoA7xRXl9h9brzfxNbY/+CVY1fhz9cH2NgmBy+89a6+z38
ZO2Dr38IB1xP5OB1cmEKf9y9gjbAOrsPox2qAe6XvXUJTKCKUhpOSqXP4wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFH2NHv/Gy291ERRoBd0eoMqswlekMB8GA1UdIwQY
MBaAFCS8mN3u/bVhqmnspzSQYNhAWeGSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSkx5WTNlNzl0V0dxYWV5bk5KQmcyRUJaNFpJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OS84OWZlNWItNGZkYS00ZDA0LTk5YjQt
ZjQ5NzY0ZmY0OGVhLzEvSkx5WTNlNzl0V0dxYWV5bk5KQmcyRUJaNFpJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OS84OWZlNWItNGZkYS00ZDA0LTk5YjQtZjQ5NzY0ZmY0OGVh
LzEvSkx5WTNlNzl0V0dxYWV5bk5KQmcyRUJaNFpJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAel7GealB
95S/YaA5bkfJpE8xaa7siWCAay9h8wqH1JWoQAO18Wm0gk8LpBgrm/P7tAhLlpxe
rRnBlGFu0pTwiLLUoxtx6YKoi06pbeH+AiNyCh6pn0XAW3GARx6X6E9qRU/Qsljl
A+X5nAV5UlX3OBg02cEN/1ye2Zgl9LVERIc2/7NqqRB0imjd4eH1Tom0OrPM8RtR
5GWj60aQNL9lmgZw1o5PFWVRBNZTW8jB2Q+uFMxsPMTr1jZmuXLQRvp7a9z/oG8c
YJDbS55POUghKoxZZPg5QElfHmR5xRmQl1Lgis2P2lF566OlRh9hVZwO0hKO3KzZ
vMZXWViZdSZc0A==
-----END CERTIFICATE-----
Generated at Sun Oct 19 15:22:20 2025 by rpki-client