Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/99/e6845d-1c3c-48d6-a6b2-d605c53a35be/1/huGrpgDN5ewxgxmxVZS2irlslWw.mft
File:                     huGrpgDN5ewxgxmxVZS2irlslWw.mft (raw, json)
Hash identifier:          1yascHkAVNCLR9Ci1GueW2wPCeWeeGRNwu7tLYVuSgM=
Subject key identifier:   08:75:FF:14:18:DA:FB:E1:CB:EB:7C:04:86:CE:D0:FA:33:F3:4E:70
Authority key identifier: 86:E1:AB:A6:00:CD:E5:EC:31:83:19:B1:55:94:B6:8A:B9:6C:95:6C
Certificate issuer:       /CN=86e1aba600cde5ec318319b15594b68ab96c956c
Certificate serial:       0199FD347E24786939B629110BB739EDC0D9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/huGrpgDN5ewxgxmxVZS2irlslWw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/99/e6845d-1c3c-48d6-a6b2-d605c53a35be/1/huGrpgDN5ewxgxmxVZS2irlslWw.mft
Manifest number:          0FE5
Signing time:             Sun 19 Oct 2025 16:01:39 +0000
Manifest this update:     Sun 19 Oct 2025 16:01:39 +0000
Manifest next update:     Mon 20 Oct 2025 16:01:39 +0000
Files and hashes:         1: Q7vNAscnF-4OhkgVonOsxeJBDjA.roa (hash: 0ioDa0FuPDgR/Y4yLPplBITqL6YDwLS4b5dcomdJX+s=)
                          2: huGrpgDN5ewxgxmxVZS2irlslWw.crl (hash: jvUa6f3LxmyDFnHiYyfJj5ahZHOi3gr5pL+DhGZIqEs=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/99/e6845d-1c3c-48d6-a6b2-d605c53a35be/1/huGrpgDN5ewxgxmxVZS2irlslWw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/99/e6845d-1c3c-48d6-a6b2-d605c53a35be/1/huGrpgDN5ewxgxmxVZS2irlslWw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/huGrpgDN5ewxgxmxVZS2irlslWw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 11:18:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fd:34:7e:24:78:69:39:b6:29:11:0b:b7:39:ed:c0:d9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=86e1aba600cde5ec318319b15594b68ab96c956c
        Validity
            Not Before: Oct 19 16:01:39 2025 GMT
            Not After : Oct 20 16:01:39 2025 GMT
        Subject: CN=0875ff1418dafbe1cbeb7c0486ced0fa33f34e70
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:a6:f4:cf:12:16:a7:0a:d2:02:ed:17:4f:3e:
                    55:45:02:b6:e0:6d:46:ab:c2:11:36:68:02:c6:c5:
                    e8:8a:21:88:aa:b3:6d:2d:6b:93:1e:5a:a9:61:68:
                    1a:87:14:d8:81:2c:b7:6a:8c:e4:25:5b:68:29:fb:
                    93:9a:b0:3d:50:a1:b0:db:89:1f:a4:1e:b8:d9:36:
                    2d:6a:a2:a7:08:12:1c:f2:d9:1d:e8:9f:70:83:b1:
                    86:d9:c1:33:d6:5d:f8:11:be:bb:2b:bd:cb:88:34:
                    92:79:5d:e7:b8:3c:56:e8:2a:d3:cf:bd:b1:83:3d:
                    49:19:15:c6:05:d0:d1:26:02:fe:2e:b5:69:e6:6a:
                    28:8a:43:d0:b1:09:b0:d7:9e:bd:e3:5e:8d:6a:72:
                    c1:36:f9:c3:16:53:90:c7:f8:75:00:6c:3e:a9:60:
                    5f:e6:e2:1e:f7:d4:97:37:21:66:36:12:d9:51:45:
                    77:fe:df:38:53:97:c6:05:9c:a5:19:41:ca:bd:f7:
                    94:49:f9:62:b4:ed:16:f9:52:27:77:d4:16:ad:d6:
                    0d:27:cb:e3:ec:a6:61:b2:5e:50:65:dc:9d:ab:be:
                    d9:b6:8c:e2:f0:0a:ba:c2:ec:98:04:ba:3f:c7:1e:
                    d5:92:ac:d4:20:6d:6c:4b:3f:60:39:f0:8e:19:71:
                    6b:33
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                08:75:FF:14:18:DA:FB:E1:CB:EB:7C:04:86:CE:D0:FA:33:F3:4E:70
            X509v3 Authority Key Identifier:
                keyid:86:E1:AB:A6:00:CD:E5:EC:31:83:19:B1:55:94:B6:8A:B9:6C:95:6C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/huGrpgDN5ewxgxmxVZS2irlslWw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/e6845d-1c3c-48d6-a6b2-d605c53a35be/1/huGrpgDN5ewxgxmxVZS2irlslWw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/99/e6845d-1c3c-48d6-a6b2-d605c53a35be/1/huGrpgDN5ewxgxmxVZS2irlslWw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         13:a4:5e:02:b6:c9:0c:0b:5e:08:54:a5:e8:3f:84:5b:4b:64:
         7c:da:08:5c:fa:fd:87:9b:57:c2:7f:94:83:0f:77:d5:5b:61:
         af:05:f0:81:55:df:d7:ba:9c:91:53:d1:cb:32:be:94:4f:17:
         42:00:8f:d0:bf:a6:76:f9:15:03:6f:cb:1c:db:0a:1e:2e:25:
         b5:e1:93:c4:0e:a3:54:56:33:30:c9:9d:b6:e4:00:5b:25:c6:
         01:cf:34:0d:a5:a2:68:ee:28:f6:75:0e:76:66:5f:af:82:ca:
         f4:da:84:dd:c2:fa:93:e5:2a:0e:60:83:dc:e1:8d:5a:c3:96:
         94:af:45:71:f7:21:04:b0:3b:ff:09:73:b2:af:06:45:01:a7:
         6b:c3:07:26:9f:6e:39:db:a8:9d:22:1c:82:31:09:3b:5d:d2:
         56:ee:d9:16:23:9b:7e:bc:5b:0a:8f:84:68:8b:45:fd:f6:e4:
         73:7e:76:b9:d6:59:6e:d7:cb:fd:ad:77:80:d5:1d:ac:88:a1:
         0f:39:53:b0:48:72:2a:d0:1c:cd:69:3c:38:6d:ac:74:99:f7:
         df:fb:fc:f5:53:d6:cd:bc:e4:48:2a:7d:88:bf:4d:04:1c:6d:
         16:2b:f2:6c:7b:7c:ac:8a:00:e7:10:9b:21:89:34:2b:52:00:
         e1:62:b1:ef
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn9NH4keGk5tikRC7c57cDZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2ZTFhYmE2MDBjZGU1ZWMzMTgzMTliMTU1OTRiNjhhYjk2
Yzk1NmMwHhcNMjUxMDE5MTYwMTM5WhcNMjUxMDIwMTYwMTM5WjAzMTEwLwYDVQQD
EygwODc1ZmYxNDE4ZGFmYmUxY2JlYjdjMDQ4NmNlZDBmYTMzZjM0ZTcwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtKb0zxIWpwrSAu0XTz5VRQK24G1G
q8IRNmgCxsXoiiGIqrNtLWuTHlqpYWgahxTYgSy3aozkJVtoKfuTmrA9UKGw24kf
pB642TYtaqKnCBIc8tkd6J9wg7GG2cEz1l34Eb67K73LiDSSeV3nuDxW6CrTz72x
gz1JGRXGBdDRJgL+LrVp5mooikPQsQmw1569416NanLBNvnDFlOQx/h1AGw+qWBf
5uIe99SXNyFmNhLZUUV3/t84U5fGBZylGUHKvfeUSflitO0W+VInd9QWrdYNJ8vj
7KZhsl5QZdydq77Ztozi8Aq6wuyYBLo/xx7VkqzUIG1sSz9gOfCOGXFrMwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAh1/xQY2vvhy+t8BIbO0Poz805wMB8GA1UdIwQY
MBaAFIbhq6YAzeXsMYMZsVWUtoq5bJVsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHVHcnBnRE41ZXd4Z3hteFZaUzJpcmxzbFd3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OS9lNjg0NWQtMWMzYy00OGQ2LWE2YjIt
ZDYwNWM1M2EzNWJlLzEvaHVHcnBnRE41ZXd4Z3hteFZaUzJpcmxzbFd3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OS9lNjg0NWQtMWMzYy00OGQ2LWE2YjItZDYwNWM1M2EzNWJl
LzEvaHVHcnBnRE41ZXd4Z3hteFZaUzJpcmxzbFd3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAE6ReArbJ
DAteCFSl6D+EW0tkfNoIXPr9h5tXwn+Ugw931VthrwXwgVXf17qckVPRyzK+lE8X
QgCP0L+mdvkVA2/LHNsKHi4lteGTxA6jVFYzMMmdtuQAWyXGAc80DaWiaO4o9nUO
dmZfr4LK9NqE3cL6k+UqDmCD3OGNWsOWlK9FcfchBLA7/wlzsq8GRQGna8MHJp9u
OduonSIcgjEJO13SVu7ZFiObfrxbCo+EaItF/fbkc352udZZbtfL/a13gNUdrIih
DzlTsEhyKtAczWk8OG2sdJn33/v89VPWzbzkSCp9iL9NBBxtFivybHt8rIoA5xCb
IYk0K1IA4WKx7w==
-----END CERTIFICATE-----
Generated at Sun Oct 19 17:47:07 2025 by rpki-client