Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9e/3ed37b-b80a-4b10-914b-57c92431d3d3/1/HvNtbboJfqbUsq2k52PoTss9gXo.mft
File:                     HvNtbboJfqbUsq2k52PoTss9gXo.mft (raw, json)
Hash identifier:          LcU7W8IvTg9I5iWkihpX8oWoymZ40snSsdvfW4KWObE=
Subject key identifier:   AD:85:CB:37:E7:87:0F:4B:4D:92:A1:C9:C1:10:02:98:C9:1C:94:47
Authority key identifier: 1E:F3:6D:6D:BA:09:7E:A6:D4:B2:AD:A4:E7:63:E8:4E:CB:3D:81:7A
Certificate issuer:       /CN=1ef36d6dba097ea6d4b2ada4e763e84ecb3d817a
Certificate serial:       0199FAA15EC664C2763936CF6A8DA12DF32F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HvNtbboJfqbUsq2k52PoTss9gXo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/9e/3ed37b-b80a-4b10-914b-57c92431d3d3/1/HvNtbboJfqbUsq2k52PoTss9gXo.mft
Manifest number:          05CC
Signing time:             Sun 19 Oct 2025 04:01:43 +0000
Manifest this update:     Sun 19 Oct 2025 04:01:43 +0000
Manifest next update:     Mon 20 Oct 2025 04:01:43 +0000
Files and hashes:         1: 1-fDLqnKfMZzfosw8Gra-kuHRukQ.roa (hash: 91Wi2oW4Wdmr3Kf24VCGVEfXWacp6jcVuiTMlTsIcZQ=)
                          2: HvNtbboJfqbUsq2k52PoTss9gXo.crl (hash: QmUn0lqHhq9t5oPubSr2zNz4b0R2a/E1AkTU2JZvCm0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/9e/3ed37b-b80a-4b10-914b-57c92431d3d3/1/HvNtbboJfqbUsq2k52PoTss9gXo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/9e/3ed37b-b80a-4b10-914b-57c92431d3d3/1/HvNtbboJfqbUsq2k52PoTss9gXo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/HvNtbboJfqbUsq2k52PoTss9gXo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 04:01:43 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fa:a1:5e:c6:64:c2:76:39:36:cf:6a:8d:a1:2d:f3:2f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1ef36d6dba097ea6d4b2ada4e763e84ecb3d817a
        Validity
            Not Before: Oct 19 04:01:43 2025 GMT
            Not After : Oct 20 04:01:43 2025 GMT
        Subject: CN=ad85cb37e7870f4b4d92a1c9c1100298c91c9447
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:98:76:ba:0a:15:83:b3:53:a2:f5:dc:4e:1c:c9:
                    bc:10:81:42:9a:d1:ad:b6:53:e3:d3:d4:ac:63:fa:
                    55:ad:76:b8:e1:d1:3a:36:48:4c:e6:b7:45:2a:1b:
                    14:6d:9a:e3:97:eb:7c:79:bb:fc:8e:6a:da:47:3b:
                    6e:44:fa:b1:7b:bc:37:a8:8f:1b:80:20:85:9c:c7:
                    ca:23:37:6b:3c:f9:41:48:4d:bc:6d:f1:7d:24:4f:
                    49:09:83:c8:07:f9:1e:b8:55:67:af:c6:f3:6f:a4:
                    2f:0f:96:79:2c:28:80:43:bc:b8:77:5f:f7:3c:38:
                    ae:b4:c2:de:8a:f2:d7:7d:51:3b:fe:1a:a8:18:16:
                    d0:3e:3f:4f:8f:69:d3:e1:1c:e9:78:63:1c:b3:03:
                    d5:ce:88:d9:96:4e:f2:23:e6:fe:d2:17:d3:ca:ba:
                    1d:db:85:22:77:c3:72:34:1b:48:12:e8:4e:02:3e:
                    d8:1f:fa:ca:17:b1:0e:e6:27:3c:be:82:34:e8:62:
                    5c:86:e1:3f:7e:1f:b2:5a:70:32:c9:70:34:73:02:
                    c6:aa:ff:55:65:a8:48:d7:5c:8b:29:2f:aa:84:03:
                    7d:52:a2:fc:41:3b:a6:70:f0:a3:45:93:cc:d5:c2:
                    5e:64:40:2c:56:dc:8d:ca:a6:e8:4d:a6:bc:e1:b4:
                    67:65
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AD:85:CB:37:E7:87:0F:4B:4D:92:A1:C9:C1:10:02:98:C9:1C:94:47
            X509v3 Authority Key Identifier:
                keyid:1E:F3:6D:6D:BA:09:7E:A6:D4:B2:AD:A4:E7:63:E8:4E:CB:3D:81:7A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HvNtbboJfqbUsq2k52PoTss9gXo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/3ed37b-b80a-4b10-914b-57c92431d3d3/1/HvNtbboJfqbUsq2k52PoTss9gXo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/3ed37b-b80a-4b10-914b-57c92431d3d3/1/HvNtbboJfqbUsq2k52PoTss9gXo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         20:20:b1:4a:45:48:96:c3:78:3d:60:f4:86:66:0f:06:dc:ab:
         40:1e:5c:23:cd:5c:92:c8:7e:f4:13:13:4a:a1:04:9d:0d:fa:
         a1:9f:0a:f1:76:41:96:db:f0:43:b0:57:a3:52:c5:b6:50:04:
         88:4f:04:ff:55:21:26:29:0e:ea:6b:47:e6:0d:8c:43:2a:90:
         a0:df:25:46:3e:85:c0:96:65:ca:4a:51:6f:10:dd:01:1f:33:
         81:6f:7e:3a:e5:74:30:b0:42:9e:7c:b5:0e:ef:82:81:01:c1:
         52:6e:cd:5a:d1:27:9f:a0:04:ed:d7:a5:86:ea:d7:67:04:aa:
         90:bf:16:d2:fb:85:b9:0d:b0:4c:cb:c3:a4:51:74:9c:9e:ef:
         8d:f1:0a:3e:03:92:60:e9:13:61:10:4f:0e:1b:58:20:21:ed:
         7d:a5:02:61:7b:3b:11:7d:da:6a:0b:af:52:bd:4a:76:43:d0:
         bc:a2:4a:e1:25:b1:c7:d2:dd:96:07:d2:62:1f:32:69:75:fa:
         d2:03:59:b8:f4:9a:02:5b:c4:e6:82:6d:61:17:80:02:d2:2a:
         f8:f7:46:86:1f:69:d6:ed:dd:1e:b3:b0:ad:df:1d:1b:27:bd:
         c8:ea:11:8b:e4:16:eb:25:ce:99:e5:54:77:4e:68:95:75:3c:
         20:a9:1b:5a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn6oV7GZMJ2OTbPao2hLfMvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFlZjM2ZDZkYmEwOTdlYTZkNGIyYWRhNGU3NjNlODRlY2Iz
ZDgxN2EwHhcNMjUxMDE5MDQwMTQzWhcNMjUxMDIwMDQwMTQzWjAzMTEwLwYDVQQD
EyhhZDg1Y2IzN2U3ODcwZjRiNGQ5MmExYzljMTEwMDI5OGM5MWM5NDQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmHa6ChWDs1Oi9dxOHMm8EIFCmtGt
tlPj09SsY/pVrXa44dE6NkhM5rdFKhsUbZrjl+t8ebv8jmraRztuRPqxe7w3qI8b
gCCFnMfKIzdrPPlBSE28bfF9JE9JCYPIB/keuFVnr8bzb6QvD5Z5LCiAQ7y4d1/3
PDiutMLeivLXfVE7/hqoGBbQPj9Pj2nT4RzpeGMcswPVzojZlk7yI+b+0hfTyrod
24Uid8NyNBtIEuhOAj7YH/rKF7EO5ic8voI06GJchuE/fh+yWnAyyXA0cwLGqv9V
ZahI11yLKS+qhAN9UqL8QTumcPCjRZPM1cJeZEAsVtyNyqboTaa84bRnZQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFK2Fyzfnhw9LTZKhycEQApjJHJRHMB8GA1UdIwQY
MBaAFB7zbW26CX6m1LKtpOdj6E7LPYF6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSHZOdGJib0pmcWJVc3EyazUyUG9Uc3M5Z1hvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZS8zZWQzN2ItYjgwYS00YjEwLTkxNGIt
NTdjOTI0MzFkM2QzLzEvSHZOdGJib0pmcWJVc3EyazUyUG9Uc3M5Z1hvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZS8zZWQzN2ItYjgwYS00YjEwLTkxNGItNTdjOTI0MzFkM2Qz
LzEvSHZOdGJib0pmcWJVc3EyazUyUG9Uc3M5Z1hvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAICCxSkVI
lsN4PWD0hmYPBtyrQB5cI81cksh+9BMTSqEEnQ36oZ8K8XZBltvwQ7BXo1LFtlAE
iE8E/1UhJikO6mtH5g2MQyqQoN8lRj6FwJZlykpRbxDdAR8zgW9+OuV0MLBCnny1
Du+CgQHBUm7NWtEnn6AE7delhurXZwSqkL8W0vuFuQ2wTMvDpFF0nJ7vjfEKPgOS
YOkTYRBPDhtYICHtfaUCYXs7EX3aaguvUr1KdkPQvKJK4SWxx9LdlgfSYh8yaXX6
0gNZuPSaAlvE5oJtYReAAtIq+PdGhh9p1u3dHrOwrd8dGye9yOoRi+QW6yXOmeVU
d05olXU8IKkbWg==
-----END CERTIFICATE-----
Generated at Sun Oct 19 13:05:34 2025 by rpki-client