Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9f/0924fa-54fb-4254-b64e-0ac9b3bae6f5/1/hAKSSGHLwIjGVahyU1qQMQige_E.mft
File:                     hAKSSGHLwIjGVahyU1qQMQige_E.mft (raw, json)
Hash identifier:          PF6HtlDkZMCu3Y0LX8W0fudLOmFele5jWpfiSA95JWw=
Subject key identifier:   EF:48:1C:A0:99:52:85:7F:A7:9B:7B:F6:AE:A6:3C:C7:C2:16:45:F7
Authority key identifier: 84:02:92:48:61:CB:C0:88:C6:55:A8:72:53:5A:90:31:08:A0:7B:F1
Certificate issuer:       /CN=8402924861cbc088c655a872535a903108a07bf1
Certificate serial:       0199FA6A88993EAFF2C7CA6B362B3D995F62
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hAKSSGHLwIjGVahyU1qQMQige_E.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/9f/0924fa-54fb-4254-b64e-0ac9b3bae6f5/1/hAKSSGHLwIjGVahyU1qQMQige_E.mft
Manifest number:          131A
Signing time:             Sun 19 Oct 2025 03:01:49 +0000
Manifest this update:     Sun 19 Oct 2025 03:01:49 +0000
Manifest next update:     Mon 20 Oct 2025 03:01:49 +0000
Files and hashes:         1: V4HzyqT3UdFuM-GyIseILy4xTfQ.roa (hash: 1TwXBA5f5XgP5uZG5yeFX6kZqTX4W9t72jbcfsBpAgw=)
                          2: hAKSSGHLwIjGVahyU1qQMQige_E.crl (hash: hakISMRs+f8T7RWWVoZj2nHzBgoY/FjriacrJUTmEMo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/9f/0924fa-54fb-4254-b64e-0ac9b3bae6f5/1/hAKSSGHLwIjGVahyU1qQMQige_E.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/9f/0924fa-54fb-4254-b64e-0ac9b3bae6f5/1/hAKSSGHLwIjGVahyU1qQMQige_E.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/hAKSSGHLwIjGVahyU1qQMQige_E.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 03:01:49 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fa:6a:88:99:3e:af:f2:c7:ca:6b:36:2b:3d:99:5f:62
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8402924861cbc088c655a872535a903108a07bf1
        Validity
            Not Before: Oct 19 03:01:49 2025 GMT
            Not After : Oct 20 03:01:49 2025 GMT
        Subject: CN=ef481ca09952857fa79b7bf6aea63cc7c21645f7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9f:e0:08:82:c0:34:d3:98:6a:e6:a7:1d:49:3f:
                    79:82:3d:9c:f4:04:53:f8:e0:6d:8d:ae:ad:53:2b:
                    d6:5b:34:c2:e5:f7:16:f3:51:af:1b:b0:ef:6d:e4:
                    3f:36:87:49:a3:a8:a2:a7:70:5d:c6:a1:fa:7b:be:
                    76:17:e0:d1:e0:c4:ae:98:36:96:a8:63:01:b4:d2:
                    eb:5a:2b:9a:65:49:5f:5d:26:af:5a:61:56:69:45:
                    9a:79:5d:ab:8f:37:99:12:eb:90:b1:b2:34:3f:14:
                    d4:7c:9e:cc:fe:d8:84:0a:87:62:49:4c:c7:4c:34:
                    43:76:be:7b:d5:b8:d6:89:0b:2d:48:48:15:00:2b:
                    03:24:18:45:93:6a:fc:91:28:92:95:24:ff:74:47:
                    1b:31:75:4e:30:fd:0e:b6:0b:91:fb:49:0c:28:17:
                    fe:4b:01:1f:19:89:d5:e6:af:a9:6a:01:f6:5a:42:
                    88:cc:09:08:14:6e:54:4b:49:a6:03:97:8b:94:6c:
                    c5:7f:a9:4e:32:14:d9:28:e0:b2:0a:b8:23:22:38:
                    a9:86:59:ba:08:bc:2e:c2:3f:77:fe:5a:fd:39:42:
                    8e:77:22:75:31:ea:b3:73:51:66:98:ec:47:5c:4a:
                    2e:0c:7a:b9:71:b1:c7:b0:8e:6d:da:91:0c:b3:ce:
                    53:91
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EF:48:1C:A0:99:52:85:7F:A7:9B:7B:F6:AE:A6:3C:C7:C2:16:45:F7
            X509v3 Authority Key Identifier:
                keyid:84:02:92:48:61:CB:C0:88:C6:55:A8:72:53:5A:90:31:08:A0:7B:F1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hAKSSGHLwIjGVahyU1qQMQige_E.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/0924fa-54fb-4254-b64e-0ac9b3bae6f5/1/hAKSSGHLwIjGVahyU1qQMQige_E.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/0924fa-54fb-4254-b64e-0ac9b3bae6f5/1/hAKSSGHLwIjGVahyU1qQMQige_E.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         96:2f:a2:fd:ee:bf:e5:60:be:ae:f7:8f:53:33:53:87:cb:9f:
         d1:4a:eb:5d:ba:81:ba:db:58:6b:72:f4:43:98:2f:74:4a:4b:
         5f:8b:2e:8c:10:82:da:8a:a0:a1:5e:e8:ef:d0:31:55:7d:1a:
         2a:f3:7b:d5:e5:76:4e:6a:8b:6d:88:5a:bc:4a:a8:1d:6e:11:
         f3:55:4b:6e:f9:51:37:05:92:f6:a0:b4:ce:a0:15:fe:be:ba:
         a6:f2:61:53:51:e6:bd:a5:d5:65:aa:63:db:bf:f6:4f:bf:fa:
         e2:68:9e:1d:03:2f:63:a5:4b:d6:63:cb:a9:51:d7:dd:7c:03:
         6e:d9:46:53:56:c4:7c:d3:7e:38:fc:c9:7e:f9:c1:90:6f:01:
         eb:21:f5:94:45:57:85:a6:cc:4a:a9:64:3f:08:8b:d8:3e:34:
         e2:e3:6e:b7:b9:4b:18:75:63:71:85:bf:07:c3:fa:03:1c:45:
         4e:7e:e6:82:d6:84:d7:8e:ab:f0:e7:b0:d7:6b:03:74:02:14:
         99:5f:ef:31:32:d8:49:bb:c4:f0:18:44:39:b5:25:e9:9f:fb:
         e3:88:3a:38:cf:c4:8b:b6:fc:a0:6f:4e:e9:cd:dd:1d:81:4d:
         14:f4:b8:42:8e:56:93:b2:01:37:ff:83:57:ac:b6:21:49:50:
         ba:16:f2:da
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn6aoiZPq/yx8prNis9mV9iMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0MDI5MjQ4NjFjYmMwODhjNjU1YTg3MjUzNWE5MDMxMDhh
MDdiZjEwHhcNMjUxMDE5MDMwMTQ5WhcNMjUxMDIwMDMwMTQ5WjAzMTEwLwYDVQQD
EyhlZjQ4MWNhMDk5NTI4NTdmYTc5YjdiZjZhZWE2M2NjN2MyMTY0NWY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn+AIgsA005hq5qcdST95gj2c9ART
+OBtja6tUyvWWzTC5fcW81GvG7DvbeQ/NodJo6iip3BdxqH6e752F+DR4MSumDaW
qGMBtNLrWiuaZUlfXSavWmFWaUWaeV2rjzeZEuuQsbI0PxTUfJ7M/tiECodiSUzH
TDRDdr571bjWiQstSEgVACsDJBhFk2r8kSiSlST/dEcbMXVOMP0OtguR+0kMKBf+
SwEfGYnV5q+pagH2WkKIzAkIFG5US0mmA5eLlGzFf6lOMhTZKOCyCrgjIjiphlm6
CLwuwj93/lr9OUKOdyJ1Meqzc1FmmOxHXEouDHq5cbHHsI5t2pEMs85TkQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFO9IHKCZUoV/p5t79q6mPMfCFkX3MB8GA1UdIwQY
MBaAFIQCkkhhy8CIxlWoclNakDEIoHvxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaEFLU1NHSEx3SWpHVmFoeVUxcVFNUWlnZV9FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Zi8wOTI0ZmEtNTRmYi00MjU0LWI2NGUt
MGFjOWIzYmFlNmY1LzEvaEFLU1NHSEx3SWpHVmFoeVUxcVFNUWlnZV9FLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Zi8wOTI0ZmEtNTRmYi00MjU0LWI2NGUtMGFjOWIzYmFlNmY1
LzEvaEFLU1NHSEx3SWpHVmFoeVUxcVFNUWlnZV9FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAli+i/e6/
5WC+rvePUzNTh8uf0UrrXbqButtYa3L0Q5gvdEpLX4sujBCC2oqgoV7o79AxVX0a
KvN71eV2TmqLbYhavEqoHW4R81VLbvlRNwWS9qC0zqAV/r66pvJhU1HmvaXVZapj
27/2T7/64mieHQMvY6VL1mPLqVHX3XwDbtlGU1bEfNN+OPzJfvnBkG8B6yH1lEVX
habMSqlkPwiL2D404uNut7lLGHVjcYW/B8P6AxxFTn7mgtaE146r8Oew12sDdAIU
mV/vMTLYSbvE8BhEObUl6Z/744g6OM/Ei7b8oG9O6c3dHYFNFPS4Qo5Wk7IBN/+D
V6y2IUlQuhby2g==
-----END CERTIFICATE-----
Generated at Sun Oct 19 13:06:12 2025 by rpki-client