Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a1/bb70d3-632e-4eff-84ff-6dcf7c3849bc/1/L8yTRlKEK3vZp87AAsd8HKE_EGQ.mft
File:                     L8yTRlKEK3vZp87AAsd8HKE_EGQ.mft (raw, json)
Hash identifier:          WDwPQ+FURKn9/K7/zsu3PDToQXvEKUNL8Kbku+PSGoQ=
Subject key identifier:   BB:91:4C:E0:42:4E:F5:05:41:75:5B:5F:B6:97:8D:9F:D9:6B:55:0E
Authority key identifier: 2F:CC:93:46:52:84:2B:7B:D9:A7:CE:C0:02:C7:7C:1C:A1:3F:10:64
Certificate issuer:       /CN=2fcc934652842b7bd9a7cec002c77c1ca13f1064
Certificate serial:       0199FDD9CB8110C82B3443301DF86101E111
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/L8yTRlKEK3vZp87AAsd8HKE_EGQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a1/bb70d3-632e-4eff-84ff-6dcf7c3849bc/1/L8yTRlKEK3vZp87AAsd8HKE_EGQ.mft
Manifest number:          16E2
Signing time:             Sun 19 Oct 2025 19:02:12 +0000
Manifest this update:     Sun 19 Oct 2025 19:02:12 +0000
Manifest next update:     Mon 20 Oct 2025 19:02:12 +0000
Files and hashes:         1: L8yTRlKEK3vZp87AAsd8HKE_EGQ.crl (hash: 4mhWK0xVTbkyhPCIQYLZV9piUygbqKtzJe4mbyChJ3g=)
                          2: yz6_439OmIgbPGI_9SMl-hcB7SM.roa (hash: b+VVST8s13jCLV/LOSpCV8hcczaiQ8urh6lhnrg3Cso=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a1/bb70d3-632e-4eff-84ff-6dcf7c3849bc/1/L8yTRlKEK3vZp87AAsd8HKE_EGQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a1/bb70d3-632e-4eff-84ff-6dcf7c3849bc/1/L8yTRlKEK3vZp87AAsd8HKE_EGQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/L8yTRlKEK3vZp87AAsd8HKE_EGQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 19:02:12 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fd:d9:cb:81:10:c8:2b:34:43:30:1d:f8:61:01:e1:11
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2fcc934652842b7bd9a7cec002c77c1ca13f1064
        Validity
            Not Before: Oct 19 19:02:12 2025 GMT
            Not After : Oct 20 19:02:12 2025 GMT
        Subject: CN=bb914ce0424ef50541755b5fb6978d9fd96b550e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:97:f8:0a:8a:75:36:bb:ec:c2:50:4c:18:ee:48:
                    52:d4:84:84:71:ec:95:c1:a6:51:cd:1a:80:d2:f3:
                    b6:c3:c9:65:6f:5c:5b:e7:d0:f0:c0:0b:05:fe:c5:
                    5c:5b:a3:70:73:b1:ef:7c:73:3f:08:12:21:db:2e:
                    8f:2a:61:16:b0:b0:84:a1:8f:b5:4f:6d:46:5f:0e:
                    92:33:49:25:d5:ca:fe:2a:c9:5a:f1:cf:64:44:69:
                    1b:24:52:93:18:bf:ec:92:b6:4e:a6:46:4e:ef:cf:
                    36:88:a7:7a:9f:a8:1a:88:22:11:26:47:4a:94:61:
                    c5:45:f6:89:33:cd:a3:58:7d:2d:94:8a:90:66:21:
                    8b:76:c1:02:88:c1:43:65:45:87:ee:85:0d:f3:54:
                    50:ff:b5:79:bd:94:51:14:3a:df:45:0a:a0:5d:3e:
                    4a:f7:df:ef:35:88:54:dc:5a:a3:00:e1:b8:5c:dc:
                    ed:c9:4a:29:c3:fb:e3:cd:04:f2:1e:64:d4:62:15:
                    6b:f2:cd:0c:80:ce:10:13:b9:d1:66:a2:4d:f9:cd:
                    3e:d6:6c:57:b9:15:9d:20:18:be:88:b0:1a:bd:a4:
                    1e:50:95:15:12:a8:ff:48:2e:3c:57:df:1d:d6:32:
                    32:1f:77:b3:86:08:49:17:f9:46:40:b5:ec:04:73:
                    d0:db
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BB:91:4C:E0:42:4E:F5:05:41:75:5B:5F:B6:97:8D:9F:D9:6B:55:0E
            X509v3 Authority Key Identifier:
                keyid:2F:CC:93:46:52:84:2B:7B:D9:A7:CE:C0:02:C7:7C:1C:A1:3F:10:64

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/L8yTRlKEK3vZp87AAsd8HKE_EGQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/bb70d3-632e-4eff-84ff-6dcf7c3849bc/1/L8yTRlKEK3vZp87AAsd8HKE_EGQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/bb70d3-632e-4eff-84ff-6dcf7c3849bc/1/L8yTRlKEK3vZp87AAsd8HKE_EGQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3a:6b:cb:1f:fe:d5:d1:f8:9a:bd:73:ba:10:43:3d:e5:89:21:
         61:5d:4b:9a:5f:6b:9b:a5:75:34:ff:88:09:ee:45:4f:f4:01:
         75:6f:56:27:04:dd:42:a3:eb:2f:48:fb:d0:ae:15:56:ec:ff:
         18:e3:f9:dc:54:da:84:79:54:a5:f3:89:c1:4c:ad:8f:9c:6e:
         47:72:95:85:6d:e2:3e:a3:c3:e1:54:bb:1e:42:a2:d1:28:1b:
         8d:e0:07:58:1b:bb:52:1f:c0:6e:a0:cb:8a:d1:a5:3d:37:22:
         73:c4:d6:f4:a1:12:6d:da:e6:6b:dd:8c:2b:e6:c3:3e:c6:95:
         89:f1:0c:f8:c1:db:4d:d2:f4:43:94:c2:86:82:a3:8e:cb:65:
         14:0a:c1:e1:fe:47:32:be:ac:12:4f:9a:da:b7:31:fa:d7:cc:
         da:c4:19:96:98:c1:b8:c2:84:c6:94:18:ba:11:d7:71:48:71:
         29:fc:5f:36:60:bb:16:d9:bf:08:48:7f:c8:f8:0d:48:32:9a:
         77:d9:9c:82:7c:11:e0:4a:1b:e5:eb:01:43:47:fa:c2:eb:4c:
         89:db:b2:5b:2c:76:ee:de:20:b4:56:3b:68:94:e2:84:8c:38:
         42:4b:d2:b6:54:ac:16:30:76:d4:1e:b7:a6:11:2a:ee:45:62:
         10:46:3f:18
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn92cuBEMgrNEMwHfhhAeERMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJmY2M5MzQ2NTI4NDJiN2JkOWE3Y2VjMDAyYzc3YzFjYTEz
ZjEwNjQwHhcNMjUxMDE5MTkwMjEyWhcNMjUxMDIwMTkwMjEyWjAzMTEwLwYDVQQD
EyhiYjkxNGNlMDQyNGVmNTA1NDE3NTViNWZiNjk3OGQ5ZmQ5NmI1NTBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl/gKinU2u+zCUEwY7khS1ISEceyV
waZRzRqA0vO2w8llb1xb59DwwAsF/sVcW6Nwc7HvfHM/CBIh2y6PKmEWsLCEoY+1
T21GXw6SM0kl1cr+Ksla8c9kRGkbJFKTGL/skrZOpkZO7882iKd6n6gaiCIRJkdK
lGHFRfaJM82jWH0tlIqQZiGLdsECiMFDZUWH7oUN81RQ/7V5vZRRFDrfRQqgXT5K
99/vNYhU3FqjAOG4XNztyUopw/vjzQTyHmTUYhVr8s0MgM4QE7nRZqJN+c0+1mxX
uRWdIBi+iLAavaQeUJUVEqj/SC48V98d1jIyH3ezhghJF/lGQLXsBHPQ2wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLuRTOBCTvUFQXVbX7aXjZ/Za1UOMB8GA1UdIwQY
MBaAFC/Mk0ZShCt72afOwALHfByhPxBkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTDh5VFJsS0VLM3ZacDg3QUFzZDhIS0VfRUdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMS9iYjcwZDMtNjMyZS00ZWZmLTg0ZmYt
NmRjZjdjMzg0OWJjLzEvTDh5VFJsS0VLM3ZacDg3QUFzZDhIS0VfRUdRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMS9iYjcwZDMtNjMyZS00ZWZmLTg0ZmYtNmRjZjdjMzg0OWJj
LzEvTDh5VFJsS0VLM3ZacDg3QUFzZDhIS0VfRUdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAOmvLH/7V
0fiavXO6EEM95YkhYV1Lml9rm6V1NP+ICe5FT/QBdW9WJwTdQqPrL0j70K4VVuz/
GOP53FTahHlUpfOJwUytj5xuR3KVhW3iPqPD4VS7HkKi0SgbjeAHWBu7Uh/AbqDL
itGlPTcic8TW9KESbdrma92MK+bDPsaVifEM+MHbTdL0Q5TChoKjjstlFArB4f5H
Mr6sEk+a2rcx+tfM2sQZlpjBuMKExpQYuhHXcUhxKfxfNmC7Ftm/CEh/yPgNSDKa
d9mcgnwR4Eob5esBQ0f6wutMiduyWyx27t4gtFY7aJTihIw4QkvStlSsFjB21B63
phEq7kViEEY/GA==
-----END CERTIFICATE-----
Generated at Mon Oct 20 04:41:27 2025 by rpki-client