Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/957b15-d5dc-43e5-809c-bc362d3768bd/1/yd_q7KItLSYYtDPPAKsUS9i4Db0.mft
File:                     yd_q7KItLSYYtDPPAKsUS9i4Db0.mft (raw, json)
Hash identifier:          t+WqTLX8MdLu+fAv5tc5v0Iucqrwjmw8vluVYx00yH8=
Subject key identifier:   F6:49:71:2F:B6:27:FD:50:6B:96:4F:B2:CB:3F:80:9A:A8:36:D2:E1
Authority key identifier: C9:DF:EA:EC:A2:2D:2D:26:18:B4:33:CF:00:AB:14:4B:D8:B8:0D:BD
Certificate issuer:       /CN=c9dfeaeca22d2d2618b433cf00ab144bd8b80dbd
Certificate serial:       0199FE7E02CBF12D21A6706AC42E0E42DDD6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/yd_q7KItLSYYtDPPAKsUS9i4Db0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a2/957b15-d5dc-43e5-809c-bc362d3768bd/1/yd_q7KItLSYYtDPPAKsUS9i4Db0.mft
Manifest number:          0817
Signing time:             Sun 19 Oct 2025 22:01:35 +0000
Manifest this update:     Sun 19 Oct 2025 22:01:35 +0000
Manifest next update:     Mon 20 Oct 2025 22:01:35 +0000
Files and hashes:         1: YSlfWP3DY80Smx0TIqkuPzTOoec.roa (hash: zxri6NDPBUgI6E9l7vT1svBXNo7QAt30+iiVihETiFE=)
                          2: yd_q7KItLSYYtDPPAKsUS9i4Db0.crl (hash: 3WlkaSVHizi+h0+8xKVvg/+1e+PR0TJ4WgTC6sRHQz8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a2/957b15-d5dc-43e5-809c-bc362d3768bd/1/yd_q7KItLSYYtDPPAKsUS9i4Db0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a2/957b15-d5dc-43e5-809c-bc362d3768bd/1/yd_q7KItLSYYtDPPAKsUS9i4Db0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/yd_q7KItLSYYtDPPAKsUS9i4Db0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 20:00:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fe:7e:02:cb:f1:2d:21:a6:70:6a:c4:2e:0e:42:dd:d6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c9dfeaeca22d2d2618b433cf00ab144bd8b80dbd
        Validity
            Not Before: Oct 19 22:01:35 2025 GMT
            Not After : Oct 20 22:01:35 2025 GMT
        Subject: CN=f649712fb627fd506b964fb2cb3f809aa836d2e1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:aa:0d:39:0d:5e:9b:7e:72:a1:26:7e:33:33:
                    c5:df:2b:5c:4c:73:8b:4f:ba:b2:da:ae:cf:ee:c1:
                    96:46:f7:a5:c9:a4:66:64:4b:05:51:77:b9:74:b0:
                    d3:e3:ce:2a:e1:03:b1:27:ec:1e:d1:46:e0:dd:e3:
                    02:75:26:e4:f2:ac:d7:3b:70:56:78:f1:e1:80:ce:
                    35:e0:2d:d4:cc:32:47:ce:24:ff:3b:f9:b6:3e:42:
                    4d:b4:c7:22:a2:4f:92:f4:86:a0:01:26:43:b4:b8:
                    8c:d7:f4:ad:dd:3b:b6:3b:f8:3d:95:ea:2b:63:e2:
                    e6:63:c8:5a:fe:c6:ba:2b:23:d7:0d:ce:b3:bd:ab:
                    45:e6:8e:8e:3a:5f:73:d8:bd:71:8a:6d:48:3a:e5:
                    4f:a1:40:34:5c:1a:83:bf:e5:86:95:5a:35:4b:bd:
                    83:65:20:1a:7e:47:f1:91:79:b5:d5:7a:7a:3c:27:
                    38:97:57:86:16:84:eb:27:d7:31:fd:19:52:b7:cb:
                    29:6e:4c:46:de:66:bb:49:ff:66:f6:ee:98:7a:e5:
                    0b:68:75:4c:20:39:fd:8a:aa:2d:07:3a:c2:2f:46:
                    2c:c7:01:84:1e:ca:26:55:8a:4d:77:d3:85:bd:2b:
                    e3:7f:79:0d:26:de:3c:a4:e7:c3:2c:95:01:22:72:
                    2d:29
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F6:49:71:2F:B6:27:FD:50:6B:96:4F:B2:CB:3F:80:9A:A8:36:D2:E1
            X509v3 Authority Key Identifier:
                keyid:C9:DF:EA:EC:A2:2D:2D:26:18:B4:33:CF:00:AB:14:4B:D8:B8:0D:BD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yd_q7KItLSYYtDPPAKsUS9i4Db0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/957b15-d5dc-43e5-809c-bc362d3768bd/1/yd_q7KItLSYYtDPPAKsUS9i4Db0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/957b15-d5dc-43e5-809c-bc362d3768bd/1/yd_q7KItLSYYtDPPAKsUS9i4Db0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5c:9d:56:3a:fb:a4:fa:86:ef:66:0e:a5:c7:e5:a0:94:ae:71:
         7c:b7:59:23:ce:02:1e:99:32:24:50:9c:a4:b2:b5:fa:da:fb:
         f4:ac:15:56:12:7d:bd:1a:11:1f:e7:c9:2d:35:a0:01:d1:6a:
         c4:04:cd:3a:ad:8f:08:11:65:8d:6b:a8:48:cb:eb:be:a3:56:
         17:ab:05:dc:49:da:48:7e:5c:de:76:85:8e:09:95:86:c4:2d:
         80:c4:9a:10:6c:a9:72:f2:2f:0c:0d:cf:61:d3:de:41:93:b3:
         33:03:dd:26:91:df:ac:d8:83:14:59:5f:8a:81:d8:83:70:19:
         e7:3a:96:d3:03:02:49:96:9b:37:2a:3e:c0:e0:ae:92:dc:f5:
         87:41:f1:d5:c0:61:55:08:95:af:31:4a:2e:b7:17:d5:aa:60:
         03:6c:d0:d1:3f:fc:51:6e:f3:13:1e:de:5d:6c:a0:71:4e:2c:
         94:db:c7:f4:1f:75:75:a0:3d:96:ff:26:fc:97:6e:8f:fe:6a:
         8f:09:19:5b:cf:43:ee:cd:69:cd:e7:88:66:18:62:5c:89:74:
         74:ec:6f:f7:9e:20:69:7b:fd:72:ea:ee:c2:bb:30:ee:99:e9:
         b0:a1:07:30:a3:f8:77:20:b7:a9:04:e9:6b:54:dc:bd:a4:62:
         59:19:4f:8a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn+fgLL8S0hpnBqxC4OQt3WMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM5ZGZlYWVjYTIyZDJkMjYxOGI0MzNjZjAwYWIxNDRiZDhi
ODBkYmQwHhcNMjUxMDE5MjIwMTM1WhcNMjUxMDIwMjIwMTM1WjAzMTEwLwYDVQQD
EyhmNjQ5NzEyZmI2MjdmZDUwNmI5NjRmYjJjYjNmODA5YWE4MzZkMmUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvaoNOQ1em35yoSZ+MzPF3ytcTHOL
T7qy2q7P7sGWRvelyaRmZEsFUXe5dLDT484q4QOxJ+we0Ubg3eMCdSbk8qzXO3BW
ePHhgM414C3UzDJHziT/O/m2PkJNtMciok+S9IagASZDtLiM1/St3Tu2O/g9leor
Y+LmY8ha/sa6KyPXDc6zvatF5o6OOl9z2L1xim1IOuVPoUA0XBqDv+WGlVo1S72D
ZSAafkfxkXm11Xp6PCc4l1eGFoTrJ9cx/RlSt8spbkxG3ma7Sf9m9u6YeuULaHVM
IDn9iqotBzrCL0YsxwGEHsomVYpNd9OFvSvjf3kNJt48pOfDLJUBInItKQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPZJcS+2J/1Qa5ZPsss/gJqoNtLhMB8GA1UdIwQY
MBaAFMnf6uyiLS0mGLQzzwCrFEvYuA29MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWRfcTdLSXRMU1lZdERQUEFLc1VTOWk0RGIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi85NTdiMTUtZDVkYy00M2U1LTgwOWMt
YmMzNjJkMzc2OGJkLzEveWRfcTdLSXRMU1lZdERQUEFLc1VTOWk0RGIwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMi85NTdiMTUtZDVkYy00M2U1LTgwOWMtYmMzNjJkMzc2OGJk
LzEveWRfcTdLSXRMU1lZdERQUEFLc1VTOWk0RGIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXJ1WOvuk
+obvZg6lx+WglK5xfLdZI84CHpkyJFCcpLK1+tr79KwVVhJ9vRoRH+fJLTWgAdFq
xATNOq2PCBFljWuoSMvrvqNWF6sF3EnaSH5c3naFjgmVhsQtgMSaEGypcvIvDA3P
YdPeQZOzMwPdJpHfrNiDFFlfioHYg3AZ5zqW0wMCSZabNyo+wOCuktz1h0Hx1cBh
VQiVrzFKLrcX1apgA2zQ0T/8UW7zEx7eXWygcU4slNvH9B91daA9lv8m/Jduj/5q
jwkZW89D7s1pzeeIZhhiXIl0dOxv954gaXv9curuwrsw7pnpsKEHMKP4dyC3qQTp
a1TcvaRiWRlPig==
-----END CERTIFICATE-----
Generated at Mon Oct 20 06:43:07 2025 by rpki-client