Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/db66ab-70ac-41ad-9958-dd8b5afcee3b/1/tDbA8OyLvt8PYIRN_k_pOTaaS0A.mft
File:                     tDbA8OyLvt8PYIRN_k_pOTaaS0A.mft (raw, json)
Hash identifier:          3NdV27mpssRux2dW2iDf1qr4D+xLgKS75BTy8/oK4+k=
Subject key identifier:   10:73:E9:72:A8:8E:B5:5E:3D:05:15:C4:D7:62:4C:DB:A0:32:B6:27
Authority key identifier: B4:36:C0:F0:EC:8B:BE:DF:0F:60:84:4D:FE:4F:E9:39:36:9A:4B:40
Certificate issuer:       /CN=b436c0f0ec8bbedf0f60844dfe4fe939369a4b40
Certificate serial:       0199FAD81687B23C531CE2BACD21741016BF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/tDbA8OyLvt8PYIRN_k_pOTaaS0A.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a2/db66ab-70ac-41ad-9958-dd8b5afcee3b/1/tDbA8OyLvt8PYIRN_k_pOTaaS0A.mft
Manifest number:          0412
Signing time:             Sun 19 Oct 2025 05:01:29 +0000
Manifest this update:     Sun 19 Oct 2025 05:01:29 +0000
Manifest next update:     Mon 20 Oct 2025 05:01:29 +0000
Files and hashes:         1: kdQZ4QS0sUqXnywKZ8M79hUmfTA.roa (hash: xGG3G4XfdVhcDuFzw8EOPzLUi5vn/b3D8pkyEY9PSkc=)
                          2: tDbA8OyLvt8PYIRN_k_pOTaaS0A.crl (hash: qJsMfsxMNUwxhLfe4GLskw5KuDXam0XkO6G1yOxaiXE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a2/db66ab-70ac-41ad-9958-dd8b5afcee3b/1/tDbA8OyLvt8PYIRN_k_pOTaaS0A.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a2/db66ab-70ac-41ad-9958-dd8b5afcee3b/1/tDbA8OyLvt8PYIRN_k_pOTaaS0A.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/tDbA8OyLvt8PYIRN_k_pOTaaS0A.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 05:01:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fa:d8:16:87:b2:3c:53:1c:e2:ba:cd:21:74:10:16:bf
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b436c0f0ec8bbedf0f60844dfe4fe939369a4b40
        Validity
            Not Before: Oct 19 05:01:29 2025 GMT
            Not After : Oct 20 05:01:29 2025 GMT
        Subject: CN=1073e972a88eb55e3d0515c4d7624cdba032b627
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:87:6d:16:07:72:2a:ec:30:02:ab:87:c9:16:
                    b5:35:af:be:3a:50:06:4c:50:3a:e6:02:94:5f:da:
                    e5:c0:29:1c:53:8c:99:cb:2e:ef:b0:b6:70:0c:1d:
                    0e:d2:bf:d1:4a:43:fe:2f:f8:a6:09:58:af:0a:45:
                    a3:ce:1b:3f:31:e1:51:e6:4b:de:b5:45:13:c5:af:
                    ab:ef:43:f4:10:e6:86:b3:eb:e5:3b:e9:b2:15:70:
                    6f:39:64:23:d2:eb:a4:6b:ee:19:f4:46:ea:c8:7e:
                    02:8d:b9:c5:4f:e2:5b:59:54:00:38:db:61:f9:42:
                    90:36:95:2b:6c:67:4d:46:32:b2:10:0f:66:2e:2b:
                    c7:bc:69:3b:f0:cb:f6:58:22:66:29:b6:7e:37:e4:
                    03:9e:b9:e6:e0:77:18:52:c7:d0:7b:8d:1c:94:31:
                    6c:1c:e8:76:21:77:44:29:6d:42:c7:74:86:b7:22:
                    05:9e:3e:58:29:1a:8a:91:b1:41:4d:f8:14:8d:4f:
                    18:ce:f5:55:84:e6:fb:8b:dc:c2:df:00:57:f8:97:
                    70:9a:92:2f:7b:71:78:a7:8a:e7:5b:86:e7:85:65:
                    72:a7:e9:da:e1:82:60:e7:e3:d5:5d:60:45:77:83:
                    6b:49:eb:c5:98:99:32:2d:7e:90:70:30:e2:85:30:
                    68:d1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                10:73:E9:72:A8:8E:B5:5E:3D:05:15:C4:D7:62:4C:DB:A0:32:B6:27
            X509v3 Authority Key Identifier:
                keyid:B4:36:C0:F0:EC:8B:BE:DF:0F:60:84:4D:FE:4F:E9:39:36:9A:4B:40

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tDbA8OyLvt8PYIRN_k_pOTaaS0A.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/db66ab-70ac-41ad-9958-dd8b5afcee3b/1/tDbA8OyLvt8PYIRN_k_pOTaaS0A.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/db66ab-70ac-41ad-9958-dd8b5afcee3b/1/tDbA8OyLvt8PYIRN_k_pOTaaS0A.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2f:66:61:42:fe:79:74:af:1e:ad:92:7a:85:86:5f:bd:63:33:
         95:28:0a:51:d9:8a:da:7b:49:b5:7d:05:ef:ed:31:b8:8e:16:
         fa:9e:5e:05:f5:e1:32:c2:78:2f:5b:93:f3:b8:e5:01:47:96:
         68:80:83:56:7e:22:91:e2:35:38:d4:7b:dc:de:e3:18:ea:72:
         fd:ee:2c:4f:55:87:70:57:33:85:0c:79:a4:75:a8:08:11:c8:
         21:14:f7:3b:e4:01:a2:d7:4d:6f:4a:8a:11:cf:31:ce:c6:2e:
         d8:e3:f9:51:f9:b3:53:1a:fe:3e:14:72:47:20:6f:71:fe:09:
         bf:b8:99:72:44:d2:f5:86:81:67:e3:8d:54:1f:5b:b9:9d:92:
         17:00:87:3e:36:db:a1:aa:1c:b0:7c:0b:3a:b7:68:6a:5b:37:
         d1:99:9c:27:bd:a5:44:52:96:ab:63:92:ee:78:3f:c7:f4:1c:
         9b:62:30:59:cd:2d:97:d8:58:e9:e2:de:88:cc:b5:1b:27:66:
         fa:2a:25:a8:f9:94:a5:81:d2:f3:ad:68:2e:f6:ea:e6:ae:b8:
         2b:45:3d:c0:13:6f:70:50:09:b8:b5:d2:ff:f8:51:25:bf:df:
         12:4a:aa:d4:61:d3:3d:92:3b:de:32:40:6f:84:3b:cc:7f:16:
         9b:ce:a9:ee
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn62BaHsjxTHOK6zSF0EBa/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0MzZjMGYwZWM4YmJlZGYwZjYwODQ0ZGZlNGZlOTM5MzY5
YTRiNDAwHhcNMjUxMDE5MDUwMTI5WhcNMjUxMDIwMDUwMTI5WjAzMTEwLwYDVQQD
EygxMDczZTk3MmE4OGViNTVlM2QwNTE1YzRkNzYyNGNkYmEwMzJiNjI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs4dtFgdyKuwwAquHyRa1Na++OlAG
TFA65gKUX9rlwCkcU4yZyy7vsLZwDB0O0r/RSkP+L/imCVivCkWjzhs/MeFR5kve
tUUTxa+r70P0EOaGs+vlO+myFXBvOWQj0uuka+4Z9EbqyH4CjbnFT+JbWVQAONth
+UKQNpUrbGdNRjKyEA9mLivHvGk78Mv2WCJmKbZ+N+QDnrnm4HcYUsfQe40clDFs
HOh2IXdEKW1Cx3SGtyIFnj5YKRqKkbFBTfgUjU8YzvVVhOb7i9zC3wBX+JdwmpIv
e3F4p4rnW4bnhWVyp+na4YJg5+PVXWBFd4NrSevFmJkyLX6QcDDihTBo0QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBBz6XKojrVePQUVxNdiTNugMrYnMB8GA1UdIwQY
MBaAFLQ2wPDsi77fD2CETf5P6Tk2mktAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdERiQThPeUx2dDhQWUlSTl9rX3BPVGFhUzBBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi9kYjY2YWItNzBhYy00MWFkLTk5NTgt
ZGQ4YjVhZmNlZTNiLzEvdERiQThPeUx2dDhQWUlSTl9rX3BPVGFhUzBBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMi9kYjY2YWItNzBhYy00MWFkLTk5NTgtZGQ4YjVhZmNlZTNi
LzEvdERiQThPeUx2dDhQWUlSTl9rX3BPVGFhUzBBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAL2ZhQv55
dK8erZJ6hYZfvWMzlSgKUdmK2ntJtX0F7+0xuI4W+p5eBfXhMsJ4L1uT87jlAUeW
aICDVn4ikeI1ONR73N7jGOpy/e4sT1WHcFczhQx5pHWoCBHIIRT3O+QBotdNb0qK
Ec8xzsYu2OP5UfmzUxr+PhRyRyBvcf4Jv7iZckTS9YaBZ+ONVB9buZ2SFwCHPjbb
oaocsHwLOrdoals30ZmcJ72lRFKWq2OS7ng/x/Qcm2IwWc0tl9hY6eLeiMy1Gydm
+iolqPmUpYHS861oLvbq5q64K0U9wBNvcFAJuLXS//hRJb/fEkqq1GHTPZI73jJA
b4Q7zH8Wm86p7g==
-----END CERTIFICATE-----
Generated at Sun Oct 19 15:15:12 2025 by rpki-client