Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/0a030f-abb5-4e37-96a3-b4f120122922/1/WqKpJUebz8vBloipUqJDAfTnaDk.mft
File:                     WqKpJUebz8vBloipUqJDAfTnaDk.mft (raw, json)
Hash identifier:          PDKx3234y5Nd8zY4V2ftkAoysvLJB9qOWpC7joyrlgU=
Subject key identifier:   2A:A7:82:97:58:D5:DB:DA:1A:BF:52:D0:58:25:74:55:83:B8:E4:8B
Authority key identifier: 5A:A2:A9:25:47:9B:CF:CB:C1:96:88:A9:52:A2:43:01:F4:E7:68:39
Certificate issuer:       /CN=5aa2a925479bcfcbc19688a952a24301f4e76839
Certificate serial:       0199FB45C67140F21C645C500FA30222BC7E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/WqKpJUebz8vBloipUqJDAfTnaDk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/aa/0a030f-abb5-4e37-96a3-b4f120122922/1/WqKpJUebz8vBloipUqJDAfTnaDk.mft
Manifest number:          0839
Signing time:             Sun 19 Oct 2025 07:01:18 +0000
Manifest this update:     Sun 19 Oct 2025 07:01:18 +0000
Manifest next update:     Mon 20 Oct 2025 07:01:18 +0000
Files and hashes:         1: WqKpJUebz8vBloipUqJDAfTnaDk.crl (hash: 74AfJY+k6sT7l2ae6CEhZuvu3CzOk7M3w979XvDomEA=)
                          2: jYQY-U25B3NSBy3Axt-DvgoJjdQ.roa (hash: zP4WnXpWxsW1++MaE9e5/n5ALBQb36qRJjvWEAaaUiU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/aa/0a030f-abb5-4e37-96a3-b4f120122922/1/WqKpJUebz8vBloipUqJDAfTnaDk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/aa/0a030f-abb5-4e37-96a3-b4f120122922/1/WqKpJUebz8vBloipUqJDAfTnaDk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/WqKpJUebz8vBloipUqJDAfTnaDk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 06:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fb:45:c6:71:40:f2:1c:64:5c:50:0f:a3:02:22:bc:7e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5aa2a925479bcfcbc19688a952a24301f4e76839
        Validity
            Not Before: Oct 19 07:01:18 2025 GMT
            Not After : Oct 20 07:01:18 2025 GMT
        Subject: CN=2aa7829758d5dbda1abf52d05825745583b8e48b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e6:bc:68:69:a3:73:ff:30:b9:54:a3:28:37:28:
                    8c:34:63:97:51:68:47:fd:bf:fd:ff:d6:67:de:8e:
                    81:50:1c:ae:4f:05:8e:86:4e:4b:d0:0d:fa:aa:73:
                    60:6f:04:fd:11:78:be:65:af:64:98:ee:a0:42:a5:
                    49:2d:53:a5:57:a6:09:6c:14:4a:b2:5f:aa:e2:d2:
                    c2:38:d2:fb:63:3c:f9:73:c3:42:0d:f4:97:2e:d6:
                    ee:c3:2c:31:3a:93:bd:f7:16:e5:b1:72:26:4f:10:
                    52:08:d3:5d:e6:e6:86:79:ef:cc:8b:f5:ae:e4:3f:
                    a7:9d:c6:53:af:54:af:cb:f1:c9:3d:74:98:d9:c4:
                    1e:54:f6:0c:7e:7c:13:ff:5b:49:65:04:66:a1:ea:
                    2f:8c:a4:6f:4c:6e:f0:69:3b:04:1a:0c:5b:02:fd:
                    ca:f4:ed:05:16:f0:15:b4:ea:49:8a:4a:bd:0a:a2:
                    e7:9a:80:b6:b7:8c:d2:b0:c9:09:d5:43:c4:b8:02:
                    46:ca:10:44:87:c5:2a:db:02:98:34:70:25:eb:74:
                    b5:de:39:46:47:8a:49:ac:0d:ec:fe:f2:ae:1c:2c:
                    8c:5b:a4:92:2d:12:e7:94:ea:69:05:fd:08:26:c2:
                    bb:af:bb:39:9b:72:d4:9d:60:73:99:e5:e4:74:9c:
                    e9:11
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2A:A7:82:97:58:D5:DB:DA:1A:BF:52:D0:58:25:74:55:83:B8:E4:8B
            X509v3 Authority Key Identifier:
                keyid:5A:A2:A9:25:47:9B:CF:CB:C1:96:88:A9:52:A2:43:01:F4:E7:68:39

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WqKpJUebz8vBloipUqJDAfTnaDk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/0a030f-abb5-4e37-96a3-b4f120122922/1/WqKpJUebz8vBloipUqJDAfTnaDk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/0a030f-abb5-4e37-96a3-b4f120122922/1/WqKpJUebz8vBloipUqJDAfTnaDk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         19:68:49:45:7b:84:e0:ef:cf:18:8f:ca:93:39:c7:a8:90:5a:
         ff:ba:b4:fc:4e:82:c0:ff:75:03:2c:ed:b5:48:44:1c:24:18:
         9a:f0:95:58:6b:ad:dd:0e:72:72:99:cb:ce:c8:33:54:af:5c:
         8f:04:89:3d:25:40:f4:1f:99:82:05:c1:aa:6d:1d:86:ab:be:
         5d:c0:74:93:7d:f9:aa:e4:39:8b:1b:e8:cf:0d:57:e4:84:7a:
         80:ce:f7:c1:72:e1:b8:fc:49:63:c6:59:39:e2:ed:24:42:df:
         85:c4:78:8e:e2:d1:e8:3f:0f:ec:9c:b8:61:a0:60:ec:f9:23:
         44:8d:a6:8d:2a:86:6e:4c:2d:19:b1:07:a9:af:48:22:5a:b3:
         04:f5:84:fb:39:b4:09:e6:fc:ac:2d:d7:c0:9c:f3:8e:e7:ae:
         d0:92:0c:89:e4:b2:e9:36:06:ad:f2:6f:f4:06:01:c2:95:71:
         05:9b:e7:45:97:f3:1b:a8:ea:1f:bc:3b:c3:68:ac:3f:c5:eb:
         3d:b9:48:b5:10:6e:c2:12:fc:02:1b:ea:de:37:9a:9e:2a:e4:
         16:ae:04:8a:d2:73:48:56:45:96:e5:5b:e5:f8:a6:4a:f1:76:
         f2:54:6b:df:8e:33:ed:a0:9e:50:79:9d:d0:d2:4f:35:c3:c4:
         6e:13:c2:42
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn7RcZxQPIcZFxQD6MCIrx+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVhYTJhOTI1NDc5YmNmY2JjMTk2ODhhOTUyYTI0MzAxZjRl
NzY4MzkwHhcNMjUxMDE5MDcwMTE4WhcNMjUxMDIwMDcwMTE4WjAzMTEwLwYDVQQD
EygyYWE3ODI5NzU4ZDVkYmRhMWFiZjUyZDA1ODI1NzQ1NTgzYjhlNDhiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5rxoaaNz/zC5VKMoNyiMNGOXUWhH
/b/9/9Zn3o6BUByuTwWOhk5L0A36qnNgbwT9EXi+Za9kmO6gQqVJLVOlV6YJbBRK
sl+q4tLCONL7Yzz5c8NCDfSXLtbuwywxOpO99xblsXImTxBSCNNd5uaGee/Mi/Wu
5D+nncZTr1Svy/HJPXSY2cQeVPYMfnwT/1tJZQRmoeovjKRvTG7waTsEGgxbAv3K
9O0FFvAVtOpJikq9CqLnmoC2t4zSsMkJ1UPEuAJGyhBEh8Uq2wKYNHAl63S13jlG
R4pJrA3s/vKuHCyMW6SSLRLnlOppBf0IJsK7r7s5m3LUnWBzmeXkdJzpEQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCqngpdY1dvaGr9S0FgldFWDuOSLMB8GA1UdIwQY
MBaAFFqiqSVHm8/LwZaIqVKiQwH052g5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV3FLcEpVZWJ6OHZCbG9pcFVxSkRBZlRuYURrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS8wYTAzMGYtYWJiNS00ZTM3LTk2YTMt
YjRmMTIwMTIyOTIyLzEvV3FLcEpVZWJ6OHZCbG9pcFVxSkRBZlRuYURrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYS8wYTAzMGYtYWJiNS00ZTM3LTk2YTMtYjRmMTIwMTIyOTIy
LzEvV3FLcEpVZWJ6OHZCbG9pcFVxSkRBZlRuYURrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGWhJRXuE
4O/PGI/KkznHqJBa/7q0/E6CwP91AyzttUhEHCQYmvCVWGut3Q5ycpnLzsgzVK9c
jwSJPSVA9B+ZggXBqm0dhqu+XcB0k335quQ5ixvozw1X5IR6gM73wXLhuPxJY8ZZ
OeLtJELfhcR4juLR6D8P7Jy4YaBg7PkjRI2mjSqGbkwtGbEHqa9IIlqzBPWE+zm0
Ceb8rC3XwJzzjueu0JIMieSy6TYGrfJv9AYBwpVxBZvnRZfzG6jqH7w7w2isP8Xr
PblItRBuwhL8Ahvq3jeanirkFq4EitJzSFZFluVb5fimSvF28lRr344z7aCeUHmd
0NJPNcPEbhPCQg==
-----END CERTIFICATE-----
Generated at Sun Oct 19 13:06:11 2025 by rpki-client