Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/58af24-c454-44b0-a7ca-c6f1e6ac9ba9/1/rn90ffXyQ1MVTcTUv3DS3ctT6QA.mft
File:                     rn90ffXyQ1MVTcTUv3DS3ctT6QA.mft (raw, json)
Hash identifier:          9Lsl3DniRiT9ZyI81hwLbEgtoWT8bsMnjpzISpAy+nw=
Subject key identifier:   72:2E:F0:09:DC:78:79:E1:F5:87:98:55:AA:FC:F8:5C:58:8A:DA:78
Authority key identifier: AE:7F:74:7D:F5:F2:43:53:15:4D:C4:D4:BF:70:D2:DD:CB:53:E9:00
Certificate issuer:       /CN=ae7f747df5f24353154dc4d4bf70d2ddcb53e900
Certificate serial:       019A00A348FAAC9FED6D39F01138432590F6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/rn90ffXyQ1MVTcTUv3DS3ctT6QA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b2/58af24-c454-44b0-a7ca-c6f1e6ac9ba9/1/rn90ffXyQ1MVTcTUv3DS3ctT6QA.mft
Manifest number:          16FD
Signing time:             Mon 20 Oct 2025 08:01:32 +0000
Manifest this update:     Mon 20 Oct 2025 08:01:32 +0000
Manifest next update:     Tue 21 Oct 2025 08:01:32 +0000
Files and hashes:         1: 1xef8JB14kgVdYbFNM-Oq6W7NWA.roa (hash: 2TgMpFsN8snCYIhnDbb3K1R/JLwOpv09B4vLRv33njY=)
                          2: 30aIeplMe8B5nuWPNxNW6K-OtBY.roa (hash: 3pRxuzSCfGIU8i4yLQxNrHj04RZktWd0aRH2mX3pOUo=)
                          3: 5R2_zC5O_WNYOAGlu7by2_fhzYo.roa (hash: Eq+hBI8YGdr0edeJFDWardc1U5Cf7U1rPC+h2snaoOY=)
                          4: mG-NGr5UJw8Bdsm31xr0LARp3LM.roa (hash: Ez+x2KZ41CLnIqO9c7EUA1U/u9pzX46TWaq6peZ65/4=)
                          5: nqdZW8VS3cJABsENIPnwko2Hihc.roa (hash: IhzETIut1wHzF58gkob1Irj0rHur1kgwouWb5+riuAI=)
                          6: nrBcJclJWWQmSFgHdkkN2rl4iMo.roa (hash: LHzeWYsmA5iX5RkIBuodpJrYuHeqFeRrX4/36Bp1azQ=)
                          7: rn90ffXyQ1MVTcTUv3DS3ctT6QA.crl (hash: 4b4/VpLPt1AlHSbH4oek/bK+vHj+ATph+31wt/tBY3s=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b2/58af24-c454-44b0-a7ca-c6f1e6ac9ba9/1/rn90ffXyQ1MVTcTUv3DS3ctT6QA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b2/58af24-c454-44b0-a7ca-c6f1e6ac9ba9/1/rn90ffXyQ1MVTcTUv3DS3ctT6QA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/rn90ffXyQ1MVTcTUv3DS3ctT6QA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 21 Oct 2025 08:01:32 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:00:a3:48:fa:ac:9f:ed:6d:39:f0:11:38:43:25:90:f6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ae7f747df5f24353154dc4d4bf70d2ddcb53e900
        Validity
            Not Before: Oct 20 08:01:32 2025 GMT
            Not After : Oct 21 08:01:32 2025 GMT
        Subject: CN=722ef009dc7879e1f5879855aafcf85c588ada78
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:b1:5f:3e:da:82:a0:34:8b:1f:d3:2c:25:13:
                    4c:9b:bf:5f:b3:26:ee:e2:a2:ba:f0:f2:3c:a4:00:
                    92:0e:a7:68:38:21:51:16:15:5c:58:b8:81:42:f1:
                    af:9d:cb:f3:99:c9:3f:85:77:d2:cb:c2:c0:79:59:
                    38:ad:d9:0a:d1:11:ae:28:4c:8b:b5:a0:ce:02:cc:
                    ab:e3:2a:af:1e:2f:ba:e3:e9:9d:37:d0:b6:bf:d8:
                    80:8d:dd:c1:29:ec:4b:f2:f2:fc:eb:f4:19:5f:f9:
                    97:a5:b2:2f:18:97:a8:35:e5:00:bf:92:16:3b:0e:
                    9f:92:73:9a:a6:d0:70:bb:50:e7:ca:31:72:2a:a9:
                    84:6f:8d:37:81:18:67:2c:78:94:46:2a:7f:17:73:
                    f0:ed:e7:30:97:c5:7a:4d:a8:1f:28:b4:46:71:2d:
                    9b:5c:9a:fe:71:ba:45:7b:50:0e:0a:e1:1e:49:cf:
                    b3:30:a1:7b:9b:c0:36:c0:ff:37:4b:35:0f:c8:56:
                    3f:4e:ec:d6:f1:39:39:bb:8c:b2:2b:05:f8:1a:ac:
                    d8:54:e4:2e:be:09:83:de:c7:c8:8f:6b:d5:ab:c9:
                    b2:a2:18:f5:3a:d0:58:0e:c4:de:25:cc:84:bc:6c:
                    99:ce:15:24:95:72:74:23:62:f7:02:04:00:18:22:
                    8b:ff
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                72:2E:F0:09:DC:78:79:E1:F5:87:98:55:AA:FC:F8:5C:58:8A:DA:78
            X509v3 Authority Key Identifier:
                keyid:AE:7F:74:7D:F5:F2:43:53:15:4D:C4:D4:BF:70:D2:DD:CB:53:E9:00

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rn90ffXyQ1MVTcTUv3DS3ctT6QA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/58af24-c454-44b0-a7ca-c6f1e6ac9ba9/1/rn90ffXyQ1MVTcTUv3DS3ctT6QA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/58af24-c454-44b0-a7ca-c6f1e6ac9ba9/1/rn90ffXyQ1MVTcTUv3DS3ctT6QA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         04:37:89:8f:ec:29:42:57:d8:29:2e:0b:f9:77:8d:d9:11:6a:
         36:23:4b:c5:e4:61:d7:d2:b2:bb:41:11:8b:c9:b0:3a:df:ee:
         ab:df:02:9a:5e:e7:a3:65:c0:b7:d4:56:ea:4f:ab:77:75:fa:
         5f:a9:be:fe:c5:64:6a:ec:db:07:43:db:07:cb:58:1f:5b:18:
         82:eb:56:f1:89:6e:26:18:77:c2:1b:00:a0:d4:2b:7f:ca:ce:
         94:e2:0b:21:fe:ab:1c:e7:81:11:dd:26:c4:40:28:52:c9:a3:
         84:93:73:90:8a:df:65:61:05:be:2e:40:36:c7:c5:05:72:4e:
         45:6b:55:eb:2f:c5:b5:14:cb:d0:a6:e0:70:2a:51:d4:eb:69:
         ba:d1:17:c0:28:48:9a:e7:6b:d6:ae:5f:46:cd:67:c8:5d:44:
         42:08:69:4f:5c:ba:c6:39:ad:a9:bb:25:fd:11:d0:c0:2b:b0:
         99:b6:7c:c7:fc:d7:ae:a4:15:b7:a7:e6:0e:34:9a:be:e4:3e:
         d8:e9:eb:8e:6e:38:9e:9c:e9:e4:c6:dc:2d:ef:8e:69:cb:bc:
         a7:0d:86:5b:38:4e:f0:94:ea:cd:f4:34:b9:a6:fe:e2:55:c9:
         8d:66:47:44:ad:a7:1b:a8:aa:59:da:21:ee:c7:71:e8:a4:3b:
         d3:fe:48:75
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZoAo0j6rJ/tbTnwEThDJZD2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFlN2Y3NDdkZjVmMjQzNTMxNTRkYzRkNGJmNzBkMmRkY2I1
M2U5MDAwHhcNMjUxMDIwMDgwMTMyWhcNMjUxMDIxMDgwMTMyWjAzMTEwLwYDVQQD
Eyg3MjJlZjAwOWRjNzg3OWUxZjU4Nzk4NTVhYWZjZjg1YzU4OGFkYTc4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAurFfPtqCoDSLH9MsJRNMm79fsybu
4qK68PI8pACSDqdoOCFRFhVcWLiBQvGvncvzmck/hXfSy8LAeVk4rdkK0RGuKEyL
taDOAsyr4yqvHi+64+mdN9C2v9iAjd3BKexL8vL86/QZX/mXpbIvGJeoNeUAv5IW
Ow6fknOaptBwu1DnyjFyKqmEb403gRhnLHiURip/F3Pw7ecwl8V6TagfKLRGcS2b
XJr+cbpFe1AOCuEeSc+zMKF7m8A2wP83SzUPyFY/TuzW8Tk5u4yyKwX4GqzYVOQu
vgmD3sfIj2vVq8myohj1OtBYDsTeJcyEvGyZzhUklXJ0I2L3AgQAGCKL/wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHIu8AnceHnh9YeYVar8+FxYitp4MB8GA1UdIwQY
MBaAFK5/dH318kNTFU3E1L9w0t3LU+kAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcm45MGZmWHlRMU1WVGNUVXYzRFMzY3RUNlFBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi81OGFmMjQtYzQ1NC00NGIwLWE3Y2Et
YzZmMWU2YWM5YmE5LzEvcm45MGZmWHlRMU1WVGNUVXYzRFMzY3RUNlFBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi81OGFmMjQtYzQ1NC00NGIwLWE3Y2EtYzZmMWU2YWM5YmE5
LzEvcm45MGZmWHlRMU1WVGNUVXYzRFMzY3RUNlFBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEABDeJj+wp
QlfYKS4L+XeN2RFqNiNLxeRh19Kyu0ERi8mwOt/uq98Cml7no2XAt9RW6k+rd3X6
X6m+/sVkauzbB0PbB8tYH1sYgutW8YluJhh3whsAoNQrf8rOlOILIf6rHOeBEd0m
xEAoUsmjhJNzkIrfZWEFvi5ANsfFBXJORWtV6y/FtRTL0KbgcCpR1OtputEXwChI
mudr1q5fRs1nyF1EQghpT1y6xjmtqbsl/RHQwCuwmbZ8x/zXrqQVt6fmDjSavuQ+
2Onrjm44npzp5MbcLe+Oacu8pw2GWzhO8JTqzfQ0uab+4lXJjWZHRK2nG6iqWdoh
7sdx6KQ70/5IdQ==
-----END CERTIFICATE-----
Generated at Mon Oct 20 13:16:24 2025 by rpki-client