Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/391350-a970-4ba1-8a94-3979b800cda8/1/HEIt1-1z0cAEhQAzv5V5tP716dE.mft
File:                     HEIt1-1z0cAEhQAzv5V5tP716dE.mft (raw, json)
Hash identifier:          W5RqZ64zCjugX8FxzXKWYHBfZEVN91JnfyfQcX477N4=
Subject key identifier:   DF:05:2B:98:A3:16:EA:B5:08:21:B8:F3:86:AF:0E:25:AD:E8:61:31
Authority key identifier: 1C:42:2D:D7:ED:73:D1:C0:04:85:00:33:BF:95:79:B4:FE:F5:E9:D1
Certificate issuer:       /CN=1c422dd7ed73d1c004850033bf9579b4fef5e9d1
Certificate serial:       0199FB7CF5DA21D1436C47B7E32E82D62775
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HEIt1-1z0cAEhQAzv5V5tP716dE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b4/391350-a970-4ba1-8a94-3979b800cda8/1/HEIt1-1z0cAEhQAzv5V5tP716dE.mft
Manifest number:          01A5
Signing time:             Sun 19 Oct 2025 08:01:34 +0000
Manifest this update:     Sun 19 Oct 2025 08:01:34 +0000
Manifest next update:     Mon 20 Oct 2025 08:01:34 +0000
Files and hashes:         1: 4xTwGwEgqqNgpztG8b7-qFnWnmQ.roa (hash: G+NieVImXlejNVzPXtYNNAfkIKyCKo0Pau1bwovvw64=)
                          2: HEIt1-1z0cAEhQAzv5V5tP716dE.crl (hash: 6hYm4yzlHRSLjZ4IHu3O7+tXtCx5m5ziLCdxPXCoGU8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b4/391350-a970-4ba1-8a94-3979b800cda8/1/HEIt1-1z0cAEhQAzv5V5tP716dE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b4/391350-a970-4ba1-8a94-3979b800cda8/1/HEIt1-1z0cAEhQAzv5V5tP716dE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/HEIt1-1z0cAEhQAzv5V5tP716dE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 06:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fb:7c:f5:da:21:d1:43:6c:47:b7:e3:2e:82:d6:27:75
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1c422dd7ed73d1c004850033bf9579b4fef5e9d1
        Validity
            Not Before: Oct 19 08:01:34 2025 GMT
            Not After : Oct 20 08:01:34 2025 GMT
        Subject: CN=df052b98a316eab50821b8f386af0e25ade86131
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ec:94:4a:4d:71:83:70:ec:ec:80:79:db:db:4e:
                    d4:b8:77:44:32:10:7f:6b:b2:f6:11:d6:0e:f2:42:
                    65:40:f0:02:6b:f4:af:22:01:7f:d3:21:c1:4d:33:
                    b4:d4:b5:73:24:47:ee:02:54:a4:93:52:be:27:76:
                    c4:fd:b1:5c:6f:c1:f1:6e:7c:0a:0f:e6:11:f8:57:
                    3c:b7:fe:eb:d0:0a:54:9d:92:81:fa:92:fc:89:8f:
                    35:c9:bb:61:fa:34:a2:e1:0b:8a:36:c8:22:b3:49:
                    9d:13:bd:2b:50:4f:8d:dd:e4:e3:d7:ef:a7:86:bf:
                    90:6d:0e:1c:99:87:fe:a4:ab:0b:6e:4e:4b:70:9e:
                    0f:c4:6d:4c:74:13:da:a8:89:c8:b5:da:36:3d:cb:
                    66:83:e9:fe:46:70:10:d4:db:42:7d:f3:ac:29:bf:
                    dc:60:99:4e:84:aa:f6:a9:c5:cc:9d:79:e5:bd:aa:
                    96:17:2e:43:aa:5b:3e:e2:ff:97:de:16:3e:9d:a1:
                    98:cc:d5:ce:4c:c5:c0:18:a1:a5:b6:98:a3:e2:6b:
                    41:dd:1e:0b:92:b5:d2:f1:10:c3:84:79:c9:8a:d0:
                    40:97:5f:b1:cf:19:22:b0:36:b8:d5:bd:4d:7c:a3:
                    a9:b8:a1:46:ff:53:af:14:ed:06:bc:6f:3a:c9:35:
                    41:f7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DF:05:2B:98:A3:16:EA:B5:08:21:B8:F3:86:AF:0E:25:AD:E8:61:31
            X509v3 Authority Key Identifier:
                keyid:1C:42:2D:D7:ED:73:D1:C0:04:85:00:33:BF:95:79:B4:FE:F5:E9:D1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HEIt1-1z0cAEhQAzv5V5tP716dE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/391350-a970-4ba1-8a94-3979b800cda8/1/HEIt1-1z0cAEhQAzv5V5tP716dE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/391350-a970-4ba1-8a94-3979b800cda8/1/HEIt1-1z0cAEhQAzv5V5tP716dE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         26:d2:47:76:6f:db:fe:8b:c6:7b:0b:be:34:5a:bd:03:44:d5:
         43:a6:6c:12:71:ce:4e:20:67:cd:f0:52:d9:c0:78:b9:9c:6a:
         f0:3b:5f:1b:a9:8a:00:04:99:ed:be:cd:0d:e6:61:32:75:9e:
         64:55:06:d6:c1:0f:3b:e7:ee:65:5d:05:56:04:a1:8c:05:2f:
         1e:13:34:58:75:7f:f1:90:f1:93:e8:5f:97:55:a3:77:e1:88:
         09:5f:59:cc:c0:c5:41:de:97:bf:2e:fd:d0:68:4a:ed:ee:30:
         d7:94:93:0b:72:e6:6b:10:76:d1:97:ec:50:a9:0a:59:b3:a8:
         67:7a:db:71:9d:72:c6:45:18:49:1d:1d:ad:52:48:93:6b:9b:
         01:50:0f:b3:c1:ca:64:96:29:ef:aa:38:7e:92:3c:15:db:1f:
         ea:79:49:83:be:79:31:49:10:0d:9a:15:76:4d:db:6a:43:04:
         47:27:7a:09:0d:fb:3a:51:df:87:23:65:b4:fe:41:ab:6a:49:
         5f:fb:74:21:82:34:21:7b:ac:f8:18:fb:a0:3d:d4:78:92:df:
         99:fd:b8:12:ad:e4:f7:4d:2a:f3:15:68:a8:5d:5f:96:25:34:
         24:30:3c:db:91:6c:0c:9c:52:0b:85:44:5c:7f:51:9a:1c:58:
         24:70:2a:cf
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn7fPXaIdFDbEe34y6C1id1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjNDIyZGQ3ZWQ3M2QxYzAwNDg1MDAzM2JmOTU3OWI0ZmVm
NWU5ZDEwHhcNMjUxMDE5MDgwMTM0WhcNMjUxMDIwMDgwMTM0WjAzMTEwLwYDVQQD
EyhkZjA1MmI5OGEzMTZlYWI1MDgyMWI4ZjM4NmFmMGUyNWFkZTg2MTMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7JRKTXGDcOzsgHnb207UuHdEMhB/
a7L2EdYO8kJlQPACa/SvIgF/0yHBTTO01LVzJEfuAlSkk1K+J3bE/bFcb8HxbnwK
D+YR+Fc8t/7r0ApUnZKB+pL8iY81ybth+jSi4QuKNsgis0mdE70rUE+N3eTj1++n
hr+QbQ4cmYf+pKsLbk5LcJ4PxG1MdBPaqInItdo2Pctmg+n+RnAQ1NtCffOsKb/c
YJlOhKr2qcXMnXnlvaqWFy5Dqls+4v+X3hY+naGYzNXOTMXAGKGltpij4mtB3R4L
krXS8RDDhHnJitBAl1+xzxkisDa41b1NfKOpuKFG/1OvFO0GvG86yTVB9wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFN8FK5ijFuq1CCG484avDiWt6GExMB8GA1UdIwQY
MBaAFBxCLdftc9HABIUAM7+VebT+9enRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEVJdDEtMXowY0FFaFFBenY1VjV0UDcxNmRFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC8zOTEzNTAtYTk3MC00YmExLThhOTQt
Mzk3OWI4MDBjZGE4LzEvSEVJdDEtMXowY0FFaFFBenY1VjV0UDcxNmRFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNC8zOTEzNTAtYTk3MC00YmExLThhOTQtMzk3OWI4MDBjZGE4
LzEvSEVJdDEtMXowY0FFaFFBenY1VjV0UDcxNmRFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJtJHdm/b
/ovGewu+NFq9A0TVQ6ZsEnHOTiBnzfBS2cB4uZxq8DtfG6mKAASZ7b7NDeZhMnWe
ZFUG1sEPO+fuZV0FVgShjAUvHhM0WHV/8ZDxk+hfl1Wjd+GICV9ZzMDFQd6Xvy79
0GhK7e4w15STC3LmaxB20ZfsUKkKWbOoZ3rbcZ1yxkUYSR0drVJIk2ubAVAPs8HK
ZJYp76o4fpI8Fdsf6nlJg755MUkQDZoVdk3bakMERyd6CQ37OlHfhyNltP5Bq2pJ
X/t0IYI0IXus+Bj7oD3UeJLfmf24Eq3k900q8xVoqF1fliU0JDA825FsDJxSC4VE
XH9RmhxYJHAqzw==
-----END CERTIFICATE-----
Generated at Sun Oct 19 15:14:20 2025 by rpki-client