Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/a3b11e-5909-49fe-bb75-790bc91a59e6/1/oNPtV5U0igTn7NFy12QvqWIJcoc.mft
File:                     oNPtV5U0igTn7NFy12QvqWIJcoc.mft (raw, json)
Hash identifier:          0B1pbNLNPsByk5BMGl29cj6qNlrMT+Erkl2/dykXVtE=
Subject key identifier:   FA:8B:F7:43:12:DB:04:A8:7E:00:CE:8A:60:9F:F1:70:10:6D:9D:C5
Authority key identifier: A0:D3:ED:57:95:34:8A:04:E7:EC:D1:72:D7:64:2F:A9:62:09:72:87
Certificate issuer:       /CN=a0d3ed5795348a04e7ecd172d7642fa962097287
Certificate serial:       019A0290DED08407935DA0C65D36F2315916
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/oNPtV5U0igTn7NFy12QvqWIJcoc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b4/a3b11e-5909-49fe-bb75-790bc91a59e6/1/oNPtV5U0igTn7NFy12QvqWIJcoc.mft
Manifest number:          03CC
Signing time:             Mon 20 Oct 2025 17:00:39 +0000
Manifest this update:     Mon 20 Oct 2025 17:00:39 +0000
Manifest next update:     Tue 21 Oct 2025 17:00:39 +0000
Files and hashes:         1: _Z612WlN8ZfOi7lH-p4HrmdXgXQ.roa (hash: QscoaDsHFH3nysubWrv1ADSV365kESJ9Bam6CnFtw2M=)
                          2: oNPtV5U0igTn7NFy12QvqWIJcoc.crl (hash: ZukuaURfDcRS25zsMNk4Be+pEd+iKsiIK7WUxBz8A3U=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b4/a3b11e-5909-49fe-bb75-790bc91a59e6/1/oNPtV5U0igTn7NFy12QvqWIJcoc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b4/a3b11e-5909-49fe-bb75-790bc91a59e6/1/oNPtV5U0igTn7NFy12QvqWIJcoc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/oNPtV5U0igTn7NFy12QvqWIJcoc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 21 Oct 2025 13:42:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:02:90:de:d0:84:07:93:5d:a0:c6:5d:36:f2:31:59:16
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a0d3ed5795348a04e7ecd172d7642fa962097287
        Validity
            Not Before: Oct 20 17:00:39 2025 GMT
            Not After : Oct 21 17:00:39 2025 GMT
        Subject: CN=fa8bf74312db04a87e00ce8a609ff170106d9dc5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e6:ad:c2:71:46:b1:c9:c0:30:d0:d1:a2:fb:58:
                    a8:21:6d:0e:5e:63:ba:02:2b:34:9d:8a:19:fa:6e:
                    ce:7b:1d:97:ac:17:af:39:86:69:40:8f:ec:e1:53:
                    05:4d:1d:ad:72:d5:4f:0d:c2:4d:4f:7a:c2:2a:e0:
                    7b:d0:2c:c1:31:ca:8d:7d:97:e0:11:ad:55:57:58:
                    e3:68:a0:03:5d:49:a5:b5:13:a1:c5:99:75:fd:53:
                    22:24:12:26:19:58:7c:ab:64:fd:04:53:e9:32:5b:
                    52:e8:9a:5a:06:14:e1:75:f6:eb:29:d5:ef:62:a4:
                    3d:c8:43:b8:4e:b5:ab:8c:31:07:67:6f:5b:c1:8a:
                    ea:5e:34:ee:cb:95:c9:ba:2e:c9:1b:cf:0d:b1:1f:
                    23:c4:0c:98:1e:d8:7a:7f:f4:35:6c:18:41:03:77:
                    5b:a2:ad:8f:b3:20:7c:ff:d3:52:cf:6b:9d:ef:16:
                    66:3f:ca:d6:2e:ae:00:3c:30:63:f5:95:70:37:63:
                    17:44:c0:f8:57:39:5c:19:be:e2:ed:0d:f4:6e:bd:
                    df:23:4d:d7:f5:0e:3c:3a:91:69:8b:a8:4b:81:f6:
                    99:be:2e:0c:4c:84:98:56:b0:12:f7:75:52:a9:19:
                    90:cd:52:19:e2:7f:2f:fe:a8:04:fb:0b:2b:dc:86:
                    33:6f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FA:8B:F7:43:12:DB:04:A8:7E:00:CE:8A:60:9F:F1:70:10:6D:9D:C5
            X509v3 Authority Key Identifier:
                keyid:A0:D3:ED:57:95:34:8A:04:E7:EC:D1:72:D7:64:2F:A9:62:09:72:87

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oNPtV5U0igTn7NFy12QvqWIJcoc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/a3b11e-5909-49fe-bb75-790bc91a59e6/1/oNPtV5U0igTn7NFy12QvqWIJcoc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/a3b11e-5909-49fe-bb75-790bc91a59e6/1/oNPtV5U0igTn7NFy12QvqWIJcoc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         90:f1:7d:1b:f5:e7:38:9e:a1:8a:06:ee:4e:22:64:95:dd:f5:
         44:57:f8:f5:2f:75:e0:1c:38:9e:2b:f6:4c:e4:05:27:e5:57:
         95:20:15:27:ee:a1:a3:a0:7e:dd:8b:c7:6e:af:21:48:e6:fb:
         00:64:72:11:01:e8:a3:1e:13:e7:3b:a1:fb:c2:8a:59:91:fa:
         94:b7:91:49:4e:95:cd:90:56:be:7d:27:98:6c:55:6a:c6:e3:
         4b:ce:af:18:75:c1:35:29:f5:c7:a4:e6:a6:b2:f2:bc:67:94:
         ea:0f:7e:dc:76:e3:3d:10:12:f0:56:b1:e1:42:30:ec:6b:73:
         5f:e3:bc:ed:00:c3:e2:d2:4b:b7:4e:43:5a:e8:2f:f5:c8:37:
         e1:70:e5:3e:43:80:ce:06:6b:c7:32:5d:68:c2:86:9c:1d:b2:
         8a:c8:5b:4e:a6:2c:c6:1a:86:94:23:49:1f:27:74:af:22:33:
         12:8e:dc:55:c3:10:c4:fe:23:54:9e:88:38:0e:c7:dd:38:fe:
         cb:20:9b:c1:c8:1a:60:2a:b6:ea:82:fe:1d:f4:d1:13:c7:9e:
         92:17:ea:0f:72:19:20:3a:e8:97:3f:14:8b:95:1a:30:57:b6:
         84:87:b8:ca:e8:98:bb:75:e9:86:3f:26:bc:dc:d5:f1:82:cd:
         97:72:a7:a7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZoCkN7QhAeTXaDGXTbyMVkWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEwZDNlZDU3OTUzNDhhMDRlN2VjZDE3MmQ3NjQyZmE5NjIw
OTcyODcwHhcNMjUxMDIwMTcwMDM5WhcNMjUxMDIxMTcwMDM5WjAzMTEwLwYDVQQD
EyhmYThiZjc0MzEyZGIwNGE4N2UwMGNlOGE2MDlmZjE3MDEwNmQ5ZGM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5q3CcUaxycAw0NGi+1ioIW0OXmO6
Ais0nYoZ+m7Oex2XrBevOYZpQI/s4VMFTR2tctVPDcJNT3rCKuB70CzBMcqNfZfg
Ea1VV1jjaKADXUmltROhxZl1/VMiJBImGVh8q2T9BFPpMltS6JpaBhThdfbrKdXv
YqQ9yEO4TrWrjDEHZ29bwYrqXjTuy5XJui7JG88NsR8jxAyYHth6f/Q1bBhBA3db
oq2PsyB8/9NSz2ud7xZmP8rWLq4APDBj9ZVwN2MXRMD4VzlcGb7i7Q30br3fI03X
9Q48OpFpi6hLgfaZvi4MTISYVrAS93VSqRmQzVIZ4n8v/qgE+wsr3IYzbwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPqL90MS2wSofgDOimCf8XAQbZ3FMB8GA1UdIwQY
MBaAFKDT7VeVNIoE5+zRctdkL6liCXKHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb05QdFY1VTBpZ1RuN05GeTEyUXZxV0lKY29jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC9hM2IxMWUtNTkwOS00OWZlLWJiNzUt
NzkwYmM5MWE1OWU2LzEvb05QdFY1VTBpZ1RuN05GeTEyUXZxV0lKY29jLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNC9hM2IxMWUtNTkwOS00OWZlLWJiNzUtNzkwYmM5MWE1OWU2
LzEvb05QdFY1VTBpZ1RuN05GeTEyUXZxV0lKY29jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAkPF9G/Xn
OJ6higbuTiJkld31RFf49S914Bw4niv2TOQFJ+VXlSAVJ+6ho6B+3YvHbq8hSOb7
AGRyEQHoox4T5zuh+8KKWZH6lLeRSU6VzZBWvn0nmGxVasbjS86vGHXBNSn1x6Tm
prLyvGeU6g9+3HbjPRAS8Fax4UIw7GtzX+O87QDD4tJLt05DWugv9cg34XDlPkOA
zgZrxzJdaMKGnB2yishbTqYsxhqGlCNJHyd0ryIzEo7cVcMQxP4jVJ6IOA7H3Tj+
yyCbwcgaYCq26oL+HfTRE8eekhfqD3IZIDrolz8Ui5UaMFe2hIe4yuiYu3Xphj8m
vNzV8YLNl3Knpw==
-----END CERTIFICATE-----
Generated at Mon Oct 20 19:43:49 2025 by rpki-client