Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/a5b2d1-cba0-4a54-b438-0d44c04a8448/1/oNMhbMzIY-ygw90YmUGxueo3ys0.mft
File:                     oNMhbMzIY-ygw90YmUGxueo3ys0.mft (raw, json)
Hash identifier:          Ekwk4+zYmulSjOsvZeX3/HhzYgthexD7FdnKkMdtFqc=
Subject key identifier:   DA:52:07:6D:EA:7F:36:A5:91:58:74:87:5E:B6:0F:5E:95:73:17:C6
Authority key identifier: A0:D3:21:6C:CC:C8:63:EC:A0:C3:DD:18:99:41:B1:B9:EA:37:CA:CD
Certificate issuer:       /CN=a0d3216cccc863eca0c3dd189941b1b9ea37cacd
Certificate serial:       019A006C6AB4A89683C77DCBA53C3D191469
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/oNMhbMzIY-ygw90YmUGxueo3ys0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b4/a5b2d1-cba0-4a54-b438-0d44c04a8448/1/oNMhbMzIY-ygw90YmUGxueo3ys0.mft
Manifest number:          0F32
Signing time:             Mon 20 Oct 2025 07:01:36 +0000
Manifest this update:     Mon 20 Oct 2025 07:01:36 +0000
Manifest next update:     Tue 21 Oct 2025 07:01:36 +0000
Files and hashes:         1: 39kht1dMkPPkyzVEUtQczwfTvnI.roa (hash: nGaIvUiJ54BR8itFDRSZZFTb/ADjvMX1q4ZciY7jeK8=)
                          2: YAQOG7HS14oLGl_AE__5KljKQek.roa (hash: vYFfnqVBOtNvOIxvJDmuRRaUo+YW3T+OADCuratSdoU=)
                          3: oNMhbMzIY-ygw90YmUGxueo3ys0.crl (hash: uvLuGKaldhfMepe6SRbW2NJPH+H/TlcqcGazY+V5BSM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b4/a5b2d1-cba0-4a54-b438-0d44c04a8448/1/oNMhbMzIY-ygw90YmUGxueo3ys0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b4/a5b2d1-cba0-4a54-b438-0d44c04a8448/1/oNMhbMzIY-ygw90YmUGxueo3ys0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/oNMhbMzIY-ygw90YmUGxueo3ys0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 21 Oct 2025 07:01:36 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:00:6c:6a:b4:a8:96:83:c7:7d:cb:a5:3c:3d:19:14:69
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a0d3216cccc863eca0c3dd189941b1b9ea37cacd
        Validity
            Not Before: Oct 20 07:01:36 2025 GMT
            Not After : Oct 21 07:01:36 2025 GMT
        Subject: CN=da52076dea7f36a5915874875eb60f5e957317c6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:cb:56:73:ee:12:3d:2e:99:04:c9:ed:61:ee:
                    20:a4:ab:76:4e:5e:b5:fe:b9:be:25:21:ef:04:91:
                    be:b2:42:69:12:e2:de:de:55:9a:09:10:53:05:ff:
                    e8:88:3b:b8:c0:f9:4b:95:32:ab:dc:08:82:87:0a:
                    25:f3:8b:05:1c:9c:92:be:ad:ab:22:fa:15:d1:1a:
                    c4:8b:9a:8a:12:8f:86:96:af:b4:37:b9:21:5e:ab:
                    53:dc:0e:54:02:32:1f:63:7b:8a:ee:d8:e9:8e:25:
                    cf:e7:12:12:d3:7f:49:ad:5f:00:25:ce:f1:71:d3:
                    75:c0:c6:47:31:39:01:5b:27:57:6f:12:e9:ab:fc:
                    b1:dd:81:83:2f:22:62:50:8a:72:2c:ab:09:a2:e2:
                    0f:89:7e:d6:11:87:3e:af:62:2c:c8:45:c1:d3:91:
                    a7:bb:fe:e9:0f:da:e5:11:24:ab:61:0c:09:b5:e9:
                    81:33:64:8e:ef:99:68:82:98:e7:d6:5d:40:95:fe:
                    a3:f1:c1:26:83:9f:ed:70:b6:7d:f8:29:5a:89:82:
                    9b:58:0a:d5:5a:b7:48:1c:58:4c:ca:20:6a:05:66:
                    9c:40:34:ef:88:47:b0:a1:6c:be:1d:10:1f:42:35:
                    a2:23:96:d2:1d:69:04:0f:9e:55:b0:e4:ea:84:4a:
                    db:0b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DA:52:07:6D:EA:7F:36:A5:91:58:74:87:5E:B6:0F:5E:95:73:17:C6
            X509v3 Authority Key Identifier:
                keyid:A0:D3:21:6C:CC:C8:63:EC:A0:C3:DD:18:99:41:B1:B9:EA:37:CA:CD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oNMhbMzIY-ygw90YmUGxueo3ys0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/a5b2d1-cba0-4a54-b438-0d44c04a8448/1/oNMhbMzIY-ygw90YmUGxueo3ys0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/a5b2d1-cba0-4a54-b438-0d44c04a8448/1/oNMhbMzIY-ygw90YmUGxueo3ys0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         39:9c:6e:ce:d0:71:2c:08:85:ba:38:b3:9f:ed:88:40:87:39:
         31:ce:02:ac:0c:b8:d9:22:56:84:8b:23:4c:af:81:62:c8:12:
         61:a0:cf:bc:2e:5e:ed:6a:eb:76:33:99:03:28:02:66:44:d8:
         91:23:9c:90:3a:80:17:8c:77:f9:28:8a:e8:52:ec:da:1c:05:
         03:82:5b:aa:25:8f:61:2c:fd:48:b3:b3:a4:80:4d:cf:0e:2f:
         e1:e3:55:48:e8:62:2d:e9:08:41:16:58:27:a9:fe:0a:f4:49:
         38:b6:7b:15:1d:86:53:52:59:4b:04:49:ad:bc:26:81:a4:77:
         40:b2:1b:46:26:8c:04:a8:11:c7:0c:e4:54:7d:36:e3:49:2d:
         3f:93:8b:f8:d7:a3:19:4c:91:41:76:6c:4c:fc:93:c6:a7:ab:
         31:80:8c:a0:c5:62:9b:f4:b6:37:ab:0b:cb:1b:53:78:f4:a2:
         07:56:a8:21:0e:04:bc:e8:cf:8b:76:0a:9f:ab:2f:0f:20:0e:
         44:2d:60:2e:78:17:df:37:78:67:e1:af:12:af:18:19:9e:3a:
         7d:35:11:d3:a0:7c:3c:42:dc:3c:30:c6:e6:b6:38:a8:72:10:
         e2:61:7b:ec:b1:4c:f4:a9:1e:30:ec:1a:73:55:91:cf:63:93:
         09:6c:da:d7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZoAbGq0qJaDx33LpTw9GRRpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEwZDMyMTZjY2NjODYzZWNhMGMzZGQxODk5NDFiMWI5ZWEz
N2NhY2QwHhcNMjUxMDIwMDcwMTM2WhcNMjUxMDIxMDcwMTM2WjAzMTEwLwYDVQQD
EyhkYTUyMDc2ZGVhN2YzNmE1OTE1ODc0ODc1ZWI2MGY1ZTk1NzMxN2M2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtstWc+4SPS6ZBMntYe4gpKt2Tl61
/rm+JSHvBJG+skJpEuLe3lWaCRBTBf/oiDu4wPlLlTKr3AiChwol84sFHJySvq2r
IvoV0RrEi5qKEo+Glq+0N7khXqtT3A5UAjIfY3uK7tjpjiXP5xIS039JrV8AJc7x
cdN1wMZHMTkBWydXbxLpq/yx3YGDLyJiUIpyLKsJouIPiX7WEYc+r2IsyEXB05Gn
u/7pD9rlESSrYQwJtemBM2SO75logpjn1l1Alf6j8cEmg5/tcLZ9+ClaiYKbWArV
WrdIHFhMyiBqBWacQDTviEewoWy+HRAfQjWiI5bSHWkED55VsOTqhErbCwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNpSB23qfzalkVh0h162D16VcxfGMB8GA1UdIwQY
MBaAFKDTIWzMyGPsoMPdGJlBsbnqN8rNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb05NaGJNeklZLXlndzkwWW1VR3h1ZW8zeXMwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC9hNWIyZDEtY2JhMC00YTU0LWI0Mzgt
MGQ0NGMwNGE4NDQ4LzEvb05NaGJNeklZLXlndzkwWW1VR3h1ZW8zeXMwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNC9hNWIyZDEtY2JhMC00YTU0LWI0MzgtMGQ0NGMwNGE4NDQ4
LzEvb05NaGJNeklZLXlndzkwWW1VR3h1ZW8zeXMwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAOZxuztBx
LAiFujizn+2IQIc5Mc4CrAy42SJWhIsjTK+BYsgSYaDPvC5e7WrrdjOZAygCZkTY
kSOckDqAF4x3+SiK6FLs2hwFA4JbqiWPYSz9SLOzpIBNzw4v4eNVSOhiLekIQRZY
J6n+CvRJOLZ7FR2GU1JZSwRJrbwmgaR3QLIbRiaMBKgRxwzkVH0240ktP5OL+Nej
GUyRQXZsTPyTxqerMYCMoMVim/S2N6sLyxtTePSiB1aoIQ4EvOjPi3YKn6svDyAO
RC1gLngX3zd4Z+GvEq8YGZ46fTUR06B8PELcPDDG5rY4qHIQ4mF77LFM9KkeMOwa
c1WRz2OTCWza1w==
-----END CERTIFICATE-----
Generated at Mon Oct 20 12:40:22 2025 by rpki-client