Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/a5c3dd-9f98-4c7f-af43-4cec71210734/1/trcm8FkrUE5yMwX2e6tRR9TqaW0.mft
File:                     trcm8FkrUE5yMwX2e6tRR9TqaW0.mft (raw, json)
Hash identifier:          mx1UjejMu8BQo7R+25T0ItWguN8nwm/luvoFJ/SoUkA=
Subject key identifier:   BA:03:C7:52:43:C6:C1:4D:E2:A1:5F:DE:AF:C0:9A:C2:27:70:BB:E2
Authority key identifier: B6:B7:26:F0:59:2B:50:4E:72:33:05:F6:7B:AB:51:47:D4:EA:69:6D
Certificate issuer:       /CN=b6b726f0592b504e723305f67bab5147d4ea696d
Certificate serial:       0199FC217DEBD7D476E40F337919A6C62881
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/trcm8FkrUE5yMwX2e6tRR9TqaW0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b4/a5c3dd-9f98-4c7f-af43-4cec71210734/1/trcm8FkrUE5yMwX2e6tRR9TqaW0.mft
Manifest number:          0A22
Signing time:             Sun 19 Oct 2025 11:01:17 +0000
Manifest this update:     Sun 19 Oct 2025 11:01:17 +0000
Manifest next update:     Mon 20 Oct 2025 11:01:17 +0000
Files and hashes:         1: _oI-Lkb0IuWy-UHIoAbDqvwfl1s.roa (hash: mRZXCcW1ghBXMTwSw7NYgVRMYeyGjl4gH8juqLCzVks=)
                          2: trcm8FkrUE5yMwX2e6tRR9TqaW0.crl (hash: ItEkr8AyoU9zZnrYkSRB+nbLtT9S8ZREhT/IR8f6LXU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b4/a5c3dd-9f98-4c7f-af43-4cec71210734/1/trcm8FkrUE5yMwX2e6tRR9TqaW0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b4/a5c3dd-9f98-4c7f-af43-4cec71210734/1/trcm8FkrUE5yMwX2e6tRR9TqaW0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/trcm8FkrUE5yMwX2e6tRR9TqaW0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 06:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fc:21:7d:eb:d7:d4:76:e4:0f:33:79:19:a6:c6:28:81
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b6b726f0592b504e723305f67bab5147d4ea696d
        Validity
            Not Before: Oct 19 11:01:17 2025 GMT
            Not After : Oct 20 11:01:17 2025 GMT
        Subject: CN=ba03c75243c6c14de2a15fdeafc09ac22770bbe2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a9:fe:41:3b:19:74:91:70:9e:7c:c0:9c:ca:b3:
                    16:5d:b0:80:56:57:dc:00:6f:01:8e:e1:69:40:c2:
                    34:a1:92:72:86:11:60:9e:30:7b:0e:ff:cf:9d:78:
                    60:83:83:53:3f:95:15:36:68:0d:a5:ef:9c:0b:6a:
                    a8:ca:49:80:cf:43:1f:b2:6e:f2:15:68:25:0c:c0:
                    6f:06:39:b2:08:90:1d:0e:57:8c:c7:fd:17:40:00:
                    f2:88:fc:53:25:10:52:2b:72:3f:63:29:19:f5:3d:
                    e3:3e:cd:b9:af:18:e8:0a:80:38:7a:7e:64:56:22:
                    45:eb:84:2a:bb:7f:43:3b:22:1d:ff:20:d6:c5:47:
                    c4:e2:29:6c:7e:ae:61:41:6f:a1:41:6d:97:0e:3b:
                    de:0a:59:e3:cb:55:8d:dd:fb:68:7f:6d:46:4a:ba:
                    d7:10:1d:f3:d7:41:11:c0:5c:6b:a6:31:80:97:3c:
                    ed:24:4d:fd:88:d8:f4:3e:b5:58:40:e0:4a:0e:28:
                    d8:16:2c:58:21:d3:cf:73:45:77:04:b0:03:be:e5:
                    3d:0c:25:bd:4d:73:05:22:34:1d:2a:68:ba:a9:b8:
                    94:e5:b1:ca:1e:3c:11:c1:45:53:2c:d4:3c:1f:54:
                    64:10:45:cb:b2:3e:a5:0b:50:dd:a4:aa:9a:00:2c:
                    5d:9f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BA:03:C7:52:43:C6:C1:4D:E2:A1:5F:DE:AF:C0:9A:C2:27:70:BB:E2
            X509v3 Authority Key Identifier:
                keyid:B6:B7:26:F0:59:2B:50:4E:72:33:05:F6:7B:AB:51:47:D4:EA:69:6D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/trcm8FkrUE5yMwX2e6tRR9TqaW0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/a5c3dd-9f98-4c7f-af43-4cec71210734/1/trcm8FkrUE5yMwX2e6tRR9TqaW0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/a5c3dd-9f98-4c7f-af43-4cec71210734/1/trcm8FkrUE5yMwX2e6tRR9TqaW0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6d:5a:fb:94:a0:55:f0:c5:65:6b:11:e8:dd:6c:47:23:7e:45:
         66:f3:e7:cc:59:0b:9d:58:84:82:7c:7a:75:44:90:82:a5:94:
         ff:58:90:6f:23:23:8d:85:9f:5c:e0:09:34:d7:5d:a2:05:9f:
         10:85:75:c4:6e:25:d8:cf:1f:10:18:5b:04:f3:f9:5f:5d:bb:
         ba:90:30:ce:4b:a0:b3:48:fa:d6:43:d8:c3:aa:26:47:e7:22:
         be:1b:7b:c7:0b:c6:0a:9c:20:67:c5:47:e6:1c:a2:ca:43:2c:
         09:b7:75:fe:96:1a:0a:64:49:c6:11:d9:80:60:b8:c6:5b:29:
         1f:dd:1b:a0:69:9f:10:fe:10:e2:17:31:23:ed:1f:03:13:30:
         a7:6e:0e:a4:14:78:cd:1e:6f:3b:85:6d:69:c3:7a:27:2a:03:
         28:0a:fa:db:95:79:5a:ec:3a:6b:9d:5d:b6:ee:b2:41:1f:51:
         d0:d4:59:6c:78:f5:bf:d3:fe:fd:d1:e7:24:89:7f:ab:63:38:
         56:15:57:1b:fd:e5:69:37:43:c7:f4:ce:1a:3b:71:47:7a:50:
         17:ab:12:31:5d:f3:bd:98:ca:93:20:6a:f8:09:f4:ee:72:ad:
         e7:e8:7a:68:44:5a:97:65:5b:71:e1:4f:11:62:47:88:96:9d:
         8a:11:04:bf
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn8IX3r19R25A8zeRmmxiiBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI2YjcyNmYwNTkyYjUwNGU3MjMzMDVmNjdiYWI1MTQ3ZDRl
YTY5NmQwHhcNMjUxMDE5MTEwMTE3WhcNMjUxMDIwMTEwMTE3WjAzMTEwLwYDVQQD
EyhiYTAzYzc1MjQzYzZjMTRkZTJhMTVmZGVhZmMwOWFjMjI3NzBiYmUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqf5BOxl0kXCefMCcyrMWXbCAVlfc
AG8BjuFpQMI0oZJyhhFgnjB7Dv/PnXhgg4NTP5UVNmgNpe+cC2qoykmAz0Mfsm7y
FWglDMBvBjmyCJAdDleMx/0XQADyiPxTJRBSK3I/YykZ9T3jPs25rxjoCoA4en5k
ViJF64Qqu39DOyId/yDWxUfE4ilsfq5hQW+hQW2XDjveClnjy1WN3ftof21GSrrX
EB3z10ERwFxrpjGAlzztJE39iNj0PrVYQOBKDijYFixYIdPPc0V3BLADvuU9DCW9
TXMFIjQdKmi6qbiU5bHKHjwRwUVTLNQ8H1RkEEXLsj6lC1DdpKqaACxdnwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLoDx1JDxsFN4qFf3q/AmsIncLviMB8GA1UdIwQY
MBaAFLa3JvBZK1BOcjMF9nurUUfU6mltMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdHJjbThGa3JVRTV5TXdYMmU2dFJSOVRxYVcwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC9hNWMzZGQtOWY5OC00YzdmLWFmNDMt
NGNlYzcxMjEwNzM0LzEvdHJjbThGa3JVRTV5TXdYMmU2dFJSOVRxYVcwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNC9hNWMzZGQtOWY5OC00YzdmLWFmNDMtNGNlYzcxMjEwNzM0
LzEvdHJjbThGa3JVRTV5TXdYMmU2dFJSOVRxYVcwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAbVr7lKBV
8MVlaxHo3WxHI35FZvPnzFkLnViEgnx6dUSQgqWU/1iQbyMjjYWfXOAJNNddogWf
EIV1xG4l2M8fEBhbBPP5X127upAwzkugs0j61kPYw6omR+civht7xwvGCpwgZ8VH
5hyiykMsCbd1/pYaCmRJxhHZgGC4xlspH90boGmfEP4Q4hcxI+0fAxMwp24OpBR4
zR5vO4VtacN6JyoDKAr625V5Wuw6a51dtu6yQR9R0NRZbHj1v9P+/dHnJIl/q2M4
VhVXG/3laTdDx/TOGjtxR3pQF6sSMV3zvZjKkyBq+An07nKt5+h6aERal2VbceFP
EWJHiJadihEEvw==
-----END CERTIFICATE-----
Generated at Sun Oct 19 13:06:06 2025 by rpki-client