Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/d9cc5b-f868-43fe-9c5c-37b96ffba76a/1/De1m0sWkk6CVNDV-XKJvA9Gk3dQ.mft
File:                     De1m0sWkk6CVNDV-XKJvA9Gk3dQ.mft (raw, json)
Hash identifier:          ZwNIbREIMWypcbQvYV3NZWG8a+4utqA/N4PTzZ+40jc=
Subject key identifier:   CC:28:62:16:23:56:0D:3A:12:B5:6D:29:17:DD:C2:0C:B0:0C:8D:9D
Authority key identifier: 0D:ED:66:D2:C5:A4:93:A0:95:34:35:7E:5C:A2:6F:03:D1:A4:DD:D4
Certificate issuer:       /CN=0ded66d2c5a493a09534357e5ca26f03d1a4ddd4
Certificate serial:       0199FFC8A47EA8E7D45FFC08F3140B4CF748
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/De1m0sWkk6CVNDV-XKJvA9Gk3dQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b4/d9cc5b-f868-43fe-9c5c-37b96ffba76a/1/De1m0sWkk6CVNDV-XKJvA9Gk3dQ.mft
Manifest number:          0AD1
Signing time:             Mon 20 Oct 2025 04:02:43 +0000
Manifest this update:     Mon 20 Oct 2025 04:02:43 +0000
Manifest next update:     Tue 21 Oct 2025 04:02:43 +0000
Files and hashes:         1: 7XdSGfevcJJsevy7fOceWvja7nc.roa (hash: 738FMMf7Atyvq/JMYg2GIhaCbgWHQKUbxrDxkyANCA8=)
                          2: De1m0sWkk6CVNDV-XKJvA9Gk3dQ.crl (hash: 7J8saXXw3Xebw/LX0QV7Afd0Pc/muC+XkR2DTDszc2A=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b4/d9cc5b-f868-43fe-9c5c-37b96ffba76a/1/De1m0sWkk6CVNDV-XKJvA9Gk3dQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b4/d9cc5b-f868-43fe-9c5c-37b96ffba76a/1/De1m0sWkk6CVNDV-XKJvA9Gk3dQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/De1m0sWkk6CVNDV-XKJvA9Gk3dQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 21 Oct 2025 00:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:ff:c8:a4:7e:a8:e7:d4:5f:fc:08:f3:14:0b:4c:f7:48
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0ded66d2c5a493a09534357e5ca26f03d1a4ddd4
        Validity
            Not Before: Oct 20 04:02:43 2025 GMT
            Not After : Oct 21 04:02:43 2025 GMT
        Subject: CN=cc28621623560d3a12b56d2917ddc20cb00c8d9d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:43:1e:1e:e9:3e:b3:2d:a1:3e:a8:19:36:cb:
                    87:7b:89:2e:e2:cd:ee:5b:45:55:e3:eb:8b:9b:43:
                    64:a1:25:fb:38:98:e8:6c:72:7c:0e:60:35:49:25:
                    0c:40:fe:73:ee:57:02:26:94:58:13:e8:b8:c0:3a:
                    00:3f:89:ae:d4:d7:86:56:56:c3:bc:b9:be:20:31:
                    2c:a1:9f:1b:91:7c:3d:61:04:ce:07:9d:9c:7e:d0:
                    83:fa:f3:70:8d:83:0f:59:90:6a:63:23:58:04:7c:
                    aa:2b:2d:07:ad:e5:3c:84:20:be:ea:07:d6:d1:d2:
                    b6:5e:5b:87:e8:7c:aa:04:d1:d9:3a:15:a5:3c:cb:
                    88:e4:ba:13:65:4e:3d:23:97:c6:6b:dd:cf:a6:22:
                    68:10:48:1a:1e:25:9c:87:1a:c9:2e:e6:53:29:07:
                    47:07:29:92:0d:a0:0b:a1:7c:fc:4b:54:e0:2e:ac:
                    18:e7:b6:3e:9f:8b:fa:1a:db:a0:c0:e0:8a:61:cc:
                    d1:b2:01:ca:16:af:43:c8:44:78:06:a1:3a:08:20:
                    bb:e7:7c:e3:ef:94:84:a7:60:31:6e:db:52:e4:d3:
                    32:5f:31:77:3a:38:17:7b:b0:bb:76:e0:41:53:b5:
                    0c:13:53:b2:80:72:35:0d:2b:32:08:d4:5e:3e:8c:
                    42:19
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CC:28:62:16:23:56:0D:3A:12:B5:6D:29:17:DD:C2:0C:B0:0C:8D:9D
            X509v3 Authority Key Identifier:
                keyid:0D:ED:66:D2:C5:A4:93:A0:95:34:35:7E:5C:A2:6F:03:D1:A4:DD:D4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/De1m0sWkk6CVNDV-XKJvA9Gk3dQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/d9cc5b-f868-43fe-9c5c-37b96ffba76a/1/De1m0sWkk6CVNDV-XKJvA9Gk3dQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/d9cc5b-f868-43fe-9c5c-37b96ffba76a/1/De1m0sWkk6CVNDV-XKJvA9Gk3dQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         bb:d6:24:d4:72:b4:9d:2f:37:6b:b2:79:47:c5:a7:84:b8:81:
         5b:f9:17:04:b5:11:9d:bf:88:6a:16:3d:90:8f:e0:8e:5b:3e:
         56:30:ac:b1:85:d5:75:c6:63:30:be:cb:c8:52:b9:8f:d0:db:
         6b:e4:43:8f:29:02:23:28:b7:23:6f:38:6c:8c:1a:53:c4:25:
         70:bb:4d:0f:4d:d3:d5:99:98:85:61:45:ee:f2:e1:84:13:ea:
         65:85:bc:ed:3e:86:de:e7:29:b8:9c:be:bb:d1:a2:c8:ae:14:
         04:c7:f8:e3:de:70:17:c3:aa:95:00:56:51:e3:87:4a:dc:3d:
         f4:b2:be:58:9c:61:f5:5b:81:e5:51:ee:e2:4a:16:62:61:97:
         e7:90:d6:df:86:9a:61:9f:40:d9:aa:04:c5:64:6e:be:12:54:
         57:d8:f3:57:6d:a2:16:c7:77:b8:5f:1c:d3:bd:a7:12:b4:dd:
         e2:13:4c:45:9d:09:69:00:cf:d2:43:2e:69:64:7f:99:6f:b2:
         fc:1d:61:70:50:a9:f6:cf:4f:6f:62:30:5b:fa:0a:e2:f3:5e:
         a0:70:c0:c7:3c:bd:5f:fc:f8:06:75:6d:ca:26:7d:0f:15:39:
         2f:9b:02:db:1f:26:00:21:8c:5d:1c:88:02:3a:4b:77:a4:17:
         16:52:23:e4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn/yKR+qOfUX/wI8xQLTPdIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkZWQ2NmQyYzVhNDkzYTA5NTM0MzU3ZTVjYTI2ZjAzZDFh
NGRkZDQwHhcNMjUxMDIwMDQwMjQzWhcNMjUxMDIxMDQwMjQzWjAzMTEwLwYDVQQD
EyhjYzI4NjIxNjIzNTYwZDNhMTJiNTZkMjkxN2RkYzIwY2IwMGM4ZDlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAokMeHuk+sy2hPqgZNsuHe4ku4s3u
W0VV4+uLm0NkoSX7OJjobHJ8DmA1SSUMQP5z7lcCJpRYE+i4wDoAP4mu1NeGVlbD
vLm+IDEsoZ8bkXw9YQTOB52cftCD+vNwjYMPWZBqYyNYBHyqKy0HreU8hCC+6gfW
0dK2XluH6HyqBNHZOhWlPMuI5LoTZU49I5fGa93PpiJoEEgaHiWchxrJLuZTKQdH
BymSDaALoXz8S1TgLqwY57Y+n4v6GtugwOCKYczRsgHKFq9DyER4BqE6CCC753zj
75SEp2AxbttS5NMyXzF3OjgXe7C7duBBU7UME1OygHI1DSsyCNRePoxCGQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMwoYhYjVg06ErVtKRfdwgywDI2dMB8GA1UdIwQY
MBaAFA3tZtLFpJOglTQ1flyibwPRpN3UMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRGUxbTBzV2trNkNWTkRWLVhLSnZBOUdrM2RRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC9kOWNjNWItZjg2OC00M2ZlLTljNWMt
MzdiOTZmZmJhNzZhLzEvRGUxbTBzV2trNkNWTkRWLVhLSnZBOUdrM2RRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNC9kOWNjNWItZjg2OC00M2ZlLTljNWMtMzdiOTZmZmJhNzZh
LzEvRGUxbTBzV2trNkNWTkRWLVhLSnZBOUdrM2RRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAu9Yk1HK0
nS83a7J5R8WnhLiBW/kXBLURnb+IahY9kI/gjls+VjCssYXVdcZjML7LyFK5j9Db
a+RDjykCIyi3I284bIwaU8QlcLtND03T1ZmYhWFF7vLhhBPqZYW87T6G3ucpuJy+
u9GiyK4UBMf4495wF8OqlQBWUeOHStw99LK+WJxh9VuB5VHu4koWYmGX55DW34aa
YZ9A2aoExWRuvhJUV9jzV22iFsd3uF8c072nErTd4hNMRZ0JaQDP0kMuaWR/mW+y
/B1hcFCp9s9Pb2IwW/oK4vNeoHDAxzy9X/z4BnVtyiZ9DxU5L5sC2x8mACGMXRyI
AjpLd6QXFlIj5A==
-----END CERTIFICATE-----
Generated at Mon Oct 20 09:01:34 2025 by rpki-client