Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ba/693cc3-ab75-44c6-a740-7461a56ce95e/1/KIBHSpYWHd4pQs-58YVsL_yICQQ.mft
File:                     KIBHSpYWHd4pQs-58YVsL_yICQQ.mft (raw, json)
Hash identifier:          J695+nQ+8eUV9C5NGy2i7ALyss3x/rmrDt8PUVGccZM=
Subject key identifier:   33:88:5A:2A:70:94:58:EE:87:94:9B:02:D7:A8:67:C7:77:1B:67:22
Authority key identifier: 28:80:47:4A:96:16:1D:DE:29:42:CF:B9:F1:85:6C:2F:FC:88:09:04
Certificate issuer:       /CN=2880474a96161dde2942cfb9f1856c2ffc880904
Certificate serial:       019A006BE9B4CE56EB0757E94FF396E92D6A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/KIBHSpYWHd4pQs-58YVsL_yICQQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ba/693cc3-ab75-44c6-a740-7461a56ce95e/1/KIBHSpYWHd4pQs-58YVsL_yICQQ.mft
Manifest number:          02A2
Signing time:             Mon 20 Oct 2025 07:01:03 +0000
Manifest this update:     Mon 20 Oct 2025 07:01:03 +0000
Manifest next update:     Tue 21 Oct 2025 07:01:03 +0000
Files and hashes:         1: KIBHSpYWHd4pQs-58YVsL_yICQQ.crl (hash: FnChA6JX7T4GQ5uB3B63B5ixeFJGThnGdvZxjxk5X4s=)
                          2: q2_sbJziOr7rwxyhvKWnkNjMans.roa (hash: 0BH7DATsPfSUKJPP/TZdwOG931UfHO+OV4ftBhPZrwY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ba/693cc3-ab75-44c6-a740-7461a56ce95e/1/KIBHSpYWHd4pQs-58YVsL_yICQQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ba/693cc3-ab75-44c6-a740-7461a56ce95e/1/KIBHSpYWHd4pQs-58YVsL_yICQQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/KIBHSpYWHd4pQs-58YVsL_yICQQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 21 Oct 2025 00:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:00:6b:e9:b4:ce:56:eb:07:57:e9:4f:f3:96:e9:2d:6a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2880474a96161dde2942cfb9f1856c2ffc880904
        Validity
            Not Before: Oct 20 07:01:03 2025 GMT
            Not After : Oct 21 07:01:03 2025 GMT
        Subject: CN=33885a2a709458ee87949b02d7a867c7771b6722
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:fd:22:46:2c:b7:7e:74:60:bb:28:c9:69:de:
                    f4:00:3c:ba:66:90:f6:bf:2e:67:bf:ee:31:d9:11:
                    3a:bd:39:91:6b:29:41:7b:0c:c1:4a:dc:d9:20:9a:
                    b7:de:dc:d5:5f:06:5a:9d:2d:bd:ca:5d:ac:d0:e7:
                    65:7a:3b:43:fb:d0:85:16:49:4d:e1:61:56:5a:cb:
                    c4:0c:ec:63:0e:55:89:28:d1:96:9a:77:21:83:c7:
                    68:91:16:a6:0c:eb:61:fa:55:9e:4f:cc:42:fb:da:
                    a0:84:01:ec:f9:be:93:06:49:53:21:82:dc:b1:62:
                    ad:1e:d2:53:c6:34:cc:28:b0:e9:76:6b:27:3a:ea:
                    6b:d8:fd:1c:f8:11:4d:49:ca:b2:4a:1d:08:72:b5:
                    ec:6d:10:23:0c:57:bc:b0:66:93:13:c8:52:43:03:
                    ac:3d:5c:9e:a1:00:20:be:14:53:45:ef:56:92:b5:
                    9e:4d:a5:45:f1:4f:7e:7a:93:5c:c6:92:5d:c5:1b:
                    e0:a6:74:95:de:da:f5:ff:32:44:50:e3:dc:76:98:
                    af:e9:c5:6d:ed:b1:d2:0f:aa:0a:6a:d6:41:2b:f6:
                    5e:e7:e6:99:93:48:6b:9f:19:ae:b4:31:77:3c:da:
                    4f:36:f2:62:01:e2:e0:2f:55:2f:33:93:4d:e8:e7:
                    d3:0f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                33:88:5A:2A:70:94:58:EE:87:94:9B:02:D7:A8:67:C7:77:1B:67:22
            X509v3 Authority Key Identifier:
                keyid:28:80:47:4A:96:16:1D:DE:29:42:CF:B9:F1:85:6C:2F:FC:88:09:04

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KIBHSpYWHd4pQs-58YVsL_yICQQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/693cc3-ab75-44c6-a740-7461a56ce95e/1/KIBHSpYWHd4pQs-58YVsL_yICQQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/693cc3-ab75-44c6-a740-7461a56ce95e/1/KIBHSpYWHd4pQs-58YVsL_yICQQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6d:e0:3d:68:c3:0b:8a:9b:ee:87:e4:a8:c7:75:c7:20:39:3d:
         93:24:64:8b:e9:33:fb:75:1e:d5:45:35:32:a7:37:a0:c8:6f:
         57:14:e8:aa:a8:71:bd:61:f5:9e:37:73:ea:c4:b5:56:d8:15:
         a7:2c:a7:c5:b8:af:fa:98:16:6a:c6:af:49:39:ed:09:d7:95:
         76:91:c3:f5:d2:58:82:fe:ba:05:e3:ba:b6:42:1d:56:b1:09:
         ba:01:d6:63:ce:3a:43:b9:07:f1:35:3b:55:60:e0:82:6f:90:
         64:12:d2:1c:ff:f0:db:3d:00:d3:4c:58:e2:5a:65:1e:0f:3f:
         91:db:d8:fb:37:47:0b:8b:21:9b:4a:0b:c6:f9:bd:a7:c7:87:
         db:09:f8:47:0b:ea:b5:05:96:ed:3a:14:57:cf:3e:7e:b0:52:
         ba:9d:06:fa:aa:bd:e0:dc:bb:da:5f:9b:40:16:99:0f:d8:55:
         ba:19:b1:9a:9b:ec:3b:47:67:f7:e9:a4:d4:ef:02:04:5d:b0:
         26:e5:c7:c0:a3:4d:37:28:f5:11:bb:90:74:bd:73:5b:2e:a2:
         d0:e9:73:19:d3:cf:3b:3d:c4:6e:5d:db:41:9d:71:d5:a1:d4:
         06:d1:1c:c2:c9:01:43:80:4b:09:1e:a6:ca:e8:4b:10:ad:7d:
         1b:9d:5e:d5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZoAa+m0zlbrB1fpT/OW6S1qMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI4ODA0NzRhOTYxNjFkZGUyOTQyY2ZiOWYxODU2YzJmZmM4
ODA5MDQwHhcNMjUxMDIwMDcwMTAzWhcNMjUxMDIxMDcwMTAzWjAzMTEwLwYDVQQD
EygzMzg4NWEyYTcwOTQ1OGVlODc5NDliMDJkN2E4NjdjNzc3MWI2NzIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvf0iRiy3fnRguyjJad70ADy6ZpD2
vy5nv+4x2RE6vTmRaylBewzBStzZIJq33tzVXwZanS29yl2s0OdlejtD+9CFFklN
4WFWWsvEDOxjDlWJKNGWmnchg8dokRamDOth+lWeT8xC+9qghAHs+b6TBklTIYLc
sWKtHtJTxjTMKLDpdmsnOupr2P0c+BFNScqySh0IcrXsbRAjDFe8sGaTE8hSQwOs
PVyeoQAgvhRTRe9WkrWeTaVF8U9+epNcxpJdxRvgpnSV3tr1/zJEUOPcdpiv6cVt
7bHSD6oKatZBK/Ze5+aZk0hrnxmutDF3PNpPNvJiAeLgL1UvM5NN6OfTDwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDOIWipwlFjuh5SbAteoZ8d3G2ciMB8GA1UdIwQY
MBaAFCiAR0qWFh3eKULPufGFbC/8iAkEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS0lCSFNwWVdIZDRwUXMtNThZVnNMX3lJQ1FRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYS82OTNjYzMtYWI3NS00NGM2LWE3NDAt
NzQ2MWE1NmNlOTVlLzEvS0lCSFNwWVdIZDRwUXMtNThZVnNMX3lJQ1FRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYS82OTNjYzMtYWI3NS00NGM2LWE3NDAtNzQ2MWE1NmNlOTVl
LzEvS0lCSFNwWVdIZDRwUXMtNThZVnNMX3lJQ1FRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAbeA9aMML
ipvuh+Sox3XHIDk9kyRki+kz+3Ue1UU1Mqc3oMhvVxToqqhxvWH1njdz6sS1VtgV
pyynxbiv+pgWasavSTntCdeVdpHD9dJYgv66BeO6tkIdVrEJugHWY846Q7kH8TU7
VWDggm+QZBLSHP/w2z0A00xY4lplHg8/kdvY+zdHC4shm0oLxvm9p8eH2wn4Rwvq
tQWW7ToUV88+frBSup0G+qq94Ny72l+bQBaZD9hVuhmxmpvsO0dn9+mk1O8CBF2w
JuXHwKNNNyj1EbuQdL1zWy6i0OlzGdPPOz3Ebl3bQZ1x1aHUBtEcwskBQ4BLCR6m
yuhLEK19G51e1Q==
-----END CERTIFICATE-----
Generated at Mon Oct 20 10:31:22 2025 by rpki-client