Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/f503d7-1fb6-4370-b44f-44a41a93113e/1/I32X8VCOekR4mfWaVfuKpiQe9RA.mft
File:                     I32X8VCOekR4mfWaVfuKpiQe9RA.mft (raw, json)
Hash identifier:          bBXCEsKrHe+qc7v/onroWev9Z/cHpNVSj53gareCrPA=
Subject key identifier:   D4:0D:B3:B1:08:D0:19:2D:F1:E5:C0:3C:F0:6A:43:02:29:90:70:73
Authority key identifier: 23:7D:97:F1:50:8E:7A:44:78:99:F5:9A:55:FB:8A:A6:24:1E:F5:10
Certificate issuer:       /CN=237d97f1508e7a447899f59a55fb8aa6241ef510
Certificate serial:       019A00357A2123981F22AFB6E824781F87BD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/I32X8VCOekR4mfWaVfuKpiQe9RA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bc/f503d7-1fb6-4370-b44f-44a41a93113e/1/I32X8VCOekR4mfWaVfuKpiQe9RA.mft
Manifest number:          0570
Signing time:             Mon 20 Oct 2025 06:01:35 +0000
Manifest this update:     Mon 20 Oct 2025 06:01:35 +0000
Manifest next update:     Tue 21 Oct 2025 06:01:35 +0000
Files and hashes:         1: AgvVH_Z5ZikBFIUyEGB_f4ftLfg.roa (hash: Ii6l1o1UjR6zsFk/Ik5xPFxEIQrzvV/YcOC6UeUTh7g=)
                          2: I32X8VCOekR4mfWaVfuKpiQe9RA.crl (hash: EkI/ZaOF9Ukxe3aH33gWNhfjZ7yw7WV1oz9kl+gI6Ug=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/bc/f503d7-1fb6-4370-b44f-44a41a93113e/1/I32X8VCOekR4mfWaVfuKpiQe9RA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/bc/f503d7-1fb6-4370-b44f-44a41a93113e/1/I32X8VCOekR4mfWaVfuKpiQe9RA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/I32X8VCOekR4mfWaVfuKpiQe9RA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 21 Oct 2025 06:01:35 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:00:35:7a:21:23:98:1f:22:af:b6:e8:24:78:1f:87:bd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=237d97f1508e7a447899f59a55fb8aa6241ef510
        Validity
            Not Before: Oct 20 06:01:35 2025 GMT
            Not After : Oct 21 06:01:35 2025 GMT
        Subject: CN=d40db3b108d0192df1e5c03cf06a430229907073
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:c4:95:3c:c0:8e:f8:d0:e5:61:db:8b:78:4e:
                    bd:9c:d6:37:99:0b:66:5d:34:e5:f8:50:60:be:b1:
                    cd:25:63:f2:ef:b8:da:e2:47:8d:a8:56:56:22:75:
                    cb:15:1c:78:83:3d:60:76:e1:88:f3:62:6d:15:c9:
                    66:a8:64:e5:4d:ba:01:f5:38:0e:38:95:12:60:14:
                    f0:5f:c6:bc:fb:9b:89:cb:25:d6:79:77:5c:87:e3:
                    59:30:1a:ff:c0:a0:07:23:aa:51:1a:0c:b4:19:b4:
                    da:27:c8:9b:80:7f:f1:b3:87:89:66:58:50:63:84:
                    6e:09:c0:fc:25:b2:04:36:c0:b5:37:16:80:a3:f7:
                    03:42:88:f3:5a:63:df:8e:3d:6d:d1:00:c4:d2:75:
                    95:07:b6:c7:ef:14:76:93:21:9e:05:68:06:fa:23:
                    02:80:ee:18:d5:b5:45:1e:06:f7:65:32:00:d2:87:
                    54:7f:5d:0d:e3:4e:33:d3:91:d1:6e:97:22:71:4f:
                    b1:6a:70:cd:0e:ad:0e:76:7c:03:6f:ce:59:61:84:
                    6e:fc:de:07:b0:60:14:b9:f6:2a:a2:86:77:34:41:
                    20:fc:73:f7:92:d8:d3:23:a1:d0:8d:60:26:e2:ec:
                    1c:8c:a9:e0:95:5d:58:e3:3f:1a:f8:12:b3:f5:35:
                    96:a5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D4:0D:B3:B1:08:D0:19:2D:F1:E5:C0:3C:F0:6A:43:02:29:90:70:73
            X509v3 Authority Key Identifier:
                keyid:23:7D:97:F1:50:8E:7A:44:78:99:F5:9A:55:FB:8A:A6:24:1E:F5:10

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/I32X8VCOekR4mfWaVfuKpiQe9RA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/f503d7-1fb6-4370-b44f-44a41a93113e/1/I32X8VCOekR4mfWaVfuKpiQe9RA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/f503d7-1fb6-4370-b44f-44a41a93113e/1/I32X8VCOekR4mfWaVfuKpiQe9RA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0f:d9:97:3e:90:73:a6:6f:06:52:7c:d5:ea:34:d6:18:b5:1b:
         75:87:06:65:0e:b0:34:43:c4:0d:54:59:4a:b1:76:80:42:84:
         fc:a4:a8:a1:70:fa:28:32:ff:4f:57:c8:14:01:d7:ce:0b:ff:
         c5:72:a7:33:57:c8:95:b9:27:74:66:d4:b8:03:dd:3c:10:07:
         ad:3b:78:9e:84:bf:d6:2c:9f:c6:09:98:90:30:ca:36:6c:85:
         28:f0:26:d2:73:8a:67:0f:93:94:b1:10:03:a7:0b:2d:50:6e:
         3e:ee:e8:c8:b6:1b:e4:dd:76:fa:6a:f2:c1:66:f8:df:cb:c5:
         33:79:bf:72:cd:7b:6c:20:3a:10:f0:df:15:47:91:14:83:27:
         14:ad:d3:9d:5e:b9:a6:6b:33:70:08:a1:c7:94:5f:61:70:8d:
         d0:cb:10:2d:b1:c3:d5:70:be:51:0e:9e:f3:7a:32:5a:47:7c:
         43:99:e7:65:f8:10:96:ad:78:6a:0f:0b:5c:39:8c:79:a9:26:
         42:72:2a:91:4e:68:0e:1f:a3:41:47:0a:95:10:a8:f0:95:0b:
         d1:2a:fa:f5:62:43:2a:63:d5:61:80:0a:1e:47:73:0d:49:a6:
         63:91:e8:3d:fb:7f:6d:e5:ad:f2:bf:70:ba:5d:0f:c7:ff:e1:
         78:51:04:b0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZoANXohI5gfIq+26CR4H4e9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIzN2Q5N2YxNTA4ZTdhNDQ3ODk5ZjU5YTU1ZmI4YWE2MjQx
ZWY1MTAwHhcNMjUxMDIwMDYwMTM1WhcNMjUxMDIxMDYwMTM1WjAzMTEwLwYDVQQD
EyhkNDBkYjNiMTA4ZDAxOTJkZjFlNWMwM2NmMDZhNDMwMjI5OTA3MDczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAosSVPMCO+NDlYduLeE69nNY3mQtm
XTTl+FBgvrHNJWPy77ja4keNqFZWInXLFRx4gz1gduGI82JtFclmqGTlTboB9TgO
OJUSYBTwX8a8+5uJyyXWeXdch+NZMBr/wKAHI6pRGgy0GbTaJ8ibgH/xs4eJZlhQ
Y4RuCcD8JbIENsC1NxaAo/cDQojzWmPfjj1t0QDE0nWVB7bH7xR2kyGeBWgG+iMC
gO4Y1bVFHgb3ZTIA0odUf10N404z05HRbpcicU+xanDNDq0OdnwDb85ZYYRu/N4H
sGAUufYqooZ3NEEg/HP3ktjTI6HQjWAm4uwcjKnglV1Y4z8a+BKz9TWWpQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNQNs7EI0Bkt8eXAPPBqQwIpkHBzMB8GA1UdIwQY
MBaAFCN9l/FQjnpEeJn1mlX7iqYkHvUQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSTMyWDhWQ09la1I0bWZXYVZmdUtwaVFlOVJBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy9mNTAzZDctMWZiNi00MzcwLWI0NGYt
NDRhNDFhOTMxMTNlLzEvSTMyWDhWQ09la1I0bWZXYVZmdUtwaVFlOVJBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy9mNTAzZDctMWZiNi00MzcwLWI0NGYtNDRhNDFhOTMxMTNl
LzEvSTMyWDhWQ09la1I0bWZXYVZmdUtwaVFlOVJBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAD9mXPpBz
pm8GUnzV6jTWGLUbdYcGZQ6wNEPEDVRZSrF2gEKE/KSooXD6KDL/T1fIFAHXzgv/
xXKnM1fIlbkndGbUuAPdPBAHrTt4noS/1iyfxgmYkDDKNmyFKPAm0nOKZw+TlLEQ
A6cLLVBuPu7oyLYb5N12+mrywWb438vFM3m/cs17bCA6EPDfFUeRFIMnFK3TnV65
pmszcAihx5RfYXCN0MsQLbHD1XC+UQ6e83oyWkd8Q5nnZfgQlq14ag8LXDmMeakm
QnIqkU5oDh+jQUcKlRCo8JUL0Sr69WJDKmPVYYAKHkdzDUmmY5HoPft/beWt8r9w
ul0Px//heFEEsA==
-----END CERTIFICATE-----
Generated at Mon Oct 20 11:07:37 2025 by rpki-client