Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/9eb346-7b07-4108-9fb0-d7270905e923/1/A-pQioW8c6mqogOop7r5wWLm82w.mft
File:                     A-pQioW8c6mqogOop7r5wWLm82w.mft (raw, json)
Hash identifier:          na7IW96kcE4VUwjJcphreOt5R5lEKGe5Y+nYd+UcQ5w=
Subject key identifier:   25:F8:E6:E2:A0:51:D8:52:A0:05:1B:59:23:87:C0:91:3E:C6:81:7D
Authority key identifier: 03:EA:50:8A:85:BC:73:A9:AA:A2:03:A8:A7:BA:F9:C1:62:E6:F3:6C
Certificate issuer:       /CN=03ea508a85bc73a9aaa203a8a7baf9c162e6f36c
Certificate serial:       019A02C79F42CB80587F6233B037B3DBCA0D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/A-pQioW8c6mqogOop7r5wWLm82w.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bf/9eb346-7b07-4108-9fb0-d7270905e923/1/A-pQioW8c6mqogOop7r5wWLm82w.mft
Manifest number:          0857
Signing time:             Mon 20 Oct 2025 18:00:28 +0000
Manifest this update:     Mon 20 Oct 2025 18:00:28 +0000
Manifest next update:     Tue 21 Oct 2025 18:00:28 +0000
Files and hashes:         1: 2j9Y51xwRYelF6JrKcKDFxJ1u_0.roa (hash: 0/wxjfgZFvKq0jXNMFirhtTQajhUkEHAhxXEqfHBgNk=)
                          2: A-pQioW8c6mqogOop7r5wWLm82w.crl (hash: VXtXmv/aE5qjiG/PlYs+USaKVGNyBb0h3WidyhFwcmg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/bf/9eb346-7b07-4108-9fb0-d7270905e923/1/A-pQioW8c6mqogOop7r5wWLm82w.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/bf/9eb346-7b07-4108-9fb0-d7270905e923/1/A-pQioW8c6mqogOop7r5wWLm82w.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/A-pQioW8c6mqogOop7r5wWLm82w.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 21 Oct 2025 13:42:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:02:c7:9f:42:cb:80:58:7f:62:33:b0:37:b3:db:ca:0d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=03ea508a85bc73a9aaa203a8a7baf9c162e6f36c
        Validity
            Not Before: Oct 20 18:00:28 2025 GMT
            Not After : Oct 21 18:00:28 2025 GMT
        Subject: CN=25f8e6e2a051d852a0051b592387c0913ec6817d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:11:99:74:f7:8d:eb:88:9d:95:5d:36:17:4d:
                    80:e6:28:b2:fb:d8:9c:cb:f1:b8:d6:73:3b:bb:b9:
                    63:af:85:9d:04:d1:78:be:5f:ea:df:53:3b:2e:25:
                    87:2c:f4:40:b0:06:ad:fc:73:ce:77:b7:04:a0:a4:
                    e6:15:22:88:d5:2e:73:f4:09:fd:1d:da:ef:76:f1:
                    3f:32:18:d3:83:e1:3d:da:f0:ae:41:9d:a6:cc:b4:
                    29:3a:a3:26:bc:9d:92:b1:dc:de:49:e0:29:c1:93:
                    43:d2:02:70:d0:1d:46:cf:f2:64:6f:20:66:c9:4c:
                    82:1d:f6:b4:ce:57:7a:43:71:0c:70:fb:69:c4:87:
                    86:63:30:de:64:67:5f:92:f4:52:a8:69:13:18:8a:
                    a0:fa:7c:2e:e1:30:be:c6:c7:56:d8:3d:aa:23:4f:
                    52:d7:db:0e:da:c0:da:db:1d:61:f0:76:cc:fa:5d:
                    10:7e:65:1d:2f:08:9c:cf:da:47:c5:10:d0:df:c5:
                    6d:de:00:47:d6:ae:c8:88:4a:6b:22:50:18:63:db:
                    84:ad:27:2f:76:aa:87:e3:d1:a4:1e:84:0a:96:e9:
                    24:40:fd:61:e6:e7:c1:39:cd:a0:f9:2d:a1:b5:ef:
                    97:49:45:9b:23:e9:05:03:a9:86:ee:3c:dc:12:1d:
                    d3:bb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                25:F8:E6:E2:A0:51:D8:52:A0:05:1B:59:23:87:C0:91:3E:C6:81:7D
            X509v3 Authority Key Identifier:
                keyid:03:EA:50:8A:85:BC:73:A9:AA:A2:03:A8:A7:BA:F9:C1:62:E6:F3:6C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/A-pQioW8c6mqogOop7r5wWLm82w.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/9eb346-7b07-4108-9fb0-d7270905e923/1/A-pQioW8c6mqogOop7r5wWLm82w.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/9eb346-7b07-4108-9fb0-d7270905e923/1/A-pQioW8c6mqogOop7r5wWLm82w.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         41:d9:c8:dc:e0:ce:2b:65:d9:cb:3d:28:34:f8:2b:de:6d:d6:
         4b:8a:bd:02:55:d5:d3:33:10:6d:44:53:99:2e:0b:e5:b3:65:
         81:74:cb:6c:9b:1d:d0:f7:32:24:70:9f:5e:87:47:69:d0:79:
         d7:bd:c7:7d:9e:97:51:e4:6e:ee:3f:c0:6c:55:a8:7c:7c:52:
         22:3d:70:0f:6f:4c:0a:22:16:1b:2c:c4:61:a8:17:2c:6d:18:
         d7:01:98:4a:80:13:27:2f:d7:6d:1a:03:a1:ae:50:b6:1f:f3:
         3d:63:08:5b:a3:7b:cc:bc:e3:a8:83:33:f3:eb:d4:61:b0:84:
         09:e7:b4:08:6f:32:89:3a:4b:38:b9:ff:ad:e3:46:86:cd:d6:
         5e:e9:f6:f5:e7:65:72:60:5e:96:50:f1:f2:d6:f3:8c:a3:05:
         5f:48:f7:be:5a:ee:c0:ce:ab:7e:60:e5:05:65:85:9c:98:77:
         8b:cb:ec:34:1b:94:6e:bd:8d:21:96:f4:ea:10:a4:39:50:33:
         37:49:fa:39:65:e3:59:43:43:39:ab:68:d4:6f:f5:5a:9d:bf:
         1e:28:18:49:78:ba:b3:cb:1c:2d:27:73:d2:80:fd:15:67:f1:
         22:2a:a7:84:e1:7c:0f:17:96:42:b5:4c:d1:90:7c:76:1f:07:
         e1:47:b0:60
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZoCx59Cy4BYf2IzsDez28oNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAzZWE1MDhhODViYzczYTlhYWEyMDNhOGE3YmFmOWMxNjJl
NmYzNmMwHhcNMjUxMDIwMTgwMDI4WhcNMjUxMDIxMTgwMDI4WjAzMTEwLwYDVQQD
EygyNWY4ZTZlMmEwNTFkODUyYTAwNTFiNTkyMzg3YzA5MTNlYzY4MTdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvxGZdPeN64idlV02F02A5iiy+9ic
y/G41nM7u7ljr4WdBNF4vl/q31M7LiWHLPRAsAat/HPOd7cEoKTmFSKI1S5z9An9
HdrvdvE/MhjTg+E92vCuQZ2mzLQpOqMmvJ2SsdzeSeApwZND0gJw0B1Gz/JkbyBm
yUyCHfa0zld6Q3EMcPtpxIeGYzDeZGdfkvRSqGkTGIqg+nwu4TC+xsdW2D2qI09S
19sO2sDa2x1h8HbM+l0QfmUdLwicz9pHxRDQ38Vt3gBH1q7IiEprIlAYY9uErScv
dqqH49GkHoQKlukkQP1h5ufBOc2g+S2hte+XSUWbI+kFA6mG7jzcEh3TuwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCX45uKgUdhSoAUbWSOHwJE+xoF9MB8GA1UdIwQY
MBaAFAPqUIqFvHOpqqIDqKe6+cFi5vNsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQS1wUWlvVzhjNm1xb2dPb3A3cjV3V0xtODJ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi85ZWIzNDYtN2IwNy00MTA4LTlmYjAt
ZDcyNzA5MDVlOTIzLzEvQS1wUWlvVzhjNm1xb2dPb3A3cjV3V0xtODJ3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZi85ZWIzNDYtN2IwNy00MTA4LTlmYjAtZDcyNzA5MDVlOTIz
LzEvQS1wUWlvVzhjNm1xb2dPb3A3cjV3V0xtODJ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQdnI3ODO
K2XZyz0oNPgr3m3WS4q9AlXV0zMQbURTmS4L5bNlgXTLbJsd0PcyJHCfXodHadB5
173HfZ6XUeRu7j/AbFWofHxSIj1wD29MCiIWGyzEYagXLG0Y1wGYSoATJy/XbRoD
oa5Qth/zPWMIW6N7zLzjqIMz8+vUYbCECee0CG8yiTpLOLn/reNGhs3WXun29edl
cmBellDx8tbzjKMFX0j3vlruwM6rfmDlBWWFnJh3i8vsNBuUbr2NIZb06hCkOVAz
N0n6OWXjWUNDOato1G/1Wp2/HigYSXi6s8scLSdz0oD9FWfxIiqnhOF8DxeWQrVM
0ZB8dh8H4UewYA==
-----END CERTIFICATE-----
Generated at Mon Oct 20 23:12:13 2025 by rpki-client