Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/9eb346-7b07-4108-9fb0-d7270905e923/1/A-pQioW8c6mqogOop7r5wWLm82w.mft
File:                     A-pQioW8c6mqogOop7r5wWLm82w.mft (raw, json)
Hash identifier:          zc7lEOXFxyRvBSdtWc4qlxZlN5BcXDip9bIYfI4ke7o=
Subject key identifier:   E0:8B:C0:48:2A:87:A2:1D:67:44:FE:1D:45:E2:3D:B1:C3:20:2E:F4
Authority key identifier: 03:EA:50:8A:85:BC:73:A9:AA:A2:03:A8:A7:BA:F9:C1:62:E6:F3:6C
Certificate issuer:       /CN=03ea508a85bc73a9aaa203a8a7baf9c162e6f36c
Certificate serial:       019A00DA28D35A173ADB752CEC55FDB2555F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/A-pQioW8c6mqogOop7r5wWLm82w.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bf/9eb346-7b07-4108-9fb0-d7270905e923/1/A-pQioW8c6mqogOop7r5wWLm82w.mft
Manifest number:          0856
Signing time:             Mon 20 Oct 2025 09:01:28 +0000
Manifest this update:     Mon 20 Oct 2025 09:01:28 +0000
Manifest next update:     Tue 21 Oct 2025 09:01:28 +0000
Files and hashes:         1: 2j9Y51xwRYelF6JrKcKDFxJ1u_0.roa (hash: 0/wxjfgZFvKq0jXNMFirhtTQajhUkEHAhxXEqfHBgNk=)
                          2: A-pQioW8c6mqogOop7r5wWLm82w.crl (hash: jia74FWBRTnj19he60KrfLBjm4EvzrFy6cG+wH6/bkY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/bf/9eb346-7b07-4108-9fb0-d7270905e923/1/A-pQioW8c6mqogOop7r5wWLm82w.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/bf/9eb346-7b07-4108-9fb0-d7270905e923/1/A-pQioW8c6mqogOop7r5wWLm82w.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/A-pQioW8c6mqogOop7r5wWLm82w.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 21 Oct 2025 09:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:00:da:28:d3:5a:17:3a:db:75:2c:ec:55:fd:b2:55:5f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=03ea508a85bc73a9aaa203a8a7baf9c162e6f36c
        Validity
            Not Before: Oct 20 09:01:28 2025 GMT
            Not After : Oct 21 09:01:28 2025 GMT
        Subject: CN=e08bc0482a87a21d6744fe1d45e23db1c3202ef4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:fb:9d:7b:de:69:84:22:8b:ba:04:9e:b1:d8:
                    30:2d:e2:22:ac:b2:2f:b4:15:53:68:4a:86:2a:b7:
                    a3:81:30:bd:07:14:34:f9:a8:13:f7:f8:cd:5b:76:
                    2c:29:94:f5:cf:fb:84:72:ed:a3:20:e1:92:47:74:
                    29:e1:e1:5c:a5:4a:29:ce:90:f2:a9:31:37:e7:3d:
                    88:2c:85:af:89:46:c1:42:91:92:8a:4e:ef:22:ec:
                    78:73:52:18:26:f6:6e:5f:82:0b:6d:e1:d8:ba:76:
                    99:6a:e2:46:a1:23:e7:54:8e:ef:33:a8:34:c9:a3:
                    06:6d:6d:74:38:8f:b0:aa:90:fe:33:8d:d2:f9:f7:
                    7a:5c:46:02:e4:02:8a:d3:b4:30:6f:39:27:c2:07:
                    af:c5:4c:78:b5:69:0e:e1:ea:e5:e9:27:22:54:8a:
                    56:99:52:06:1e:48:3d:50:08:cd:e4:96:34:02:d6:
                    69:e9:01:80:15:01:40:50:91:f9:49:9e:1e:fa:ba:
                    ab:7e:d2:95:0d:9e:88:d1:14:13:39:84:b1:79:25:
                    ea:4a:5e:aa:57:3a:ff:c5:3c:d5:26:fd:28:a2:49:
                    71:4e:d2:35:ea:7f:bf:1e:36:90:9a:fb:2c:8a:b7:
                    1c:7e:a2:38:5a:10:6d:62:1c:be:e6:03:9b:5d:bd:
                    90:83
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E0:8B:C0:48:2A:87:A2:1D:67:44:FE:1D:45:E2:3D:B1:C3:20:2E:F4
            X509v3 Authority Key Identifier:
                keyid:03:EA:50:8A:85:BC:73:A9:AA:A2:03:A8:A7:BA:F9:C1:62:E6:F3:6C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/A-pQioW8c6mqogOop7r5wWLm82w.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/9eb346-7b07-4108-9fb0-d7270905e923/1/A-pQioW8c6mqogOop7r5wWLm82w.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/9eb346-7b07-4108-9fb0-d7270905e923/1/A-pQioW8c6mqogOop7r5wWLm82w.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         13:ba:1a:d3:33:4e:c3:a2:03:75:49:02:9a:99:53:a5:4c:32:
         a9:c5:21:f1:e4:38:a7:32:6c:d8:16:6e:c3:6c:d3:17:d2:3e:
         0e:de:51:16:40:0d:cc:99:8d:e9:13:77:7e:9c:2f:87:35:1b:
         90:4b:70:c8:57:50:75:81:f4:08:cb:6e:2d:b3:f7:31:0a:c6:
         70:dd:d1:e6:2f:2c:54:3e:14:72:f0:ee:39:d8:fc:a8:20:ae:
         09:1c:49:ce:44:8e:59:d1:54:ff:d7:44:fe:13:fd:21:3e:03:
         21:38:01:7a:c9:40:e6:7c:4d:da:e0:24:71:f1:28:b0:3c:45:
         19:24:8f:be:c8:a8:ea:ab:27:cc:dd:e6:33:fb:e3:71:2f:d1:
         73:c8:43:94:8f:c7:06:d9:39:c9:a6:e1:be:17:8f:9f:40:77:
         be:c6:d7:09:0c:0d:79:ec:f0:86:a6:44:b5:14:4c:52:76:52:
         3e:34:b1:61:2d:c5:72:53:bd:87:e9:d5:8d:3c:bc:37:22:ad:
         a9:5d:cd:be:38:78:b4:4d:c5:8e:f6:05:f3:76:bf:2b:b3:01:
         8b:a7:43:96:3a:77:e8:33:83:1f:c0:8f:b1:34:52:73:77:95:
         10:ae:a9:6e:15:8c:35:42:25:b0:10:02:64:63:41:3a:ad:45:
         d3:2c:27:8c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZoA2ijTWhc623Us7FX9slVfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAzZWE1MDhhODViYzczYTlhYWEyMDNhOGE3YmFmOWMxNjJl
NmYzNmMwHhcNMjUxMDIwMDkwMTI4WhcNMjUxMDIxMDkwMTI4WjAzMTEwLwYDVQQD
EyhlMDhiYzA0ODJhODdhMjFkNjc0NGZlMWQ0NWUyM2RiMWMzMjAyZWY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwPude95phCKLugSesdgwLeIirLIv
tBVTaEqGKrejgTC9BxQ0+agT9/jNW3YsKZT1z/uEcu2jIOGSR3Qp4eFcpUopzpDy
qTE35z2ILIWviUbBQpGSik7vIux4c1IYJvZuX4ILbeHYunaZauJGoSPnVI7vM6g0
yaMGbW10OI+wqpD+M43S+fd6XEYC5AKK07QwbzknwgevxUx4tWkO4erl6SciVIpW
mVIGHkg9UAjN5JY0AtZp6QGAFQFAUJH5SZ4e+rqrftKVDZ6I0RQTOYSxeSXqSl6q
Vzr/xTzVJv0ooklxTtI16n+/HjaQmvssirccfqI4WhBtYhy+5gObXb2QgwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOCLwEgqh6IdZ0T+HUXiPbHDIC70MB8GA1UdIwQY
MBaAFAPqUIqFvHOpqqIDqKe6+cFi5vNsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQS1wUWlvVzhjNm1xb2dPb3A3cjV3V0xtODJ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi85ZWIzNDYtN2IwNy00MTA4LTlmYjAt
ZDcyNzA5MDVlOTIzLzEvQS1wUWlvVzhjNm1xb2dPb3A3cjV3V0xtODJ3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZi85ZWIzNDYtN2IwNy00MTA4LTlmYjAtZDcyNzA5MDVlOTIz
LzEvQS1wUWlvVzhjNm1xb2dPb3A3cjV3V0xtODJ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAE7oa0zNO
w6IDdUkCmplTpUwyqcUh8eQ4pzJs2BZuw2zTF9I+Dt5RFkANzJmN6RN3fpwvhzUb
kEtwyFdQdYH0CMtuLbP3MQrGcN3R5i8sVD4UcvDuOdj8qCCuCRxJzkSOWdFU/9dE
/hP9IT4DITgBeslA5nxN2uAkcfEosDxFGSSPvsio6qsnzN3mM/vjcS/Rc8hDlI/H
Btk5yabhvhePn0B3vsbXCQwNeezwhqZEtRRMUnZSPjSxYS3FclO9h+nVjTy8NyKt
qV3Nvjh4tE3FjvYF83a/K7MBi6dDljp36DODH8CPsTRSc3eVEK6pbhWMNUIlsBAC
ZGNBOq1F0ywnjA==
-----END CERTIFICATE-----
Generated at Mon Oct 20 12:43:35 2025 by rpki-client