Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/478aea-6b94-49a3-aa7f-189490d60ea6/1/1OKXHl2BaclArwINsCe-2tiZFZA.mft
File:                     1OKXHl2BaclArwINsCe-2tiZFZA.mft (raw, json)
Hash identifier:          fBrDQWDhkeD1Tc3Ws2H9AR0BUJEdgfcoGQYSKFLRlmk=
Subject key identifier:   8A:28:29:BD:1E:34:97:2F:E0:E9:08:3C:ED:55:DA:AB:74:3E:78:42
Authority key identifier: D4:E2:97:1E:5D:81:69:C9:40:AF:02:0D:B0:27:BE:DA:D8:99:15:90
Certificate issuer:       /CN=d4e2971e5d8169c940af020db027bedad8991590
Certificate serial:       0199FC8FBA93D9D916455A438047E4325B24
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/1OKXHl2BaclArwINsCe-2tiZFZA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c0/478aea-6b94-49a3-aa7f-189490d60ea6/1/1OKXHl2BaclArwINsCe-2tiZFZA.mft
Manifest number:          16E6
Signing time:             Sun 19 Oct 2025 13:01:41 +0000
Manifest this update:     Sun 19 Oct 2025 13:01:41 +0000
Manifest next update:     Mon 20 Oct 2025 13:01:41 +0000
Files and hashes:         1: 1OKXHl2BaclArwINsCe-2tiZFZA.crl (hash: yDIkCpay+bPh0TgUUw+hGJRPr88y0tO1So2oagfsGjs=)
                          2: JSqJ02JsxZMyq1FZ1Ds1WnAXfzM.roa (hash: FrjQUqzgc9bbbA26gpxWpuyB85Zjnu+GzKv9yBO8vww=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c0/478aea-6b94-49a3-aa7f-189490d60ea6/1/1OKXHl2BaclArwINsCe-2tiZFZA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c0/478aea-6b94-49a3-aa7f-189490d60ea6/1/1OKXHl2BaclArwINsCe-2tiZFZA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/1OKXHl2BaclArwINsCe-2tiZFZA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 06:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fc:8f:ba:93:d9:d9:16:45:5a:43:80:47:e4:32:5b:24
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d4e2971e5d8169c940af020db027bedad8991590
        Validity
            Not Before: Oct 19 13:01:41 2025 GMT
            Not After : Oct 20 13:01:41 2025 GMT
        Subject: CN=8a2829bd1e34972fe0e9083ced55daab743e7842
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:91:ee:d6:f3:38:29:32:47:5a:46:d9:c8:c9:ae:
                    ae:82:c4:13:fc:f2:5c:a3:7d:e5:5f:80:f0:da:ac:
                    40:85:b1:b0:04:19:01:e7:d2:57:24:9e:ca:5c:d2:
                    9b:55:51:1a:26:70:78:97:36:64:e1:14:6d:b3:9f:
                    e6:5b:0f:11:97:68:fc:36:19:87:51:13:d4:97:f4:
                    bb:e7:ca:fe:9d:8c:2d:7a:a0:0e:0b:35:a5:5b:d1:
                    91:16:ff:cc:dc:85:c5:71:4e:27:fa:ac:ec:f7:07:
                    ac:88:c6:bb:56:65:1a:b9:47:7a:e5:c3:c4:9e:2a:
                    78:f4:06:61:9a:9d:1e:de:9e:bc:fe:3f:43:d6:a7:
                    25:1d:78:a7:31:fe:c6:34:37:b0:00:b8:8b:0a:c8:
                    f3:5f:a0:5c:51:d9:dc:c0:d9:1b:8d:99:76:13:cf:
                    07:e2:7a:88:f8:67:7d:31:77:bc:3e:ff:2a:54:38:
                    50:5f:58:40:9f:8b:22:f1:41:16:ac:f5:df:da:31:
                    63:4f:fa:89:fa:f0:ec:82:af:96:37:e6:a9:df:68:
                    c4:23:81:73:9f:6f:fc:6b:54:70:e6:61:a2:d3:53:
                    40:2b:1a:bd:18:91:2c:79:a5:98:9a:9b:bc:75:fc:
                    4e:5d:35:c1:f5:4f:7d:fe:f6:1c:68:2f:99:a5:9c:
                    05:e7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8A:28:29:BD:1E:34:97:2F:E0:E9:08:3C:ED:55:DA:AB:74:3E:78:42
            X509v3 Authority Key Identifier:
                keyid:D4:E2:97:1E:5D:81:69:C9:40:AF:02:0D:B0:27:BE:DA:D8:99:15:90

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1OKXHl2BaclArwINsCe-2tiZFZA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/478aea-6b94-49a3-aa7f-189490d60ea6/1/1OKXHl2BaclArwINsCe-2tiZFZA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/478aea-6b94-49a3-aa7f-189490d60ea6/1/1OKXHl2BaclArwINsCe-2tiZFZA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2b:a5:b1:c0:ef:d9:1f:fd:e1:43:c1:48:ca:fd:e5:08:2f:3f:
         44:f3:52:ee:80:d6:94:75:87:e2:70:3b:89:1d:24:a1:19:7d:
         18:9b:39:1b:f3:70:d0:dc:00:09:f0:93:82:c7:46:81:8e:8e:
         74:82:ef:52:67:f0:35:71:ea:6e:46:fe:01:c2:8c:03:c1:c3:
         a5:03:81:63:e5:1a:a3:33:0d:11:85:fe:b8:a6:d8:43:c1:a9:
         d2:57:40:46:e1:70:c3:7b:49:29:b9:ac:0f:04:3e:bf:76:3f:
         07:be:49:d4:7c:63:a7:ce:49:43:5b:6f:c0:26:2d:a3:a3:f2:
         d9:5b:e1:7e:30:e0:67:79:45:e0:95:0d:ec:41:02:63:dc:ad:
         27:ee:a3:93:39:ce:55:81:90:58:39:12:7a:b6:1c:27:29:96:
         fa:42:27:03:9f:b6:fc:31:43:bd:a3:86:1f:84:34:06:14:14:
         81:48:15:55:70:dc:35:c1:98:7f:af:c0:3b:a8:e8:1e:02:56:
         d1:48:68:69:94:1d:1f:2a:40:03:02:93:da:65:5e:8d:6e:95:
         bf:5a:03:41:8c:3f:fa:f1:d0:aa:c1:c3:c6:e7:5f:ab:86:74:
         34:cf:28:47:45:76:50:0a:24:01:32:4c:32:21:dc:db:16:7d:
         20:e5:fe:9c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn8j7qT2dkWRVpDgEfkMlskMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0ZTI5NzFlNWQ4MTY5Yzk0MGFmMDIwZGIwMjdiZWRhZDg5
OTE1OTAwHhcNMjUxMDE5MTMwMTQxWhcNMjUxMDIwMTMwMTQxWjAzMTEwLwYDVQQD
Eyg4YTI4MjliZDFlMzQ5NzJmZTBlOTA4M2NlZDU1ZGFhYjc0M2U3ODQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAke7W8zgpMkdaRtnIya6ugsQT/PJc
o33lX4Dw2qxAhbGwBBkB59JXJJ7KXNKbVVEaJnB4lzZk4RRts5/mWw8Rl2j8NhmH
URPUl/S758r+nYwteqAOCzWlW9GRFv/M3IXFcU4n+qzs9wesiMa7VmUauUd65cPE
nip49AZhmp0e3p68/j9D1qclHXinMf7GNDewALiLCsjzX6BcUdncwNkbjZl2E88H
4nqI+Gd9MXe8Pv8qVDhQX1hAn4si8UEWrPXf2jFjT/qJ+vDsgq+WN+ap32jEI4Fz
n2/8a1Rw5mGi01NAKxq9GJEseaWYmpu8dfxOXTXB9U99/vYcaC+ZpZwF5wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIooKb0eNJcv4OkIPO1V2qt0PnhCMB8GA1UdIwQY
MBaAFNTilx5dgWnJQK8CDbAnvtrYmRWQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMU9LWEhsMkJhY2xBcndJTnNDZS0ydGlaRlpBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80NzhhZWEtNmI5NC00OWEzLWFhN2Yt
MTg5NDkwZDYwZWE2LzEvMU9LWEhsMkJhY2xBcndJTnNDZS0ydGlaRlpBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80NzhhZWEtNmI5NC00OWEzLWFhN2YtMTg5NDkwZDYwZWE2
LzEvMU9LWEhsMkJhY2xBcndJTnNDZS0ydGlaRlpBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAK6WxwO/Z
H/3hQ8FIyv3lCC8/RPNS7oDWlHWH4nA7iR0koRl9GJs5G/Nw0NwACfCTgsdGgY6O
dILvUmfwNXHqbkb+AcKMA8HDpQOBY+UaozMNEYX+uKbYQ8Gp0ldARuFww3tJKbms
DwQ+v3Y/B75J1Hxjp85JQ1tvwCYto6Py2VvhfjDgZ3lF4JUN7EECY9ytJ+6jkznO
VYGQWDkSerYcJymW+kInA5+2/DFDvaOGH4Q0BhQUgUgVVXDcNcGYf6/AO6joHgJW
0UhoaZQdHypAAwKT2mVejW6Vv1oDQYw/+vHQqsHDxudfq4Z0NM8oR0V2UAokATJM
MiHc2xZ9IOX+nA==
-----END CERTIFICATE-----
Generated at Sun Oct 19 15:19:16 2025 by rpki-client