Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c1/594c78-4bd0-43d8-814f-58349f740e96/1/3fIKBoW2_pdUyiJIZ3Wy2KfpwR4.mft
File:                     3fIKBoW2_pdUyiJIZ3Wy2KfpwR4.mft (raw, json)
Hash identifier:          7/AuMnZFGanBQL1+YumCvhmg1iE7L5YMlraZ02onTzw=
Subject key identifier:   06:48:E7:C3:55:AE:5A:A7:B0:E5:75:BE:32:69:DD:BC:66:3C:71:2E
Authority key identifier: DD:F2:0A:06:85:B6:FE:97:54:CA:22:48:67:75:B2:D8:A7:E9:C1:1E
Certificate issuer:       /CN=ddf20a0685b6fe9754ca22486775b2d8a7e9c11e
Certificate serial:       0199FC214650C46F1A21434EB759AB699433
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3fIKBoW2_pdUyiJIZ3Wy2KfpwR4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c1/594c78-4bd0-43d8-814f-58349f740e96/1/3fIKBoW2_pdUyiJIZ3Wy2KfpwR4.mft
Manifest number:          0A00
Signing time:             Sun 19 Oct 2025 11:01:03 +0000
Manifest this update:     Sun 19 Oct 2025 11:01:03 +0000
Manifest next update:     Mon 20 Oct 2025 11:01:03 +0000
Files and hashes:         1: 3fIKBoW2_pdUyiJIZ3Wy2KfpwR4.crl (hash: rsvrZrDzvhl4Lqv5slw2X0XESKuJI07lzYxkua5bUg8=)
                          2: vrZbrmq-YLZHy_jTQFADJGPxi-I.roa (hash: SoRxaIEIcm9lF/KB/PtX621zexUgH5AtUpObYQIQZW4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c1/594c78-4bd0-43d8-814f-58349f740e96/1/3fIKBoW2_pdUyiJIZ3Wy2KfpwR4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c1/594c78-4bd0-43d8-814f-58349f740e96/1/3fIKBoW2_pdUyiJIZ3Wy2KfpwR4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3fIKBoW2_pdUyiJIZ3Wy2KfpwR4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 06:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fc:21:46:50:c4:6f:1a:21:43:4e:b7:59:ab:69:94:33
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ddf20a0685b6fe9754ca22486775b2d8a7e9c11e
        Validity
            Not Before: Oct 19 11:01:03 2025 GMT
            Not After : Oct 20 11:01:03 2025 GMT
        Subject: CN=0648e7c355ae5aa7b0e575be3269ddbc663c712e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:5b:ac:03:27:0b:a6:c8:fc:b3:ce:fe:61:43:
                    92:62:73:f8:a1:11:89:0d:3c:14:8e:48:3b:5b:b2:
                    d4:ba:83:25:98:d7:2b:0e:74:ae:43:21:2d:7c:2d:
                    67:99:10:7a:86:69:36:ea:cf:43:81:c0:5a:fc:a2:
                    9d:bf:5b:2e:1e:79:ac:ee:65:a5:0a:20:e1:7f:5f:
                    85:cc:f5:08:42:bd:9d:bb:98:f8:75:b6:ac:5e:68:
                    6f:7e:bb:64:b0:f7:60:35:d5:d5:db:0b:60:37:38:
                    81:0d:74:0a:d3:c2:09:6a:f7:50:8a:ae:71:4f:c6:
                    67:bc:0c:89:b1:c3:a4:7c:74:a4:9c:bf:66:09:e9:
                    f0:5b:4c:3b:b4:fe:af:c3:c9:1d:0e:29:ea:6c:8b:
                    66:6b:af:83:3f:f4:ee:68:91:40:b1:b7:2d:45:cd:
                    1c:fe:52:78:6a:1c:7d:c7:ec:85:bd:93:7b:34:f9:
                    2c:9f:e7:a3:4d:87:d7:f6:ed:db:72:17:31:b7:70:
                    3c:5d:15:4d:f3:99:30:45:42:5b:52:d8:10:75:d4:
                    d2:4b:20:3b:a6:a2:12:c6:34:3f:91:9a:5d:d8:e0:
                    34:96:78:6d:83:d6:b8:07:57:c4:f0:26:a2:29:e4:
                    bb:76:c6:50:52:75:dc:13:5d:b2:16:41:bd:af:ce:
                    ab:59
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                06:48:E7:C3:55:AE:5A:A7:B0:E5:75:BE:32:69:DD:BC:66:3C:71:2E
            X509v3 Authority Key Identifier:
                keyid:DD:F2:0A:06:85:B6:FE:97:54:CA:22:48:67:75:B2:D8:A7:E9:C1:1E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3fIKBoW2_pdUyiJIZ3Wy2KfpwR4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/594c78-4bd0-43d8-814f-58349f740e96/1/3fIKBoW2_pdUyiJIZ3Wy2KfpwR4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/594c78-4bd0-43d8-814f-58349f740e96/1/3fIKBoW2_pdUyiJIZ3Wy2KfpwR4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         21:38:86:c7:31:22:9e:16:bf:60:2e:79:83:7f:a5:fc:98:f6:
         b8:7e:bf:23:52:c5:fe:67:0e:ac:4a:bb:cb:52:6c:59:60:df:
         53:b4:e2:ac:78:5c:9e:dc:ef:7a:af:9e:20:50:eb:a4:c5:fd:
         7a:d7:24:4b:37:70:23:5e:ac:25:94:29:7d:ef:05:5c:d8:a9:
         98:cf:ef:43:58:7a:53:69:55:87:62:b8:99:5c:6e:bf:c2:a6:
         fb:4f:0e:54:b5:06:ff:66:2c:57:a8:07:32:a3:a5:95:63:28:
         26:1e:8b:b7:6f:aa:db:40:d4:43:53:bb:ac:c2:ee:66:b8:50:
         67:53:bb:a5:d7:d5:5c:ff:57:8f:25:0e:a1:a5:f0:73:4a:3d:
         41:ee:70:dc:18:82:4d:1f:7b:f3:97:c2:32:a6:64:4f:d3:11:
         59:cc:17:75:29:69:f8:04:88:97:aa:7f:53:a4:e3:19:83:2e:
         a1:2d:29:1d:1f:55:7b:07:aa:7c:86:0b:67:97:45:bc:cf:12:
         af:e7:fc:6e:27:67:c8:b0:56:fe:13:c7:96:52:fb:07:1e:ea:
         fe:72:b5:0b:a5:b8:1f:d0:89:76:34:9f:25:a3:6e:20:f5:fd:
         ef:29:bf:d3:de:e0:53:d1:ea:50:83:00:10:cf:41:55:ca:41:
         6d:77:ce:76
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn8IUZQxG8aIUNOt1mraZQzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkZjIwYTA2ODViNmZlOTc1NGNhMjI0ODY3NzViMmQ4YTdl
OWMxMWUwHhcNMjUxMDE5MTEwMTAzWhcNMjUxMDIwMTEwMTAzWjAzMTEwLwYDVQQD
EygwNjQ4ZTdjMzU1YWU1YWE3YjBlNTc1YmUzMjY5ZGRiYzY2M2M3MTJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApVusAycLpsj8s87+YUOSYnP4oRGJ
DTwUjkg7W7LUuoMlmNcrDnSuQyEtfC1nmRB6hmk26s9DgcBa/KKdv1suHnms7mWl
CiDhf1+FzPUIQr2du5j4dbasXmhvfrtksPdgNdXV2wtgNziBDXQK08IJavdQiq5x
T8ZnvAyJscOkfHSknL9mCenwW0w7tP6vw8kdDinqbItma6+DP/TuaJFAsbctRc0c
/lJ4ahx9x+yFvZN7NPksn+ejTYfX9u3bchcxt3A8XRVN85kwRUJbUtgQddTSSyA7
pqISxjQ/kZpd2OA0lnhtg9a4B1fE8CaiKeS7dsZQUnXcE12yFkG9r86rWQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAZI58NVrlqnsOV1vjJp3bxmPHEuMB8GA1UdIwQY
MBaAFN3yCgaFtv6XVMoiSGd1stin6cEeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2ZJS0JvVzJfcGRVeWlKSVozV3kyS2Zwd1I0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMS81OTRjNzgtNGJkMC00M2Q4LTgxNGYt
NTgzNDlmNzQwZTk2LzEvM2ZJS0JvVzJfcGRVeWlKSVozV3kyS2Zwd1I0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMS81OTRjNzgtNGJkMC00M2Q4LTgxNGYtNTgzNDlmNzQwZTk2
LzEvM2ZJS0JvVzJfcGRVeWlKSVozV3kyS2Zwd1I0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAITiGxzEi
nha/YC55g3+l/Jj2uH6/I1LF/mcOrEq7y1JsWWDfU7TirHhcntzveq+eIFDrpMX9
etckSzdwI16sJZQpfe8FXNipmM/vQ1h6U2lVh2K4mVxuv8Km+08OVLUG/2YsV6gH
MqOllWMoJh6Lt2+q20DUQ1O7rMLuZrhQZ1O7pdfVXP9XjyUOoaXwc0o9Qe5w3BiC
TR9785fCMqZkT9MRWcwXdSlp+ASIl6p/U6TjGYMuoS0pHR9VeweqfIYLZ5dFvM8S
r+f8bidnyLBW/hPHllL7Bx7q/nK1C6W4H9CJdjSfJaNuIPX97ym/097gU9HqUIMA
EM9BVcpBbXfOdg==
-----END CERTIFICATE-----
Generated at Sun Oct 19 15:14:42 2025 by rpki-client