Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c2/8694b9-01d7-48b8-a882-94e700bd55f5/1/kTOA6LhQRU2zgd3euawsyKL2JTE.mft
File:                     kTOA6LhQRU2zgd3euawsyKL2JTE.mft (raw, json)
Hash identifier:          OSHPMVRbLDI0TZAMDkskxvgAAvDn8hp68O7OO5pgJEk=
Subject key identifier:   65:18:B5:0B:E8:A0:EB:BA:CE:4B:F0:2F:30:90:26:EA:97:1B:90:AD
Authority key identifier: 91:33:80:E8:B8:50:45:4D:B3:81:DD:DE:B9:AC:2C:C8:A2:F6:25:31
Certificate issuer:       /CN=913380e8b850454db381dddeb9ac2cc8a2f62531
Certificate serial:       0199FBEBCB782EDC5E3EEC2BFB44E9CEA365
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/kTOA6LhQRU2zgd3euawsyKL2JTE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c2/8694b9-01d7-48b8-a882-94e700bd55f5/1/kTOA6LhQRU2zgd3euawsyKL2JTE.mft
Manifest number:          05DD
Signing time:             Sun 19 Oct 2025 10:02:38 +0000
Manifest this update:     Sun 19 Oct 2025 10:02:38 +0000
Manifest next update:     Mon 20 Oct 2025 10:02:38 +0000
Files and hashes:         1: U5Y7YWVXNPPm9KoqmwsivloXzrs.roa (hash: ca5vcs2GJ+zXpmrDaBzBSEBE+1Vnejqdln+cTCo9uxU=)
                          2: kTOA6LhQRU2zgd3euawsyKL2JTE.crl (hash: Gu06VomHlAJnmastVwIql0wAxQyLxz3952jCWWyAbvc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c2/8694b9-01d7-48b8-a882-94e700bd55f5/1/kTOA6LhQRU2zgd3euawsyKL2JTE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c2/8694b9-01d7-48b8-a882-94e700bd55f5/1/kTOA6LhQRU2zgd3euawsyKL2JTE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/kTOA6LhQRU2zgd3euawsyKL2JTE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 06:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fb:eb:cb:78:2e:dc:5e:3e:ec:2b:fb:44:e9:ce:a3:65
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=913380e8b850454db381dddeb9ac2cc8a2f62531
        Validity
            Not Before: Oct 19 10:02:38 2025 GMT
            Not After : Oct 20 10:02:38 2025 GMT
        Subject: CN=6518b50be8a0ebbace4bf02f309026ea971b90ad
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cc:3d:c1:57:3e:ad:65:f9:05:dd:61:19:96:55:
                    a0:d5:cd:c4:65:ee:e6:22:2d:9e:8e:45:f6:9d:19:
                    9c:d3:35:3a:3f:9c:e8:53:2e:1b:87:55:81:9c:74:
                    00:d2:dd:dc:df:28:e2:57:af:fe:b5:79:48:d9:e9:
                    98:4e:74:b5:02:88:82:a6:15:32:12:a0:ed:2a:33:
                    13:8e:72:9a:71:fb:60:dc:5c:1e:be:92:8f:5f:9e:
                    ec:48:ad:23:ab:52:06:55:f4:23:3c:1f:eb:b1:cd:
                    18:61:b0:c4:8c:47:4d:9a:f0:93:c6:12:4c:82:b3:
                    98:67:b6:4e:0b:32:4b:4e:62:1b:df:9c:ae:d3:a8:
                    5d:c7:17:3e:a6:a5:3a:ee:c7:60:5d:30:84:57:6b:
                    6f:0b:85:92:b7:8a:32:2a:d0:ed:36:65:47:eb:29:
                    1d:16:5b:ca:35:44:5a:11:dc:5d:01:3a:d2:ec:8b:
                    7f:70:21:c1:a7:a0:72:60:ba:e5:39:e1:e5:a4:8d:
                    76:9d:c8:11:82:a8:94:51:df:09:c8:98:d6:f4:57:
                    58:42:89:84:e9:41:8d:40:40:96:86:6e:5c:18:e7:
                    36:6b:60:67:9f:91:c6:78:91:f7:11:96:35:6b:4d:
                    a0:d8:76:a9:43:2f:b6:71:ee:36:9d:cf:85:2e:dc:
                    06:b5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                65:18:B5:0B:E8:A0:EB:BA:CE:4B:F0:2F:30:90:26:EA:97:1B:90:AD
            X509v3 Authority Key Identifier:
                keyid:91:33:80:E8:B8:50:45:4D:B3:81:DD:DE:B9:AC:2C:C8:A2:F6:25:31

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kTOA6LhQRU2zgd3euawsyKL2JTE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/8694b9-01d7-48b8-a882-94e700bd55f5/1/kTOA6LhQRU2zgd3euawsyKL2JTE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/8694b9-01d7-48b8-a882-94e700bd55f5/1/kTOA6LhQRU2zgd3euawsyKL2JTE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         51:99:db:19:49:25:d5:80:fc:00:83:dd:da:95:52:16:7e:94:
         d7:02:9b:b6:48:4a:a0:05:93:e1:c5:f9:07:9f:a9:dc:cf:0d:
         f9:5c:d7:2d:fa:15:11:43:c9:00:c8:ff:dd:af:ac:a4:2e:e6:
         7d:46:ee:60:f7:14:9c:75:97:79:b3:8d:cd:03:3b:3d:4a:e0:
         36:37:d2:ad:49:46:9a:44:de:48:bb:40:58:fd:b1:94:30:ee:
         d0:60:f8:aa:b1:c3:6b:e5:95:06:46:08:cd:fd:5f:f4:72:c9:
         c8:89:c2:9c:c4:18:a3:b3:5f:23:7e:30:c6:e1:84:a2:1a:52:
         cf:27:34:1a:7b:22:d5:d9:9e:29:0e:3a:4e:57:38:52:d6:51:
         ec:de:2d:39:e2:fc:bc:af:83:85:17:b4:4b:b2:a8:42:78:66:
         0f:a2:23:df:54:b2:76:80:ef:e1:65:11:d0:dc:72:75:f4:91:
         1d:58:4a:88:30:2d:cf:f3:87:0d:d8:bb:0b:59:2a:3b:1d:69:
         a8:41:83:f0:d5:79:5a:53:e2:b4:bc:9b:5a:82:11:34:f4:eb:
         5f:b6:b6:2e:f9:9f:4b:4a:76:8a:0e:c0:fc:60:70:ad:3d:a0:
         e7:72:69:c4:d6:27:52:ab:56:e7:b1:11:b2:85:53:af:55:96:
         04:57:0d:16
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn768t4LtxePuwr+0TpzqNlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkxMzM4MGU4Yjg1MDQ1NGRiMzgxZGRkZWI5YWMyY2M4YTJm
NjI1MzEwHhcNMjUxMDE5MTAwMjM4WhcNMjUxMDIwMTAwMjM4WjAzMTEwLwYDVQQD
Eyg2NTE4YjUwYmU4YTBlYmJhY2U0YmYwMmYzMDkwMjZlYTk3MWI5MGFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzD3BVz6tZfkF3WEZllWg1c3EZe7m
Ii2ejkX2nRmc0zU6P5zoUy4bh1WBnHQA0t3c3yjiV6/+tXlI2emYTnS1AoiCphUy
EqDtKjMTjnKacftg3FwevpKPX57sSK0jq1IGVfQjPB/rsc0YYbDEjEdNmvCTxhJM
grOYZ7ZOCzJLTmIb35yu06hdxxc+pqU67sdgXTCEV2tvC4WSt4oyKtDtNmVH6ykd
FlvKNURaEdxdATrS7It/cCHBp6ByYLrlOeHlpI12ncgRgqiUUd8JyJjW9FdYQomE
6UGNQECWhm5cGOc2a2Bnn5HGeJH3EZY1a02g2HapQy+2ce42nc+FLtwGtQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGUYtQvooOu6zkvwLzCQJuqXG5CtMB8GA1UdIwQY
MBaAFJEzgOi4UEVNs4Hd3rmsLMii9iUxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva1RPQTZMaFFSVTJ6Z2QzZXVhd3N5S0wySlRFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMi84Njk0YjktMDFkNy00OGI4LWE4ODIt
OTRlNzAwYmQ1NWY1LzEva1RPQTZMaFFSVTJ6Z2QzZXVhd3N5S0wySlRFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMi84Njk0YjktMDFkNy00OGI4LWE4ODItOTRlNzAwYmQ1NWY1
LzEva1RPQTZMaFFSVTJ6Z2QzZXVhd3N5S0wySlRFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAUZnbGUkl
1YD8AIPd2pVSFn6U1wKbtkhKoAWT4cX5B5+p3M8N+VzXLfoVEUPJAMj/3a+spC7m
fUbuYPcUnHWXebONzQM7PUrgNjfSrUlGmkTeSLtAWP2xlDDu0GD4qrHDa+WVBkYI
zf1f9HLJyInCnMQYo7NfI34wxuGEohpSzyc0Gnsi1dmeKQ46Tlc4UtZR7N4tOeL8
vK+DhRe0S7KoQnhmD6Ij31SydoDv4WUR0NxydfSRHVhKiDAtz/OHDdi7C1kqOx1p
qEGD8NV5WlPitLybWoIRNPTrX7a2LvmfS0p2ig7A/GBwrT2g53JpxNYnUqtW57ER
soVTr1WWBFcNFg==
-----END CERTIFICATE-----
Generated at Sun Oct 19 15:19:21 2025 by rpki-client