Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c4/970f9a-9480-4fdd-a4f4-a80a95e5a099/1/2GucF3igUp7n4jIAPL5cmTw2_ds.mft
File:                     2GucF3igUp7n4jIAPL5cmTw2_ds.mft (raw, json)
Hash identifier:          yUYgIScBIcfKp3DsZgi4USnkf4K37GJmaiYJUov52E8=
Subject key identifier:   98:47:73:9F:8D:CD:DD:9F:4D:42:F9:C8:95:57:F4:92:CA:DE:76:2D
Authority key identifier: D8:6B:9C:17:78:A0:52:9E:E7:E2:32:00:3C:BE:5C:99:3C:36:FD:DB
Certificate issuer:       /CN=d86b9c1778a0529ee7e232003cbe5c993c36fddb
Certificate serial:       019A03DA3040FF4779B12E37A4936F2FA629
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2GucF3igUp7n4jIAPL5cmTw2_ds.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c4/970f9a-9480-4fdd-a4f4-a80a95e5a099/1/2GucF3igUp7n4jIAPL5cmTw2_ds.mft
Manifest number:          0446
Signing time:             Mon 20 Oct 2025 23:00:22 +0000
Manifest this update:     Mon 20 Oct 2025 23:00:22 +0000
Manifest next update:     Tue 21 Oct 2025 23:00:22 +0000
Files and hashes:         1: 2GucF3igUp7n4jIAPL5cmTw2_ds.crl (hash: jt4g2v3kuJa5gWLJxZcLxWiYDmwejytgBirN1mu/ppc=)
                          2: xaTFNHvIwGFGt2nvvisSJGJJn1U.roa (hash: dncutlGZCp4ijfHdULe589Ce9+6dKbRvNV71t7mvtSc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c4/970f9a-9480-4fdd-a4f4-a80a95e5a099/1/2GucF3igUp7n4jIAPL5cmTw2_ds.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c4/970f9a-9480-4fdd-a4f4-a80a95e5a099/1/2GucF3igUp7n4jIAPL5cmTw2_ds.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2GucF3igUp7n4jIAPL5cmTw2_ds.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 21 Oct 2025 22:00:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:03:da:30:40:ff:47:79:b1:2e:37:a4:93:6f:2f:a6:29
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d86b9c1778a0529ee7e232003cbe5c993c36fddb
        Validity
            Not Before: Oct 20 23:00:22 2025 GMT
            Not After : Oct 21 23:00:22 2025 GMT
        Subject: CN=9847739f8dcddd9f4d42f9c89557f492cade762d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ca:3c:c5:23:42:af:24:1c:2c:0d:89:b6:b6:e2:
                    b7:84:0f:20:62:2f:9a:9e:ff:e3:5b:ac:01:62:dd:
                    7b:21:0b:65:1b:74:f5:57:2f:dc:ff:20:4f:92:62:
                    86:60:7b:52:ec:32:ea:70:8c:23:6b:8c:fe:1d:de:
                    93:e5:28:c9:e7:a7:c2:6e:14:eb:76:8c:a5:4e:31:
                    ca:ba:35:8a:20:2a:26:ad:07:c0:90:b5:bb:67:ef:
                    38:18:79:64:9f:87:ad:46:7c:ea:f0:40:79:bc:e9:
                    36:ca:b5:72:1b:e4:c1:61:8a:15:d4:96:52:1e:3e:
                    c5:26:1a:4a:af:11:70:2a:22:9e:64:70:28:55:d5:
                    7c:d5:ef:18:52:8c:a4:27:63:3d:d9:77:34:e7:6f:
                    64:88:ce:a1:23:76:5d:28:ea:ad:ef:54:c3:b5:d9:
                    0c:b8:d2:dd:e6:eb:7b:58:99:6a:b4:01:c9:9a:dd:
                    df:30:e4:4b:f4:dd:19:fb:03:cf:d1:84:4c:e5:a9:
                    c8:c6:56:2f:53:3e:2e:0a:0f:93:cb:89:c5:ef:47:
                    da:67:c3:b4:50:1f:b4:b8:49:9f:c8:33:53:2e:35:
                    81:29:78:d4:47:9d:4e:dc:91:1c:1c:40:08:e1:ab:
                    5c:c2:3d:aa:c7:20:c8:35:01:fc:15:1b:15:8a:75:
                    cf:0d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                98:47:73:9F:8D:CD:DD:9F:4D:42:F9:C8:95:57:F4:92:CA:DE:76:2D
            X509v3 Authority Key Identifier:
                keyid:D8:6B:9C:17:78:A0:52:9E:E7:E2:32:00:3C:BE:5C:99:3C:36:FD:DB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2GucF3igUp7n4jIAPL5cmTw2_ds.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/970f9a-9480-4fdd-a4f4-a80a95e5a099/1/2GucF3igUp7n4jIAPL5cmTw2_ds.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/970f9a-9480-4fdd-a4f4-a80a95e5a099/1/2GucF3igUp7n4jIAPL5cmTw2_ds.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         22:08:61:1d:1e:28:c1:7c:f2:2b:27:94:1d:4f:46:31:2d:f7:
         3a:53:21:f0:eb:7c:a9:73:c9:38:5b:3e:07:1e:5d:f7:6e:fd:
         a2:e1:e7:6d:61:a6:a8:79:34:09:d8:3d:7d:5b:de:61:e5:f2:
         dc:f9:c3:cb:38:5c:b2:2c:02:68:95:38:99:92:53:63:d8:c3:
         88:b7:fc:c9:24:51:03:20:e9:9d:d8:ad:61:bb:2f:7f:1b:04:
         ea:00:76:9e:2c:e2:36:dd:19:6e:33:f5:ed:62:d9:bd:fd:9b:
         0f:c0:ce:0d:d4:21:07:6e:4e:df:33:da:90:df:c4:30:ba:d7:
         d3:ef:ef:99:83:d8:51:7e:9c:06:29:52:35:aa:aa:20:89:a6:
         6b:e4:0f:e8:6a:11:fb:0e:27:01:35:6e:ac:09:23:20:bb:c4:
         4a:e5:79:8e:f5:6c:04:2a:60:b8:0f:55:33:77:be:c6:ad:b9:
         a1:a1:e0:28:03:cb:f9:3a:a1:33:3f:ec:fc:ec:14:d3:67:f1:
         aa:77:7e:19:ca:02:cf:9c:95:5d:a2:b2:2c:91:cc:45:9d:1c:
         7f:a8:75:f7:7f:e2:49:13:c7:0e:f3:62:18:c1:f3:72:37:89:
         98:7d:e4:ed:d1:4b:3b:a3:0d:89:d5:ce:fd:8f:a6:ef:a6:77:
         26:da:ea:70
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZoD2jBA/0d5sS43pJNvL6YpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4NmI5YzE3NzhhMDUyOWVlN2UyMzIwMDNjYmU1Yzk5M2Mz
NmZkZGIwHhcNMjUxMDIwMjMwMDIyWhcNMjUxMDIxMjMwMDIyWjAzMTEwLwYDVQQD
Eyg5ODQ3NzM5ZjhkY2RkZDlmNGQ0MmY5Yzg5NTU3ZjQ5MmNhZGU3NjJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyjzFI0KvJBwsDYm2tuK3hA8gYi+a
nv/jW6wBYt17IQtlG3T1Vy/c/yBPkmKGYHtS7DLqcIwja4z+Hd6T5SjJ56fCbhTr
doylTjHKujWKIComrQfAkLW7Z+84GHlkn4etRnzq8EB5vOk2yrVyG+TBYYoV1JZS
Hj7FJhpKrxFwKiKeZHAoVdV81e8YUoykJ2M92Xc0529kiM6hI3ZdKOqt71TDtdkM
uNLd5ut7WJlqtAHJmt3fMORL9N0Z+wPP0YRM5anIxlYvUz4uCg+Ty4nF70faZ8O0
UB+0uEmfyDNTLjWBKXjUR51O3JEcHEAI4atcwj2qxyDINQH8FRsVinXPDQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJhHc5+Nzd2fTUL5yJVX9JLK3nYtMB8GA1UdIwQY
MBaAFNhrnBd4oFKe5+IyADy+XJk8Nv3bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMkd1Y0YzaWdVcDduNGpJQVBMNWNtVHcyX2RzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNC85NzBmOWEtOTQ4MC00ZmRkLWE0ZjQt
YTgwYTk1ZTVhMDk5LzEvMkd1Y0YzaWdVcDduNGpJQVBMNWNtVHcyX2RzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNC85NzBmOWEtOTQ4MC00ZmRkLWE0ZjQtYTgwYTk1ZTVhMDk5
LzEvMkd1Y0YzaWdVcDduNGpJQVBMNWNtVHcyX2RzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAIghhHR4o
wXzyKyeUHU9GMS33OlMh8Ot8qXPJOFs+Bx5d9279ouHnbWGmqHk0Cdg9fVveYeXy
3PnDyzhcsiwCaJU4mZJTY9jDiLf8ySRRAyDpnditYbsvfxsE6gB2niziNt0ZbjP1
7WLZvf2bD8DODdQhB25O3zPakN/EMLrX0+/vmYPYUX6cBilSNaqqIImma+QP6GoR
+w4nATVurAkjILvESuV5jvVsBCpguA9VM3e+xq25oaHgKAPL+TqhMz/s/OwU02fx
qnd+GcoCz5yVXaKyLJHMRZ0cf6h193/iSRPHDvNiGMHzcjeJmH3k7dFLO6MNidXO
/Y+m76Z3JtrqcA==
-----END CERTIFICATE-----
Generated at Tue Oct 21 03:00:57 2025 by rpki-client