Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/72c587-c5cb-40e4-8ce1-e1b53556c1c3/1/XigJUGU6fsWMUzhdALOB77tGWCQ.mft
File:                     XigJUGU6fsWMUzhdALOB77tGWCQ.mft (raw, json)
Hash identifier:          CkmHxlvl7sbCbUC5oVWMe8p3ieYUOC0pSEh+oL6tJ4c=
Subject key identifier:   31:16:FC:49:13:04:17:E7:91:C2:B3:12:5F:47:B4:49:E8:56:6D:AC
Authority key identifier: 5E:28:09:50:65:3A:7E:C5:8C:53:38:5D:00:B3:81:EF:BB:46:58:24
Certificate issuer:       /CN=5e280950653a7ec58c53385d00b381efbb465824
Certificate serial:       0199FEB4836EF211C88A60915CC811B66EE0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/XigJUGU6fsWMUzhdALOB77tGWCQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/cd/72c587-c5cb-40e4-8ce1-e1b53556c1c3/1/XigJUGU6fsWMUzhdALOB77tGWCQ.mft
Manifest number:          06A4
Signing time:             Sun 19 Oct 2025 23:01:06 +0000
Manifest this update:     Sun 19 Oct 2025 23:01:06 +0000
Manifest next update:     Mon 20 Oct 2025 23:01:06 +0000
Files and hashes:         1: TbP72HU__x5-xpUX6PI_i9iyDaM.roa (hash: FLkmCrV+1GGkGMAjoDFB0RSF/lM4teoeIsYHwGZQivI=)
                          2: U5LzRtt7TqgwcmDyAykCjfC_tyg.roa (hash: MnSBkpXKCh2/fnPZQ+yyW+as55btZcpHuSExX+Fr9KQ=)
                          3: XigJUGU6fsWMUzhdALOB77tGWCQ.crl (hash: kC0XdtThqRVNOlsMPcXdndWZOOes5K6upV1c3Ioz9YA=)
                          4: XsQzypEDi3dbORi7Sjru6BV7874.roa (hash: kUYaLmJEoY+QPfzf/QKKUFqO5UN/o9EcoVpI3bOIxPI=)
                          5: ihdmZnPFfRQouiDEX9hoP7FnJXY.roa (hash: vMOPJDVg/5XoKEVMMHXuz77Sx41YI4RzrWjRsAiZbwY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/cd/72c587-c5cb-40e4-8ce1-e1b53556c1c3/1/XigJUGU6fsWMUzhdALOB77tGWCQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/cd/72c587-c5cb-40e4-8ce1-e1b53556c1c3/1/XigJUGU6fsWMUzhdALOB77tGWCQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/XigJUGU6fsWMUzhdALOB77tGWCQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 20:00:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fe:b4:83:6e:f2:11:c8:8a:60:91:5c:c8:11:b6:6e:e0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5e280950653a7ec58c53385d00b381efbb465824
        Validity
            Not Before: Oct 19 23:01:06 2025 GMT
            Not After : Oct 20 23:01:06 2025 GMT
        Subject: CN=3116fc49130417e791c2b3125f47b449e8566dac
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9d:1b:5a:da:68:75:3c:81:cc:81:ea:0e:d2:4d:
                    69:cf:13:5a:70:e4:c5:01:2a:33:fc:63:c2:bb:6d:
                    69:be:3b:52:46:1c:2c:30:be:d4:8a:17:db:a8:bf:
                    c4:be:bb:54:c9:b1:d7:e3:9f:91:48:d4:3d:60:b1:
                    9a:f1:4d:ef:4b:3d:6f:c1:23:22:98:9b:ff:e4:c1:
                    e1:2e:25:6f:7e:63:2c:61:e1:a2:f5:ea:78:90:4a:
                    b5:ac:ad:ef:73:4a:78:4e:03:b9:27:b8:f6:7f:97:
                    9d:5f:aa:ba:10:de:74:6a:e7:4c:cf:2f:74:8f:d5:
                    fc:08:aa:67:99:87:8e:0d:94:b4:8b:5f:65:56:86:
                    aa:cf:b5:2a:43:58:00:25:15:6d:58:94:0d:4f:8b:
                    82:00:5f:8a:3b:b5:73:c4:83:02:5c:6d:73:5c:d3:
                    58:6c:44:de:a7:13:48:8f:bc:ca:b9:55:87:7f:80:
                    be:58:5c:94:16:38:1a:4d:35:e2:a6:15:11:96:ab:
                    6f:27:eb:88:3e:15:42:23:20:3d:1c:94:6a:42:4d:
                    8a:67:08:35:02:3e:b2:cf:5a:dd:1d:eb:e7:fc:72:
                    66:81:ef:bd:3e:89:86:ff:15:ef:b3:bb:fe:88:d7:
                    6a:bc:c9:27:58:75:dc:89:a7:0f:99:3a:bd:fa:01:
                    80:19
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                31:16:FC:49:13:04:17:E7:91:C2:B3:12:5F:47:B4:49:E8:56:6D:AC
            X509v3 Authority Key Identifier:
                keyid:5E:28:09:50:65:3A:7E:C5:8C:53:38:5D:00:B3:81:EF:BB:46:58:24

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XigJUGU6fsWMUzhdALOB77tGWCQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/72c587-c5cb-40e4-8ce1-e1b53556c1c3/1/XigJUGU6fsWMUzhdALOB77tGWCQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/72c587-c5cb-40e4-8ce1-e1b53556c1c3/1/XigJUGU6fsWMUzhdALOB77tGWCQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         40:ed:a7:1f:76:88:52:10:95:b8:7f:5d:1d:dc:08:26:8a:08:
         1d:38:d2:5b:4e:60:de:5a:fb:11:e5:a9:88:54:d1:f4:3c:7a:
         08:70:4c:b9:51:5b:dc:30:f0:e2:31:39:27:24:19:aa:40:03:
         17:62:60:e3:cd:4a:cb:fd:a1:f3:32:ed:49:c5:33:0d:25:b5:
         63:5c:e8:a1:09:54:98:08:8e:ee:52:60:d1:ed:d5:00:3a:ac:
         d2:1f:b0:ab:29:42:35:3d:5c:48:ec:b2:a2:1b:b2:3e:0d:de:
         84:4e:e4:3a:91:72:db:c7:f3:5d:43:47:ef:62:46:31:06:70:
         c7:f5:12:d9:d7:2f:6a:ce:aa:41:a0:43:c5:be:53:21:00:5a:
         8f:4e:b8:d7:45:b8:ed:56:82:f1:86:69:a4:d7:87:1e:a1:e2:
         7c:31:cd:03:be:87:2a:7f:77:a5:0f:c3:e4:6c:a2:c3:58:8f:
         b4:82:62:2e:91:a9:59:5c:77:82:6a:3d:1c:ce:27:f2:00:c0:
         c5:88:81:53:c7:05:99:60:c0:15:e3:9f:a5:9c:78:d6:fa:81:
         14:71:f7:52:30:53:0d:a8:a0:ce:c9:49:4c:68:97:e9:91:8b:
         ca:81:1f:e2:f9:d5:5d:e7:2c:c4:df:5f:31:fb:a0:05:a8:cb:
         4b:7f:2e:4a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn+tINu8hHIimCRXMgRtm7gMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlMjgwOTUwNjUzYTdlYzU4YzUzMzg1ZDAwYjM4MWVmYmI0
NjU4MjQwHhcNMjUxMDE5MjMwMTA2WhcNMjUxMDIwMjMwMTA2WjAzMTEwLwYDVQQD
EygzMTE2ZmM0OTEzMDQxN2U3OTFjMmIzMTI1ZjQ3YjQ0OWU4NTY2ZGFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnRta2mh1PIHMgeoO0k1pzxNacOTF
ASoz/GPCu21pvjtSRhwsML7UihfbqL/EvrtUybHX45+RSNQ9YLGa8U3vSz1vwSMi
mJv/5MHhLiVvfmMsYeGi9ep4kEq1rK3vc0p4TgO5J7j2f5edX6q6EN50audMzy90
j9X8CKpnmYeODZS0i19lVoaqz7UqQ1gAJRVtWJQNT4uCAF+KO7VzxIMCXG1zXNNY
bETepxNIj7zKuVWHf4C+WFyUFjgaTTXiphURlqtvJ+uIPhVCIyA9HJRqQk2KZwg1
Aj6yz1rdHevn/HJmge+9PomG/xXvs7v+iNdqvMknWHXciacPmTq9+gGAGQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDEW/EkTBBfnkcKzEl9HtEnoVm2sMB8GA1UdIwQY
MBaAFF4oCVBlOn7FjFM4XQCzge+7RlgkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGlnSlVHVTZmc1dNVXpoZEFMT0I3N3RHV0NRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC83MmM1ODctYzVjYi00MGU0LThjZTEt
ZTFiNTM1NTZjMWMzLzEvWGlnSlVHVTZmc1dNVXpoZEFMT0I3N3RHV0NRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC83MmM1ODctYzVjYi00MGU0LThjZTEtZTFiNTM1NTZjMWMz
LzEvWGlnSlVHVTZmc1dNVXpoZEFMT0I3N3RHV0NRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQO2nH3aI
UhCVuH9dHdwIJooIHTjSW05g3lr7EeWpiFTR9Dx6CHBMuVFb3DDw4jE5JyQZqkAD
F2Jg481Ky/2h8zLtScUzDSW1Y1zooQlUmAiO7lJg0e3VADqs0h+wqylCNT1cSOyy
ohuyPg3ehE7kOpFy28fzXUNH72JGMQZwx/US2dcvas6qQaBDxb5TIQBaj06410W4
7VaC8YZppNeHHqHifDHNA76HKn93pQ/D5Gyiw1iPtIJiLpGpWVx3gmo9HM4n8gDA
xYiBU8cFmWDAFeOfpZx41vqBFHH3UjBTDaigzslJTGiX6ZGLyoEf4vnVXecsxN9f
MfugBajLS38uSg==
-----END CERTIFICATE-----
Generated at Mon Oct 20 06:26:38 2025 by rpki-client