Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/d4b7f3-40ce-42ed-a93b-5e8dedac9cb7/1/OoTf7z1RB7hPx3xW3PeeBf6cc1E.mft
File:                     OoTf7z1RB7hPx3xW3PeeBf6cc1E.mft (raw, json)
Hash identifier:          lxu+wcHVC7cAT20gxwim49dWYir6KhkyNrUM6JHluT4=
Subject key identifier:   9B:7D:E4:BB:BD:B1:D9:5D:B0:6B:E4:3A:1C:52:F4:4C:92:19:28:0E
Authority key identifier: 3A:84:DF:EF:3D:51:07:B8:4F:C7:7C:56:DC:F7:9E:05:FE:9C:73:51
Certificate issuer:       /CN=3a84dfef3d5107b84fc77c56dcf79e05fe9c7351
Certificate serial:       0199FC213C08C85B3C5539A71390365BAD60
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OoTf7z1RB7hPx3xW3PeeBf6cc1E.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/cd/d4b7f3-40ce-42ed-a93b-5e8dedac9cb7/1/OoTf7z1RB7hPx3xW3PeeBf6cc1E.mft
Manifest number:          10FC
Signing time:             Sun 19 Oct 2025 11:01:00 +0000
Manifest this update:     Sun 19 Oct 2025 11:01:00 +0000
Manifest next update:     Mon 20 Oct 2025 11:01:00 +0000
Files and hashes:         1: OoTf7z1RB7hPx3xW3PeeBf6cc1E.crl (hash: Q20OwgafhhAMOWflXkajMP/TEzZ25LI1CL3Qoh7GZl4=)
                          2: fmsKsNJsScyYZyH8RUfSLeG-UJA.roa (hash: XWgPxzT1eqv4he1A7biAZG6QqWis59ng7mldQueWS0g=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/cd/d4b7f3-40ce-42ed-a93b-5e8dedac9cb7/1/OoTf7z1RB7hPx3xW3PeeBf6cc1E.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/cd/d4b7f3-40ce-42ed-a93b-5e8dedac9cb7/1/OoTf7z1RB7hPx3xW3PeeBf6cc1E.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/OoTf7z1RB7hPx3xW3PeeBf6cc1E.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 11:01:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fc:21:3c:08:c8:5b:3c:55:39:a7:13:90:36:5b:ad:60
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3a84dfef3d5107b84fc77c56dcf79e05fe9c7351
        Validity
            Not Before: Oct 19 11:01:00 2025 GMT
            Not After : Oct 20 11:01:00 2025 GMT
        Subject: CN=9b7de4bbbdb1d95db06be43a1c52f44c9219280e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e9:f5:ae:49:15:88:15:e2:36:b7:2f:53:ea:c3:
                    c2:10:25:ad:80:c0:2e:71:65:d8:cb:9d:69:c7:01:
                    87:a3:f3:6b:11:b5:0c:bd:2a:ae:88:9c:c2:76:c1:
                    43:0a:b2:b5:97:cd:52:e9:66:83:32:1b:d6:29:d1:
                    3d:2b:98:77:bb:bc:66:b8:0b:1a:e7:a4:8a:c9:dd:
                    f1:3a:13:f4:e5:b2:f6:e4:70:cc:b9:58:90:1a:26:
                    b1:42:a5:fa:49:f0:34:24:1b:a7:a0:8c:21:70:2f:
                    d4:2a:c3:27:eb:c3:24:df:c2:65:f1:03:de:e4:ca:
                    39:88:03:b8:71:2b:1c:f3:73:32:c2:28:ae:d1:d5:
                    6d:69:f2:41:d7:3b:16:f5:f1:9e:d5:ba:e7:34:07:
                    ef:73:2c:5a:7f:04:35:31:a3:d9:55:54:d2:28:1c:
                    17:02:69:10:62:7d:41:6b:a8:b8:ef:0b:e6:3e:b2:
                    22:fa:86:e7:37:75:03:29:80:fd:35:af:eb:44:02:
                    6b:2d:1f:88:21:36:04:92:94:06:c0:0f:97:92:3a:
                    e9:b0:fb:2c:bd:72:d2:28:1b:a2:15:61:14:3c:63:
                    07:78:c8:1b:8d:41:c6:92:ab:99:9d:ce:05:9d:52:
                    35:e8:8f:6d:ad:ea:51:bd:fe:24:8b:55:48:ad:45:
                    47:3d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9B:7D:E4:BB:BD:B1:D9:5D:B0:6B:E4:3A:1C:52:F4:4C:92:19:28:0E
            X509v3 Authority Key Identifier:
                keyid:3A:84:DF:EF:3D:51:07:B8:4F:C7:7C:56:DC:F7:9E:05:FE:9C:73:51

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OoTf7z1RB7hPx3xW3PeeBf6cc1E.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/d4b7f3-40ce-42ed-a93b-5e8dedac9cb7/1/OoTf7z1RB7hPx3xW3PeeBf6cc1E.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/d4b7f3-40ce-42ed-a93b-5e8dedac9cb7/1/OoTf7z1RB7hPx3xW3PeeBf6cc1E.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         d1:9e:2a:ea:47:9a:78:43:63:3a:6a:86:54:09:d0:71:47:10:
         07:aa:3b:af:a8:69:1e:6b:38:eb:24:3f:1a:a6:ee:c5:f8:03:
         fe:50:80:ca:23:c7:8a:42:64:eb:fc:ea:63:69:52:5e:c4:21:
         22:d0:7f:60:f8:91:e0:75:d7:b4:1b:f4:11:4f:59:97:32:53:
         c4:04:72:0c:b5:bd:67:28:d1:ca:65:aa:a0:6c:99:7f:e3:f7:
         d7:05:e0:b3:fa:23:15:88:f0:12:8c:11:25:4d:42:10:17:18:
         c1:14:af:50:4d:26:41:61:0c:e9:26:13:51:ec:d6:60:3e:4c:
         c4:9a:9a:a4:27:a7:26:c6:01:a5:65:b4:a8:bb:a1:fe:da:a3:
         b3:b3:c6:18:e9:7b:95:8d:05:11:69:46:f8:fa:04:ff:db:4a:
         52:e6:5d:ac:e9:6d:1f:40:21:49:af:b6:27:0a:30:31:39:1b:
         8a:08:d1:2f:34:4c:57:69:43:90:e0:61:03:41:43:81:56:db:
         cb:aa:45:fb:37:07:ae:11:62:1e:29:6e:77:c7:c2:75:75:3a:
         cc:bc:89:5d:b1:82:25:fd:b5:fd:b9:a3:03:fb:58:05:17:5d:
         a2:6d:e5:f9:29:b6:ae:ee:e7:7d:e4:a8:3e:05:5e:97:bf:f0:
         b7:28:a9:00
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn8ITwIyFs8VTmnE5A2W61gMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhODRkZmVmM2Q1MTA3Yjg0ZmM3N2M1NmRjZjc5ZTA1ZmU5
YzczNTEwHhcNMjUxMDE5MTEwMTAwWhcNMjUxMDIwMTEwMTAwWjAzMTEwLwYDVQQD
Eyg5YjdkZTRiYmJkYjFkOTVkYjA2YmU0M2ExYzUyZjQ0YzkyMTkyODBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6fWuSRWIFeI2ty9T6sPCECWtgMAu
cWXYy51pxwGHo/NrEbUMvSquiJzCdsFDCrK1l81S6WaDMhvWKdE9K5h3u7xmuAsa
56SKyd3xOhP05bL25HDMuViQGiaxQqX6SfA0JBunoIwhcC/UKsMn68Mk38Jl8QPe
5Mo5iAO4cSsc83Mywiiu0dVtafJB1zsW9fGe1brnNAfvcyxafwQ1MaPZVVTSKBwX
AmkQYn1Ba6i47wvmPrIi+obnN3UDKYD9Na/rRAJrLR+IITYEkpQGwA+XkjrpsPss
vXLSKBuiFWEUPGMHeMgbjUHGkquZnc4FnVI16I9trepRvf4ki1VIrUVHPQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJt95Lu9sdldsGvkOhxS9EySGSgOMB8GA1UdIwQY
MBaAFDqE3+89UQe4T8d8Vtz3ngX+nHNRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT29UZjd6MVJCN2hQeDN4VzNQZWVCZjZjYzFFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC9kNGI3ZjMtNDBjZS00MmVkLWE5M2It
NWU4ZGVkYWM5Y2I3LzEvT29UZjd6MVJCN2hQeDN4VzNQZWVCZjZjYzFFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC9kNGI3ZjMtNDBjZS00MmVkLWE5M2ItNWU4ZGVkYWM5Y2I3
LzEvT29UZjd6MVJCN2hQeDN4VzNQZWVCZjZjYzFFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEA0Z4q6kea
eENjOmqGVAnQcUcQB6o7r6hpHms46yQ/GqbuxfgD/lCAyiPHikJk6/zqY2lSXsQh
ItB/YPiR4HXXtBv0EU9ZlzJTxARyDLW9ZyjRymWqoGyZf+P31wXgs/ojFYjwEowR
JU1CEBcYwRSvUE0mQWEM6SYTUezWYD5MxJqapCenJsYBpWW0qLuh/tqjs7PGGOl7
lY0FEWlG+PoE/9tKUuZdrOltH0AhSa+2JwowMTkbigjRLzRMV2lDkOBhA0FDgVbb
y6pF+zcHrhFiHilud8fCdXU6zLyJXbGCJf21/bmjA/tYBRddom3l+Sm2ru7nfeSo
PgVel7/wtyipAA==
-----END CERTIFICATE-----
Generated at Sun Oct 19 20:11:46 2025 by rpki-client