Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d7/6becb0-18fd-4add-bb41-2e1c0af4faa4/1/D2Nj1Ci3kVwQiCXwlwYAS46j1LU.mft
File:                     D2Nj1Ci3kVwQiCXwlwYAS46j1LU.mft (raw, json)
Hash identifier:          EvFpqTF+eFoS0jaKvozCEf+9mCe3Ran2BxoOduHN4jE=
Subject key identifier:   05:34:43:CD:8D:D7:CE:39:0F:52:78:0F:58:99:41:65:39:94:C1:C1
Authority key identifier: 0F:63:63:D4:28:B7:91:5C:10:88:25:F0:97:06:00:4B:8E:A3:D4:B5
Certificate issuer:       /CN=0f6363d428b7915c108825f09706004b8ea3d4b5
Certificate serial:       0199FF22679DF1E4938B0D8B1C46D72C3695
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/D2Nj1Ci3kVwQiCXwlwYAS46j1LU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d7/6becb0-18fd-4add-bb41-2e1c0af4faa4/1/D2Nj1Ci3kVwQiCXwlwYAS46j1LU.mft
Manifest number:          1703
Signing time:             Mon 20 Oct 2025 01:01:08 +0000
Manifest this update:     Mon 20 Oct 2025 01:01:08 +0000
Manifest next update:     Tue 21 Oct 2025 01:01:08 +0000
Files and hashes:         1: 22MFoiE6iwEXKG4ff-0g9Nk9e6k.roa (hash: 8ZAHeiN8JfpnEbf0xNsrPzSUL91MdaXwePhbLZYQBGY=)
                          2: 63R1CqkRJzCBTqXm_kqr_6UGOC4.roa (hash: QovmpL/thOh4yKhjTn4FNfnRr6OXEgupogya3Oy9KUE=)
                          3: AqlAoh2mHTGBQZiQ4Qu8bU198w8.roa (hash: QPQqaQ0W7/zxzqNuDuEf1YEVzGuiOziERZ9FXquvCOY=)
                          4: D2Nj1Ci3kVwQiCXwlwYAS46j1LU.crl (hash: 7g/OwS3oJFaGfNXboNJvccfTQpUVBEMicdrG28CR180=)
                          5: JaRJ0VkgZY-pAOHUpfAksmRNPT4.roa (hash: uuAowSkk49o7aPUMDMEAR0rCVXNjJkNtV+Ttn8WfvGo=)
                          6: kGkGzImsb5Dv_nGgCWEXgWNc7do.roa (hash: x9SmJ5GmGF/t3I5NSMgnwkUR+oRC+nVpi/mDc40npw4=)
                          7: mpy8rjwhUPGfrwU4aNyK-9x9FBA.roa (hash: LExOCoVzbGwBygx3rcSIfApEZE8wTyOT0YOXpiy9v1U=)
                          8: qF-2BgBNvB9Rp0K_VFhuwpTNLrY.roa (hash: h4z+iViHaDAdXrYk5TZebHBt4+M5KGpzETHGgdp4Ztc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d7/6becb0-18fd-4add-bb41-2e1c0af4faa4/1/D2Nj1Ci3kVwQiCXwlwYAS46j1LU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d7/6becb0-18fd-4add-bb41-2e1c0af4faa4/1/D2Nj1Ci3kVwQiCXwlwYAS46j1LU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/D2Nj1Ci3kVwQiCXwlwYAS46j1LU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 21 Oct 2025 00:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:ff:22:67:9d:f1:e4:93:8b:0d:8b:1c:46:d7:2c:36:95
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0f6363d428b7915c108825f09706004b8ea3d4b5
        Validity
            Not Before: Oct 20 01:01:08 2025 GMT
            Not After : Oct 21 01:01:08 2025 GMT
        Subject: CN=053443cd8dd7ce390f52780f589941653994c1c1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d9:a5:54:cc:5b:bb:b4:c6:73:5c:a7:46:53:e6:
                    f3:ba:ff:06:7b:d1:b1:c5:34:b7:83:de:2a:38:27:
                    5e:84:fe:97:53:0d:2d:c4:a4:3c:0c:c9:11:09:c3:
                    1a:94:81:9a:fc:50:3a:ba:bb:1c:08:ba:20:e9:b3:
                    28:36:3f:66:ae:50:fc:ea:dc:2e:49:5a:34:4c:c5:
                    b4:cb:9d:43:60:cf:ad:74:3e:f9:b7:4f:af:a5:c6:
                    9f:ab:eb:26:4b:89:97:97:c5:ce:89:00:63:36:80:
                    33:a8:a8:63:dc:c2:58:37:4e:5b:5a:a4:be:09:4d:
                    e5:62:5e:54:81:71:7a:f0:20:58:4f:34:63:eb:77:
                    ba:e2:18:9b:d3:5c:9f:41:cb:d9:94:64:b4:bb:fc:
                    6c:c2:1b:6f:ee:98:e8:ec:24:99:b2:b0:9c:e1:99:
                    43:c7:dd:1b:32:2f:0a:b2:5a:6d:83:63:5a:ea:e8:
                    58:fe:52:b2:11:a8:d8:19:3a:b3:7a:2e:99:e6:62:
                    41:10:47:f0:0a:01:f4:e0:47:2d:d4:a9:30:94:c0:
                    6a:50:42:cc:a0:5b:f5:4a:2e:43:d4:3a:7c:3b:ca:
                    b3:2b:96:a2:ef:f4:f0:e2:dd:9e:f1:34:9e:74:d3:
                    cb:b0:ac:cb:71:09:ed:0d:f0:bd:d4:50:54:90:48:
                    42:79
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                05:34:43:CD:8D:D7:CE:39:0F:52:78:0F:58:99:41:65:39:94:C1:C1
            X509v3 Authority Key Identifier:
                keyid:0F:63:63:D4:28:B7:91:5C:10:88:25:F0:97:06:00:4B:8E:A3:D4:B5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/D2Nj1Ci3kVwQiCXwlwYAS46j1LU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/6becb0-18fd-4add-bb41-2e1c0af4faa4/1/D2Nj1Ci3kVwQiCXwlwYAS46j1LU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/6becb0-18fd-4add-bb41-2e1c0af4faa4/1/D2Nj1Ci3kVwQiCXwlwYAS46j1LU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6b:2f:a8:99:53:87:32:8b:e8:80:ee:55:41:9a:b2:f2:a2:42:
         39:16:ef:30:6f:2f:a5:e2:90:c8:4d:93:e5:6d:2e:06:9d:24:
         17:e1:df:d1:31:6d:2b:8e:28:77:10:3a:94:64:de:9e:79:91:
         73:c9:ac:57:d5:81:ed:89:c2:b0:d9:b2:e4:be:78:a9:c3:cd:
         22:64:29:a7:19:cb:65:43:f8:bd:7c:56:1f:7b:8b:fa:db:e8:
         27:b1:60:4f:f2:f9:d5:09:f0:2a:36:df:ef:4d:4f:9c:c1:59:
         c3:de:fb:5c:48:c3:71:bb:24:1c:8e:d4:4b:8e:22:02:ed:10:
         ea:74:c2:67:72:77:e6:db:71:fa:cb:24:3f:93:9b:93:9f:12:
         64:3f:0e:79:5a:af:b7:bd:ee:a4:68:dc:d0:64:db:86:03:4a:
         aa:d6:6c:f3:be:68:06:67:d3:8f:3d:7f:4d:c3:8a:cb:06:03:
         3b:8a:6f:8c:9d:be:34:63:08:24:90:63:b4:ff:8b:db:98:2e:
         92:43:96:21:b5:5c:e6:04:a2:fc:21:de:d0:9b:8e:b3:8e:98:
         cc:65:d6:4b:ab:f4:0c:38:29:50:cc:bc:46:e0:ec:eb:ff:33:
         e9:48:0a:7b:12:f7:9a:bb:28:c4:fc:df:bc:82:9e:64:53:36:
         64:1b:15:e2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn/Imed8eSTiw2LHEbXLDaVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBmNjM2M2Q0MjhiNzkxNWMxMDg4MjVmMDk3MDYwMDRiOGVh
M2Q0YjUwHhcNMjUxMDIwMDEwMTA4WhcNMjUxMDIxMDEwMTA4WjAzMTEwLwYDVQQD
EygwNTM0NDNjZDhkZDdjZTM5MGY1Mjc4MGY1ODk5NDE2NTM5OTRjMWMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2aVUzFu7tMZzXKdGU+bzuv8Ge9Gx
xTS3g94qOCdehP6XUw0txKQ8DMkRCcMalIGa/FA6urscCLog6bMoNj9mrlD86twu
SVo0TMW0y51DYM+tdD75t0+vpcafq+smS4mXl8XOiQBjNoAzqKhj3MJYN05bWqS+
CU3lYl5UgXF68CBYTzRj63e64hib01yfQcvZlGS0u/xswhtv7pjo7CSZsrCc4ZlD
x90bMi8Kslptg2Na6uhY/lKyEajYGTqzei6Z5mJBEEfwCgH04Ect1KkwlMBqUELM
oFv1Si5D1Dp8O8qzK5ai7/Tw4t2e8TSedNPLsKzLcQntDfC91FBUkEhCeQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAU0Q82N1845D1J4D1iZQWU5lMHBMB8GA1UdIwQY
MBaAFA9jY9Qot5FcEIgl8JcGAEuOo9S1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRDJOajFDaTNrVndRaUNYd2x3WUFTNDZqMUxVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNy82YmVjYjAtMThmZC00YWRkLWJiNDEt
MmUxYzBhZjRmYWE0LzEvRDJOajFDaTNrVndRaUNYd2x3WUFTNDZqMUxVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNy82YmVjYjAtMThmZC00YWRkLWJiNDEtMmUxYzBhZjRmYWE0
LzEvRDJOajFDaTNrVndRaUNYd2x3WUFTNDZqMUxVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAay+omVOH
MovogO5VQZqy8qJCORbvMG8vpeKQyE2T5W0uBp0kF+Hf0TFtK44odxA6lGTennmR
c8msV9WB7YnCsNmy5L54qcPNImQppxnLZUP4vXxWH3uL+tvoJ7FgT/L51QnwKjbf
701PnMFZw977XEjDcbskHI7US44iAu0Q6nTCZ3J35ttx+sskP5Obk58SZD8OeVqv
t73upGjc0GTbhgNKqtZs875oBmfTjz1/TcOKywYDO4pvjJ2+NGMIJJBjtP+L25gu
kkOWIbVc5gSi/CHe0JuOs46YzGXWS6v0DDgpUMy8RuDs6/8z6UgKexL3mrsoxPzf
vIKeZFM2ZBsV4g==
-----END CERTIFICATE-----
Generated at Mon Oct 20 08:44:18 2025 by rpki-client