Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/65a4c2-34b3-4205-afd1-c5481db3718d/1/TSkoLUc3P5QvCti5HtlAk7Zuo68.mft
File:                     TSkoLUc3P5QvCti5HtlAk7Zuo68.mft (raw, json)
Hash identifier:          xmcb/3A858k/d2JS8k/2OTtYLpP2h/QEaw4wd8Gzk8I=
Subject key identifier:   DB:86:54:17:A1:A9:A4:EA:52:9C:5D:3D:FA:75:2C:0A:D1:AB:F2:B7
Authority key identifier: 4D:29:28:2D:47:37:3F:94:2F:0A:D8:B9:1E:D9:40:93:B6:6E:A3:AF
Certificate issuer:       /CN=4d29282d47373f942f0ad8b91ed94093b66ea3af
Certificate serial:       019A0035BA8E597AFD3ED2375A561B51929C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/TSkoLUc3P5QvCti5HtlAk7Zuo68.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/dd/65a4c2-34b3-4205-afd1-c5481db3718d/1/TSkoLUc3P5QvCti5HtlAk7Zuo68.mft
Manifest number:          166D
Signing time:             Mon 20 Oct 2025 06:01:52 +0000
Manifest this update:     Mon 20 Oct 2025 06:01:52 +0000
Manifest next update:     Tue 21 Oct 2025 06:01:52 +0000
Files and hashes:         1: 8G7CKA2HbZHRoNb9HaqBloS90vU.roa (hash: lDvm+Nsn5gFxpzefNnpEbQ5VLuNGtuV4rwnVopzkwq0=)
                          2: TSkoLUc3P5QvCti5HtlAk7Zuo68.crl (hash: 5feNVnT+/a3MGP06lkXs1Zet2MrhB5gR9hZjQW7t9Ow=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/dd/65a4c2-34b3-4205-afd1-c5481db3718d/1/TSkoLUc3P5QvCti5HtlAk7Zuo68.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/dd/65a4c2-34b3-4205-afd1-c5481db3718d/1/TSkoLUc3P5QvCti5HtlAk7Zuo68.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/TSkoLUc3P5QvCti5HtlAk7Zuo68.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 21 Oct 2025 00:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:00:35:ba:8e:59:7a:fd:3e:d2:37:5a:56:1b:51:92:9c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4d29282d47373f942f0ad8b91ed94093b66ea3af
        Validity
            Not Before: Oct 20 06:01:52 2025 GMT
            Not After : Oct 21 06:01:52 2025 GMT
        Subject: CN=db865417a1a9a4ea529c5d3dfa752c0ad1abf2b7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8b:b5:d0:f6:55:70:1a:1e:36:b5:9a:94:af:99:
                    a3:3b:9a:6e:c4:2c:b0:26:7b:65:ea:6d:d4:13:67:
                    c9:8b:ee:13:18:c5:bd:f8:bb:e1:27:71:9b:70:d4:
                    85:b6:94:2d:c7:8f:67:65:76:66:e3:4f:72:00:83:
                    59:6a:a0:5a:59:bd:c9:75:62:61:51:16:e3:c2:cb:
                    3d:0b:4a:17:51:22:f7:41:97:c1:2f:58:88:27:06:
                    9c:43:18:ac:54:3f:b5:bc:b9:6d:9a:39:e1:a2:02:
                    c9:82:9d:ca:19:3f:80:33:87:8b:35:9e:ac:9c:63:
                    59:16:a1:16:1e:ac:67:1f:20:b2:f4:fd:d0:8d:cb:
                    65:10:4d:bc:dc:b7:e0:26:4b:e5:21:1e:47:2c:43:
                    a2:7e:49:e7:5a:62:1f:ad:ec:d0:17:63:17:a8:f3:
                    48:eb:7b:4a:dc:24:98:99:bf:0f:8a:fb:9e:54:80:
                    e6:f0:5c:43:b1:b7:df:f2:e7:4f:c0:11:06:4d:ff:
                    ed:dd:fc:35:80:55:8f:1b:1e:d2:bd:a9:9a:72:04:
                    e0:fd:c5:4d:d5:41:7d:5d:b1:5e:04:1c:4f:83:12:
                    05:b7:c1:87:b8:ce:9d:12:10:33:0f:14:d3:4e:69:
                    2b:b1:f2:7b:22:a4:10:78:2c:2b:4b:8f:c6:99:d5:
                    0d:77
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DB:86:54:17:A1:A9:A4:EA:52:9C:5D:3D:FA:75:2C:0A:D1:AB:F2:B7
            X509v3 Authority Key Identifier:
                keyid:4D:29:28:2D:47:37:3F:94:2F:0A:D8:B9:1E:D9:40:93:B6:6E:A3:AF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TSkoLUc3P5QvCti5HtlAk7Zuo68.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/65a4c2-34b3-4205-afd1-c5481db3718d/1/TSkoLUc3P5QvCti5HtlAk7Zuo68.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/65a4c2-34b3-4205-afd1-c5481db3718d/1/TSkoLUc3P5QvCti5HtlAk7Zuo68.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         83:b3:a6:a3:6b:7f:57:f8:18:85:7e:08:a2:b8:73:1f:d1:c7:
         80:47:3e:79:d0:fe:b0:eb:83:f2:8d:ff:9d:15:bc:b8:48:32:
         5d:b8:f8:07:2d:e7:6c:d4:4f:62:91:f0:31:d2:00:4e:f2:7a:
         97:61:a8:18:2c:4a:2b:a6:9a:d9:c0:99:f7:87:ed:d2:bc:94:
         0b:08:67:f7:3d:d8:af:2a:95:05:d1:b3:da:8b:14:d8:88:d1:
         77:6b:7b:ce:57:19:c6:39:e5:25:2a:ed:f4:0c:89:bc:b2:75:
         a3:67:97:2f:39:2d:4a:f7:cd:9e:51:6c:89:8c:30:81:5b:ca:
         28:27:17:44:0e:eb:54:2e:2d:1e:a5:54:08:09:41:0d:47:08:
         1c:c7:da:0e:a9:a3:43:1c:cd:8d:c3:7c:fe:1e:7b:e3:af:20:
         6d:0c:8c:11:73:82:d0:6a:a6:fc:68:f1:fb:d6:46:a7:c6:37:
         e4:4f:ca:39:27:82:8b:9b:30:fc:c7:83:59:ed:1f:5f:dc:10:
         54:69:cf:e9:e0:f6:a4:e5:31:a8:70:53:72:2c:6f:83:e6:28:
         59:3f:a6:1d:9e:35:3e:18:ff:c0:11:53:6a:27:43:82:ef:f4:
         57:39:6b:b8:29:8d:fc:c2:17:5c:12:01:d2:43:ce:28:7a:3c:
         54:99:1f:29
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZoANbqOWXr9PtI3WlYbUZKcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRkMjkyODJkNDczNzNmOTQyZjBhZDhiOTFlZDk0MDkzYjY2
ZWEzYWYwHhcNMjUxMDIwMDYwMTUyWhcNMjUxMDIxMDYwMTUyWjAzMTEwLwYDVQQD
EyhkYjg2NTQxN2ExYTlhNGVhNTI5YzVkM2RmYTc1MmMwYWQxYWJmMmI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi7XQ9lVwGh42tZqUr5mjO5puxCyw
Jntl6m3UE2fJi+4TGMW9+LvhJ3GbcNSFtpQtx49nZXZm409yAINZaqBaWb3JdWJh
URbjwss9C0oXUSL3QZfBL1iIJwacQxisVD+1vLltmjnhogLJgp3KGT+AM4eLNZ6s
nGNZFqEWHqxnHyCy9P3QjctlEE283LfgJkvlIR5HLEOifknnWmIfrezQF2MXqPNI
63tK3CSYmb8PivueVIDm8FxDsbff8udPwBEGTf/t3fw1gFWPGx7SvamacgTg/cVN
1UF9XbFeBBxPgxIFt8GHuM6dEhAzDxTTTmkrsfJ7IqQQeCwrS4/GmdUNdwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNuGVBehqaTqUpxdPfp1LArRq/K3MB8GA1UdIwQY
MBaAFE0pKC1HNz+ULwrYuR7ZQJO2bqOvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVFNrb0xVYzNQNVF2Q3RpNUh0bEFrN1p1bzY4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC82NWE0YzItMzRiMy00MjA1LWFmZDEt
YzU0ODFkYjM3MThkLzEvVFNrb0xVYzNQNVF2Q3RpNUh0bEFrN1p1bzY4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC82NWE0YzItMzRiMy00MjA1LWFmZDEtYzU0ODFkYjM3MThk
LzEvVFNrb0xVYzNQNVF2Q3RpNUh0bEFrN1p1bzY4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAg7Omo2t/
V/gYhX4IorhzH9HHgEc+edD+sOuD8o3/nRW8uEgyXbj4By3nbNRPYpHwMdIATvJ6
l2GoGCxKK6aa2cCZ94ft0ryUCwhn9z3YryqVBdGz2osU2IjRd2t7zlcZxjnlJSrt
9AyJvLJ1o2eXLzktSvfNnlFsiYwwgVvKKCcXRA7rVC4tHqVUCAlBDUcIHMfaDqmj
QxzNjcN8/h57468gbQyMEXOC0Gqm/Gjx+9ZGp8Y35E/KOSeCi5sw/MeDWe0fX9wQ
VGnP6eD2pOUxqHBTcixvg+YoWT+mHZ41Phj/wBFTaidDgu/0VzlruCmN/MIXXBIB
0kPOKHo8VJkfKQ==
-----END CERTIFICATE-----
Generated at Mon Oct 20 08:48:02 2025 by rpki-client