Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/65a4c2-34b3-4205-afd1-c5481db3718d/1/TSkoLUc3P5QvCti5HtlAk7Zuo68.mft
File:                     TSkoLUc3P5QvCti5HtlAk7Zuo68.mft (raw, json)
Hash identifier:          aT6OGK3nf9ALU4LFpujXhSLE3f2HiiXxD+H2qY71+AU=
Subject key identifier:   A0:D6:E3:4A:14:B8:90:5E:29:E6:C5:CC:0F:06:FD:50:37:6C:E6:91
Authority key identifier: 4D:29:28:2D:47:37:3F:94:2F:0A:D8:B9:1E:D9:40:93:B6:6E:A3:AF
Certificate issuer:       /CN=4d29282d47373f942f0ad8b91ed94093b66ea3af
Certificate serial:       019A022309DE6775A3AF462BC52A204F5A42
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/TSkoLUc3P5QvCti5HtlAk7Zuo68.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/dd/65a4c2-34b3-4205-afd1-c5481db3718d/1/TSkoLUc3P5QvCti5HtlAk7Zuo68.mft
Manifest number:          166E
Signing time:             Mon 20 Oct 2025 15:00:41 +0000
Manifest this update:     Mon 20 Oct 2025 15:00:41 +0000
Manifest next update:     Tue 21 Oct 2025 15:00:41 +0000
Files and hashes:         1: 8G7CKA2HbZHRoNb9HaqBloS90vU.roa (hash: lDvm+Nsn5gFxpzefNnpEbQ5VLuNGtuV4rwnVopzkwq0=)
                          2: TSkoLUc3P5QvCti5HtlAk7Zuo68.crl (hash: VgwLfvX/LAhjPL7xjcaakYITqbvkL0eY16MDvHyZW1k=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/dd/65a4c2-34b3-4205-afd1-c5481db3718d/1/TSkoLUc3P5QvCti5HtlAk7Zuo68.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/dd/65a4c2-34b3-4205-afd1-c5481db3718d/1/TSkoLUc3P5QvCti5HtlAk7Zuo68.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/TSkoLUc3P5QvCti5HtlAk7Zuo68.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 21 Oct 2025 13:42:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:02:23:09:de:67:75:a3:af:46:2b:c5:2a:20:4f:5a:42
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4d29282d47373f942f0ad8b91ed94093b66ea3af
        Validity
            Not Before: Oct 20 15:00:41 2025 GMT
            Not After : Oct 21 15:00:41 2025 GMT
        Subject: CN=a0d6e34a14b8905e29e6c5cc0f06fd50376ce691
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d7:3d:32:d6:56:66:21:f6:07:0f:21:59:cb:6c:
                    ed:a2:a6:82:1f:f1:61:1e:9b:9b:a8:d9:b1:b0:96:
                    56:e7:c0:ae:4d:4d:dc:74:b6:4d:2f:6e:d4:3f:45:
                    d8:e8:40:a0:b8:82:c7:1f:48:42:d8:81:08:d1:04:
                    4c:64:2a:13:76:bc:87:31:85:86:a5:ef:31:e8:8a:
                    f7:07:92:59:a1:82:3f:80:ae:b0:44:45:59:1f:02:
                    58:76:4d:63:6d:cc:cf:46:48:4f:2e:33:6b:c3:94:
                    42:5f:e9:30:11:3f:81:9e:99:4a:64:c5:ea:78:fb:
                    ac:10:27:19:4e:84:a9:ab:4b:b8:69:77:77:ef:6c:
                    7e:a8:ec:89:7c:3e:85:fc:8f:26:c7:88:06:7f:cb:
                    f5:94:d8:8a:b5:e6:d6:18:8b:a9:12:95:19:1a:24:
                    03:f7:b4:ba:92:42:eb:08:45:fb:02:df:1b:29:b5:
                    95:42:31:ad:f2:ca:db:a7:1c:f4:f3:80:b0:9b:03:
                    a3:eb:fd:2e:d0:38:4b:b5:55:4e:27:1f:da:d3:0e:
                    54:2c:aa:e9:b6:58:d8:cf:90:0c:07:a2:d4:23:9d:
                    70:19:dc:13:5a:33:df:79:fa:3d:4b:db:92:92:5a:
                    1f:ae:98:9f:80:a7:85:71:35:e4:ca:3c:53:72:c3:
                    1c:ff
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A0:D6:E3:4A:14:B8:90:5E:29:E6:C5:CC:0F:06:FD:50:37:6C:E6:91
            X509v3 Authority Key Identifier:
                keyid:4D:29:28:2D:47:37:3F:94:2F:0A:D8:B9:1E:D9:40:93:B6:6E:A3:AF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TSkoLUc3P5QvCti5HtlAk7Zuo68.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/65a4c2-34b3-4205-afd1-c5481db3718d/1/TSkoLUc3P5QvCti5HtlAk7Zuo68.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/65a4c2-34b3-4205-afd1-c5481db3718d/1/TSkoLUc3P5QvCti5HtlAk7Zuo68.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         c1:96:e6:43:7e:d4:43:25:2e:e3:91:ac:75:18:f4:e3:2f:de:
         22:ae:10:66:c4:9e:c9:58:fa:22:82:99:ae:9a:8c:e7:fd:49:
         ae:9b:b0:fc:2e:ac:0c:97:99:85:fa:59:dc:21:b4:1d:41:a1:
         41:ae:62:6f:d3:8c:5d:85:62:8c:85:22:74:23:36:f5:35:30:
         e3:90:e2:e4:aa:4b:d3:21:80:53:88:ea:8e:59:63:fc:02:93:
         72:5a:8f:6f:c1:4f:89:b4:ce:83:19:47:71:46:27:a9:46:86:
         65:80:1c:78:6f:77:db:4c:ca:29:b1:64:20:23:e3:86:17:e6:
         80:9f:00:0b:a6:b8:b8:c0:48:b7:b4:ac:ff:3c:6d:4c:0c:15:
         8a:66:42:b9:7e:36:db:71:3f:68:3a:30:90:8f:45:28:eb:1e:
         6b:75:f4:8c:4a:77:90:f8:62:97:ac:8b:48:d8:2d:3e:e9:14:
         7a:99:fa:d8:46:fe:bd:c3:a2:1b:d4:90:a2:98:e9:3a:2f:96:
         40:d0:63:0f:4e:93:9f:d4:df:8c:fd:52:85:a6:36:fb:a3:46:
         e6:54:fd:5e:4b:05:3a:65:6c:57:56:07:ac:30:24:e2:6a:8a:
         1c:17:ad:14:27:99:c9:31:db:4b:df:77:e1:60:0a:6f:3c:d2:
         aa:f4:d9:f3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZoCIwneZ3Wjr0YrxSogT1pCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRkMjkyODJkNDczNzNmOTQyZjBhZDhiOTFlZDk0MDkzYjY2
ZWEzYWYwHhcNMjUxMDIwMTUwMDQxWhcNMjUxMDIxMTUwMDQxWjAzMTEwLwYDVQQD
EyhhMGQ2ZTM0YTE0Yjg5MDVlMjllNmM1Y2MwZjA2ZmQ1MDM3NmNlNjkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1z0y1lZmIfYHDyFZy2ztoqaCH/Fh
HpubqNmxsJZW58CuTU3cdLZNL27UP0XY6ECguILHH0hC2IEI0QRMZCoTdryHMYWG
pe8x6Ir3B5JZoYI/gK6wREVZHwJYdk1jbczPRkhPLjNrw5RCX+kwET+BnplKZMXq
ePusECcZToSpq0u4aXd372x+qOyJfD6F/I8mx4gGf8v1lNiKtebWGIupEpUZGiQD
97S6kkLrCEX7At8bKbWVQjGt8srbpxz084CwmwOj6/0u0DhLtVVOJx/a0w5ULKrp
tljYz5AMB6LUI51wGdwTWjPfefo9S9uSklofrpifgKeFcTXkyjxTcsMc/wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKDW40oUuJBeKebFzA8G/VA3bOaRMB8GA1UdIwQY
MBaAFE0pKC1HNz+ULwrYuR7ZQJO2bqOvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVFNrb0xVYzNQNVF2Q3RpNUh0bEFrN1p1bzY4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC82NWE0YzItMzRiMy00MjA1LWFmZDEt
YzU0ODFkYjM3MThkLzEvVFNrb0xVYzNQNVF2Q3RpNUh0bEFrN1p1bzY4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC82NWE0YzItMzRiMy00MjA1LWFmZDEtYzU0ODFkYjM3MThk
LzEvVFNrb0xVYzNQNVF2Q3RpNUh0bEFrN1p1bzY4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAwZbmQ37U
QyUu45GsdRj04y/eIq4QZsSeyVj6IoKZrpqM5/1Jrpuw/C6sDJeZhfpZ3CG0HUGh
Qa5ib9OMXYVijIUidCM29TUw45Di5KpL0yGAU4jqjllj/AKTclqPb8FPibTOgxlH
cUYnqUaGZYAceG9320zKKbFkICPjhhfmgJ8AC6a4uMBIt7Ss/zxtTAwVimZCuX42
23E/aDowkI9FKOsea3X0jEp3kPhil6yLSNgtPukUepn62Eb+vcOiG9SQopjpOi+W
QNBjD06Tn9TfjP1ShaY2+6NG5lT9XksFOmVsV1YHrDAk4mqKHBetFCeZyTHbS993
4WAKbzzSqvTZ8w==
-----END CERTIFICATE-----
Generated at Mon Oct 20 22:41:19 2025 by rpki-client