Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/1f1563-b331-43a9-b9cc-3bfa0509201f/1/hjhBUG0CYTGWUFdAmhYEpWcfBUE.mft
File:                     hjhBUG0CYTGWUFdAmhYEpWcfBUE.mft (raw, json)
Hash identifier:          iI7xvxq7BP2nxy+RAU/SEN2G+wsnl1Uf7XVug56a+2o=
Subject key identifier:   21:A6:AB:E5:E7:88:12:40:B8:0D:6C:4A:1B:62:5B:24:D3:6D:E9:68
Authority key identifier: 86:38:41:50:6D:02:61:31:96:50:57:40:9A:16:04:A5:67:1F:05:41
Certificate issuer:       /CN=863841506d026131965057409a1604a5671f0541
Certificate serial:       0199FBEA721352547220C9B7A5D8666ABC48
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hjhBUG0CYTGWUFdAmhYEpWcfBUE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/df/1f1563-b331-43a9-b9cc-3bfa0509201f/1/hjhBUG0CYTGWUFdAmhYEpWcfBUE.mft
Manifest number:          04AA
Signing time:             Sun 19 Oct 2025 10:01:09 +0000
Manifest this update:     Sun 19 Oct 2025 10:01:09 +0000
Manifest next update:     Mon 20 Oct 2025 10:01:09 +0000
Files and hashes:         1: hXap7hNXLEAQarnfnwYswdCAdkQ.roa (hash: bNhK/WdUp/9xvJiGhX97CJWQhZiON1WPJ6uWrAYKvFI=)
                          2: hjhBUG0CYTGWUFdAmhYEpWcfBUE.crl (hash: /3ZqOMBgJ4VOk83zXHIC60BtDrAmUhWr2XmpeqDNz54=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/df/1f1563-b331-43a9-b9cc-3bfa0509201f/1/hjhBUG0CYTGWUFdAmhYEpWcfBUE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/df/1f1563-b331-43a9-b9cc-3bfa0509201f/1/hjhBUG0CYTGWUFdAmhYEpWcfBUE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/hjhBUG0CYTGWUFdAmhYEpWcfBUE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 10:01:09 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fb:ea:72:13:52:54:72:20:c9:b7:a5:d8:66:6a:bc:48
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=863841506d026131965057409a1604a5671f0541
        Validity
            Not Before: Oct 19 10:01:09 2025 GMT
            Not After : Oct 20 10:01:09 2025 GMT
        Subject: CN=21a6abe5e7881240b80d6c4a1b625b24d36de968
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:f1:45:a9:4e:48:3b:9e:6b:7f:55:95:bc:f5:
                    f0:aa:63:c9:75:5b:e9:99:4f:3a:3d:75:86:d4:f4:
                    c6:89:14:25:4e:07:dd:1e:3a:98:8e:11:b6:e7:82:
                    fa:9c:ca:e6:1b:b0:f8:fd:cc:5c:0d:65:43:d5:0a:
                    ad:bd:94:73:d3:e1:6e:d1:ee:b2:a0:ea:2f:8c:6c:
                    a1:de:47:15:65:d7:c7:d9:c9:71:92:ae:99:8b:c3:
                    78:78:a9:07:80:15:55:28:47:84:f4:f3:d6:75:3e:
                    39:2d:5e:60:0b:f9:dd:fa:5c:d6:cf:35:38:30:8a:
                    77:7e:f0:de:e6:25:a3:52:8c:23:78:0a:57:e7:48:
                    b6:75:d3:9c:37:26:f4:be:86:f2:85:98:61:6b:48:
                    c6:fa:c1:2f:6f:4f:29:3e:8a:b1:38:3b:36:be:c7:
                    c9:21:ad:35:88:8b:05:35:8b:f3:4a:50:e8:a5:56:
                    2f:31:d4:dc:dc:e6:a5:e0:09:45:ac:cb:21:6f:a4:
                    e7:d0:b5:2d:b9:42:c8:c8:f4:b6:1b:6a:e5:2d:fc:
                    12:21:f6:88:dc:bf:af:aa:54:d6:be:42:46:f8:35:
                    ab:43:d6:cc:c3:f2:e7:91:45:c8:3e:e9:e7:0b:bf:
                    3b:56:c3:9d:85:47:dd:80:db:33:a0:72:c2:2e:90:
                    84:53
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                21:A6:AB:E5:E7:88:12:40:B8:0D:6C:4A:1B:62:5B:24:D3:6D:E9:68
            X509v3 Authority Key Identifier:
                keyid:86:38:41:50:6D:02:61:31:96:50:57:40:9A:16:04:A5:67:1F:05:41

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hjhBUG0CYTGWUFdAmhYEpWcfBUE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/1f1563-b331-43a9-b9cc-3bfa0509201f/1/hjhBUG0CYTGWUFdAmhYEpWcfBUE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/df/1f1563-b331-43a9-b9cc-3bfa0509201f/1/hjhBUG0CYTGWUFdAmhYEpWcfBUE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         27:2a:13:96:f9:f4:8f:45:03:73:15:e6:e0:6d:e3:e6:9c:1e:
         d4:24:ba:8b:78:68:4c:0c:dd:fd:18:e0:5c:6f:d0:93:0d:81:
         f6:f1:37:ee:bf:2c:32:74:c7:02:31:5c:65:17:33:6b:13:dc:
         31:92:48:60:56:6e:1d:65:6d:11:ff:58:26:f2:38:a1:ea:bb:
         08:6f:1f:b2:6f:30:51:8b:fc:b0:e8:06:4c:89:cf:3f:80:63:
         75:19:cf:e4:85:68:e3:af:c7:e4:5c:dd:b4:1e:ed:c1:91:e6:
         ed:5d:ba:15:e6:25:de:11:c4:99:c9:5d:cc:b2:02:dc:17:22:
         01:be:97:f1:5f:ca:4e:6a:50:ec:2c:7e:9c:5f:77:c5:50:28:
         60:f6:55:29:15:87:c9:c7:7c:b6:a0:16:cf:d8:8a:f7:1d:69:
         67:e7:83:11:dc:ef:32:b8:fa:95:bc:11:79:86:32:f6:6f:02:
         f6:ad:53:95:7f:2d:36:91:f9:48:d2:62:d5:d7:c7:f1:01:07:
         38:f8:a5:53:79:cd:77:68:ba:27:73:f6:83:3f:71:82:44:be:
         d3:d4:3e:14:09:04:38:58:19:8d:b0:4a:0e:25:dd:c9:98:25:
         ad:06:55:db:a2:32:7c:20:e5:a4:52:dd:28:95:0f:af:e6:62:
         e6:fc:fb:a2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn76nITUlRyIMm3pdhmarxIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2Mzg0MTUwNmQwMjYxMzE5NjUwNTc0MDlhMTYwNGE1Njcx
ZjA1NDEwHhcNMjUxMDE5MTAwMTA5WhcNMjUxMDIwMTAwMTA5WjAzMTEwLwYDVQQD
EygyMWE2YWJlNWU3ODgxMjQwYjgwZDZjNGExYjYyNWIyNGQzNmRlOTY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq/FFqU5IO55rf1WVvPXwqmPJdVvp
mU86PXWG1PTGiRQlTgfdHjqYjhG254L6nMrmG7D4/cxcDWVD1QqtvZRz0+Fu0e6y
oOovjGyh3kcVZdfH2clxkq6Zi8N4eKkHgBVVKEeE9PPWdT45LV5gC/nd+lzWzzU4
MIp3fvDe5iWjUowjeApX50i2ddOcNyb0vobyhZhha0jG+sEvb08pPoqxODs2vsfJ
Ia01iIsFNYvzSlDopVYvMdTc3Oal4AlFrMshb6Tn0LUtuULIyPS2G2rlLfwSIfaI
3L+vqlTWvkJG+DWrQ9bMw/LnkUXIPunnC787VsOdhUfdgNszoHLCLpCEUwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCGmq+XniBJAuA1sShtiWyTTbeloMB8GA1UdIwQY
MBaAFIY4QVBtAmExllBXQJoWBKVnHwVBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaGpoQlVHMENZVEdXVUZkQW1oWUVwV2NmQlVFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi8xZjE1NjMtYjMzMS00M2E5LWI5Y2Mt
M2JmYTA1MDkyMDFmLzEvaGpoQlVHMENZVEdXVUZkQW1oWUVwV2NmQlVFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi8xZjE1NjMtYjMzMS00M2E5LWI5Y2MtM2JmYTA1MDkyMDFm
LzEvaGpoQlVHMENZVEdXVUZkQW1oWUVwV2NmQlVFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJyoTlvn0
j0UDcxXm4G3j5pwe1CS6i3hoTAzd/RjgXG/Qkw2B9vE37r8sMnTHAjFcZRczaxPc
MZJIYFZuHWVtEf9YJvI4oeq7CG8fsm8wUYv8sOgGTInPP4BjdRnP5IVo46/H5Fzd
tB7twZHm7V26FeYl3hHEmcldzLIC3BciAb6X8V/KTmpQ7Cx+nF93xVAoYPZVKRWH
ycd8tqAWz9iK9x1pZ+eDEdzvMrj6lbwReYYy9m8C9q1TlX8tNpH5SNJi1dfH8QEH
OPilU3nNd2i6J3P2gz9xgkS+09Q+FAkEOFgZjbBKDiXdyZglrQZV26IyfCDlpFLd
KJUPr+Zi5vz7og==
-----END CERTIFICATE-----
Generated at Sun Oct 19 18:22:35 2025 by rpki-client