Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e1/0269c5-268c-45e9-8067-0f7a40b5f6f3/1/O2MTmh9PiMMM7iIckUajbbVU_3A.mft
File:                     O2MTmh9PiMMM7iIckUajbbVU_3A.mft (raw, json)
Hash identifier:          ZL4zUbQFLtYZ71lvRv+CXBvtD44RTXOsKZ4zMBVo2iA=
Subject key identifier:   45:1B:0A:B7:98:1E:DA:73:D4:D2:76:28:A5:47:72:BC:36:9D:68:B9
Authority key identifier: 3B:63:13:9A:1F:4F:88:C3:0C:EE:22:1C:91:46:A3:6D:B5:54:FF:70
Certificate issuer:       /CN=3b63139a1f4f88c30cee221c9146a36db554ff70
Certificate serial:       0199FBEC3CA51103479BF77A53B6C6071D24
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/O2MTmh9PiMMM7iIckUajbbVU_3A.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e1/0269c5-268c-45e9-8067-0f7a40b5f6f3/1/O2MTmh9PiMMM7iIckUajbbVU_3A.mft
Manifest number:          097C
Signing time:             Sun 19 Oct 2025 10:03:07 +0000
Manifest this update:     Sun 19 Oct 2025 10:03:07 +0000
Manifest next update:     Mon 20 Oct 2025 10:03:07 +0000
Files and hashes:         1: JoFwTwAv-_c9ZLWMyBNEWDPvfas.roa (hash: ErYlkkNh49mz7B2O46c+uSN3yYpaocdKkRzHsCd2I3A=)
                          2: O2MTmh9PiMMM7iIckUajbbVU_3A.crl (hash: pCs3QrgIHnbQ7RLok7q1x5dvmveJyRf+nmV6GTIISdM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e1/0269c5-268c-45e9-8067-0f7a40b5f6f3/1/O2MTmh9PiMMM7iIckUajbbVU_3A.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e1/0269c5-268c-45e9-8067-0f7a40b5f6f3/1/O2MTmh9PiMMM7iIckUajbbVU_3A.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/O2MTmh9PiMMM7iIckUajbbVU_3A.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 10:03:07 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fb:ec:3c:a5:11:03:47:9b:f7:7a:53:b6:c6:07:1d:24
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3b63139a1f4f88c30cee221c9146a36db554ff70
        Validity
            Not Before: Oct 19 10:03:07 2025 GMT
            Not After : Oct 20 10:03:07 2025 GMT
        Subject: CN=451b0ab7981eda73d4d27628a54772bc369d68b9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:36:89:b4:b1:3b:85:77:91:ba:f4:d1:20:13:
                    e4:3c:10:57:a5:80:ea:41:e0:76:9e:61:37:e7:8b:
                    14:08:66:c7:dd:13:7c:8f:9f:65:88:29:0b:58:ec:
                    a4:89:13:73:90:ee:cf:ca:de:d7:36:38:c0:ff:56:
                    2c:67:74:88:11:5e:91:66:24:fb:8c:72:5e:9a:38:
                    7e:46:81:63:57:44:15:76:5f:8a:7b:17:9a:63:59:
                    e9:50:4a:b9:b1:2c:26:f2:38:d7:d8:98:c3:95:6d:
                    32:0d:5d:15:8a:2a:1e:38:e7:b2:bf:ec:ce:52:6e:
                    b8:7b:bc:f7:8a:6c:85:32:1d:ca:b8:5c:c7:3b:c9:
                    b5:ef:59:7d:e5:bf:2a:58:38:08:b3:09:1b:ba:3a:
                    cd:6e:ed:f1:bc:ff:b2:7d:f3:d3:6d:b4:f0:40:b0:
                    65:d7:dd:16:f6:e9:08:00:7d:e0:e2:2a:62:71:f6:
                    d3:88:e0:4d:2d:a9:ff:35:cc:59:e9:a5:fd:27:40:
                    b8:d3:dc:b8:ab:4e:34:8d:70:e3:1f:c9:16:a4:28:
                    18:2c:4c:c9:45:e9:c7:a1:6c:d8:e8:a4:f4:c1:0c:
                    85:99:b8:42:59:2c:1a:6a:8a:3d:34:fd:e1:f5:c9:
                    5a:f5:6a:85:f5:b5:1b:46:ca:dd:27:c7:5e:6b:53:
                    80:83
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                45:1B:0A:B7:98:1E:DA:73:D4:D2:76:28:A5:47:72:BC:36:9D:68:B9
            X509v3 Authority Key Identifier:
                keyid:3B:63:13:9A:1F:4F:88:C3:0C:EE:22:1C:91:46:A3:6D:B5:54:FF:70

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O2MTmh9PiMMM7iIckUajbbVU_3A.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/0269c5-268c-45e9-8067-0f7a40b5f6f3/1/O2MTmh9PiMMM7iIckUajbbVU_3A.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/0269c5-268c-45e9-8067-0f7a40b5f6f3/1/O2MTmh9PiMMM7iIckUajbbVU_3A.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a1:8e:5e:9f:28:46:0d:75:95:ef:bd:0c:4f:be:2e:0b:5d:b9:
         9f:12:29:43:ca:39:5d:66:62:38:16:4b:74:d6:37:9f:83:17:
         b3:d5:21:6f:14:c0:56:c5:e0:2f:ed:19:5d:1a:08:0d:37:cb:
         ea:b4:0a:cb:7e:2c:4b:39:eb:9c:18:5a:d1:e3:92:d8:83:48:
         07:f8:ee:43:01:3e:d4:6b:6e:a2:00:63:8b:71:38:8c:c1:37:
         c4:9b:11:3a:93:48:9a:65:eb:c4:0a:f7:b4:b9:77:5b:0c:b6:
         ba:44:7a:7a:c0:89:59:bb:22:bf:f6:9a:83:b1:f6:84:13:0d:
         0b:27:56:ba:bc:0b:a7:2e:90:e3:13:ec:d0:61:b1:10:16:b3:
         10:f7:d9:c2:67:e0:12:1b:5b:56:d1:ee:08:8c:66:7c:95:3a:
         db:7d:48:1f:62:27:e6:bf:67:d1:fd:7f:65:33:0a:b2:6e:9d:
         fa:21:7c:a2:4d:b1:ef:ae:fa:db:4e:95:54:f1:31:12:71:43:
         ba:30:20:96:ab:3c:9a:54:86:77:a3:dc:8d:2e:12:01:d5:9a:
         0a:6e:87:35:de:cc:77:4f:ef:2d:82:71:2b:03:df:bf:28:e2:
         de:04:44:c4:f4:b9:45:95:74:50:4f:da:8b:f6:01:5a:dd:3c:
         25:b6:21:d8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn77DylEQNHm/d6U7bGBx0kMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiNjMxMzlhMWY0Zjg4YzMwY2VlMjIxYzkxNDZhMzZkYjU1
NGZmNzAwHhcNMjUxMDE5MTAwMzA3WhcNMjUxMDIwMTAwMzA3WjAzMTEwLwYDVQQD
Eyg0NTFiMGFiNzk4MWVkYTczZDRkMjc2MjhhNTQ3NzJiYzM2OWQ2OGI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApzaJtLE7hXeRuvTRIBPkPBBXpYDq
QeB2nmE354sUCGbH3RN8j59liCkLWOykiRNzkO7Pyt7XNjjA/1YsZ3SIEV6RZiT7
jHJemjh+RoFjV0QVdl+KexeaY1npUEq5sSwm8jjX2JjDlW0yDV0ViioeOOeyv+zO
Um64e7z3imyFMh3KuFzHO8m171l95b8qWDgIswkbujrNbu3xvP+yffPTbbTwQLBl
190W9ukIAH3g4ipicfbTiOBNLan/NcxZ6aX9J0C409y4q040jXDjH8kWpCgYLEzJ
RenHoWzY6KT0wQyFmbhCWSwaaoo9NP3h9cla9WqF9bUbRsrdJ8dea1OAgwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEUbCreYHtpz1NJ2KKVHcrw2nWi5MB8GA1UdIwQY
MBaAFDtjE5ofT4jDDO4iHJFGo221VP9wMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzJNVG1oOVBpTU1NN2lJY2tVYWpiYlZVXzNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMS8wMjY5YzUtMjY4Yy00NWU5LTgwNjct
MGY3YTQwYjVmNmYzLzEvTzJNVG1oOVBpTU1NN2lJY2tVYWpiYlZVXzNBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMS8wMjY5YzUtMjY4Yy00NWU5LTgwNjctMGY3YTQwYjVmNmYz
LzEvTzJNVG1oOVBpTU1NN2lJY2tVYWpiYlZVXzNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAoY5enyhG
DXWV770MT74uC125nxIpQ8o5XWZiOBZLdNY3n4MXs9UhbxTAVsXgL+0ZXRoIDTfL
6rQKy34sSznrnBha0eOS2INIB/juQwE+1GtuogBji3E4jME3xJsROpNImmXrxAr3
tLl3Wwy2ukR6esCJWbsiv/aag7H2hBMNCydWurwLpy6Q4xPs0GGxEBazEPfZwmfg
EhtbVtHuCIxmfJU6231IH2In5r9n0f1/ZTMKsm6d+iF8ok2x7676206VVPExEnFD
ujAglqs8mlSGd6PcjS4SAdWaCm6HNd7Md0/vLYJxKwPfvyji3gRExPS5RZV0UE/a
i/YBWt08JbYh2A==
-----END CERTIFICATE-----
Generated at Sun Oct 19 17:45:36 2025 by rpki-client