Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e4/9e8166-160f-4ce2-9017-1e151aa1afdc/1/nY85NIPUicQp_Biwk0LXbQr-QkQ.mft
File:                     nY85NIPUicQp_Biwk0LXbQr-QkQ.mft (raw, json)
Hash identifier:          yc6c7HJep1GPuH5zw0CyzRPYKwqXhY8CrcBpN37yoB4=
Subject key identifier:   83:E1:38:96:E8:40:D7:2A:46:0C:E9:95:60:60:0A:AC:AE:9D:AA:46
Authority key identifier: 9D:8F:39:34:83:D4:89:C4:29:FC:18:B0:93:42:D7:6D:0A:FE:42:44
Certificate issuer:       /CN=9d8f393483d489c429fc18b09342d76d0afe4244
Certificate serial:       0199FD3443128F88D65D367F4B3D0ED9C3F7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/nY85NIPUicQp_Biwk0LXbQr-QkQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e4/9e8166-160f-4ce2-9017-1e151aa1afdc/1/nY85NIPUicQp_Biwk0LXbQr-QkQ.mft
Manifest number:          12CC
Signing time:             Sun 19 Oct 2025 16:01:24 +0000
Manifest this update:     Sun 19 Oct 2025 16:01:24 +0000
Manifest next update:     Mon 20 Oct 2025 16:01:24 +0000
Files and hashes:         1: fCKBgjNaPgCYlEAaSC02t2TX-HQ.roa (hash: z50OwHqPJLgmTj1OD+z+QDtPxp5JJkD8lN3khIG3bwQ=)
                          2: nY85NIPUicQp_Biwk0LXbQr-QkQ.crl (hash: lXPBpOnmn9q4kgj+x/8E0hJkFdqcE/RVmU2cy3Fqgtc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e4/9e8166-160f-4ce2-9017-1e151aa1afdc/1/nY85NIPUicQp_Biwk0LXbQr-QkQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e4/9e8166-160f-4ce2-9017-1e151aa1afdc/1/nY85NIPUicQp_Biwk0LXbQr-QkQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/nY85NIPUicQp_Biwk0LXbQr-QkQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 11:18:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fd:34:43:12:8f:88:d6:5d:36:7f:4b:3d:0e:d9:c3:f7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9d8f393483d489c429fc18b09342d76d0afe4244
        Validity
            Not Before: Oct 19 16:01:24 2025 GMT
            Not After : Oct 20 16:01:24 2025 GMT
        Subject: CN=83e13896e840d72a460ce99560600aacae9daa46
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:c1:8a:31:18:41:03:08:82:43:3d:e2:9e:bb:
                    12:30:19:be:2a:10:8b:85:88:3c:b1:2d:72:0b:b5:
                    60:c6:99:ea:30:b5:92:e8:fd:a5:e0:ea:8b:ff:61:
                    1b:b0:2e:d0:97:07:0d:27:61:19:84:f2:55:29:d4:
                    1b:d8:54:3a:62:63:35:29:ba:1f:b1:79:71:55:25:
                    04:f7:88:e6:97:b3:e2:93:5c:06:80:15:12:b4:ea:
                    c4:55:56:81:50:e6:44:3a:84:99:28:41:30:96:9a:
                    c3:38:a9:d0:cd:2a:fe:f9:bb:f9:3b:d4:fd:4d:53:
                    1f:1f:1d:c5:f3:b1:ed:5c:2a:0f:6d:81:35:49:09:
                    d7:5e:d1:b5:fa:71:db:82:38:ee:4f:27:db:e8:03:
                    26:c1:92:60:cb:b3:6d:f2:39:2f:3b:1a:33:fe:bc:
                    54:00:2f:bc:7c:58:1d:9d:d2:e6:fd:dc:38:03:9f:
                    8b:3b:ea:f1:07:49:a4:3a:9c:8e:23:6c:17:51:27:
                    1e:b7:de:eb:cf:ef:a7:d4:da:0b:8f:92:8d:07:9f:
                    77:3b:eb:c4:f7:8e:6a:e5:a2:fe:64:5b:5a:04:ee:
                    4e:14:e3:82:34:0a:8d:ef:f4:73:e9:dc:e1:38:14:
                    06:6a:a2:56:12:0d:c4:0a:d8:21:0c:0b:f4:c8:09:
                    e4:89
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                83:E1:38:96:E8:40:D7:2A:46:0C:E9:95:60:60:0A:AC:AE:9D:AA:46
            X509v3 Authority Key Identifier:
                keyid:9D:8F:39:34:83:D4:89:C4:29:FC:18:B0:93:42:D7:6D:0A:FE:42:44

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nY85NIPUicQp_Biwk0LXbQr-QkQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/9e8166-160f-4ce2-9017-1e151aa1afdc/1/nY85NIPUicQp_Biwk0LXbQr-QkQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/9e8166-160f-4ce2-9017-1e151aa1afdc/1/nY85NIPUicQp_Biwk0LXbQr-QkQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         ab:41:fb:7e:fc:f5:6b:b3:fc:d0:35:c7:b2:c8:93:76:65:9c:
         f7:11:f0:f1:e4:48:1f:04:07:09:bf:3c:f0:30:ee:20:52:5d:
         d2:9f:8a:f7:9a:ca:c6:6b:d3:ac:86:ba:dd:34:3c:36:6e:97:
         39:1a:d8:a6:dd:65:d9:f3:1f:34:df:4f:a4:fa:5e:8a:82:02:
         d2:bf:0c:a0:5e:4f:06:a6:96:4d:95:93:e2:43:95:f1:34:1d:
         f7:74:e0:ab:94:11:2e:a6:5a:af:3e:f0:d7:b3:57:2a:25:f4:
         ca:34:ae:b6:2a:d8:24:d7:d5:ea:03:30:55:c4:e2:cb:16:85:
         29:3a:4e:c0:3f:2d:69:f7:5f:a8:e8:8c:44:a3:d2:44:fc:45:
         01:71:7d:a2:7a:52:df:ee:9f:c4:1c:e6:b9:04:c9:3b:6d:98:
         5e:7e:76:6e:b0:9a:f2:6d:32:05:cb:64:46:52:93:9f:64:99:
         03:14:d6:58:98:b0:29:d4:d2:b7:a9:bf:54:7c:b6:b4:36:93:
         a9:b2:fa:22:b7:ec:35:e0:2f:e2:64:e6:11:4a:76:0c:8d:4a:
         e2:c3:bd:79:1f:38:92:61:63:d5:7c:da:25:71:68:49:79:6e:
         70:f7:9d:ad:91:b2:c1:19:63:45:25:14:a8:e5:b5:b0:02:b3:
         bb:57:fd:6d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn9NEMSj4jWXTZ/Sz0O2cP3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkOGYzOTM0ODNkNDg5YzQyOWZjMThiMDkzNDJkNzZkMGFm
ZTQyNDQwHhcNMjUxMDE5MTYwMTI0WhcNMjUxMDIwMTYwMTI0WjAzMTEwLwYDVQQD
Eyg4M2UxMzg5NmU4NDBkNzJhNDYwY2U5OTU2MDYwMGFhY2FlOWRhYTQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAssGKMRhBAwiCQz3inrsSMBm+KhCL
hYg8sS1yC7VgxpnqMLWS6P2l4OqL/2EbsC7QlwcNJ2EZhPJVKdQb2FQ6YmM1Kbof
sXlxVSUE94jml7Pik1wGgBUStOrEVVaBUOZEOoSZKEEwlprDOKnQzSr++bv5O9T9
TVMfHx3F87HtXCoPbYE1SQnXXtG1+nHbgjjuTyfb6AMmwZJgy7Nt8jkvOxoz/rxU
AC+8fFgdndLm/dw4A5+LO+rxB0mkOpyOI2wXUScet97rz++n1NoLj5KNB593O+vE
945q5aL+ZFtaBO5OFOOCNAqN7/Rz6dzhOBQGaqJWEg3ECtghDAv0yAnkiQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIPhOJboQNcqRgzplWBgCqyunapGMB8GA1UdIwQY
MBaAFJ2POTSD1InEKfwYsJNC120K/kJEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblk4NU5JUFVpY1FwX0Jpd2swTFhiUXItUWtRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNC85ZTgxNjYtMTYwZi00Y2UyLTkwMTct
MWUxNTFhYTFhZmRjLzEvblk4NU5JUFVpY1FwX0Jpd2swTFhiUXItUWtRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNC85ZTgxNjYtMTYwZi00Y2UyLTkwMTctMWUxNTFhYTFhZmRj
LzEvblk4NU5JUFVpY1FwX0Jpd2swTFhiUXItUWtRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAq0H7fvz1
a7P80DXHssiTdmWc9xHw8eRIHwQHCb888DDuIFJd0p+K95rKxmvTrIa63TQ8Nm6X
ORrYpt1l2fMfNN9PpPpeioIC0r8MoF5PBqaWTZWT4kOV8TQd93Tgq5QRLqZarz7w
17NXKiX0yjSutirYJNfV6gMwVcTiyxaFKTpOwD8tafdfqOiMRKPSRPxFAXF9onpS
3+6fxBzmuQTJO22YXn52brCa8m0yBctkRlKTn2SZAxTWWJiwKdTSt6m/VHy2tDaT
qbL6IrfsNeAv4mTmEUp2DI1K4sO9eR84kmFj1XzaJXFoSXlucPedrZGywRljRSUU
qOW1sAKzu1f9bQ==
-----END CERTIFICATE-----
Generated at Sun Oct 19 18:22:37 2025 by rpki-client