Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/a75e63-8149-49c6-939f-c6bf2ffb7253/1/TzLUClO7YLhnWebsClIHMAtBr3A.mft
File:                     TzLUClO7YLhnWebsClIHMAtBr3A.mft (raw, json)
Hash identifier:          2Uaf3w7nUHQuKNvgtHHCYdFmBu2epFyTvHRIxEhELVI=
Subject key identifier:   4C:D1:DD:D8:A1:5C:BD:01:B7:B3:E1:BE:09:4B:5A:C3:97:FD:F8:2D
Authority key identifier: 4F:32:D4:0A:53:BB:60:B8:67:59:E6:EC:0A:52:07:30:0B:41:AF:70
Certificate issuer:       /CN=4f32d40a53bb60b86759e6ec0a5207300b41af70
Certificate serial:       0199FB7CF86580A4FC4F571D3F985A929733
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/TzLUClO7YLhnWebsClIHMAtBr3A.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f3/a75e63-8149-49c6-939f-c6bf2ffb7253/1/TzLUClO7YLhnWebsClIHMAtBr3A.mft
Manifest number:          16E0
Signing time:             Sun 19 Oct 2025 08:01:35 +0000
Manifest this update:     Sun 19 Oct 2025 08:01:35 +0000
Manifest next update:     Mon 20 Oct 2025 08:01:35 +0000
Files and hashes:         1: 2j3kAJC1aDvfwJPuGUvb554m29Y.roa (hash: Hr+M1o8+SSmf7r+qXis6TOXIjRUjTFBSHGU0mpn3FN4=)
                          2: TzLUClO7YLhnWebsClIHMAtBr3A.crl (hash: fait3hdYcKrXDfA/Kjuk+OuGTcmcULEwWCYsOQojmjU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f3/a75e63-8149-49c6-939f-c6bf2ffb7253/1/TzLUClO7YLhnWebsClIHMAtBr3A.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f3/a75e63-8149-49c6-939f-c6bf2ffb7253/1/TzLUClO7YLhnWebsClIHMAtBr3A.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/TzLUClO7YLhnWebsClIHMAtBr3A.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 06:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fb:7c:f8:65:80:a4:fc:4f:57:1d:3f:98:5a:92:97:33
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4f32d40a53bb60b86759e6ec0a5207300b41af70
        Validity
            Not Before: Oct 19 08:01:35 2025 GMT
            Not After : Oct 20 08:01:35 2025 GMT
        Subject: CN=4cd1ddd8a15cbd01b7b3e1be094b5ac397fdf82d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c7:07:93:dd:8a:84:af:65:c0:68:49:59:29:11:
                    14:44:6c:4f:a9:a0:e6:9b:b7:bc:23:74:45:3b:70:
                    b6:5d:90:c0:91:22:71:44:08:ab:7e:6a:80:b0:1b:
                    7a:c4:ad:aa:a2:d7:83:a6:c4:06:51:3b:f8:74:7a:
                    cf:f4:e3:dc:3c:2c:0f:91:92:0c:8f:33:09:7d:e8:
                    9d:25:1f:cc:5f:2c:03:58:5c:9b:7a:05:9b:cb:9d:
                    a8:0e:d0:50:30:ca:69:9c:7c:17:7a:ca:93:43:fc:
                    0a:8e:29:88:a4:30:12:df:a2:13:56:fb:1d:c0:4f:
                    bf:6a:cd:24:ab:ad:f1:92:e5:ae:6d:5a:8c:35:84:
                    49:48:d9:d0:53:b6:76:bb:2d:7a:55:50:ec:d8:ca:
                    b3:2c:4c:e1:14:b1:cb:c0:c0:a8:c6:86:af:e4:7c:
                    9b:40:01:e7:d7:dc:7c:68:e3:1a:de:ad:41:32:23:
                    ed:b9:84:a3:73:5d:6c:54:90:2c:8e:28:f6:f7:a8:
                    3b:b8:f4:ea:f8:ec:7b:79:2c:39:77:54:89:2e:32:
                    7e:de:b7:d1:f8:cd:8d:3f:05:68:68:9b:e6:bb:30:
                    4d:d8:f0:04:32:5c:24:ab:52:c7:7b:90:b2:c9:b7:
                    e6:0e:e1:91:ab:06:d8:c3:21:07:41:80:88:80:e1:
                    79:97
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4C:D1:DD:D8:A1:5C:BD:01:B7:B3:E1:BE:09:4B:5A:C3:97:FD:F8:2D
            X509v3 Authority Key Identifier:
                keyid:4F:32:D4:0A:53:BB:60:B8:67:59:E6:EC:0A:52:07:30:0B:41:AF:70

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TzLUClO7YLhnWebsClIHMAtBr3A.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/a75e63-8149-49c6-939f-c6bf2ffb7253/1/TzLUClO7YLhnWebsClIHMAtBr3A.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/a75e63-8149-49c6-939f-c6bf2ffb7253/1/TzLUClO7YLhnWebsClIHMAtBr3A.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         21:83:a5:2f:0a:18:9b:fe:aa:43:be:a6:4d:77:51:1f:63:17:
         13:ed:b8:92:01:67:71:59:9d:f0:6e:ea:33:17:77:79:77:48:
         ea:b6:35:45:05:e3:75:a4:f1:c9:b8:00:e4:c7:c8:f7:68:3b:
         4c:cb:be:a6:0d:65:93:eb:dd:18:47:fe:78:c6:86:79:90:f1:
         4d:22:0b:a0:4a:f5:5e:7c:ec:ff:ce:cc:31:4d:e3:b6:9b:ab:
         54:ec:32:fd:ac:b6:1d:48:26:4a:35:ab:d9:63:7d:07:56:7c:
         a7:db:11:77:77:11:ef:70:dc:04:1d:65:f2:43:c9:cc:97:36:
         48:e5:21:e0:c5:ac:19:9b:16:cb:45:97:6b:7f:35:c8:ce:45:
         d0:4e:18:07:c1:23:3b:81:ed:53:bf:82:75:9e:d6:bb:91:6f:
         01:89:e4:3c:18:1e:bc:9f:0f:2a:9d:5b:07:ac:30:89:32:12:
         00:e9:91:a3:58:ae:c5:a0:6a:04:f9:22:66:1e:44:35:4a:c3:
         c8:6c:03:c6:19:e4:a9:53:9b:51:32:22:ae:59:b4:cf:f9:73:
         0c:ef:f5:b6:c9:87:0d:7a:cf:45:34:64:73:b0:d5:a4:b8:ae:
         74:62:cb:22:b0:a9:a2:4f:ad:eb:45:63:75:09:2b:0a:f1:2a:
         d5:ef:a3:78
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn7fPhlgKT8T1cdP5hakpczMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMzJkNDBhNTNiYjYwYjg2NzU5ZTZlYzBhNTIwNzMwMGI0
MWFmNzAwHhcNMjUxMDE5MDgwMTM1WhcNMjUxMDIwMDgwMTM1WjAzMTEwLwYDVQQD
Eyg0Y2QxZGRkOGExNWNiZDAxYjdiM2UxYmUwOTRiNWFjMzk3ZmRmODJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxweT3YqEr2XAaElZKREURGxPqaDm
m7e8I3RFO3C2XZDAkSJxRAirfmqAsBt6xK2qoteDpsQGUTv4dHrP9OPcPCwPkZIM
jzMJfeidJR/MXywDWFybegWby52oDtBQMMppnHwXesqTQ/wKjimIpDAS36ITVvsd
wE+/as0kq63xkuWubVqMNYRJSNnQU7Z2uy16VVDs2MqzLEzhFLHLwMCoxoav5Hyb
QAHn19x8aOMa3q1BMiPtuYSjc11sVJAsjij296g7uPTq+Ox7eSw5d1SJLjJ+3rfR
+M2NPwVoaJvmuzBN2PAEMlwkq1LHe5CyybfmDuGRqwbYwyEHQYCIgOF5lwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEzR3dihXL0Bt7PhvglLWsOX/fgtMB8GA1UdIwQY
MBaAFE8y1ApTu2C4Z1nm7ApSBzALQa9wMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHpMVUNsTzdZTGhuV2Vic0NsSUhNQXRCcjNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMy9hNzVlNjMtODE0OS00OWM2LTkzOWYt
YzZiZjJmZmI3MjUzLzEvVHpMVUNsTzdZTGhuV2Vic0NsSUhNQXRCcjNBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMy9hNzVlNjMtODE0OS00OWM2LTkzOWYtYzZiZjJmZmI3MjUz
LzEvVHpMVUNsTzdZTGhuV2Vic0NsSUhNQXRCcjNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAIYOlLwoY
m/6qQ76mTXdRH2MXE+24kgFncVmd8G7qMxd3eXdI6rY1RQXjdaTxybgA5MfI92g7
TMu+pg1lk+vdGEf+eMaGeZDxTSILoEr1Xnzs/87MMU3jtpurVOwy/ay2HUgmSjWr
2WN9B1Z8p9sRd3cR73DcBB1l8kPJzJc2SOUh4MWsGZsWy0WXa381yM5F0E4YB8Ej
O4HtU7+CdZ7Wu5FvAYnkPBgevJ8PKp1bB6wwiTISAOmRo1iuxaBqBPkiZh5ENUrD
yGwDxhnkqVObUTIirlm0z/lzDO/1tsmHDXrPRTRkc7DVpLiudGLLIrCpok+t60Vj
dQkrCvEq1e+jeA==
-----END CERTIFICATE-----
Generated at Sun Oct 19 13:06:22 2025 by rpki-client