Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f9/41ccce-acd8-4fb8-b148-a79510e613e8/1/1MDWlNWdfTa6QhowUPTsfdN4Hv0.mft
File:                     1MDWlNWdfTa6QhowUPTsfdN4Hv0.mft (raw, json)
Hash identifier:          hHXbnfbL/y8LQH8wFPkV3nTcLrc2UbydSWBpn0xWy2g=
Subject key identifier:   A9:CD:E5:76:83:E3:19:A2:52:32:0C:49:25:B4:3A:DF:5B:31:91:F8
Authority key identifier: D4:C0:D6:94:D5:9D:7D:36:BA:42:1A:30:50:F4:EC:7D:D3:78:1E:FD
Certificate issuer:       /CN=d4c0d694d59d7d36ba421a3050f4ec7dd3781efd
Certificate serial:       0199FB7C75CDBCD0E9E6F5FB12694FF05F4F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/1MDWlNWdfTa6QhowUPTsfdN4Hv0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f9/41ccce-acd8-4fb8-b148-a79510e613e8/1/1MDWlNWdfTa6QhowUPTsfdN4Hv0.mft
Manifest number:          0C29
Signing time:             Sun 19 Oct 2025 08:01:01 +0000
Manifest this update:     Sun 19 Oct 2025 08:01:01 +0000
Manifest next update:     Mon 20 Oct 2025 08:01:01 +0000
Files and hashes:         1: 1MDWlNWdfTa6QhowUPTsfdN4Hv0.crl (hash: /QSUN9izYzMRUHns7UhGEbBJH8Ui717ezUixQ6n/iqI=)
                          2: It-Yns2Nwvw18OgbQ81pWbtQZ7M.roa (hash: 7H+X0erT0owXhcTltBjLEsiIIl6BxhT41pVVMePz04w=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f9/41ccce-acd8-4fb8-b148-a79510e613e8/1/1MDWlNWdfTa6QhowUPTsfdN4Hv0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f9/41ccce-acd8-4fb8-b148-a79510e613e8/1/1MDWlNWdfTa6QhowUPTsfdN4Hv0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/1MDWlNWdfTa6QhowUPTsfdN4Hv0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 06:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fb:7c:75:cd:bc:d0:e9:e6:f5:fb:12:69:4f:f0:5f:4f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d4c0d694d59d7d36ba421a3050f4ec7dd3781efd
        Validity
            Not Before: Oct 19 08:01:01 2025 GMT
            Not After : Oct 20 08:01:01 2025 GMT
        Subject: CN=a9cde57683e319a252320c4925b43adf5b3191f8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:03:a0:11:b3:66:8a:f0:3b:92:39:d9:41:c7:
                    7b:e5:43:bc:97:3f:9f:f4:95:04:d9:0b:f1:0e:e5:
                    48:95:85:2b:f1:48:f5:4a:23:1c:59:cf:8b:2b:a6:
                    bf:cc:3f:d7:c2:18:35:81:31:79:d7:f2:39:bd:fe:
                    77:a2:fe:72:25:ea:43:8c:ac:cd:68:be:74:f6:4b:
                    46:16:57:5e:2a:17:da:22:63:00:52:62:a8:f0:67:
                    c8:15:54:11:98:14:bd:da:f8:2f:92:e7:ac:33:85:
                    c0:e4:c7:4d:b9:92:c2:6a:04:36:6a:91:5e:30:b8:
                    80:a9:ff:91:c0:90:17:13:e0:33:7a:38:41:ba:37:
                    2f:b9:68:8f:66:08:87:35:b3:bb:f6:20:8d:f9:40:
                    c0:eb:64:16:08:66:88:47:df:a0:b0:65:fc:b8:43:
                    d7:eb:71:64:2d:0b:9b:d5:d4:e1:d3:c4:57:fb:69:
                    75:20:02:fe:e2:60:d0:ae:eb:61:7e:39:d9:da:22:
                    e3:b4:c9:a3:55:ae:10:d8:3c:1e:d3:92:93:b7:13:
                    95:cd:b2:ad:c1:a1:8b:7d:e1:66:22:f8:f0:0b:c7:
                    2a:43:d9:85:0b:3a:c5:16:d9:f0:6c:01:d0:55:d2:
                    88:6f:c3:f4:ab:08:87:d0:98:e1:ed:31:ed:5b:1a:
                    0d:bf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A9:CD:E5:76:83:E3:19:A2:52:32:0C:49:25:B4:3A:DF:5B:31:91:F8
            X509v3 Authority Key Identifier:
                keyid:D4:C0:D6:94:D5:9D:7D:36:BA:42:1A:30:50:F4:EC:7D:D3:78:1E:FD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1MDWlNWdfTa6QhowUPTsfdN4Hv0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/41ccce-acd8-4fb8-b148-a79510e613e8/1/1MDWlNWdfTa6QhowUPTsfdN4Hv0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/41ccce-acd8-4fb8-b148-a79510e613e8/1/1MDWlNWdfTa6QhowUPTsfdN4Hv0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         55:51:e2:f6:79:7c:df:fd:94:cf:9b:21:f2:d1:42:b1:dd:95:
         f2:c3:af:57:17:74:fc:1d:df:fa:46:53:3f:04:87:38:2f:0c:
         cc:f9:ab:b7:3a:4d:f3:50:67:a0:8b:38:4a:a7:72:20:23:5a:
         55:f0:46:02:2e:f5:6a:9f:f7:ee:9a:90:7e:96:38:47:79:56:
         cf:36:ab:f8:58:4a:d8:1f:70:c9:3f:4c:2b:94:e8:49:c8:33:
         07:37:3d:fc:46:e1:ea:f1:11:5b:02:f6:84:a8:d1:41:c7:e9:
         26:ec:b8:3a:6f:3d:70:7a:5e:4a:b4:18:d0:2b:a8:c9:12:6b:
         9d:f5:79:90:46:16:98:60:5a:5e:7d:07:71:35:92:8f:c7:4e:
         20:3d:04:bd:3c:53:72:76:d8:82:5a:7a:af:62:17:49:5c:2c:
         87:dd:72:73:14:2d:3d:e1:3d:dd:49:11:74:b2:75:0c:a5:c6:
         88:c8:8e:02:4e:ba:0d:4b:39:ef:b0:2c:1a:cb:e2:e9:a9:80:
         1e:e9:47:52:6e:d7:e0:2b:ca:8f:ad:78:e3:11:6a:fd:ed:9e:
         a1:ac:54:35:0b:44:d5:91:a1:99:9d:16:0c:df:af:fb:43:0f:
         24:0f:e4:26:8c:c7:be:29:cb:2c:ab:43:93:ed:c0:8a:d8:aa:
         36:f6:0a:6d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn7fHXNvNDp5vX7EmlP8F9PMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0YzBkNjk0ZDU5ZDdkMzZiYTQyMWEzMDUwZjRlYzdkZDM3
ODFlZmQwHhcNMjUxMDE5MDgwMTAxWhcNMjUxMDIwMDgwMTAxWjAzMTEwLwYDVQQD
EyhhOWNkZTU3NjgzZTMxOWEyNTIzMjBjNDkyNWI0M2FkZjViMzE5MWY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsgOgEbNmivA7kjnZQcd75UO8lz+f
9JUE2QvxDuVIlYUr8Uj1SiMcWc+LK6a/zD/Xwhg1gTF51/I5vf53ov5yJepDjKzN
aL509ktGFldeKhfaImMAUmKo8GfIFVQRmBS92vgvkuesM4XA5MdNuZLCagQ2apFe
MLiAqf+RwJAXE+AzejhBujcvuWiPZgiHNbO79iCN+UDA62QWCGaIR9+gsGX8uEPX
63FkLQub1dTh08RX+2l1IAL+4mDQruthfjnZ2iLjtMmjVa4Q2Dwe05KTtxOVzbKt
waGLfeFmIvjwC8cqQ9mFCzrFFtnwbAHQVdKIb8P0qwiH0Jjh7THtWxoNvwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKnN5XaD4xmiUjIMSSW0Ot9bMZH4MB8GA1UdIwQY
MBaAFNTA1pTVnX02ukIaMFD07H3TeB79MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMU1EV2xOV2RmVGE2UWhvd1VQVHNmZE40SHYwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOS80MWNjY2UtYWNkOC00ZmI4LWIxNDgt
YTc5NTEwZTYxM2U4LzEvMU1EV2xOV2RmVGE2UWhvd1VQVHNmZE40SHYwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOS80MWNjY2UtYWNkOC00ZmI4LWIxNDgtYTc5NTEwZTYxM2U4
LzEvMU1EV2xOV2RmVGE2UWhvd1VQVHNmZE40SHYwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVVHi9nl8
3/2Uz5sh8tFCsd2V8sOvVxd0/B3f+kZTPwSHOC8MzPmrtzpN81BnoIs4SqdyICNa
VfBGAi71ap/37pqQfpY4R3lWzzar+FhK2B9wyT9MK5ToScgzBzc9/Ebh6vERWwL2
hKjRQcfpJuy4Om89cHpeSrQY0CuoyRJrnfV5kEYWmGBaXn0HcTWSj8dOID0EvTxT
cnbYglp6r2IXSVwsh91ycxQtPeE93UkRdLJ1DKXGiMiOAk66DUs577AsGsvi6amA
HulHUm7X4CvKj6144xFq/e2eoaxUNQtE1ZGhmZ0WDN+v+0MPJA/kJozHvinLLKtD
k+3AitiqNvYKbQ==
-----END CERTIFICATE-----
Generated at Sun Oct 19 15:22:57 2025 by rpki-client