Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/0a4564-a525-4615-9a3a-8930ebb83e31/1/niX4djqjUWiba6M2JpqyHE4BILM.mft
File:                     niX4djqjUWiba6M2JpqyHE4BILM.mft (raw, json)
Hash identifier:          INzDorPnpktoRwid9KIlorBdQIWrn5RuouXGFcrkQC4=
Subject key identifier:   FC:8E:0E:ED:2A:E3:08:51:27:CD:19:5C:41:13:48:90:15:5D:C1:19
Authority key identifier: 9E:25:F8:76:3A:A3:51:68:9B:6B:A3:36:26:9A:B2:1C:4E:01:20:B3
Certificate issuer:       /CN=9e25f8763aa351689b6ba336269ab21c4e0120b3
Certificate serial:       0198E2633FECCBC5A6336D5BC6E68F323558
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/niX4djqjUWiba6M2JpqyHE4BILM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/81/0a4564-a525-4615-9a3a-8930ebb83e31/1/niX4djqjUWiba6M2JpqyHE4BILM.mft
Manifest number:          0474
Signing time:             Mon 25 Aug 2025 18:00:11 +0000
Manifest this update:     Mon 25 Aug 2025 18:00:11 +0000
Manifest next update:     Tue 26 Aug 2025 18:00:11 +0000
Files and hashes:         1: 3lv0MS0KMvs2NqTlqtd3HvxtHfA.roa (hash: Jn8Yd6x4goPshXFFHZFFSl5WpHb8SXFgvxZ7Lsgfvu4=)
                          2: niX4djqjUWiba6M2JpqyHE4BILM.crl (hash: ahhDrGKrolEPNcz2A6/nOcq3nJSDwsLnS9hRNe6V8QM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/81/0a4564-a525-4615-9a3a-8930ebb83e31/1/niX4djqjUWiba6M2JpqyHE4BILM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/81/0a4564-a525-4615-9a3a-8930ebb83e31/1/niX4djqjUWiba6M2JpqyHE4BILM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/niX4djqjUWiba6M2JpqyHE4BILM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 26 Aug 2025 14:16:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:e2:63:3f:ec:cb:c5:a6:33:6d:5b:c6:e6:8f:32:35:58
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9e25f8763aa351689b6ba336269ab21c4e0120b3
        Validity
            Not Before: Aug 25 18:00:11 2025 GMT
            Not After : Aug 26 18:00:11 2025 GMT
        Subject: CN=fc8e0eed2ae3085127cd195c41134890155dc119
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:20:20:52:5c:bf:c0:ab:f1:4b:62:61:d1:ac:
                    b0:3f:11:eb:b7:45:96:49:32:28:c9:3e:2e:b8:cd:
                    49:41:bf:60:4c:ea:71:d2:8e:77:71:76:9d:21:66:
                    f8:76:97:5f:d8:4b:89:cc:3b:cb:aa:f3:0c:aa:86:
                    ac:b0:2a:82:b5:a3:46:eb:19:80:8f:40:b5:8f:77:
                    9a:7d:49:94:37:02:db:19:dc:bf:36:53:43:63:0f:
                    ac:53:be:64:a3:69:12:88:58:36:db:e2:98:da:33:
                    6c:cb:80:64:f5:61:85:62:66:d9:6f:65:97:bb:5c:
                    b0:d6:d2:6b:38:2b:2d:4d:61:bc:88:41:ad:21:75:
                    c2:c5:88:c0:94:af:46:92:4e:f1:fb:4f:8f:80:34:
                    d9:88:cf:35:7d:b6:0b:10:65:1e:31:fe:99:59:9d:
                    6f:a6:b1:90:92:82:e5:2e:d6:2b:f0:e3:8c:49:b7:
                    cb:0b:eb:27:43:28:78:3a:f9:04:7c:cb:1a:a6:46:
                    83:13:73:2b:10:19:2b:38:ca:30:8f:ea:78:e9:5b:
                    f6:c4:f8:70:cf:95:6c:8a:3e:46:d8:eb:4d:02:25:
                    7e:99:24:1e:14:7d:87:1a:54:ca:2a:30:a3:9e:47:
                    14:4a:c7:b9:a3:a6:f5:27:b4:b0:bf:7f:c3:bf:3a:
                    42:85
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FC:8E:0E:ED:2A:E3:08:51:27:CD:19:5C:41:13:48:90:15:5D:C1:19
            X509v3 Authority Key Identifier:
                keyid:9E:25:F8:76:3A:A3:51:68:9B:6B:A3:36:26:9A:B2:1C:4E:01:20:B3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/niX4djqjUWiba6M2JpqyHE4BILM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/0a4564-a525-4615-9a3a-8930ebb83e31/1/niX4djqjUWiba6M2JpqyHE4BILM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/81/0a4564-a525-4615-9a3a-8930ebb83e31/1/niX4djqjUWiba6M2JpqyHE4BILM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         41:f7:c9:ee:0c:f8:b3:4f:3b:f8:b9:70:e6:d8:3e:ef:97:f1:
         8a:9d:7e:fc:1b:28:a0:af:11:e0:32:69:8a:bb:7c:14:8f:db:
         7e:d7:7a:a1:17:6a:80:cc:22:77:65:20:57:36:ab:a2:ba:0d:
         61:49:67:3a:23:bc:f0:2e:54:24:39:03:1b:66:47:d1:0a:4f:
         2d:8e:67:42:fd:df:a8:74:b1:86:8c:0a:81:b0:ca:4b:1b:08:
         db:4c:12:00:8a:75:1e:79:ca:b2:47:f1:aa:9a:c5:26:39:2d:
         f1:6b:29:a8:91:03:87:a8:9d:e0:d9:aa:d3:71:14:33:29:1d:
         5e:ed:91:63:be:9a:b4:bc:83:40:4c:eb:7f:40:5b:ad:0f:92:
         6f:e3:41:f1:b8:a7:96:9d:bf:19:4a:39:05:fe:3a:ad:58:9f:
         16:c0:ac:cf:86:d6:c6:93:f7:f7:fe:d6:bf:75:52:bc:09:d9:
         c2:10:93:84:4c:65:79:ee:70:9f:34:1d:91:bf:33:a5:98:c8:
         9f:0c:f9:97:dc:a9:29:60:50:6a:76:c4:e1:6e:37:ea:12:57:
         58:a4:f9:3d:33:73:ae:d8:ef:5f:8b:16:c8:9d:c2:5d:6a:4d:
         6d:e9:88:29:ae:43:bf:98:f0:5e:ca:5f:96:1e:7a:fd:33:48:
         fb:0a:4a:61
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjiYz/sy8WmM21bxuaPMjVYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllMjVmODc2M2FhMzUxNjg5YjZiYTMzNjI2OWFiMjFjNGUw
MTIwYjMwHhcNMjUwODI1MTgwMDExWhcNMjUwODI2MTgwMDExWjAzMTEwLwYDVQQD
EyhmYzhlMGVlZDJhZTMwODUxMjdjZDE5NWM0MTEzNDg5MDE1NWRjMTE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvyAgUly/wKvxS2Jh0aywPxHrt0WW
STIoyT4uuM1JQb9gTOpx0o53cXadIWb4dpdf2EuJzDvLqvMMqoassCqCtaNG6xmA
j0C1j3eafUmUNwLbGdy/NlNDYw+sU75ko2kSiFg22+KY2jNsy4Bk9WGFYmbZb2WX
u1yw1tJrOCstTWG8iEGtIXXCxYjAlK9Gkk7x+0+PgDTZiM81fbYLEGUeMf6ZWZ1v
prGQkoLlLtYr8OOMSbfLC+snQyh4OvkEfMsapkaDE3MrEBkrOMowj+p46Vv2xPhw
z5Vsij5G2OtNAiV+mSQeFH2HGlTKKjCjnkcUSse5o6b1J7Swv3/DvzpChQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPyODu0q4whRJ80ZXEETSJAVXcEZMB8GA1UdIwQY
MBaAFJ4l+HY6o1Fom2ujNiaashxOASCzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbmlYNGRqcWpVV2liYTZNMkpwcXlIRTRCSUxNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MS8wYTQ1NjQtYTUyNS00NjE1LTlhM2Et
ODkzMGViYjgzZTMxLzEvbmlYNGRqcWpVV2liYTZNMkpwcXlIRTRCSUxNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MS8wYTQ1NjQtYTUyNS00NjE1LTlhM2EtODkzMGViYjgzZTMx
LzEvbmlYNGRqcWpVV2liYTZNMkpwcXlIRTRCSUxNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQffJ7gz4
s087+Llw5tg+75fxip1+/BsooK8R4DJpirt8FI/bftd6oRdqgMwid2UgVzaroroN
YUlnOiO88C5UJDkDG2ZH0QpPLY5nQv3fqHSxhowKgbDKSxsI20wSAIp1HnnKskfx
qprFJjkt8WspqJEDh6id4Nmq03EUMykdXu2RY76atLyDQEzrf0BbrQ+Sb+NB8bin
lp2/GUo5Bf46rVifFsCsz4bWxpP39/7Wv3VSvAnZwhCThExlee5wnzQdkb8zpZjI
nwz5l9ypKWBQanbE4W436hJXWKT5PTNzrtjvX4sWyJ3CXWpNbemIKa5Dv5jwXspf
lh56/TNI+wpKYQ==
-----END CERTIFICATE-----
Generated at Tue Aug 26 00:13:57 2025 by rpki-client