Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d8/38c5ac-b7e7-40dd-98d3-e2166ad74e3f/1/CY97o0vGVnvTYW1XT3KF3XVW2_0.mft
File:                     CY97o0vGVnvTYW1XT3KF3XVW2_0.mft (raw, json)
Hash identifier:          Xs04tqyFiguFA/+xayqn7YhHasA14goBGGpDN+UH3Ag=
Subject key identifier:   64:E2:3D:37:B8:75:A0:B0:AF:1A:27:DC:C1:CE:8F:D0:2C:5D:9A:FF
Authority key identifier: 09:8F:7B:A3:4B:C6:56:7B:D3:61:6D:57:4F:72:85:DD:75:56:DB:FD
Certificate issuer:       /CN=098f7ba34bc6567bd3616d574f7285dd7556dbfd
Certificate serial:       019A8462BEE24D7CF3C290D9D4AD9A3A1D87
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/CY97o0vGVnvTYW1XT3KF3XVW2_0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d8/38c5ac-b7e7-40dd-98d3-e2166ad74e3f/1/CY97o0vGVnvTYW1XT3KF3XVW2_0.mft
Manifest number:          0B43
Signing time:             Fri 14 Nov 2025 22:00:55 +0000
Manifest this update:     Fri 14 Nov 2025 22:00:55 +0000
Manifest next update:     Sat 15 Nov 2025 22:00:55 +0000
Files and hashes:         1: BVbo9uh3-UvDvwSZi6BfXSBGPHU.roa (hash: Z8qyhH6viB+EEzaDtRv3WrjvxrAR7rKFv4csNYovB+g=)
                          2: CY97o0vGVnvTYW1XT3KF3XVW2_0.crl (hash: lzr4mjbIZ8O0sI3OpY5n6x8oJ/LiXSHVSnCrYxjcpyo=)
                          3: DN7cb2WxNWOTpycH6YaG66edbbs.roa (hash: xHRCbbCrWIHuruRPkilEuXWa24rKkDGqIeFboryKMwQ=)
                          4: Fiaoyzt87itbMDPQcRW3KUFZRqE.roa (hash: msw75zbRd9jVXLoPptdxNvS4cyBll5nFN6qdq2TWWOE=)
                          5: HHx5PgT40c8odAvxk1P-fxWePlA.roa (hash: zPsSrq/ptkyDcwkMCUxFQsAp1K70phIRO2z3d5q6bK8=)
                          6: OEhLMwhGsj88kZ4FqVMVTfpqz-8.roa (hash: /KQ43a3fdsH0+xJZbYiIUJZNQ9G0ar1u4ierKXmEsMM=)
                          7: m87-CXNBm5VwmmEvQBAI-p_8l98.roa (hash: vGGq9E7IPOkRddkapcYuXImJsPgw9f+HEWKjnAHtMCI=)
                          8: nMhyX7boXa--DjLfLdE1CijBszU.roa (hash: s95e1FJb6EuRsUkazwo7HJhOqZW3W1mabgyeLhjUIIo=)
                          9: o0CQ-6MywHICo_xO6JVYrovLnaI.roa (hash: z9rRzR4IXOVwVGTGGEfUd7SIN6ihlxFiSh4at67AG5g=)
                          10: wWtKIfnyuy5Pwsg7v1x01k_AkAs.roa (hash: 9+2f6OaYEE6gwGcro5Uy8iHzJQ0Asb4j3ndklknXQsA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d8/38c5ac-b7e7-40dd-98d3-e2166ad74e3f/1/CY97o0vGVnvTYW1XT3KF3XVW2_0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d8/38c5ac-b7e7-40dd-98d3-e2166ad74e3f/1/CY97o0vGVnvTYW1XT3KF3XVW2_0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/CY97o0vGVnvTYW1XT3KF3XVW2_0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 15 Nov 2025 18:00:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:84:62:be:e2:4d:7c:f3:c2:90:d9:d4:ad:9a:3a:1d:87
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=098f7ba34bc6567bd3616d574f7285dd7556dbfd
        Validity
            Not Before: Nov 14 22:00:55 2025 GMT
            Not After : Nov 15 22:00:55 2025 GMT
        Subject: CN=64e23d37b875a0b0af1a27dcc1ce8fd02c5d9aff
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:d4:31:dd:8c:45:23:ba:b9:7f:d8:2a:46:01:
                    07:49:c3:0b:81:4e:9d:5f:ed:38:86:0b:11:83:d5:
                    53:85:3e:a3:64:bb:4c:cc:4b:36:e4:a6:61:72:83:
                    6e:7b:f7:58:9e:9f:7e:c7:52:bf:91:e9:6d:5e:69:
                    eb:04:60:e7:07:0a:7c:cb:23:c2:f3:42:f1:e7:04:
                    c0:4d:81:7e:42:0f:25:1d:ef:7a:91:7b:ff:a5:5e:
                    2d:de:63:03:41:78:0b:b4:ff:57:36:d0:a8:25:f8:
                    f2:ce:ce:9a:fd:c9:a2:15:c0:e5:2a:b4:a5:a1:f5:
                    bb:cf:08:d6:2b:88:77:e8:c1:89:9a:c6:ee:8b:07:
                    af:91:fd:ed:ce:98:4a:a5:af:99:61:68:6f:8e:d0:
                    22:d4:a9:fb:ca:60:b7:f5:c6:44:9a:0e:e6:e7:ee:
                    44:40:b2:5b:9c:02:4f:9f:9d:63:30:d6:b6:ab:71:
                    f2:aa:8f:6f:9f:c4:9c:91:f2:63:50:96:f1:29:05:
                    28:1c:7a:4f:c5:0d:5c:d8:1d:b3:3c:43:ae:18:a2:
                    11:ab:66:4b:13:03:1b:82:eb:85:f3:de:1a:00:a3:
                    e3:26:2f:7e:3a:ed:72:cc:3a:cf:91:56:1b:c1:78:
                    ce:40:b4:66:bf:df:52:19:b3:3f:17:5c:c8:4c:dd:
                    e7:91
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                64:E2:3D:37:B8:75:A0:B0:AF:1A:27:DC:C1:CE:8F:D0:2C:5D:9A:FF
            X509v3 Authority Key Identifier:
                keyid:09:8F:7B:A3:4B:C6:56:7B:D3:61:6D:57:4F:72:85:DD:75:56:DB:FD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CY97o0vGVnvTYW1XT3KF3XVW2_0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/38c5ac-b7e7-40dd-98d3-e2166ad74e3f/1/CY97o0vGVnvTYW1XT3KF3XVW2_0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/38c5ac-b7e7-40dd-98d3-e2166ad74e3f/1/CY97o0vGVnvTYW1XT3KF3XVW2_0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         07:2a:35:ac:04:84:9a:f1:65:ea:b4:a8:99:51:df:43:89:13:
         15:97:a8:80:97:15:35:cd:5c:f7:ac:ea:5b:9a:2e:67:b8:47:
         7f:b5:e4:ad:27:d4:45:ae:c3:22:22:58:de:7f:50:e9:ce:bb:
         9b:48:67:64:6c:e9:89:d3:63:6d:3f:0c:83:c9:37:f1:cf:96:
         4c:31:77:6d:e0:92:27:de:3a:8c:ee:dc:22:e6:4e:d1:d0:d9:
         dd:b3:cc:ad:26:ac:0c:72:3a:58:a9:bc:1e:8a:77:09:77:62:
         1b:26:dc:07:cc:e3:f3:ac:4d:91:ce:b2:f9:0a:48:c1:38:d4:
         a2:e8:47:d4:c3:0c:2c:21:f2:90:74:d3:d9:2a:af:4a:f5:0c:
         78:e9:cd:91:f5:ed:b3:d3:aa:00:0b:f9:57:98:fb:85:55:0c:
         e6:7f:6d:77:37:3d:86:72:b6:35:34:b0:24:10:b0:86:2d:e1:
         d2:7c:ad:42:90:19:76:52:11:c5:16:07:74:7a:b1:a4:b3:95:
         e3:c5:18:c2:e3:db:df:71:c8:76:30:83:5a:3a:b9:33:4a:67:
         b7:f3:14:92:45:ef:33:70:d8:8c:c9:fc:74:10:56:a5:b9:fe:
         df:27:d5:c5:6c:9b:08:39:47:a6:7b:a6:db:c1:cc:1b:25:f6:
         cf:63:4b:57
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZqEYr7iTXzzwpDZ1K2aOh2HMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5OGY3YmEzNGJjNjU2N2JkMzYxNmQ1NzRmNzI4NWRkNzU1
NmRiZmQwHhcNMjUxMTE0MjIwMDU1WhcNMjUxMTE1MjIwMDU1WjAzMTEwLwYDVQQD
Eyg2NGUyM2QzN2I4NzVhMGIwYWYxYTI3ZGNjMWNlOGZkMDJjNWQ5YWZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyNQx3YxFI7q5f9gqRgEHScMLgU6d
X+04hgsRg9VThT6jZLtMzEs25KZhcoNue/dYnp9+x1K/keltXmnrBGDnBwp8yyPC
80Lx5wTATYF+Qg8lHe96kXv/pV4t3mMDQXgLtP9XNtCoJfjyzs6a/cmiFcDlKrSl
ofW7zwjWK4h36MGJmsbuiwevkf3tzphKpa+ZYWhvjtAi1Kn7ymC39cZEmg7m5+5E
QLJbnAJPn51jMNa2q3Hyqo9vn8SckfJjUJbxKQUoHHpPxQ1c2B2zPEOuGKIRq2ZL
EwMbguuF894aAKPjJi9+Ou1yzDrPkVYbwXjOQLRmv99SGbM/F1zITN3nkQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGTiPTe4daCwrxon3MHOj9AsXZr/MB8GA1UdIwQY
MBaAFAmPe6NLxlZ702FtV09yhd11Vtv9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1k5N28wdkdWbnZUWVcxWFQzS0YzWFZXMl8wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOC8zOGM1YWMtYjdlNy00MGRkLTk4ZDMt
ZTIxNjZhZDc0ZTNmLzEvQ1k5N28wdkdWbnZUWVcxWFQzS0YzWFZXMl8wLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOC8zOGM1YWMtYjdlNy00MGRkLTk4ZDMtZTIxNjZhZDc0ZTNm
LzEvQ1k5N28wdkdWbnZUWVcxWFQzS0YzWFZXMl8wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAByo1rASE
mvFl6rSomVHfQ4kTFZeogJcVNc1c96zqW5ouZ7hHf7XkrSfURa7DIiJY3n9Q6c67
m0hnZGzpidNjbT8Mg8k38c+WTDF3beCSJ946jO7cIuZO0dDZ3bPMrSasDHI6WKm8
Hop3CXdiGybcB8zj86xNkc6y+QpIwTjUouhH1MMMLCHykHTT2SqvSvUMeOnNkfXt
s9OqAAv5V5j7hVUM5n9tdzc9hnK2NTSwJBCwhi3h0nytQpAZdlIRxRYHdHqxpLOV
48UYwuPb33HIdjCDWjq5M0pnt/MUkkXvM3DYjMn8dBBWpbn+3yfVxWybCDlHpnum
28HMGyX2z2NLVw==
-----END CERTIFICATE-----
Generated at Sat Nov 15 04:08:02 2025 by rpki-client