Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/be370e-6729-4df7-aabe-0a525b69db8f/1/kMABN-5t-utOpII7wXPDvAADHfk.mft
File:                     kMABN-5t-utOpII7wXPDvAADHfk.mft (raw, json)
Hash identifier:          ZgYSxbATKwyUGPyRH0fedvqZJnSJ9OOeU740vQQ0+JI=
Subject key identifier:   15:BC:96:D9:8B:30:29:6C:F9:C3:A8:13:22:F5:36:18:90:F4:12:A6
Authority key identifier: 90:C0:01:37:EE:6D:FA:EB:4E:A4:82:3B:C1:73:C3:BC:00:03:1D:F9
Certificate issuer:       /CN=90c00137ee6dfaeb4ea4823bc173c3bc00031df9
Certificate serial:       019A52D131F2F7C55F5EED96C9542991AE6C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/kMABN-5t-utOpII7wXPDvAADHfk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/36/be370e-6729-4df7-aabe-0a525b69db8f/1/kMABN-5t-utOpII7wXPDvAADHfk.mft
Manifest number:          06F4
Signing time:             Wed 05 Nov 2025 07:00:32 +0000
Manifest this update:     Wed 05 Nov 2025 07:00:32 +0000
Manifest next update:     Thu 06 Nov 2025 07:00:32 +0000
Files and hashes:         1: FCW2bGoLdcM6i-Jx_GrHtMzXAlk.roa (hash: WJgWrgAT99wsdStIPz/Fl698liisGeyhumyE7tw/O7c=)
                          2: kMABN-5t-utOpII7wXPDvAADHfk.crl (hash: dqZLDJYnOIT+hKutwyWb62H/KuR2WNpTETI0vZJAgTY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/36/be370e-6729-4df7-aabe-0a525b69db8f/1/kMABN-5t-utOpII7wXPDvAADHfk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/36/be370e-6729-4df7-aabe-0a525b69db8f/1/kMABN-5t-utOpII7wXPDvAADHfk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/kMABN-5t-utOpII7wXPDvAADHfk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 06 Nov 2025 03:00:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:52:d1:31:f2:f7:c5:5f:5e:ed:96:c9:54:29:91:ae:6c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=90c00137ee6dfaeb4ea4823bc173c3bc00031df9
        Validity
            Not Before: Nov  5 07:00:32 2025 GMT
            Not After : Nov  6 07:00:32 2025 GMT
        Subject: CN=15bc96d98b30296cf9c3a81322f5361890f412a6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:5b:24:87:75:fb:7a:5a:a4:1b:02:4e:13:75:
                    de:9e:44:9c:58:b4:6d:fd:a3:4b:27:57:e3:e2:4b:
                    35:e6:0f:92:d5:ea:19:8c:56:82:09:30:e9:13:5f:
                    e2:83:ae:2e:b3:82:bc:88:6c:a1:ee:46:73:29:02:
                    bd:7a:c2:04:4e:2d:f3:9d:4d:51:a5:85:6d:a2:7b:
                    8c:93:a8:9f:32:9c:ad:e1:a0:b4:4e:0b:54:c9:16:
                    08:14:1e:2b:eb:04:0b:ba:1b:99:ce:74:99:01:ba:
                    2b:bc:21:ca:84:b3:b3:57:27:83:11:f1:9c:ee:bd:
                    f2:fc:64:ad:f2:ec:4d:4b:ca:05:9a:14:43:15:4b:
                    54:75:56:43:d0:3a:4a:a5:ec:3c:39:86:2f:3c:6b:
                    b8:72:47:cc:b4:7a:32:b5:5c:5a:1d:d1:d7:51:9b:
                    aa:75:69:e1:df:3e:77:95:10:5b:bb:c1:65:1a:45:
                    50:17:4b:c0:f5:61:ad:72:e7:d7:a1:69:5e:fe:4d:
                    5d:18:5b:2f:94:08:0a:ed:aa:29:f3:68:45:96:6c:
                    84:39:d5:74:50:8f:88:7d:3d:4b:dc:7b:d1:27:b8:
                    cb:ed:10:87:e1:93:63:e0:d9:5e:af:70:98:af:ea:
                    e0:a6:06:af:31:9a:45:00:3b:d9:b6:c3:62:d6:85:
                    5d:23
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                15:BC:96:D9:8B:30:29:6C:F9:C3:A8:13:22:F5:36:18:90:F4:12:A6
            X509v3 Authority Key Identifier:
                keyid:90:C0:01:37:EE:6D:FA:EB:4E:A4:82:3B:C1:73:C3:BC:00:03:1D:F9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kMABN-5t-utOpII7wXPDvAADHfk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/be370e-6729-4df7-aabe-0a525b69db8f/1/kMABN-5t-utOpII7wXPDvAADHfk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/36/be370e-6729-4df7-aabe-0a525b69db8f/1/kMABN-5t-utOpII7wXPDvAADHfk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         61:f7:9f:68:a7:49:af:88:7b:9e:46:e8:98:cd:f1:52:d0:57:
         11:df:0d:4c:94:55:a1:21:fb:d1:4c:78:8c:51:6c:dc:53:48:
         81:0f:11:18:88:ee:f1:f8:b3:dd:b7:8a:b4:18:53:c5:b2:cd:
         7c:43:4d:f7:08:19:9d:a4:9d:ba:71:94:c1:e1:63:4e:e9:16:
         9e:c1:c3:9b:f4:ac:33:b8:18:ef:81:9d:8f:3f:21:79:57:61:
         e0:c3:ae:7c:c8:6e:bb:9d:9e:b7:0e:ab:f9:57:36:12:c2:c1:
         0c:65:f8:6b:f6:aa:ce:06:61:e6:26:67:37:d6:71:01:aa:09:
         88:60:12:0f:c1:5e:5c:01:5d:17:e4:69:57:56:30:d7:3c:ba:
         f1:e7:c0:a6:f2:0f:86:ac:fd:ca:30:f5:a4:f2:52:8e:f8:6b:
         1f:e9:2d:8e:a9:36:c4:99:55:86:86:31:09:0f:8d:8b:d4:26:
         a9:bd:21:97:88:57:7d:90:5c:3d:bf:99:05:1a:ef:77:d0:23:
         24:40:5c:24:bc:7e:c2:de:c6:92:d7:78:13:fc:37:9c:00:50:
         b2:da:89:d4:40:0a:a7:37:26:bf:0b:cd:44:86:c2:ad:60:42:
         f8:a5:eb:7f:21:87:82:81:7f:44:b9:96:c2:74:29:a8:50:40:
         25:c1:5a:d1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpS0THy98VfXu2WyVQpka5sMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkwYzAwMTM3ZWU2ZGZhZWI0ZWE0ODIzYmMxNzNjM2JjMDAw
MzFkZjkwHhcNMjUxMTA1MDcwMDMyWhcNMjUxMTA2MDcwMDMyWjAzMTEwLwYDVQQD
EygxNWJjOTZkOThiMzAyOTZjZjljM2E4MTMyMmY1MzYxODkwZjQxMmE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw1skh3X7elqkGwJOE3XenkScWLRt
/aNLJ1fj4ks15g+S1eoZjFaCCTDpE1/ig64us4K8iGyh7kZzKQK9esIETi3znU1R
pYVtonuMk6ifMpyt4aC0TgtUyRYIFB4r6wQLuhuZznSZAborvCHKhLOzVyeDEfGc
7r3y/GSt8uxNS8oFmhRDFUtUdVZD0DpKpew8OYYvPGu4ckfMtHoytVxaHdHXUZuq
dWnh3z53lRBbu8FlGkVQF0vA9WGtcufXoWle/k1dGFsvlAgK7aop82hFlmyEOdV0
UI+IfT1L3HvRJ7jL7RCH4ZNj4Nler3CYr+rgpgavMZpFADvZtsNi1oVdIwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBW8ltmLMCls+cOoEyL1NhiQ9BKmMB8GA1UdIwQY
MBaAFJDAATfubfrrTqSCO8Fzw7wAAx35MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva01BQk4tNXQtdXRPcElJN3dYUER2QUFESGZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9iZTM3MGUtNjcyOS00ZGY3LWFhYmUt
MGE1MjViNjlkYjhmLzEva01BQk4tNXQtdXRPcElJN3dYUER2QUFESGZrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9iZTM3MGUtNjcyOS00ZGY3LWFhYmUtMGE1MjViNjlkYjhm
LzEva01BQk4tNXQtdXRPcElJN3dYUER2QUFESGZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYfefaKdJ
r4h7nkbomM3xUtBXEd8NTJRVoSH70Ux4jFFs3FNIgQ8RGIju8fiz3beKtBhTxbLN
fENN9wgZnaSdunGUweFjTukWnsHDm/SsM7gY74Gdjz8heVdh4MOufMhuu52etw6r
+Vc2EsLBDGX4a/aqzgZh5iZnN9ZxAaoJiGASD8FeXAFdF+RpV1Yw1zy68efApvIP
hqz9yjD1pPJSjvhrH+ktjqk2xJlVhoYxCQ+Ni9Qmqb0hl4hXfZBcPb+ZBRrvd9Aj
JEBcJLx+wt7Gktd4E/w3nABQstqJ1EAKpzcmvwvNRIbCrWBC+KXrfyGHgoF/RLmW
wnQpqFBAJcFa0Q==
-----END CERTIFICATE-----
Generated at Wed Nov 5 09:09:14 2025 by rpki-client