Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e4/221048-3bad-469c-b933-e0802f474444/1/H9CHXNAFHQwJJaygQQNOeECmdws.mft
File:                     H9CHXNAFHQwJJaygQQNOeECmdws.mft (raw, json)
Hash identifier:          tuF0QOa9L87cIHJ8IALIQNMxRsSprc6sN/PDQohL7K8=
Subject key identifier:   45:3B:90:1F:44:60:FD:05:E0:47:1E:C1:DB:6E:92:7C:E6:2F:A1:0D
Authority key identifier: 1F:D0:87:5C:D0:05:1D:0C:09:25:AC:A0:41:03:4E:78:40:A6:77:0B
Certificate issuer:       /CN=1fd0875cd0051d0c0925aca041034e7840a6770b
Certificate serial:       019A50AB8018D41A395DE60D3248C15EECF9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/H9CHXNAFHQwJJaygQQNOeECmdws.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e4/221048-3bad-469c-b933-e0802f474444/1/H9CHXNAFHQwJJaygQQNOeECmdws.mft
Manifest number:          06DB
Signing time:             Tue 04 Nov 2025 21:00:07 +0000
Manifest this update:     Tue 04 Nov 2025 21:00:07 +0000
Manifest next update:     Wed 05 Nov 2025 21:00:07 +0000
Files and hashes:         1: H9CHXNAFHQwJJaygQQNOeECmdws.crl (hash: q7kSwFBANph50xnxdvZ4OTE4DzrRmCk4zgkAx/6wdk4=)
                          2: NfUK1WerAdsfJiTM68i5Lnvkb2w.roa (hash: ZGezIXFkpMHBb+7ell8DWUCsKtD9DU2fEiI/6174M+w=)
                          3: x35TZBfjRzydIntP1wj4bzkffVI.roa (hash: m3lAcV9738Nh7P2x7upDgBTiTVZP/HAse993nyHmPOw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e4/221048-3bad-469c-b933-e0802f474444/1/H9CHXNAFHQwJJaygQQNOeECmdws.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e4/221048-3bad-469c-b933-e0802f474444/1/H9CHXNAFHQwJJaygQQNOeECmdws.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/H9CHXNAFHQwJJaygQQNOeECmdws.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 21:00:07 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:50:ab:80:18:d4:1a:39:5d:e6:0d:32:48:c1:5e:ec:f9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1fd0875cd0051d0c0925aca041034e7840a6770b
        Validity
            Not Before: Nov  4 21:00:07 2025 GMT
            Not After : Nov  5 21:00:07 2025 GMT
        Subject: CN=453b901f4460fd05e0471ec1db6e927ce62fa10d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:00:f1:50:00:27:a1:09:8e:ff:0c:1e:c6:76:
                    06:6f:f7:fd:35:a7:52:01:62:34:f4:cb:87:49:29:
                    6e:4a:3c:f9:43:98:98:20:7d:c5:48:90:ea:1b:e4:
                    72:88:38:27:d9:1f:c3:f5:c7:06:e2:42:22:ba:46:
                    4b:2f:79:c4:38:a2:29:07:45:95:da:83:f2:d3:61:
                    7b:ab:85:d1:0f:96:3d:a2:bd:b3:87:11:99:cd:18:
                    60:53:04:ae:3a:54:4f:e8:d5:6e:27:6a:f7:af:f2:
                    81:3a:79:ae:f6:ef:ff:3f:fd:11:ac:9c:17:1f:14:
                    36:d9:66:8c:99:b4:79:10:54:f5:44:1b:c5:c6:0c:
                    8f:d1:c6:e6:84:d0:aa:27:cd:f2:77:c5:bf:1b:f6:
                    4e:cc:46:2d:dd:9f:c4:0a:b0:f1:c7:f7:c0:2f:65:
                    d7:d2:d3:e3:13:53:a0:e2:a8:4d:53:c0:cb:c7:4a:
                    1a:a7:d1:2e:84:61:39:d3:ed:f8:db:38:e4:6e:1a:
                    bb:77:99:5d:e3:2e:20:df:43:c7:de:d9:1e:2a:ac:
                    28:4c:22:61:eb:80:3a:dc:92:11:d5:d6:f7:f6:a9:
                    c0:ae:a7:87:14:96:06:e9:77:e6:db:18:6a:40:97:
                    6b:e4:f3:38:f1:3a:67:48:99:98:80:d7:d1:c2:09:
                    08:19
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                45:3B:90:1F:44:60:FD:05:E0:47:1E:C1:DB:6E:92:7C:E6:2F:A1:0D
            X509v3 Authority Key Identifier:
                keyid:1F:D0:87:5C:D0:05:1D:0C:09:25:AC:A0:41:03:4E:78:40:A6:77:0B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/H9CHXNAFHQwJJaygQQNOeECmdws.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/221048-3bad-469c-b933-e0802f474444/1/H9CHXNAFHQwJJaygQQNOeECmdws.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/221048-3bad-469c-b933-e0802f474444/1/H9CHXNAFHQwJJaygQQNOeECmdws.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         48:27:11:1b:33:4a:33:c6:2b:99:a8:37:75:b5:c7:44:17:d0:
         a9:b2:b7:e2:af:e4:44:6e:68:d8:28:25:72:d1:bf:99:c3:8f:
         a2:a1:c8:71:77:dc:5f:0d:0b:b3:1b:5d:81:78:70:4a:21:6e:
         9e:ed:14:50:7e:2b:5e:3d:fc:26:66:88:d1:18:3e:e6:8b:d7:
         cb:d8:c5:f3:98:2a:24:6f:33:a6:c3:28:37:8a:e9:1e:b7:1d:
         e8:92:68:23:40:61:fb:0c:4c:01:07:29:c6:42:bc:62:45:7d:
         46:75:d7:80:55:94:7a:c3:1e:4d:5a:64:45:4b:3c:cd:c3:f6:
         8b:db:db:fb:ad:8d:68:7d:ec:48:60:fb:40:0a:ca:ea:23:df:
         d2:a5:c1:40:04:3c:53:3a:66:48:3a:91:d5:29:88:43:f3:21:
         d9:47:18:89:dc:c1:01:4b:af:83:33:80:7f:fb:b0:22:80:d4:
         9b:9b:54:42:25:52:cd:a7:76:98:f4:3a:34:a4:3d:31:41:65:
         83:35:a3:4f:e7:f6:22:d6:b4:23:9d:39:84:b7:af:33:63:bf:
         98:18:9a:b9:d8:4c:33:3a:75:61:0c:89:ee:49:3f:d5:5f:ff:
         7e:cd:5e:c3:ee:2e:d6:3f:81:30:08:c7:28:a9:5a:98:df:88:
         fa:4b:54:be
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpQq4AY1Bo5XeYNMkjBXuz5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmZDA4NzVjZDAwNTFkMGMwOTI1YWNhMDQxMDM0ZTc4NDBh
Njc3MGIwHhcNMjUxMTA0MjEwMDA3WhcNMjUxMTA1MjEwMDA3WjAzMTEwLwYDVQQD
Eyg0NTNiOTAxZjQ0NjBmZDA1ZTA0NzFlYzFkYjZlOTI3Y2U2MmZhMTBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqwDxUAAnoQmO/wwexnYGb/f9NadS
AWI09MuHSSluSjz5Q5iYIH3FSJDqG+RyiDgn2R/D9ccG4kIiukZLL3nEOKIpB0WV
2oPy02F7q4XRD5Y9or2zhxGZzRhgUwSuOlRP6NVuJ2r3r/KBOnmu9u//P/0RrJwX
HxQ22WaMmbR5EFT1RBvFxgyP0cbmhNCqJ83yd8W/G/ZOzEYt3Z/ECrDxx/fAL2XX
0tPjE1Og4qhNU8DLx0oap9EuhGE50+342zjkbhq7d5ld4y4g30PH3tkeKqwoTCJh
64A63JIR1db39qnArqeHFJYG6Xfm2xhqQJdr5PM48TpnSJmYgNfRwgkIGQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEU7kB9EYP0F4EcewdtuknzmL6ENMB8GA1UdIwQY
MBaAFB/Qh1zQBR0MCSWsoEEDTnhApncLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSDlDSFhOQUZIUXdKSmF5Z1FRTk9lRUNtZHdzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNC8yMjEwNDgtM2JhZC00NjljLWI5MzMt
ZTA4MDJmNDc0NDQ0LzEvSDlDSFhOQUZIUXdKSmF5Z1FRTk9lRUNtZHdzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNC8yMjEwNDgtM2JhZC00NjljLWI5MzMtZTA4MDJmNDc0NDQ0
LzEvSDlDSFhOQUZIUXdKSmF5Z1FRTk9lRUNtZHdzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEASCcRGzNK
M8Yrmag3dbXHRBfQqbK34q/kRG5o2CglctG/mcOPoqHIcXfcXw0LsxtdgXhwSiFu
nu0UUH4rXj38JmaI0Rg+5ovXy9jF85gqJG8zpsMoN4rpHrcd6JJoI0Bh+wxMAQcp
xkK8YkV9RnXXgFWUesMeTVpkRUs8zcP2i9vb+62NaH3sSGD7QArK6iPf0qXBQAQ8
UzpmSDqR1SmIQ/Mh2UcYidzBAUuvgzOAf/uwIoDUm5tUQiVSzad2mPQ6NKQ9MUFl
gzWjT+f2Ita0I505hLevM2O/mBiaudhMMzp1YQyJ7kk/1V//fs1ew+4u1j+BMAjH
KKlamN+I+ktUvg==
-----END CERTIFICATE-----
Generated at Wed Nov 5 05:08:56 2025 by rpki-client