Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0a/f812c7-a85d-4040-8b99-75a8b0974e20/1/qvNQYhzAHooe03KB3zKwlxy95Vc.mft
File:                     qvNQYhzAHooe03KB3zKwlxy95Vc.mft (raw, json)
Hash identifier:          yd53yTN/XoPfRgyHTH1j8Fr/SwRD66HsrpqtqWHuSwM=
Subject key identifier:   DA:AB:28:23:36:E6:A8:CB:31:2A:DD:16:08:1A:DA:CD:13:CB:C6:3F
Authority key identifier: AA:F3:50:62:1C:C0:1E:8A:1E:D3:72:81:DF:32:B0:97:1C:BD:E5:57
Certificate issuer:       /CN=aaf350621cc01e8a1ed37281df32b0971cbde557
Certificate serial:       0199FE474CFF1B21184C0E42350DB06C4A13
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/qvNQYhzAHooe03KB3zKwlxy95Vc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0a/f812c7-a85d-4040-8b99-75a8b0974e20/1/qvNQYhzAHooe03KB3zKwlxy95Vc.mft
Manifest number:          16E0
Signing time:             Sun 19 Oct 2025 21:01:49 +0000
Manifest this update:     Sun 19 Oct 2025 21:01:49 +0000
Manifest next update:     Mon 20 Oct 2025 21:01:49 +0000
Files and hashes:         1: qvNQYhzAHooe03KB3zKwlxy95Vc.crl (hash: veqTN3y+f4oTYYbJtIyDBk5TlSb71SdXsY1MbV5UlZY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0a/f812c7-a85d-4040-8b99-75a8b0974e20/1/qvNQYhzAHooe03KB3zKwlxy95Vc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0a/f812c7-a85d-4040-8b99-75a8b0974e20/1/qvNQYhzAHooe03KB3zKwlxy95Vc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/qvNQYhzAHooe03KB3zKwlxy95Vc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 15:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fe:47:4c:ff:1b:21:18:4c:0e:42:35:0d:b0:6c:4a:13
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=aaf350621cc01e8a1ed37281df32b0971cbde557
        Validity
            Not Before: Oct 19 21:01:49 2025 GMT
            Not After : Oct 20 21:01:49 2025 GMT
        Subject: CN=daab282336e6a8cb312add16081adacd13cbc63f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:58:9c:de:23:be:32:ba:60:67:11:2d:1a:71:
                    3f:ff:dc:7e:e4:9f:b4:c7:25:d7:35:92:51:a1:0a:
                    78:84:d3:62:34:45:83:d3:db:29:1f:89:fa:29:53:
                    2a:28:ea:55:51:2f:f3:15:19:02:44:4e:d2:aa:12:
                    0e:89:c2:cc:14:d0:47:17:4e:ff:8a:14:d2:33:ea:
                    fe:e5:38:79:df:56:dd:12:47:21:96:fd:8d:34:02:
                    fe:e1:20:bd:0d:05:7c:63:ec:10:ee:99:52:e8:5c:
                    94:ee:77:2a:35:eb:3e:d2:67:c2:b6:a5:a0:97:6a:
                    43:dc:25:76:f7:c4:f1:a7:e4:5b:fa:34:e4:1f:ff:
                    78:15:17:be:fc:7f:a4:ea:00:6d:68:f9:42:bc:d1:
                    b8:88:00:0b:04:4a:0b:8f:16:2a:e0:8d:3d:47:9c:
                    da:6f:e0:e7:da:4d:21:ed:c2:6b:02:3c:1f:43:f4:
                    a4:4d:69:3f:57:8e:a7:14:a1:ab:1f:38:ae:2b:60:
                    82:1d:b9:82:c7:df:ec:be:c4:71:57:d3:c3:94:c8:
                    8d:ea:4d:f9:88:f6:59:ab:b2:a0:3a:f7:10:6e:54:
                    ae:e1:64:30:ee:02:3a:b8:4a:e8:67:93:9b:7d:e3:
                    55:a1:32:60:01:35:0f:8f:27:76:15:9b:ca:7d:ba:
                    56:35
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DA:AB:28:23:36:E6:A8:CB:31:2A:DD:16:08:1A:DA:CD:13:CB:C6:3F
            X509v3 Authority Key Identifier:
                keyid:AA:F3:50:62:1C:C0:1E:8A:1E:D3:72:81:DF:32:B0:97:1C:BD:E5:57

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qvNQYhzAHooe03KB3zKwlxy95Vc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/f812c7-a85d-4040-8b99-75a8b0974e20/1/qvNQYhzAHooe03KB3zKwlxy95Vc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/f812c7-a85d-4040-8b99-75a8b0974e20/1/qvNQYhzAHooe03KB3zKwlxy95Vc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3c:5b:b6:8d:5f:90:5d:3d:5d:63:4d:89:7f:02:15:4d:2c:8e:
         be:95:30:9c:d6:9f:01:b7:39:dd:ad:ad:ad:d7:1c:5a:44:ac:
         57:19:9f:d7:dc:91:17:78:8f:a0:89:53:1f:aa:e0:cb:7d:1f:
         ca:12:9e:8f:2d:56:c2:dc:89:8e:f2:d3:9d:12:78:ad:b3:5f:
         03:92:a1:ea:a8:12:e1:d8:88:b8:f5:85:41:78:e7:d9:95:c2:
         e6:3a:01:94:da:1d:fd:a9:83:3a:e6:0a:08:6e:8e:b6:c6:3a:
         2c:43:17:29:2d:8f:56:68:e0:79:c6:ef:a9:bf:0d:9e:b5:22:
         5f:a5:9e:1c:ff:b4:57:64:3d:e7:9d:1f:2e:98:bf:fa:5d:a0:
         c9:9e:ff:1d:54:09:f2:70:ad:6c:dc:1a:c9:2c:d2:d5:e1:5c:
         81:bf:37:a0:99:1c:52:0e:de:53:66:b2:26:87:fa:bd:cd:03:
         02:a5:dd:c1:fa:a8:0a:74:69:e8:63:ac:1e:9a:1a:d4:9c:b6:
         a3:a0:94:41:51:a4:27:17:45:05:d4:b0:8c:9f:ae:09:65:28:
         12:ec:b2:e1:b5:b7:a8:51:0b:20:3b:39:1b:37:cd:5e:39:1b:
         ad:94:d6:87:e2:f4:ac:c5:d6:e3:62:56:1d:09:80:d2:79:c1:
         39:1d:62:c8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn+R0z/GyEYTA5CNQ2wbEoTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhZjM1MDYyMWNjMDFlOGExZWQzNzI4MWRmMzJiMDk3MWNi
ZGU1NTcwHhcNMjUxMDE5MjEwMTQ5WhcNMjUxMDIwMjEwMTQ5WjAzMTEwLwYDVQQD
EyhkYWFiMjgyMzM2ZTZhOGNiMzEyYWRkMTYwODFhZGFjZDEzY2JjNjNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu1ic3iO+MrpgZxEtGnE//9x+5J+0
xyXXNZJRoQp4hNNiNEWD09spH4n6KVMqKOpVUS/zFRkCRE7SqhIOicLMFNBHF07/
ihTSM+r+5Th531bdEkchlv2NNAL+4SC9DQV8Y+wQ7plS6FyU7ncqNes+0mfCtqWg
l2pD3CV298Txp+Rb+jTkH/94FRe+/H+k6gBtaPlCvNG4iAALBEoLjxYq4I09R5za
b+Dn2k0h7cJrAjwfQ/SkTWk/V46nFKGrHziuK2CCHbmCx9/svsRxV9PDlMiN6k35
iPZZq7KgOvcQblSu4WQw7gI6uEroZ5ObfeNVoTJgATUPjyd2FZvKfbpWNQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNqrKCM25qjLMSrdFgga2s0Ty8Y/MB8GA1UdIwQY
MBaAFKrzUGIcwB6KHtNygd8ysJccveVXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcXZOUVloekFIb29lMDNLQjN6S3dseHk5NVZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYS9mODEyYzctYTg1ZC00MDQwLThiOTkt
NzVhOGIwOTc0ZTIwLzEvcXZOUVloekFIb29lMDNLQjN6S3dseHk5NVZjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYS9mODEyYzctYTg1ZC00MDQwLThiOTktNzVhOGIwOTc0ZTIw
LzEvcXZOUVloekFIb29lMDNLQjN6S3dseHk5NVZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAPFu2jV+Q
XT1dY02JfwIVTSyOvpUwnNafAbc53a2trdccWkSsVxmf19yRF3iPoIlTH6rgy30f
yhKejy1WwtyJjvLTnRJ4rbNfA5Kh6qgS4diIuPWFQXjn2ZXC5joBlNod/amDOuYK
CG6OtsY6LEMXKS2PVmjgecbvqb8NnrUiX6WeHP+0V2Q9550fLpi/+l2gyZ7/HVQJ
8nCtbNwaySzS1eFcgb83oJkcUg7eU2ayJof6vc0DAqXdwfqoCnRp6GOsHpoa1Jy2
o6CUQVGkJxdFBdSwjJ+uCWUoEuyy4bW3qFELIDs5GzfNXjkbrZTWh+L0rMXW42JW
HQmA0nnBOR1iyA==
-----END CERTIFICATE-----
Generated at Sun Oct 19 23:45:13 2025 by rpki-client