Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/3dbb3d-f328-4b27-95d9-bd3bfc99bda9/1/520NqzR6OOK4e1oiovfJ4hwYybw.mft
File:                     520NqzR6OOK4e1oiovfJ4hwYybw.mft (raw, json)
Hash identifier:          qChUlnpmGO9q1gVpolbD27t2rsdOD5A3l1CH6YFmqP0=
Subject key identifier:   76:BE:21:7E:80:75:BB:82:F0:57:DC:F5:A4:13:72:FE:96:C9:B4:7F
Authority key identifier: E7:6D:0D:AB:34:7A:38:E2:B8:7B:5A:22:A2:F7:C9:E2:1C:18:C9:BC
Certificate issuer:       /CN=e76d0dab347a38e2b87b5a22a2f7c9e21c18c9bc
Certificate serial:       0199FFC8253AFC8236BC6F1F217A9AA5D69C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/520NqzR6OOK4e1oiovfJ4hwYybw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0f/3dbb3d-f328-4b27-95d9-bd3bfc99bda9/1/520NqzR6OOK4e1oiovfJ4hwYybw.mft
Manifest number:          11D1
Signing time:             Mon 20 Oct 2025 04:02:10 +0000
Manifest this update:     Mon 20 Oct 2025 04:02:10 +0000
Manifest next update:     Tue 21 Oct 2025 04:02:10 +0000
Files and hashes:         1: 1-i_ESwYWDKjvxe-cLQFb33q5Qu0.roa (hash: MWN71QN/v297mIABIQi0BIqexEx6vQv3LxWHulQ1lh0=)
                          2: 3uMGCa1hGu4z3o3-_G7z4ipL-iU.roa (hash: W9UTR4UDUFmqfh0USMFmsobpW7zQlT5fd2b07I+b238=)
                          3: 520NqzR6OOK4e1oiovfJ4hwYybw.crl (hash: GwcQ1ZmKnt2HMpqv9iLq/8v4GCiIE7dWObXgTScsDxU=)
                          4: 53Cd6ksm6jJ9RlO5imUtuWj1rJA.roa (hash: cQll3lCbJxJtoxzsBZdQMm8ZJ1gmBBCp3yO2flYfKKU=)
                          5: 5aybWk2Ky5dF88Dl5BHsEFM1SO0.roa (hash: H+JwBN0SZWGViTYdzpWvA1lltG+ihuV8ot5mKPyc2Ag=)
                          6: D51k8Yufzem8ogKjVaG-BE3-N9Q.roa (hash: LfZnqpQQPapIc1GbVrcmd90U2aDXCgwED1y7JLo14nI=)
                          7: EEzCfGegHPEpdqTqvMRMlcFre1Y.roa (hash: uwoju1vAFdOs3H0Q+w/qT7aEQBJpMP98DiaXonyIQ9M=)
                          8: EQAhdlSS1FIFJlau-mazb3tbQD8.roa (hash: EYIWh35VYrIjFevk0wSjam09x/CTgAsspbJddnJMeDU=)
                          9: PLzlfTmqAL1rzlLN1TFrpHpYMVU.roa (hash: INujx6I3LZF9XIVr4zE9W5J6NHU6IlkfUKgf+j8aJrU=)
                          10: QCPaGZ8bi2Da50RQ4k8ya1w0dq4.roa (hash: UeTuehE3XWxqnHJAwNv7xL7hPz4xW2vyEJKj+BsbTow=)
                          11: aAu5S5IbLCTcHF2sjNSq_YvIkRs.roa (hash: Ofs8Vq4O2KmWTmDnq5aKJmZojKw/IVecQ8WTuC45ixk=)
                          12: fjY_g_wwgFPVt57q0tJYGzzoSDw.roa (hash: qq4Ldl54/taiWut/8vwq9PH71gezdeLMf1VMPmsHUe8=)
                          13: nOw141dLNmkj2u2FTqG2Wvc-gVM.roa (hash: CQnQRUA/+q6ZVbEZKZtps04sWUzpVEunbxRhthCLZIQ=)
                          14: pw1_qD5J6o76enPdGNTr_4Viub8.roa (hash: L6pLEncIISYEMGBKzu7DbyUXVYEOgT4kfh4modTEATA=)
                          15: qigZWtFurHaD054OcaOqq49am_w.roa (hash: Sa19eTl0ldE9k7oxfeYcou5g3EZnF3X8bF0Hbur3zdE=)
                          16: tRNXUlx68rKP9UOE-hhExB1kws8.roa (hash: +Hd3tIKng2pbogIxn1dcX/j1LNU33NvuDwSbS4tdpEA=)
                          17: ve2cUb4I36o88cUncaHeOHK5tGk.roa (hash: 6gTupRG97QR/JQvN8ay2tdbOI4Q3EMkpnACGQxjxniI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0f/3dbb3d-f328-4b27-95d9-bd3bfc99bda9/1/520NqzR6OOK4e1oiovfJ4hwYybw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0f/3dbb3d-f328-4b27-95d9-bd3bfc99bda9/1/520NqzR6OOK4e1oiovfJ4hwYybw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/520NqzR6OOK4e1oiovfJ4hwYybw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 21 Oct 2025 00:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:ff:c8:25:3a:fc:82:36:bc:6f:1f:21:7a:9a:a5:d6:9c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e76d0dab347a38e2b87b5a22a2f7c9e21c18c9bc
        Validity
            Not Before: Oct 20 04:02:10 2025 GMT
            Not After : Oct 21 04:02:10 2025 GMT
        Subject: CN=76be217e8075bb82f057dcf5a41372fe96c9b47f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e3:c3:72:8b:37:7a:48:35:5c:7b:17:7f:c8:94:
                    fd:18:ae:20:63:86:0f:d4:42:59:f3:70:ea:4c:b1:
                    f1:9f:2e:09:d1:92:5f:ab:61:d5:48:52:6a:5b:33:
                    a0:a8:10:b7:55:25:8e:8b:ae:68:eb:e8:45:b9:aa:
                    d3:7f:bc:67:47:50:3e:f5:98:3a:63:08:4a:7f:c7:
                    f6:53:29:38:85:c5:fe:8a:ae:fc:89:0c:a3:56:87:
                    ea:5e:65:15:de:89:7b:eb:99:dc:6a:cd:e0:85:f0:
                    48:f1:47:13:94:24:66:d9:33:e2:2f:34:9f:c7:14:
                    79:c6:a6:97:0f:57:fb:68:1a:b8:af:39:40:c2:67:
                    20:5b:1c:5e:23:cb:55:26:2f:de:bf:af:cc:0f:47:
                    e5:0d:b1:ba:e4:b3:9d:7b:f5:76:60:f0:eb:d4:e7:
                    b8:01:af:22:ff:82:a3:3d:1b:7c:a3:d3:96:c0:d5:
                    bb:23:75:e1:9c:90:13:70:55:39:7c:92:ea:77:6b:
                    4d:83:1a:e6:7e:7a:8b:dd:76:b4:6f:40:90:9d:72:
                    2d:1a:26:1d:95:e1:e0:d1:77:0b:df:68:a6:69:c2:
                    34:fd:96:22:37:54:83:0b:72:19:2b:f0:85:43:8a:
                    e1:e2:48:f8:2d:bf:c1:50:2e:fc:b4:3c:0d:4d:7e:
                    7a:3b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                76:BE:21:7E:80:75:BB:82:F0:57:DC:F5:A4:13:72:FE:96:C9:B4:7F
            X509v3 Authority Key Identifier:
                keyid:E7:6D:0D:AB:34:7A:38:E2:B8:7B:5A:22:A2:F7:C9:E2:1C:18:C9:BC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/520NqzR6OOK4e1oiovfJ4hwYybw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/3dbb3d-f328-4b27-95d9-bd3bfc99bda9/1/520NqzR6OOK4e1oiovfJ4hwYybw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/3dbb3d-f328-4b27-95d9-bd3bfc99bda9/1/520NqzR6OOK4e1oiovfJ4hwYybw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         25:4c:f3:09:f8:a4:e7:bd:9e:c7:18:aa:bc:3f:4c:98:c1:66:
         41:e7:15:b3:ae:53:7e:aa:15:a7:b7:8e:66:06:3c:2e:5c:99:
         b0:79:1f:f0:2e:b7:9a:c0:6f:b4:ac:b5:7a:0e:4f:15:d9:1b:
         62:6b:d4:67:13:9f:c0:6d:3f:8b:a1:44:48:f0:23:e3:97:1d:
         cc:89:d5:2e:bd:24:31:56:1b:a1:ef:29:14:68:54:f7:58:1c:
         cd:42:e5:3f:30:a1:53:66:f1:58:70:c8:c7:bf:07:cf:03:a3:
         97:24:6b:a4:e6:ad:cf:f8:d3:1f:e9:33:3b:57:06:95:a4:e5:
         4f:a2:2c:47:f6:34:ef:53:6b:73:e0:57:c5:c4:29:12:23:71:
         5e:72:08:c5:ed:bb:b4:56:1a:19:25:f8:5d:e5:a0:f7:e5:ae:
         9e:77:31:3a:1e:62:ae:ad:c5:1f:5e:b2:8c:c5:a5:6e:79:b4:
         c2:6c:f5:9e:67:23:4a:bb:ea:0d:ca:22:c9:96:10:33:7e:e7:
         64:2a:cd:55:9d:25:0c:f7:12:f5:ee:f1:15:16:61:32:34:3e:
         2e:d0:6d:54:4e:58:6f:0c:20:a0:1a:82:83:fa:51:a0:1e:27:
         32:43:24:5d:2f:79:cd:6c:b9:42:7f:e2:76:10:f4:7a:55:71:
         4b:26:ba:19
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn/yCU6/II2vG8fIXqapdacMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3NmQwZGFiMzQ3YTM4ZTJiODdiNWEyMmEyZjdjOWUyMWMx
OGM5YmMwHhcNMjUxMDIwMDQwMjEwWhcNMjUxMDIxMDQwMjEwWjAzMTEwLwYDVQQD
Eyg3NmJlMjE3ZTgwNzViYjgyZjA1N2RjZjVhNDEzNzJmZTk2YzliNDdmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA48Nyizd6SDVcexd/yJT9GK4gY4YP
1EJZ83DqTLHxny4J0ZJfq2HVSFJqWzOgqBC3VSWOi65o6+hFuarTf7xnR1A+9Zg6
YwhKf8f2Uyk4hcX+iq78iQyjVofqXmUV3ol765ncas3ghfBI8UcTlCRm2TPiLzSf
xxR5xqaXD1f7aBq4rzlAwmcgWxxeI8tVJi/ev6/MD0flDbG65LOde/V2YPDr1Oe4
Aa8i/4KjPRt8o9OWwNW7I3XhnJATcFU5fJLqd2tNgxrmfnqL3Xa0b0CQnXItGiYd
leHg0XcL32imacI0/ZYiN1SDC3IZK/CFQ4rh4kj4Lb/BUC78tDwNTX56OwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHa+IX6AdbuC8Ffc9aQTcv6WybR/MB8GA1UdIwQY
MBaAFOdtDas0ejjiuHtaIqL3yeIcGMm8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNTIwTnF6UjZPT0s0ZTFvaW92Zko0aHdZeWJ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZi8zZGJiM2QtZjMyOC00YjI3LTk1ZDkt
YmQzYmZjOTliZGE5LzEvNTIwTnF6UjZPT0s0ZTFvaW92Zko0aHdZeWJ3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZi8zZGJiM2QtZjMyOC00YjI3LTk1ZDktYmQzYmZjOTliZGE5
LzEvNTIwTnF6UjZPT0s0ZTFvaW92Zko0aHdZeWJ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJUzzCfik
572exxiqvD9MmMFmQecVs65TfqoVp7eOZgY8LlyZsHkf8C63msBvtKy1eg5PFdkb
YmvUZxOfwG0/i6FESPAj45cdzInVLr0kMVYboe8pFGhU91gczULlPzChU2bxWHDI
x78HzwOjlyRrpOatz/jTH+kzO1cGlaTlT6IsR/Y071Nrc+BXxcQpEiNxXnIIxe27
tFYaGSX4XeWg9+WunncxOh5irq3FH16yjMWlbnm0wmz1nmcjSrvqDcoiyZYQM37n
ZCrNVZ0lDPcS9e7xFRZhMjQ+LtBtVE5YbwwgoBqCg/pRoB4nMkMkXS95zWy5Qn/i
dhD0elVxSya6GQ==
-----END CERTIFICATE-----
Generated at Mon Oct 20 08:44:15 2025 by rpki-client