Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/3dbb3d-f328-4b27-95d9-bd3bfc99bda9/1/520NqzR6OOK4e1oiovfJ4hwYybw.mft
File:                     520NqzR6OOK4e1oiovfJ4hwYybw.mft (raw, json)
Hash identifier:          Gnv/VDMZ10oDy0KqrC4b/ZJB/VQasMSU4N9njFlhSEk=
Subject key identifier:   DA:9A:C1:C0:00:96:7D:37:02:D4:26:76:84:72:F8:64:13:A1:92:3F
Authority key identifier: E7:6D:0D:AB:34:7A:38:E2:B8:7B:5A:22:A2:F7:C9:E2:1C:18:C9:BC
Certificate issuer:       /CN=e76d0dab347a38e2b87b5a22a2f7c9e21c18c9bc
Certificate serial:       0199FDD961A6E5590FD7A9C67FB61BD09AD4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/520NqzR6OOK4e1oiovfJ4hwYybw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0f/3dbb3d-f328-4b27-95d9-bd3bfc99bda9/1/520NqzR6OOK4e1oiovfJ4hwYybw.mft
Manifest number:          11D0
Signing time:             Sun 19 Oct 2025 19:01:45 +0000
Manifest this update:     Sun 19 Oct 2025 19:01:45 +0000
Manifest next update:     Mon 20 Oct 2025 19:01:45 +0000
Files and hashes:         1: 1-i_ESwYWDKjvxe-cLQFb33q5Qu0.roa (hash: MWN71QN/v297mIABIQi0BIqexEx6vQv3LxWHulQ1lh0=)
                          2: 3uMGCa1hGu4z3o3-_G7z4ipL-iU.roa (hash: W9UTR4UDUFmqfh0USMFmsobpW7zQlT5fd2b07I+b238=)
                          3: 520NqzR6OOK4e1oiovfJ4hwYybw.crl (hash: Hw/lmeyP50tvMD2yCfjPN2/8TJpwK3K+MKE6DqHQi2c=)
                          4: 53Cd6ksm6jJ9RlO5imUtuWj1rJA.roa (hash: cQll3lCbJxJtoxzsBZdQMm8ZJ1gmBBCp3yO2flYfKKU=)
                          5: 5aybWk2Ky5dF88Dl5BHsEFM1SO0.roa (hash: H+JwBN0SZWGViTYdzpWvA1lltG+ihuV8ot5mKPyc2Ag=)
                          6: D51k8Yufzem8ogKjVaG-BE3-N9Q.roa (hash: LfZnqpQQPapIc1GbVrcmd90U2aDXCgwED1y7JLo14nI=)
                          7: EEzCfGegHPEpdqTqvMRMlcFre1Y.roa (hash: uwoju1vAFdOs3H0Q+w/qT7aEQBJpMP98DiaXonyIQ9M=)
                          8: EQAhdlSS1FIFJlau-mazb3tbQD8.roa (hash: EYIWh35VYrIjFevk0wSjam09x/CTgAsspbJddnJMeDU=)
                          9: PLzlfTmqAL1rzlLN1TFrpHpYMVU.roa (hash: INujx6I3LZF9XIVr4zE9W5J6NHU6IlkfUKgf+j8aJrU=)
                          10: QCPaGZ8bi2Da50RQ4k8ya1w0dq4.roa (hash: UeTuehE3XWxqnHJAwNv7xL7hPz4xW2vyEJKj+BsbTow=)
                          11: aAu5S5IbLCTcHF2sjNSq_YvIkRs.roa (hash: Ofs8Vq4O2KmWTmDnq5aKJmZojKw/IVecQ8WTuC45ixk=)
                          12: fjY_g_wwgFPVt57q0tJYGzzoSDw.roa (hash: qq4Ldl54/taiWut/8vwq9PH71gezdeLMf1VMPmsHUe8=)
                          13: nOw141dLNmkj2u2FTqG2Wvc-gVM.roa (hash: CQnQRUA/+q6ZVbEZKZtps04sWUzpVEunbxRhthCLZIQ=)
                          14: pw1_qD5J6o76enPdGNTr_4Viub8.roa (hash: L6pLEncIISYEMGBKzu7DbyUXVYEOgT4kfh4modTEATA=)
                          15: qigZWtFurHaD054OcaOqq49am_w.roa (hash: Sa19eTl0ldE9k7oxfeYcou5g3EZnF3X8bF0Hbur3zdE=)
                          16: tRNXUlx68rKP9UOE-hhExB1kws8.roa (hash: +Hd3tIKng2pbogIxn1dcX/j1LNU33NvuDwSbS4tdpEA=)
                          17: ve2cUb4I36o88cUncaHeOHK5tGk.roa (hash: 6gTupRG97QR/JQvN8ay2tdbOI4Q3EMkpnACGQxjxniI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0f/3dbb3d-f328-4b27-95d9-bd3bfc99bda9/1/520NqzR6OOK4e1oiovfJ4hwYybw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0f/3dbb3d-f328-4b27-95d9-bd3bfc99bda9/1/520NqzR6OOK4e1oiovfJ4hwYybw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/520NqzR6OOK4e1oiovfJ4hwYybw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 19:01:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fd:d9:61:a6:e5:59:0f:d7:a9:c6:7f:b6:1b:d0:9a:d4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e76d0dab347a38e2b87b5a22a2f7c9e21c18c9bc
        Validity
            Not Before: Oct 19 19:01:45 2025 GMT
            Not After : Oct 20 19:01:45 2025 GMT
        Subject: CN=da9ac1c000967d3702d426768472f86413a1923f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d1:92:78:69:63:a8:cd:4f:bf:e1:3e:5e:c1:1b:
                    d8:f6:82:54:0f:9e:6d:72:b5:b0:80:52:48:17:bb:
                    89:bc:69:b8:8c:83:e1:f7:5a:9f:88:15:1f:d1:73:
                    81:04:c9:9a:b9:90:5f:b4:66:27:bd:99:f7:c8:ca:
                    ea:a2:54:5a:db:27:ae:77:50:3a:c5:ee:ef:25:09:
                    2e:fc:d7:b0:fc:ba:78:ac:95:7f:70:ba:9b:a0:ff:
                    49:80:03:74:52:45:ea:7d:ab:73:39:0b:b2:f9:48:
                    9f:a1:25:56:c5:83:2f:48:f7:6c:57:1f:2d:a8:33:
                    6f:aa:08:13:c4:8a:bf:a3:b2:b5:ab:e6:1a:39:fc:
                    93:78:ea:aa:f2:dd:e4:b3:68:47:28:a0:07:89:a3:
                    86:83:83:66:52:fa:9b:bb:e6:72:1d:16:54:b8:b6:
                    a5:0e:b4:2b:37:0d:7c:42:01:2e:78:8f:25:7c:94:
                    21:d9:f1:15:19:db:ca:52:d9:ac:4a:35:00:f3:db:
                    64:50:86:9f:ed:b5:57:86:30:a2:3a:3b:85:a5:e3:
                    35:2f:f1:17:f4:9d:81:51:62:d8:ad:16:7a:df:26:
                    90:56:d7:39:de:41:cb:e7:38:78:1a:f6:bd:95:b2:
                    a4:4b:c2:73:63:e6:75:3b:9d:99:90:54:cf:3f:e0:
                    e2:39
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DA:9A:C1:C0:00:96:7D:37:02:D4:26:76:84:72:F8:64:13:A1:92:3F
            X509v3 Authority Key Identifier:
                keyid:E7:6D:0D:AB:34:7A:38:E2:B8:7B:5A:22:A2:F7:C9:E2:1C:18:C9:BC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/520NqzR6OOK4e1oiovfJ4hwYybw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/3dbb3d-f328-4b27-95d9-bd3bfc99bda9/1/520NqzR6OOK4e1oiovfJ4hwYybw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/3dbb3d-f328-4b27-95d9-bd3bfc99bda9/1/520NqzR6OOK4e1oiovfJ4hwYybw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1c:53:f2:34:53:c7:41:8b:10:67:b1:bd:bf:34:8c:dc:ff:d7:
         cc:43:fa:de:87:23:ae:24:4c:22:04:b0:a7:5d:7d:1f:6b:9a:
         07:07:77:ed:f1:48:21:00:a9:e8:96:3b:96:b1:70:9c:e4:61:
         f1:29:f6:30:fc:f2:4c:d1:c0:96:7d:20:c4:d2:95:3e:f3:d5:
         3e:8f:27:2b:45:eb:91:1e:63:d4:1d:90:16:86:64:f4:fe:fc:
         fb:d0:55:ba:75:a5:93:ce:d1:6e:b9:82:42:10:c4:33:f2:4d:
         c2:35:dd:50:34:68:92:c0:b5:02:1e:a4:c0:de:b5:db:e3:6d:
         31:5f:8c:1b:a6:27:de:37:e5:96:e1:01:2f:61:c8:c4:16:6b:
         aa:1d:7b:4b:f6:f3:e6:99:a7:33:13:fc:a8:21:f1:51:0b:9a:
         c7:9c:ea:f6:2d:b1:83:1f:f4:24:22:e5:e7:93:c0:d2:1f:5f:
         e3:1c:28:d8:37:31:df:6d:c3:95:91:db:13:c0:5b:60:0e:1a:
         06:08:9e:62:3d:61:92:c3:57:fa:62:c8:cb:0f:e1:ea:1f:c3:
         1a:3e:67:f6:41:c5:e8:f7:8e:2d:be:96:b4:3d:84:7c:83:59:
         82:46:a0:d6:87:a9:c1:78:44:04:49:59:6c:92:77:b1:54:58:
         62:9c:cc:95
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn92WGm5VkP16nGf7Yb0JrUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3NmQwZGFiMzQ3YTM4ZTJiODdiNWEyMmEyZjdjOWUyMWMx
OGM5YmMwHhcNMjUxMDE5MTkwMTQ1WhcNMjUxMDIwMTkwMTQ1WjAzMTEwLwYDVQQD
EyhkYTlhYzFjMDAwOTY3ZDM3MDJkNDI2NzY4NDcyZjg2NDEzYTE5MjNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0ZJ4aWOozU+/4T5ewRvY9oJUD55t
crWwgFJIF7uJvGm4jIPh91qfiBUf0XOBBMmauZBftGYnvZn3yMrqolRa2yeud1A6
xe7vJQku/New/Lp4rJV/cLqboP9JgAN0UkXqfatzOQuy+UifoSVWxYMvSPdsVx8t
qDNvqggTxIq/o7K1q+YaOfyTeOqq8t3ks2hHKKAHiaOGg4NmUvqbu+ZyHRZUuLal
DrQrNw18QgEueI8lfJQh2fEVGdvKUtmsSjUA89tkUIaf7bVXhjCiOjuFpeM1L/EX
9J2BUWLYrRZ63yaQVtc53kHL5zh4Gva9lbKkS8JzY+Z1O52ZkFTPP+DiOQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNqawcAAln03AtQmdoRy+GQToZI/MB8GA1UdIwQY
MBaAFOdtDas0ejjiuHtaIqL3yeIcGMm8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNTIwTnF6UjZPT0s0ZTFvaW92Zko0aHdZeWJ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZi8zZGJiM2QtZjMyOC00YjI3LTk1ZDkt
YmQzYmZjOTliZGE5LzEvNTIwTnF6UjZPT0s0ZTFvaW92Zko0aHdZeWJ3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZi8zZGJiM2QtZjMyOC00YjI3LTk1ZDktYmQzYmZjOTliZGE5
LzEvNTIwTnF6UjZPT0s0ZTFvaW92Zko0aHdZeWJ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHFPyNFPH
QYsQZ7G9vzSM3P/XzEP63ocjriRMIgSwp119H2uaBwd37fFIIQCp6JY7lrFwnORh
8Sn2MPzyTNHAln0gxNKVPvPVPo8nK0XrkR5j1B2QFoZk9P78+9BVunWlk87RbrmC
QhDEM/JNwjXdUDRoksC1Ah6kwN612+NtMV+MG6Yn3jflluEBL2HIxBZrqh17S/bz
5pmnMxP8qCHxUQuax5zq9i2xgx/0JCLl55PA0h9f4xwo2Dcx323DlZHbE8BbYA4a
BgieYj1hksNX+mLIyw/h6h/DGj5n9kHF6PeOLb6WtD2EfINZgkag1oepwXhEBElZ
bJJ3sVRYYpzMlQ==
-----END CERTIFICATE-----
Generated at Mon Oct 20 02:31:18 2025 by rpki-client