Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/107467-56a1-48c5-add1-43a8526d82bb/1/bQih9MOF86e2KYTVPoFmWplUEPM.mft
File:                     bQih9MOF86e2KYTVPoFmWplUEPM.mft (raw, json)
Hash identifier:          Sg7Xb4vRXDZuUPglyR7pCDaNG+0jcpzlYaeEQ8QNqOQ=
Subject key identifier:   1D:BB:F9:80:EA:5D:0F:45:85:2B:08:D3:52:C1:46:24:2B:52:89:15
Authority key identifier: 6D:08:A1:F4:C3:85:F3:A7:B6:29:84:D5:3E:81:66:5A:99:54:10:F3
Certificate issuer:       /CN=6d08a1f4c385f3a7b62984d53e81665a995410f3
Certificate serial:       0199FB7C9D14B3BF31C14E50409F41DB9897
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/bQih9MOF86e2KYTVPoFmWplUEPM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/21/107467-56a1-48c5-add1-43a8526d82bb/1/bQih9MOF86e2KYTVPoFmWplUEPM.mft
Manifest number:          0AE1
Signing time:             Sun 19 Oct 2025 08:01:11 +0000
Manifest this update:     Sun 19 Oct 2025 08:01:11 +0000
Manifest next update:     Mon 20 Oct 2025 08:01:11 +0000
Files and hashes:         1: J7EMvjCrDCSEaNvEXQjzbwryII4.roa (hash: Ak6AJOV8w0m5lQCAa41zEyYCpJIBSURSyT+w9pihP/8=)
                          2: bQih9MOF86e2KYTVPoFmWplUEPM.crl (hash: JgjBYD+fPZ7IaMbNIEPUBZJsuml+RJnImyG2UIrpSTU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/21/107467-56a1-48c5-add1-43a8526d82bb/1/bQih9MOF86e2KYTVPoFmWplUEPM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/21/107467-56a1-48c5-add1-43a8526d82bb/1/bQih9MOF86e2KYTVPoFmWplUEPM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/bQih9MOF86e2KYTVPoFmWplUEPM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 06:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fb:7c:9d:14:b3:bf:31:c1:4e:50:40:9f:41:db:98:97
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6d08a1f4c385f3a7b62984d53e81665a995410f3
        Validity
            Not Before: Oct 19 08:01:11 2025 GMT
            Not After : Oct 20 08:01:11 2025 GMT
        Subject: CN=1dbbf980ea5d0f45852b08d352c146242b528915
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:ca:3f:d4:76:0c:15:3f:db:c5:20:b0:15:1b:
                    24:d6:7e:7e:97:79:97:90:90:9a:01:68:80:91:11:
                    65:7c:0c:aa:c7:c4:97:e3:fb:35:53:39:cb:1f:24:
                    5b:81:fb:d4:2e:c5:14:6d:50:10:b8:4e:a6:49:3a:
                    8d:c1:14:f3:06:b4:71:34:b7:44:3b:47:9d:1d:dc:
                    3e:7d:6b:e8:86:af:18:d5:9a:be:ac:9d:d4:43:68:
                    a1:f7:59:39:6a:e8:bf:27:2f:5d:71:57:1a:d7:c6:
                    04:19:12:3e:92:ee:25:02:ad:aa:63:f0:30:69:ce:
                    02:2a:77:77:bf:94:0f:dc:6e:25:3c:9a:e4:37:80:
                    62:ef:54:ed:34:55:7c:30:bf:30:ea:7d:d0:cd:7a:
                    28:ed:ba:07:38:64:91:c5:cd:44:79:47:90:bd:7e:
                    6c:05:e2:fb:65:f6:47:68:c5:2b:62:5c:6a:82:e2:
                    09:f8:eb:b0:cd:6a:f8:18:c4:a3:b9:b5:db:c7:a5:
                    0f:f7:5f:c0:19:16:85:4b:00:c4:5f:3d:ba:d6:c8:
                    6f:e3:4a:fa:a5:83:7e:2a:f3:8f:e9:75:ee:11:1e:
                    97:5b:2b:ca:d8:1b:85:d4:e9:ba:a3:9f:b4:6c:6d:
                    8d:e5:5c:bc:79:23:1b:9f:ac:c1:b7:21:b4:80:0d:
                    5b:ab
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1D:BB:F9:80:EA:5D:0F:45:85:2B:08:D3:52:C1:46:24:2B:52:89:15
            X509v3 Authority Key Identifier:
                keyid:6D:08:A1:F4:C3:85:F3:A7:B6:29:84:D5:3E:81:66:5A:99:54:10:F3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bQih9MOF86e2KYTVPoFmWplUEPM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/107467-56a1-48c5-add1-43a8526d82bb/1/bQih9MOF86e2KYTVPoFmWplUEPM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/21/107467-56a1-48c5-add1-43a8526d82bb/1/bQih9MOF86e2KYTVPoFmWplUEPM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2d:9d:c9:a4:db:58:05:9d:31:ec:f1:9c:f4:53:b7:bb:6b:01:
         d7:87:8e:a3:89:cc:0a:fe:74:88:a9:5d:5a:92:d9:b7:46:75:
         6b:18:f3:66:b5:4d:88:cb:d8:fc:73:ad:44:8d:24:72:a1:b2:
         39:1f:1d:f7:d9:d2:d0:8b:2a:88:c3:59:c1:4f:a3:91:73:85:
         76:d4:f3:b3:96:01:c1:ac:5a:1d:03:7a:ad:7a:97:f9:5d:cd:
         be:c1:1d:b1:a7:fd:c9:75:7e:0c:48:96:4f:2d:d8:22:23:ec:
         e1:ed:88:d9:7a:ac:18:4d:6d:4e:73:45:34:89:fa:f2:6b:74:
         d0:1c:1f:32:c9:72:2e:84:32:23:49:79:5f:88:85:3d:2e:83:
         a3:a1:14:ac:f9:3b:01:6c:09:5b:6e:0f:42:5b:88:a0:07:b3:
         7c:08:97:cb:f4:5a:46:6d:5b:24:fb:2f:c5:90:95:f7:da:1a:
         b7:52:4f:5a:96:e8:4a:99:af:25:b0:37:fb:8e:af:06:c5:0a:
         18:df:91:d3:49:76:10:76:91:18:c7:fd:c6:7d:69:77:5e:40:
         c1:f7:0d:60:22:32:6d:52:11:98:fa:fc:b0:f3:cd:fa:1d:80:
         69:0b:2e:a5:89:3f:75:11:06:c2:17:4f:d6:f6:de:fa:dd:a2:
         1a:0c:f5:1a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn7fJ0Us78xwU5QQJ9B25iXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkMDhhMWY0YzM4NWYzYTdiNjI5ODRkNTNlODE2NjVhOTk1
NDEwZjMwHhcNMjUxMDE5MDgwMTExWhcNMjUxMDIwMDgwMTExWjAzMTEwLwYDVQQD
EygxZGJiZjk4MGVhNWQwZjQ1ODUyYjA4ZDM1MmMxNDYyNDJiNTI4OTE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArMo/1HYMFT/bxSCwFRsk1n5+l3mX
kJCaAWiAkRFlfAyqx8SX4/s1UznLHyRbgfvULsUUbVAQuE6mSTqNwRTzBrRxNLdE
O0edHdw+fWvohq8Y1Zq+rJ3UQ2ih91k5aui/Jy9dcVca18YEGRI+ku4lAq2qY/Aw
ac4CKnd3v5QP3G4lPJrkN4Bi71TtNFV8ML8w6n3QzXoo7boHOGSRxc1EeUeQvX5s
BeL7ZfZHaMUrYlxqguIJ+OuwzWr4GMSjubXbx6UP91/AGRaFSwDEXz261shv40r6
pYN+KvOP6XXuER6XWyvK2BuF1Om6o5+0bG2N5Vy8eSMbn6zBtyG0gA1bqwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFB27+YDqXQ9FhSsI01LBRiQrUokVMB8GA1UdIwQY
MBaAFG0IofTDhfOntimE1T6BZlqZVBDzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYlFpaDlNT0Y4NmUyS1lUVlBvRm1XcGxVRVBNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS8xMDc0NjctNTZhMS00OGM1LWFkZDEt
NDNhODUyNmQ4MmJiLzEvYlFpaDlNT0Y4NmUyS1lUVlBvRm1XcGxVRVBNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS8xMDc0NjctNTZhMS00OGM1LWFkZDEtNDNhODUyNmQ4MmJi
LzEvYlFpaDlNT0Y4NmUyS1lUVlBvRm1XcGxVRVBNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALZ3JpNtY
BZ0x7PGc9FO3u2sB14eOo4nMCv50iKldWpLZt0Z1axjzZrVNiMvY/HOtRI0kcqGy
OR8d99nS0IsqiMNZwU+jkXOFdtTzs5YBwaxaHQN6rXqX+V3NvsEdsaf9yXV+DEiW
Ty3YIiPs4e2I2XqsGE1tTnNFNIn68mt00BwfMslyLoQyI0l5X4iFPS6Do6EUrPk7
AWwJW24PQluIoAezfAiXy/RaRm1bJPsvxZCV99oat1JPWpboSpmvJbA3+46vBsUK
GN+R00l2EHaRGMf9xn1pd15AwfcNYCIybVIRmPr8sPPN+h2AaQsupYk/dREGwhdP
1vbe+t2iGgz1Gg==
-----END CERTIFICATE-----
Generated at Sun Oct 19 13:06:35 2025 by rpki-client