Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/d8e184-e79b-47fe-96dc-5ba4235ce619/1/qnD7s9sihDfWBXmaxPRZjSLhPhs.mft
File:                     qnD7s9sihDfWBXmaxPRZjSLhPhs.mft (raw, json)
Hash identifier:          hRZyN0yKt4UbIsF3cPOVfrd8kNTMreXaVPnlvaMJYD8=
Subject key identifier:   09:09:DF:4E:FC:26:DA:0F:94:2C:98:B5:95:A3:25:51:ED:9D:3D:B9
Authority key identifier: AA:70:FB:B3:DB:22:84:37:D6:05:79:9A:C4:F4:59:8D:22:E1:3E:1B
Certificate issuer:       /CN=aa70fbb3db228437d605799ac4f4598d22e13e1b
Certificate serial:       0198D660C98B2A61BE82606CB7E08CDECE07
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/qnD7s9sihDfWBXmaxPRZjSLhPhs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/27/d8e184-e79b-47fe-96dc-5ba4235ce619/1/qnD7s9sihDfWBXmaxPRZjSLhPhs.mft
Manifest number:          164B
Signing time:             Sat 23 Aug 2025 10:02:03 +0000
Manifest this update:     Sat 23 Aug 2025 10:02:03 +0000
Manifest next update:     Sun 24 Aug 2025 10:02:03 +0000
Files and hashes:         1: JDPCHXAUbfBXZ-JAE6cFE-tGXMI.roa (hash: bOxTgT+7J9XF4HocPumdm4M3ak6meIWnJq5cg5Hpmfs=)
                          2: qnD7s9sihDfWBXmaxPRZjSLhPhs.crl (hash: SrAnst6hylT7tzs0r72u4VGsAstLuJS3XZ28Amc+lUM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/27/d8e184-e79b-47fe-96dc-5ba4235ce619/1/qnD7s9sihDfWBXmaxPRZjSLhPhs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/27/d8e184-e79b-47fe-96dc-5ba4235ce619/1/qnD7s9sihDfWBXmaxPRZjSLhPhs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/qnD7s9sihDfWBXmaxPRZjSLhPhs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 05:01:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d6:60:c9:8b:2a:61:be:82:60:6c:b7:e0:8c:de:ce:07
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=aa70fbb3db228437d605799ac4f4598d22e13e1b
        Validity
            Not Before: Aug 23 10:02:03 2025 GMT
            Not After : Aug 24 10:02:03 2025 GMT
        Subject: CN=0909df4efc26da0f942c98b595a32551ed9d3db9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9e:d6:66:81:25:f6:4e:7d:34:9b:00:3a:2e:77:
                    bf:fa:d7:24:a8:29:47:34:81:6e:df:c6:c2:7d:ad:
                    a0:d4:02:3b:16:2b:a0:18:e1:87:3f:82:47:fe:8a:
                    8a:97:f8:91:5d:7e:26:a4:e0:f8:f6:97:66:3f:0e:
                    68:b7:a1:3d:f3:9a:29:a1:cd:b1:a4:28:3d:ed:25:
                    ac:de:ca:74:46:cd:f2:89:b3:0e:e7:f6:f3:59:c2:
                    5a:95:90:63:6f:92:ca:1f:bf:e9:ee:2b:dd:85:da:
                    e5:81:97:b7:a5:8a:e1:fb:10:5a:32:30:05:42:a8:
                    ad:a3:c6:47:93:4f:70:a4:10:94:4a:c1:82:93:e0:
                    6c:7b:52:88:33:06:13:d3:89:d8:a4:42:c8:37:ee:
                    c2:cc:5e:4e:c9:d0:b8:bb:ca:98:ed:67:c6:e3:8e:
                    5b:b5:f2:a0:c2:2d:ca:c8:66:06:da:68:de:53:8a:
                    c4:8a:33:3f:5a:11:f4:96:59:86:32:90:0c:13:6b:
                    df:80:c4:6c:79:23:e1:92:31:33:e8:c4:47:dc:23:
                    00:b3:fc:ba:04:14:ef:70:11:e6:d3:1a:76:e2:c0:
                    8b:53:dc:1e:49:3f:bb:ec:e4:ca:4e:ff:91:70:2a:
                    1d:f7:14:31:b6:0d:f3:4a:f0:8d:48:2a:7f:d2:b7:
                    58:3f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                09:09:DF:4E:FC:26:DA:0F:94:2C:98:B5:95:A3:25:51:ED:9D:3D:B9
            X509v3 Authority Key Identifier:
                keyid:AA:70:FB:B3:DB:22:84:37:D6:05:79:9A:C4:F4:59:8D:22:E1:3E:1B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qnD7s9sihDfWBXmaxPRZjSLhPhs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/d8e184-e79b-47fe-96dc-5ba4235ce619/1/qnD7s9sihDfWBXmaxPRZjSLhPhs.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/27/d8e184-e79b-47fe-96dc-5ba4235ce619/1/qnD7s9sihDfWBXmaxPRZjSLhPhs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         96:82:c7:90:0f:1d:06:dd:c3:a9:7b:ef:46:6e:4b:c0:1a:4c:
         8e:fb:a6:1e:a2:38:aa:1f:27:b6:0b:3a:61:96:3a:08:6c:49:
         32:6d:18:e7:4a:43:ef:a0:95:c1:69:a9:1c:32:ce:d0:6e:e2:
         2c:53:06:be:3e:73:3f:80:61:bc:3b:85:f2:5e:56:27:dd:5f:
         d3:c6:19:15:63:11:40:59:3a:0a:12:3b:c3:d7:1b:bf:49:69:
         1d:9e:b4:9e:bc:20:58:45:9f:ee:da:97:ee:a3:53:f0:ef:af:
         70:50:f7:b3:03:4f:10:d9:11:a7:ca:88:d3:fc:e0:46:9f:11:
         a4:25:7a:7a:28:f2:47:01:53:d9:2a:34:be:31:24:4d:2b:e0:
         c4:65:34:ee:87:a0:0b:40:c0:32:c8:9d:2b:7f:9b:fc:f3:5c:
         e4:9d:78:b1:10:0e:cd:5a:cc:25:10:fa:ae:54:fc:11:dc:0d:
         12:c3:d4:72:cf:8c:fd:c5:50:b4:0f:bb:81:59:0d:85:a4:42:
         0c:dd:c1:ba:9e:dc:9a:0e:8b:2a:19:f1:0c:1c:b1:d7:45:c4:
         d8:ec:e5:e0:ed:6a:68:43:16:21:39:77:49:eb:55:df:22:14:
         50:a1:71:1b:15:2a:90:16:a0:da:2e:4e:b4:d6:b5:91:52:91:
         a1:dc:f9:bd
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjWYMmLKmG+gmBst+CM3s4HMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhNzBmYmIzZGIyMjg0MzdkNjA1Nzk5YWM0ZjQ1OThkMjJl
MTNlMWIwHhcNMjUwODIzMTAwMjAzWhcNMjUwODI0MTAwMjAzWjAzMTEwLwYDVQQD
EygwOTA5ZGY0ZWZjMjZkYTBmOTQyYzk4YjU5NWEzMjU1MWVkOWQzZGI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAntZmgSX2Tn00mwA6Lne/+tckqClH
NIFu38bCfa2g1AI7FiugGOGHP4JH/oqKl/iRXX4mpOD49pdmPw5ot6E985opoc2x
pCg97SWs3sp0Rs3yibMO5/bzWcJalZBjb5LKH7/p7ivdhdrlgZe3pYrh+xBaMjAF
Qqito8ZHk09wpBCUSsGCk+Bse1KIMwYT04nYpELIN+7CzF5OydC4u8qY7WfG445b
tfKgwi3KyGYG2mjeU4rEijM/WhH0llmGMpAME2vfgMRseSPhkjEz6MRH3CMAs/y6
BBTvcBHm0xp24sCLU9weST+77OTKTv+RcCod9xQxtg3zSvCNSCp/0rdYPwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAkJ3078JtoPlCyYtZWjJVHtnT25MB8GA1UdIwQY
MBaAFKpw+7PbIoQ31gV5msT0WY0i4T4bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcW5EN3M5c2loRGZXQlhtYXhQUlpqU0xoUGhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNy9kOGUxODQtZTc5Yi00N2ZlLTk2ZGMt
NWJhNDIzNWNlNjE5LzEvcW5EN3M5c2loRGZXQlhtYXhQUlpqU0xoUGhzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNy9kOGUxODQtZTc5Yi00N2ZlLTk2ZGMtNWJhNDIzNWNlNjE5
LzEvcW5EN3M5c2loRGZXQlhtYXhQUlpqU0xoUGhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAloLHkA8d
Bt3DqXvvRm5LwBpMjvumHqI4qh8ntgs6YZY6CGxJMm0Y50pD76CVwWmpHDLO0G7i
LFMGvj5zP4BhvDuF8l5WJ91f08YZFWMRQFk6ChI7w9cbv0lpHZ60nrwgWEWf7tqX
7qNT8O+vcFD3swNPENkRp8qI0/zgRp8RpCV6eijyRwFT2So0vjEkTSvgxGU07oeg
C0DAMsidK3+b/PNc5J14sRAOzVrMJRD6rlT8EdwNEsPUcs+M/cVQtA+7gVkNhaRC
DN3Bup7cmg6LKhnxDByx10XE2Ozl4O1qaEMWITl3SetV3yIUUKFxGxUqkBag2i5O
tNa1kVKRodz5vQ==
-----END CERTIFICATE-----
Generated at Sat Aug 23 14:01:20 2025 by rpki-client