Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/bXQ-1j6GjvUPbYTAADqDSD_GKgM.mft
File:                     bXQ-1j6GjvUPbYTAADqDSD_GKgM.mft (raw, json)
Hash identifier:          cqbwoara/4acvo09lz6kvCfBqR6ZC0I/ODgkNP379DY=
Subject key identifier:   09:5F:B6:27:92:4D:B1:9F:9B:33:DD:91:6C:06:6A:90:BA:75:2D:24
Authority key identifier: 6D:74:3E:D6:3E:86:8E:F5:0F:6D:84:C0:00:3A:83:48:3F:C6:2A:03
Certificate issuer:       /CN=6d743ed63e868ef50f6d84c0003a83483fc62a03
Certificate serial:       0199FFFEABAB743D6034AB1284A6A579372A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/bXQ-1j6GjvUPbYTAADqDSD_GKgM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/bXQ-1j6GjvUPbYTAADqDSD_GKgM.mft
Manifest number:          1248
Signing time:             Mon 20 Oct 2025 05:01:44 +0000
Manifest this update:     Mon 20 Oct 2025 05:01:44 +0000
Manifest next update:     Tue 21 Oct 2025 05:01:44 +0000
Files and hashes:         1: 1EX4kZ9vddyT4h_B81EN_YFgV7M.roa (hash: XM8DAjgQJT+88mG4SiUCaToZg6wqMumNcSNAzJ/xTfU=)
                          2: 2h4PGwruYpyJt3BQWtPQcsgNRNk.roa (hash: QCNnPqGHtxqVOnwq21xOk8gMIvhO2BuPOm8i0r/ZWwk=)
                          3: 46hN06yXwIiaUyO4jQff6zZnhAU.roa (hash: aNYu8EAm8eWZcJVLr7QXmQ0E7qnSqrdLmLCvu9US7UI=)
                          4: HlCBaMj51Dn2Tz2S41tW2Fk8xPQ.roa (hash: /7yi7Ya0XkfIBAe9xgobKAaFgeYKZaTXRYdjcvjut5s=)
                          5: P1aEjNsd0SJfPVikfoYHI7ubFMI.roa (hash: DuGgYnJ4n5Dj5BJqboFm/1FmaNs0vaXsoWw3QLn5rAo=)
                          6: PdmkiIr6IQZ3ECxIk-0ePUpgPiI.roa (hash: AJLw7PX9vrmJ9MfsvtzIEbi8E6wrzfkj3Y9s547jzYg=)
                          7: QhcLfBQpvZVLuK1kQFtEojUEYy4.roa (hash: d6rYjnzoACatM0sRStTcbFttb/8qH18KD7SiX3xQlR0=)
                          8: _8MCzl0l1tQuihsF_I64BRSs2tc.roa (hash: hgK1WfvVvkljiSPw5yBzGlfOpy6Z+LRSv3D2IqqcYQ4=)
                          9: bXQ-1j6GjvUPbYTAADqDSD_GKgM.crl (hash: V2UJKhwgkKPNdhfBvPdija/zviWkf/MPYeRULhrGX6U=)
                          10: bsUIrzQIuHVcgyRag4qzWRgQ3QM.roa (hash: ccvI3EVZLHJLDdOmxYI5tR3qVbEw0UPa6xBpgJ4IUPE=)
                          11: dvBxJJqlGtZryzY3toj8ouVTkLU.roa (hash: eVjQO6sO3g8AfAqbAH1xc3TZsx59WAMu1L2LYGKpeik=)
                          12: k66OCRPIZR5zEdB2C8V_xNYPA2c.roa (hash: DQm3txtdpgZl+FxF0wFfrDwgi6tEP8sTE/yOMS6wtAU=)
                          13: kiwWFz0NoDfmogGyzMi0YU9jRAA.roa (hash: gnYS4uF1s0u5dRaD7UkJnFNCx2ghQj+jdKnUfu0aqw0=)
                          14: qV7gADGH5m02cohaDbKPUvE_iB4.roa (hash: g+5qryL5LQOY23wBpKhkkhBO1JR+H4We3huShu8yiss=)
                          15: uWWiJZN9G8HWUjyGGooehV4-7Xc.roa (hash: q5Hz0ZtxkWEyQZrVgIAnq1hk7/hz+CptQc1gUmdbpnY=)
                          16: zTpSEZJ7Zo6QLPyILMfhBZAVObw.roa (hash: ul2hDy0YChIkvGSgsedzwCF9Dt/iHwVDwCvFZg7da8o=)
                          17: zaK7g2klAtwCGQFnfe_zrOgOJdA.roa (hash: tBmARlQQAzmv3v9ImSbiUoVw1kndaC1qx7ql+RM5QpU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/bXQ-1j6GjvUPbYTAADqDSD_GKgM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/bXQ-1j6GjvUPbYTAADqDSD_GKgM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/bXQ-1j6GjvUPbYTAADqDSD_GKgM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 21 Oct 2025 05:01:44 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:ff:fe:ab:ab:74:3d:60:34:ab:12:84:a6:a5:79:37:2a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6d743ed63e868ef50f6d84c0003a83483fc62a03
        Validity
            Not Before: Oct 20 05:01:44 2025 GMT
            Not After : Oct 21 05:01:44 2025 GMT
        Subject: CN=095fb627924db19f9b33dd916c066a90ba752d24
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dd:49:f0:ad:66:0e:21:4e:91:ba:0a:de:ad:93:
                    ee:01:06:6a:32:e6:3f:83:9c:74:c0:fe:07:02:74:
                    5b:52:92:a5:71:cd:95:3c:b5:13:28:4e:27:d0:cf:
                    2b:8f:62:33:f0:08:51:45:25:02:9b:38:e1:80:7a:
                    e8:dc:da:5d:24:ea:1d:43:51:1c:65:92:9f:5d:26:
                    06:e6:4e:fd:9d:ee:6f:ef:88:c7:9a:ba:14:f6:3b:
                    a1:01:21:a4:b2:3f:4e:32:b0:3a:69:63:7c:65:64:
                    9d:53:c2:01:7e:8d:e6:5e:63:dc:b1:93:78:1c:71:
                    60:29:de:d4:d0:1c:d5:2f:2c:83:ad:c4:e8:25:5d:
                    c5:fd:e0:43:da:80:ce:ff:bc:22:23:93:bf:de:aa:
                    d8:5b:ac:e7:8a:f1:f2:f0:3c:d0:40:da:d6:48:a7:
                    ed:b6:a8:68:d2:29:b6:3e:f4:59:1e:e9:c5:cb:de:
                    d6:53:cc:5a:48:c1:a7:4f:98:99:27:26:33:f4:bf:
                    18:34:45:ae:53:4c:82:d0:25:bb:f0:e7:5e:b7:50:
                    a3:b8:0a:d8:17:bd:88:e8:6e:4c:c2:7e:80:24:42:
                    55:79:37:da:5d:cb:66:da:21:d2:6d:43:80:88:d2:
                    4a:62:53:7d:24:60:00:20:b3:9e:d5:6f:2b:d8:a1:
                    89:57
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                09:5F:B6:27:92:4D:B1:9F:9B:33:DD:91:6C:06:6A:90:BA:75:2D:24
            X509v3 Authority Key Identifier:
                keyid:6D:74:3E:D6:3E:86:8E:F5:0F:6D:84:C0:00:3A:83:48:3F:C6:2A:03

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bXQ-1j6GjvUPbYTAADqDSD_GKgM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/bXQ-1j6GjvUPbYTAADqDSD_GKgM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/bXQ-1j6GjvUPbYTAADqDSD_GKgM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         91:32:65:88:9f:80:86:1e:6e:6d:f0:00:c6:08:de:da:57:d5:
         40:33:99:93:89:08:59:18:9d:8c:32:d4:c4:50:84:a6:30:35:
         0d:c5:14:28:e5:61:c5:f0:79:1b:73:72:0a:c3:bb:3f:15:3e:
         00:d4:4d:82:63:be:b2:d1:c2:c4:c5:cb:00:c5:e2:17:b2:a6:
         af:f3:6c:55:87:01:92:a5:6d:92:0f:9b:e6:21:1c:1b:02:bf:
         3e:d3:bf:7c:23:d0:37:53:54:33:5f:87:f0:5f:d0:47:85:08:
         4e:26:aa:5b:02:fb:8c:77:26:e5:41:c4:68:58:c7:33:d9:89:
         d8:2d:de:89:a1:64:b6:ae:6d:50:a5:f6:e1:da:ed:23:33:3e:
         02:54:1d:7d:b3:fe:9e:95:7d:7d:9f:8f:78:ee:8d:72:7d:59:
         03:ac:b4:7c:fa:fb:11:92:e7:e7:ce:db:62:00:74:ac:80:59:
         46:df:08:ca:53:3f:25:00:af:43:ea:b0:82:1e:e7:ce:ba:92:
         e9:74:94:4f:17:68:11:95:bb:b4:19:d8:dd:c6:93:d1:ee:e6:
         1a:b4:06:3b:28:de:ed:ac:b7:4a:48:09:c8:12:0f:55:7e:96:
         07:8d:0e:b7:7b:25:8c:55:81:ad:25:93:d2:e2:8c:e3:3d:52:
         56:63:ed:0f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn//qurdD1gNKsShKaleTcqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkNzQzZWQ2M2U4NjhlZjUwZjZkODRjMDAwM2E4MzQ4M2Zj
NjJhMDMwHhcNMjUxMDIwMDUwMTQ0WhcNMjUxMDIxMDUwMTQ0WjAzMTEwLwYDVQQD
EygwOTVmYjYyNzkyNGRiMTlmOWIzM2RkOTE2YzA2NmE5MGJhNzUyZDI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3UnwrWYOIU6RugrerZPuAQZqMuY/
g5x0wP4HAnRbUpKlcc2VPLUTKE4n0M8rj2Iz8AhRRSUCmzjhgHro3NpdJOodQ1Ec
ZZKfXSYG5k79ne5v74jHmroU9juhASGksj9OMrA6aWN8ZWSdU8IBfo3mXmPcsZN4
HHFgKd7U0BzVLyyDrcToJV3F/eBD2oDO/7wiI5O/3qrYW6znivHy8DzQQNrWSKft
tqho0im2PvRZHunFy97WU8xaSMGnT5iZJyYz9L8YNEWuU0yC0CW78Odet1CjuArY
F72I6G5Mwn6AJEJVeTfaXctm2iHSbUOAiNJKYlN9JGAAILOe1W8r2KGJVwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAlftieSTbGfmzPdkWwGapC6dS0kMB8GA1UdIwQY
MBaAFG10PtY+ho71D22EwAA6g0g/xioDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYlhRLTFqNkdqdlVQYllUQUFEcURTRF9HS2dNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9lMDUzNTItZjE0OC00MGEwLTg3YTQt
ZTk3MjRhN2E2YmM4LzEvYlhRLTFqNkdqdlVQYllUQUFEcURTRF9HS2dNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9lMDUzNTItZjE0OC00MGEwLTg3YTQtZTk3MjRhN2E2YmM4
LzEvYlhRLTFqNkdqdlVQYllUQUFEcURTRF9HS2dNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAkTJliJ+A
hh5ubfAAxgje2lfVQDOZk4kIWRidjDLUxFCEpjA1DcUUKOVhxfB5G3NyCsO7PxU+
ANRNgmO+stHCxMXLAMXiF7Kmr/NsVYcBkqVtkg+b5iEcGwK/PtO/fCPQN1NUM1+H
8F/QR4UITiaqWwL7jHcm5UHEaFjHM9mJ2C3eiaFktq5tUKX24drtIzM+AlQdfbP+
npV9fZ+PeO6Ncn1ZA6y0fPr7EZLn587bYgB0rIBZRt8IylM/JQCvQ+qwgh7nzrqS
6XSUTxdoEZW7tBnY3caT0e7mGrQGOyje7ay3SkgJyBIPVX6WB40Ot3sljFWBrSWT
0uKM4z1SVmPtDw==
-----END CERTIFICATE-----
Generated at Mon Oct 20 12:11:38 2025 by rpki-client