Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/31/5e78f6-253a-4115-ae5d-5dc80faed2dc/1/nnQTW7B8ZUDNMHvaCMoGdLyEyTk.mft
File:                     nnQTW7B8ZUDNMHvaCMoGdLyEyTk.mft (raw, json)
Hash identifier:          Q9INnZm6NJqgiM+UZsTDev9BR1Qi15ZT714xFdBSzds=
Subject key identifier:   1E:63:F5:9C:9D:89:AD:76:D9:36:82:68:A3:1C:45:E1:9F:99:06:89
Authority key identifier: 9E:74:13:5B:B0:7C:65:40:CD:30:7B:DA:08:CA:06:74:BC:84:C9:39
Certificate issuer:       /CN=9e74135bb07c6540cd307bda08ca0674bc84c939
Certificate serial:       019A025A053B91F84F520F1F93BE263D31BE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/nnQTW7B8ZUDNMHvaCMoGdLyEyTk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/31/5e78f6-253a-4115-ae5d-5dc80faed2dc/1/nnQTW7B8ZUDNMHvaCMoGdLyEyTk.mft
Manifest number:          16E8
Signing time:             Mon 20 Oct 2025 16:00:45 +0000
Manifest this update:     Mon 20 Oct 2025 16:00:45 +0000
Manifest next update:     Tue 21 Oct 2025 16:00:45 +0000
Files and hashes:         1: 1-T1wzl3TUKiA8m5iaH9QZh9hjp0.roa (hash: JRA15qBJeMepq09VmhJeTzptT8oyDdYWsjobeMnNOAk=)
                          2: nnQTW7B8ZUDNMHvaCMoGdLyEyTk.crl (hash: 9hl4jzgKKm0EQypRRVwse/YGaZ9X+4cOGiHWvCVkXeI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/31/5e78f6-253a-4115-ae5d-5dc80faed2dc/1/nnQTW7B8ZUDNMHvaCMoGdLyEyTk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/31/5e78f6-253a-4115-ae5d-5dc80faed2dc/1/nnQTW7B8ZUDNMHvaCMoGdLyEyTk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/nnQTW7B8ZUDNMHvaCMoGdLyEyTk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 21 Oct 2025 13:42:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:02:5a:05:3b:91:f8:4f:52:0f:1f:93:be:26:3d:31:be
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9e74135bb07c6540cd307bda08ca0674bc84c939
        Validity
            Not Before: Oct 20 16:00:45 2025 GMT
            Not After : Oct 21 16:00:45 2025 GMT
        Subject: CN=1e63f59c9d89ad76d9368268a31c45e19f990689
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9b:64:00:73:b3:c9:1f:92:d9:48:ba:f0:4e:7b:
                    0d:f2:8d:7c:b4:0b:6b:b7:92:9b:c7:44:9d:64:2d:
                    27:1e:1a:7d:da:e2:20:d0:12:ef:85:65:a0:dc:40:
                    88:3f:ac:3a:00:07:e6:3c:6b:06:18:74:20:31:18:
                    60:50:01:17:02:d2:ca:0c:50:8c:2a:83:f8:16:49:
                    ea:3a:4b:35:c0:b2:cd:da:ba:f7:c3:20:53:11:f8:
                    88:90:e6:7e:93:43:9b:bd:bc:82:48:7d:22:2f:08:
                    41:f7:30:7b:4a:0a:63:b7:5f:a8:d6:29:46:ca:5c:
                    48:2c:79:0b:98:1d:57:39:5d:15:81:37:25:02:fd:
                    af:6c:75:c9:b1:61:ca:df:86:4a:04:9b:d1:db:bc:
                    a0:e5:19:df:8b:4f:b1:2d:34:3c:a3:44:da:d4:51:
                    18:99:fd:49:6b:d3:30:83:4a:09:51:80:6d:54:87:
                    4f:a5:fa:dd:f1:83:b6:a3:04:41:c1:9c:83:76:cb:
                    00:b3:52:f9:d3:8c:02:84:ad:1f:f0:c7:88:c9:24:
                    f9:87:fd:aa:6b:f2:7b:cf:d8:71:a7:d8:53:83:2e:
                    25:ec:44:e4:c4:25:f4:f7:3c:db:31:e4:fc:92:f9:
                    cc:43:d7:c1:c1:59:0e:f0:c8:f5:12:b6:c2:46:1c:
                    a9:f7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1E:63:F5:9C:9D:89:AD:76:D9:36:82:68:A3:1C:45:E1:9F:99:06:89
            X509v3 Authority Key Identifier:
                keyid:9E:74:13:5B:B0:7C:65:40:CD:30:7B:DA:08:CA:06:74:BC:84:C9:39

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nnQTW7B8ZUDNMHvaCMoGdLyEyTk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/31/5e78f6-253a-4115-ae5d-5dc80faed2dc/1/nnQTW7B8ZUDNMHvaCMoGdLyEyTk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/31/5e78f6-253a-4115-ae5d-5dc80faed2dc/1/nnQTW7B8ZUDNMHvaCMoGdLyEyTk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         ac:57:a1:24:1c:c3:43:46:08:b0:0d:39:0b:91:ba:ab:78:da:
         48:bc:08:bf:d9:e6:48:16:4a:0e:a3:24:c4:05:fa:2f:ee:c2:
         ee:4a:f0:2e:53:ea:0c:1f:49:4b:ae:33:9e:a1:54:5a:1d:30:
         08:fd:6a:6e:2b:b6:f7:ee:09:04:ad:76:65:ff:6b:16:1c:ee:
         df:f1:32:40:08:41:ae:45:df:4c:7d:79:4a:a6:d2:c0:2d:6e:
         e6:67:3d:3c:58:5e:f7:30:f5:13:c3:39:91:03:60:f7:15:b4:
         83:d1:51:23:c6:54:42:1d:cd:17:02:74:9a:4f:68:74:81:c9:
         e9:2f:b7:e6:91:78:d5:7c:4d:06:fc:d7:8d:23:04:77:13:dc:
         5c:b5:1d:6e:aa:97:06:b5:cc:51:b8:42:0a:03:c4:d6:90:20:
         c0:a3:99:7f:47:d9:96:7a:58:a8:2f:eb:f7:f0:81:f8:ae:35:
         b8:5f:49:91:51:50:81:88:8b:62:e7:42:5f:75:8a:68:51:0d:
         82:f5:3d:e3:76:13:15:c1:45:ce:ea:fb:b9:15:87:77:82:75:
         fc:59:82:a2:4d:54:da:ab:05:f2:af:1e:a2:7e:de:8b:63:b2:
         40:15:50:25:59:01:cf:69:5c:68:7e:2e:22:bb:97:d3:3c:50:
         b0:59:db:a9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZoCWgU7kfhPUg8fk74mPTG+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllNzQxMzViYjA3YzY1NDBjZDMwN2JkYTA4Y2EwNjc0YmM4
NGM5MzkwHhcNMjUxMDIwMTYwMDQ1WhcNMjUxMDIxMTYwMDQ1WjAzMTEwLwYDVQQD
EygxZTYzZjU5YzlkODlhZDc2ZDkzNjgyNjhhMzFjNDVlMTlmOTkwNjg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm2QAc7PJH5LZSLrwTnsN8o18tAtr
t5Kbx0SdZC0nHhp92uIg0BLvhWWg3ECIP6w6AAfmPGsGGHQgMRhgUAEXAtLKDFCM
KoP4FknqOks1wLLN2rr3wyBTEfiIkOZ+k0ObvbyCSH0iLwhB9zB7Sgpjt1+o1ilG
ylxILHkLmB1XOV0VgTclAv2vbHXJsWHK34ZKBJvR27yg5Rnfi0+xLTQ8o0Ta1FEY
mf1Ja9Mwg0oJUYBtVIdPpfrd8YO2owRBwZyDdssAs1L504wChK0f8MeIyST5h/2q
a/J7z9hxp9hTgy4l7ETkxCX09zzbMeT8kvnMQ9fBwVkO8Mj1ErbCRhyp9wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFB5j9Zydia122TaCaKMcReGfmQaJMB8GA1UdIwQY
MBaAFJ50E1uwfGVAzTB72gjKBnS8hMk5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbm5RVFc3QjhaVUROTUh2YUNNb0dkTHlFeVRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMS81ZTc4ZjYtMjUzYS00MTE1LWFlNWQt
NWRjODBmYWVkMmRjLzEvbm5RVFc3QjhaVUROTUh2YUNNb0dkTHlFeVRrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMS81ZTc4ZjYtMjUzYS00MTE1LWFlNWQtNWRjODBmYWVkMmRj
LzEvbm5RVFc3QjhaVUROTUh2YUNNb0dkTHlFeVRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEArFehJBzD
Q0YIsA05C5G6q3jaSLwIv9nmSBZKDqMkxAX6L+7C7krwLlPqDB9JS64znqFUWh0w
CP1qbiu29+4JBK12Zf9rFhzu3/EyQAhBrkXfTH15SqbSwC1u5mc9PFhe9zD1E8M5
kQNg9xW0g9FRI8ZUQh3NFwJ0mk9odIHJ6S+35pF41XxNBvzXjSMEdxPcXLUdbqqX
BrXMUbhCCgPE1pAgwKOZf0fZlnpYqC/r9/CB+K41uF9JkVFQgYiLYudCX3WKaFEN
gvU943YTFcFFzur7uRWHd4J1/FmCok1U2qsF8q8eon7ei2OyQBVQJVkBz2lcaH4u
IruX0zxQsFnbqQ==
-----END CERTIFICATE-----
Generated at Mon Oct 20 22:40:39 2025 by rpki-client