Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3d/131274-7334-446b-a935-3487ae82b20d/1/hqnzrkX3AVCvF-uHiel4iQKe5dM.mft
File:                     hqnzrkX3AVCvF-uHiel4iQKe5dM.mft (raw, json)
Hash identifier:          q0F2PRKkbQtTGYi65g6hFisNjxh5fliWZL7fwmXw5W8=
Subject key identifier:   C7:E1:A7:B7:DB:7F:8D:3C:EC:41:88:D8:8B:D3:24:23:FE:FE:7E:90
Authority key identifier: 86:A9:F3:AE:45:F7:01:50:AF:17:EB:87:89:E9:78:89:02:9E:E5:D3
Certificate issuer:       /CN=86a9f3ae45f70150af17eb8789e97889029ee5d3
Certificate serial:       0198D6CD3C9D7DCF1E8AD29E218254C00D42
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hqnzrkX3AVCvF-uHiel4iQKe5dM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3d/131274-7334-446b-a935-3487ae82b20d/1/hqnzrkX3AVCvF-uHiel4iQKe5dM.mft
Manifest number:          1649
Signing time:             Sat 23 Aug 2025 12:00:31 +0000
Manifest this update:     Sat 23 Aug 2025 12:00:31 +0000
Manifest next update:     Sun 24 Aug 2025 12:00:31 +0000
Files and hashes:         1: 6b_z1nYhros0lFsJJ-v5kZEUQbE.roa (hash: lcqP5Znx2EuUXx9SjdDPzhxT49PtsEmnOX0/yWwCL10=)
                          2: hqnzrkX3AVCvF-uHiel4iQKe5dM.crl (hash: TSZLrhj2WrxmyzinKKnbe2V10/yuz8WebemZQAyk5SE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3d/131274-7334-446b-a935-3487ae82b20d/1/hqnzrkX3AVCvF-uHiel4iQKe5dM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3d/131274-7334-446b-a935-3487ae82b20d/1/hqnzrkX3AVCvF-uHiel4iQKe5dM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/hqnzrkX3AVCvF-uHiel4iQKe5dM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 05:01:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d6:cd:3c:9d:7d:cf:1e:8a:d2:9e:21:82:54:c0:0d:42
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=86a9f3ae45f70150af17eb8789e97889029ee5d3
        Validity
            Not Before: Aug 23 12:00:31 2025 GMT
            Not After : Aug 24 12:00:31 2025 GMT
        Subject: CN=c7e1a7b7db7f8d3cec4188d88bd32423fefe7e90
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a9:e0:45:e8:c2:bc:62:6e:aa:fa:35:91:cb:47:
                    28:12:3b:42:55:28:3f:d1:ae:43:5a:5b:d6:48:1d:
                    be:df:24:ab:a9:19:3d:03:83:81:56:f2:7b:d3:7f:
                    14:86:04:8f:1a:e8:76:96:80:fe:3f:fb:96:53:91:
                    b8:4a:f7:36:80:b9:be:8b:93:3e:d6:6d:a0:0e:43:
                    45:19:21:36:16:05:0f:7a:67:95:e3:a3:7e:49:0b:
                    62:20:cf:8a:f9:90:b7:e0:31:f1:50:65:cd:09:3b:
                    ce:a8:2b:d2:72:54:e5:02:50:06:6b:33:40:b1:90:
                    b6:bd:65:79:1e:be:c9:8f:55:7f:f5:76:1a:fe:98:
                    48:2b:00:e4:94:b7:72:85:2a:e1:18:47:f0:4e:71:
                    71:34:d3:1e:7e:90:f7:52:b3:65:f9:c4:b1:3e:90:
                    d4:68:37:6f:d7:d5:2a:43:42:1b:ca:a8:e0:ef:fd:
                    10:f3:25:84:df:96:00:72:46:2a:ab:93:96:3d:1d:
                    78:c7:91:82:24:99:c0:a4:87:4b:4f:55:21:c8:09:
                    5e:b2:94:fc:3c:a2:cd:ee:2f:3c:66:dd:63:be:d1:
                    69:b6:6a:38:88:c5:6a:a7:65:fa:86:1b:1f:6d:3a:
                    22:20:b0:90:78:3d:f2:92:e8:75:b7:ef:0b:3d:bd:
                    89:39
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C7:E1:A7:B7:DB:7F:8D:3C:EC:41:88:D8:8B:D3:24:23:FE:FE:7E:90
            X509v3 Authority Key Identifier:
                keyid:86:A9:F3:AE:45:F7:01:50:AF:17:EB:87:89:E9:78:89:02:9E:E5:D3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hqnzrkX3AVCvF-uHiel4iQKe5dM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/131274-7334-446b-a935-3487ae82b20d/1/hqnzrkX3AVCvF-uHiel4iQKe5dM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/131274-7334-446b-a935-3487ae82b20d/1/hqnzrkX3AVCvF-uHiel4iQKe5dM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0f:49:fb:3e:06:a4:e4:0b:90:03:e2:bc:7f:4b:b6:ed:c5:f7:
         37:66:ea:78:0b:96:9e:1a:11:2f:33:6a:fa:3e:87:f1:42:b2:
         a4:01:e4:6a:b9:d4:dc:de:36:56:51:ed:86:f6:82:27:21:a7:
         69:79:57:b7:f8:87:6c:b2:66:35:36:9d:89:91:79:82:ef:da:
         96:4e:e5:a4:a6:e0:1d:00:9b:42:77:ca:77:3b:ea:94:30:62:
         4a:e7:29:4a:be:db:b0:a7:0b:f8:89:a0:b5:f2:0d:16:80:72:
         f3:bd:7d:5e:a0:08:7c:f1:d5:32:f5:e0:bd:3f:45:67:8f:ee:
         17:36:be:40:b8:36:6c:91:8a:f4:8a:76:c6:1f:f9:b3:c5:d4:
         e3:0f:44:9a:b9:4f:20:87:07:e5:ea:0a:9b:ea:39:1c:65:37:
         fa:6e:4a:22:22:20:9a:87:d2:2b:ba:aa:ec:64:af:95:49:07:
         4b:32:8c:5f:5e:af:d6:fd:cf:e6:da:6d:cf:5d:54:70:36:d4:
         5a:4d:f5:4b:c8:66:c8:df:a4:82:0e:4f:68:49:d9:a5:15:4d:
         55:83:d5:46:3a:54:0c:3b:dd:d2:64:57:81:56:e8:cc:f6:31:
         45:6f:d3:ef:12:d9:17:1f:05:bf:ce:f1:f5:25:5d:d2:b0:4f:
         43:80:d2:3e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjWzTydfc8eitKeIYJUwA1CMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2YTlmM2FlNDVmNzAxNTBhZjE3ZWI4Nzg5ZTk3ODg5MDI5
ZWU1ZDMwHhcNMjUwODIzMTIwMDMxWhcNMjUwODI0MTIwMDMxWjAzMTEwLwYDVQQD
EyhjN2UxYTdiN2RiN2Y4ZDNjZWM0MTg4ZDg4YmQzMjQyM2ZlZmU3ZTkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqeBF6MK8Ym6q+jWRy0coEjtCVSg/
0a5DWlvWSB2+3ySrqRk9A4OBVvJ7038UhgSPGuh2loD+P/uWU5G4Svc2gLm+i5M+
1m2gDkNFGSE2FgUPemeV46N+SQtiIM+K+ZC34DHxUGXNCTvOqCvSclTlAlAGazNA
sZC2vWV5Hr7Jj1V/9XYa/phIKwDklLdyhSrhGEfwTnFxNNMefpD3UrNl+cSxPpDU
aDdv19UqQ0Ibyqjg7/0Q8yWE35YAckYqq5OWPR14x5GCJJnApIdLT1UhyAlespT8
PKLN7i88Zt1jvtFptmo4iMVqp2X6hhsfbToiILCQeD3ykuh1t+8LPb2JOQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMfhp7fbf4087EGI2IvTJCP+/n6QMB8GA1UdIwQY
MBaAFIap865F9wFQrxfrh4npeIkCnuXTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHFuenJrWDNBVkN2Ri11SGllbDRpUUtlNWRNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZC8xMzEyNzQtNzMzNC00NDZiLWE5MzUt
MzQ4N2FlODJiMjBkLzEvaHFuenJrWDNBVkN2Ri11SGllbDRpUUtlNWRNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZC8xMzEyNzQtNzMzNC00NDZiLWE5MzUtMzQ4N2FlODJiMjBk
LzEvaHFuenJrWDNBVkN2Ri11SGllbDRpUUtlNWRNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAD0n7Pgak
5AuQA+K8f0u27cX3N2bqeAuWnhoRLzNq+j6H8UKypAHkarnU3N42VlHthvaCJyGn
aXlXt/iHbLJmNTadiZF5gu/alk7lpKbgHQCbQnfKdzvqlDBiSucpSr7bsKcL+Img
tfINFoBy8719XqAIfPHVMvXgvT9FZ4/uFza+QLg2bJGK9Ip2xh/5s8XU4w9EmrlP
IIcH5eoKm+o5HGU3+m5KIiIgmofSK7qq7GSvlUkHSzKMX16v1v3P5tptz11UcDbU
Wk31S8hmyN+kgg5PaEnZpRVNVYPVRjpUDDvd0mRXgVbozPYxRW/T7xLZFx8Fv87x
9SVd0rBPQ4DSPg==
-----END CERTIFICATE-----
Generated at Sat Aug 23 15:58:05 2025 by rpki-client