Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3d/131274-7334-446b-a935-3487ae82b20d/1/hqnzrkX3AVCvF-uHiel4iQKe5dM.mft
File:                     hqnzrkX3AVCvF-uHiel4iQKe5dM.mft (raw, json)
Hash identifier:          KwruebdY0xa0UbxTHXbna2oLr3mE+X2d1aBkpLAf4Po=
Subject key identifier:   6E:66:92:24:CB:3E:50:59:74:39:5E:D0:D5:0E:26:D6:88:6A:37:CD
Authority key identifier: 86:A9:F3:AE:45:F7:01:50:AF:17:EB:87:89:E9:78:89:02:9E:E5:D3
Certificate issuer:       /CN=86a9f3ae45f70150af17eb8789e97889029ee5d3
Certificate serial:       0199FE46A94D44ABE17065C6F14488290B9F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hqnzrkX3AVCvF-uHiel4iQKe5dM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3d/131274-7334-446b-a935-3487ae82b20d/1/hqnzrkX3AVCvF-uHiel4iQKe5dM.mft
Manifest number:          16E2
Signing time:             Sun 19 Oct 2025 21:01:07 +0000
Manifest this update:     Sun 19 Oct 2025 21:01:07 +0000
Manifest next update:     Mon 20 Oct 2025 21:01:07 +0000
Files and hashes:         1: 6b_z1nYhros0lFsJJ-v5kZEUQbE.roa (hash: lcqP5Znx2EuUXx9SjdDPzhxT49PtsEmnOX0/yWwCL10=)
                          2: hqnzrkX3AVCvF-uHiel4iQKe5dM.crl (hash: w9ms1nIhsFdfvsRK8bTe85zSHqeLZNm6ffNlvvyVrgE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3d/131274-7334-446b-a935-3487ae82b20d/1/hqnzrkX3AVCvF-uHiel4iQKe5dM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3d/131274-7334-446b-a935-3487ae82b20d/1/hqnzrkX3AVCvF-uHiel4iQKe5dM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/hqnzrkX3AVCvF-uHiel4iQKe5dM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 20:00:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fe:46:a9:4d:44:ab:e1:70:65:c6:f1:44:88:29:0b:9f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=86a9f3ae45f70150af17eb8789e97889029ee5d3
        Validity
            Not Before: Oct 19 21:01:07 2025 GMT
            Not After : Oct 20 21:01:07 2025 GMT
        Subject: CN=6e669224cb3e505974395ed0d50e26d6886a37cd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a1:43:09:91:fc:94:56:4a:94:d1:cd:7d:9d:da:
                    b7:4f:e8:38:5f:45:07:4f:9d:d7:c8:21:dd:93:ec:
                    60:c4:32:38:3f:5f:46:10:33:db:ba:ee:93:2e:85:
                    72:24:91:d4:3a:93:4f:be:35:58:70:57:ea:63:8f:
                    bf:46:3d:9a:92:e8:0d:95:6a:48:da:da:ee:61:68:
                    d5:ca:9c:ae:c7:9a:23:43:7e:5e:e7:83:d4:a1:62:
                    65:2f:c8:84:a0:e9:8d:ac:fb:7c:ea:b4:d1:8d:3b:
                    b8:8c:85:86:27:3d:c0:28:b2:8f:2d:49:90:cb:ca:
                    9f:16:af:f8:58:c8:d3:ea:ee:cf:91:b0:6e:f6:98:
                    ce:6c:07:51:25:06:32:73:4c:cd:2a:5f:ad:ed:c8:
                    be:d9:52:3e:6e:ea:db:71:ca:05:0c:f1:13:34:45:
                    c7:51:97:e6:74:04:c1:0f:31:9a:a8:8f:c5:9b:a7:
                    3d:9b:59:d1:10:28:1d:55:06:eb:cb:8f:34:d4:6d:
                    db:ab:b7:bb:83:ab:4e:e7:ad:fb:b0:93:05:c7:18:
                    7a:dc:b1:85:e3:ec:da:f2:95:dc:ec:3d:77:1e:ff:
                    9a:7f:bd:d1:a0:30:aa:42:97:b7:52:8c:01:23:d8:
                    0d:d5:b9:6f:d7:94:87:34:b6:66:74:fe:c1:f8:cb:
                    c2:93
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6E:66:92:24:CB:3E:50:59:74:39:5E:D0:D5:0E:26:D6:88:6A:37:CD
            X509v3 Authority Key Identifier:
                keyid:86:A9:F3:AE:45:F7:01:50:AF:17:EB:87:89:E9:78:89:02:9E:E5:D3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hqnzrkX3AVCvF-uHiel4iQKe5dM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/131274-7334-446b-a935-3487ae82b20d/1/hqnzrkX3AVCvF-uHiel4iQKe5dM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/131274-7334-446b-a935-3487ae82b20d/1/hqnzrkX3AVCvF-uHiel4iQKe5dM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         90:6d:d9:0d:fe:6f:5c:c7:6a:9f:af:42:4d:66:c5:55:15:de:
         d0:65:1b:14:64:03:ca:2b:14:1d:f3:07:8c:51:a8:07:81:31:
         54:df:18:5c:3f:f2:a3:2c:16:06:26:36:1f:a2:92:d4:24:ad:
         26:49:6b:5e:61:a4:38:4c:2e:ae:9b:54:1e:cc:29:b5:f0:81:
         ce:ce:de:74:9d:a9:0c:ca:6e:3b:64:88:24:49:46:83:dc:20:
         3c:cd:5a:38:5e:d3:48:54:79:1c:c2:e4:1a:12:89:cb:be:36:
         bd:93:30:60:ed:34:f3:02:a2:79:b5:84:14:38:3d:ee:b5:d8:
         a6:44:c0:a7:69:d2:bb:52:93:24:37:20:d3:e9:59:68:4c:6e:
         12:fb:67:63:44:1d:13:72:df:6b:34:3f:99:2d:70:45:2d:ce:
         de:46:87:e1:27:a7:26:12:1a:67:b3:c6:42:fb:a3:ac:d8:37:
         45:24:bc:3b:4c:44:1e:c3:92:f6:a0:cb:f7:78:fd:8f:ee:b9:
         2a:2d:c4:d5:2c:21:a5:33:c7:29:03:24:0e:08:9d:55:cd:b9:
         2c:c1:5b:ae:b6:14:01:b6:5f:0d:ac:6f:40:de:57:b4:71:b2:
         dd:92:8e:28:cf:10:72:60:6d:da:79:1a:50:7b:24:c2:38:a9:
         2d:f6:bb:68
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn+RqlNRKvhcGXG8USIKQufMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2YTlmM2FlNDVmNzAxNTBhZjE3ZWI4Nzg5ZTk3ODg5MDI5
ZWU1ZDMwHhcNMjUxMDE5MjEwMTA3WhcNMjUxMDIwMjEwMTA3WjAzMTEwLwYDVQQD
Eyg2ZTY2OTIyNGNiM2U1MDU5NzQzOTVlZDBkNTBlMjZkNjg4NmEzN2NkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoUMJkfyUVkqU0c19ndq3T+g4X0UH
T53XyCHdk+xgxDI4P19GEDPbuu6TLoVyJJHUOpNPvjVYcFfqY4+/Rj2akugNlWpI
2truYWjVypyux5ojQ35e54PUoWJlL8iEoOmNrPt86rTRjTu4jIWGJz3AKLKPLUmQ
y8qfFq/4WMjT6u7PkbBu9pjObAdRJQYyc0zNKl+t7ci+2VI+burbccoFDPETNEXH
UZfmdATBDzGaqI/Fm6c9m1nRECgdVQbry4801G3bq7e7g6tO5637sJMFxxh63LGF
4+za8pXc7D13Hv+af73RoDCqQpe3UowBI9gN1blv15SHNLZmdP7B+MvCkwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFG5mkiTLPlBZdDle0NUOJtaIajfNMB8GA1UdIwQY
MBaAFIap865F9wFQrxfrh4npeIkCnuXTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHFuenJrWDNBVkN2Ri11SGllbDRpUUtlNWRNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZC8xMzEyNzQtNzMzNC00NDZiLWE5MzUt
MzQ4N2FlODJiMjBkLzEvaHFuenJrWDNBVkN2Ri11SGllbDRpUUtlNWRNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZC8xMzEyNzQtNzMzNC00NDZiLWE5MzUtMzQ4N2FlODJiMjBk
LzEvaHFuenJrWDNBVkN2Ri11SGllbDRpUUtlNWRNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAkG3ZDf5v
XMdqn69CTWbFVRXe0GUbFGQDyisUHfMHjFGoB4ExVN8YXD/yoywWBiY2H6KS1CSt
JklrXmGkOEwurptUHswptfCBzs7edJ2pDMpuO2SIJElGg9wgPM1aOF7TSFR5HMLk
GhKJy742vZMwYO008wKiebWEFDg97rXYpkTAp2nSu1KTJDcg0+lZaExuEvtnY0Qd
E3LfazQ/mS1wRS3O3kaH4SenJhIaZ7PGQvujrNg3RSS8O0xEHsOS9qDL93j9j+65
Ki3E1SwhpTPHKQMkDgidVc25LMFbrrYUAbZfDaxvQN5XtHGy3ZKOKM8QcmBt2nka
UHskwjipLfa7aA==
-----END CERTIFICATE-----
Generated at Mon Oct 20 04:15:03 2025 by rpki-client