Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/41/56d490-0196-45ac-83eb-c3297129e4d3/1/KQhfxTTBPgiC4mColfPPDFVD7wg.mft
File:                     KQhfxTTBPgiC4mColfPPDFVD7wg.mft (raw, json)
Hash identifier:          Tz9zu2I/TVzb997xygTi7DEyIbrRcqI78iKNsteuSRg=
Subject key identifier:   ED:9C:C9:BE:D0:78:A0:E7:8A:E2:F2:64:53:64:07:73:6F:FE:54:6B
Authority key identifier: 29:08:5F:C5:34:C1:3E:08:82:E2:60:A8:95:F3:CF:0C:55:43:EF:08
Certificate issuer:       /CN=29085fc534c13e0882e260a895f3cf0c5543ef08
Certificate serial:       0199FEB517C1CA41DA4390CE50E262817D08
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/KQhfxTTBPgiC4mColfPPDFVD7wg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/41/56d490-0196-45ac-83eb-c3297129e4d3/1/KQhfxTTBPgiC4mColfPPDFVD7wg.mft
Manifest number:          0659
Signing time:             Sun 19 Oct 2025 23:01:44 +0000
Manifest this update:     Sun 19 Oct 2025 23:01:44 +0000
Manifest next update:     Mon 20 Oct 2025 23:01:44 +0000
Files and hashes:         1: 7maLWxU6IkDM2FmAqNdy7l2m8vA.roa (hash: hXSJo4W1y0TIt55yVm6o0sEdz9TFsi3M02ghZ52Dqcs=)
                          2: KQhfxTTBPgiC4mColfPPDFVD7wg.crl (hash: ZWOT+EEJU8k5IiVpl54nUjlbfEJyS80yS3qNwHFR+iI=)
                          3: qf1_Wz1js3xh5T6fOQssL748W8Y.roa (hash: LIiJDjtWI/OSM/oOUeypQGPeFD9dNyCQffUSuaGgb/s=)
                          4: uhoFt9UL3_6UT-K7hdXHNLEPe6w.roa (hash: ABkAtvRZwRy7ibQa3d8iTzWCloU1O/vDLYDZwO5edyc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/41/56d490-0196-45ac-83eb-c3297129e4d3/1/KQhfxTTBPgiC4mColfPPDFVD7wg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/41/56d490-0196-45ac-83eb-c3297129e4d3/1/KQhfxTTBPgiC4mColfPPDFVD7wg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/KQhfxTTBPgiC4mColfPPDFVD7wg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 23:01:44 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fe:b5:17:c1:ca:41:da:43:90:ce:50:e2:62:81:7d:08
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=29085fc534c13e0882e260a895f3cf0c5543ef08
        Validity
            Not Before: Oct 19 23:01:44 2025 GMT
            Not After : Oct 20 23:01:44 2025 GMT
        Subject: CN=ed9cc9bed078a0e78ae2f264536407736ffe546b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dd:74:8e:82:d3:d8:90:43:5b:e7:e2:a3:00:0f:
                    cc:48:38:0e:58:91:28:8c:c4:f9:15:7c:c5:f5:4b:
                    ce:6b:b7:ce:38:5a:2e:15:ca:42:d4:22:e6:c7:35:
                    8a:4a:b7:47:ec:1d:70:c5:ba:4c:ec:88:16:3d:e0:
                    12:61:b5:92:5f:b6:03:2a:81:80:dc:c7:16:0d:75:
                    7f:9c:43:f2:9d:3f:b7:17:31:a5:d4:43:13:8d:1b:
                    e4:eb:0d:2b:bd:85:0c:2e:b0:79:8f:1b:4b:09:7e:
                    60:7d:3a:2a:45:d9:dd:f6:df:ea:24:15:4f:1f:21:
                    56:9a:33:f2:4c:aa:db:34:03:62:ca:95:0a:30:63:
                    bf:d1:c8:14:68:1f:fa:16:02:09:9c:4b:ba:0d:e5:
                    ff:84:a6:a1:82:1e:79:c1:9c:92:29:a4:cc:77:0f:
                    c9:7a:47:8d:4f:5a:7b:49:2c:ac:0d:01:57:9f:7d:
                    9d:64:a2:6c:44:04:20:a2:fc:cf:7e:82:be:4a:e5:
                    e7:4e:2b:75:97:1d:6e:ce:2f:61:35:db:7b:f3:3b:
                    9a:1e:e8:1d:f8:c6:b1:6f:ff:c2:40:9b:a4:81:56:
                    39:73:d1:9b:a5:85:f3:02:d9:80:c1:d7:71:18:d7:
                    63:a6:cf:dd:80:8c:af:a0:27:9b:00:6e:bc:28:dc:
                    96:d5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                ED:9C:C9:BE:D0:78:A0:E7:8A:E2:F2:64:53:64:07:73:6F:FE:54:6B
            X509v3 Authority Key Identifier:
                keyid:29:08:5F:C5:34:C1:3E:08:82:E2:60:A8:95:F3:CF:0C:55:43:EF:08

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KQhfxTTBPgiC4mColfPPDFVD7wg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/41/56d490-0196-45ac-83eb-c3297129e4d3/1/KQhfxTTBPgiC4mColfPPDFVD7wg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/41/56d490-0196-45ac-83eb-c3297129e4d3/1/KQhfxTTBPgiC4mColfPPDFVD7wg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a1:68:ed:c5:cc:84:ce:17:7e:bc:58:89:ca:3f:1f:b7:e8:3c:
         86:ad:53:7c:d5:5b:5b:45:6e:d4:a9:1a:2c:78:81:37:6c:d7:
         1f:4c:2b:f3:99:73:87:72:b3:16:6e:48:c2:ba:04:16:a7:04:
         93:87:cb:23:c9:e9:4a:5a:e6:03:7c:7b:fc:c3:e0:d7:21:b9:
         19:de:3e:77:98:14:af:10:6c:d0:ea:d7:d9:33:42:c9:5f:1d:
         20:f8:5f:a8:63:d8:f2:05:92:69:8b:7d:1e:4b:54:2b:d5:09:
         43:4c:c0:32:10:18:41:6d:aa:35:53:1d:05:b4:5a:44:a1:79:
         9c:8a:ac:70:16:34:95:ab:e4:81:2f:17:8d:3a:4f:0f:db:22:
         dd:20:ab:54:15:ce:aa:23:15:3c:2c:a4:42:52:9a:bf:6d:1f:
         18:2f:5b:1b:67:cb:64:36:f6:60:f5:14:d8:54:b3:cb:f7:a2:
         b9:ac:cb:16:fe:43:7d:c9:0b:5d:6e:cc:34:bb:59:41:2a:49:
         27:b0:58:67:5b:a8:5f:b7:1b:11:a1:f4:a0:2a:4a:12:ec:24:
         1c:34:30:c5:8f:1e:7f:cd:90:fc:d5:b6:92:0e:2d:eb:c4:67:
         30:3f:cd:2f:f7:5d:f0:d4:3f:50:a4:3c:7f:3c:75:e8:85:7a:
         7a:d0:ee:7a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn+tRfBykHaQ5DOUOJigX0IMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5MDg1ZmM1MzRjMTNlMDg4MmUyNjBhODk1ZjNjZjBjNTU0
M2VmMDgwHhcNMjUxMDE5MjMwMTQ0WhcNMjUxMDIwMjMwMTQ0WjAzMTEwLwYDVQQD
EyhlZDljYzliZWQwNzhhMGU3OGFlMmYyNjQ1MzY0MDc3MzZmZmU1NDZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3XSOgtPYkENb5+KjAA/MSDgOWJEo
jMT5FXzF9UvOa7fOOFouFcpC1CLmxzWKSrdH7B1wxbpM7IgWPeASYbWSX7YDKoGA
3McWDXV/nEPynT+3FzGl1EMTjRvk6w0rvYUMLrB5jxtLCX5gfToqRdnd9t/qJBVP
HyFWmjPyTKrbNANiypUKMGO/0cgUaB/6FgIJnEu6DeX/hKahgh55wZySKaTMdw/J
ekeNT1p7SSysDQFXn32dZKJsRAQgovzPfoK+SuXnTit1lx1uzi9hNdt78zuaHugd
+Maxb//CQJukgVY5c9GbpYXzAtmAwddxGNdjps/dgIyvoCebAG68KNyW1QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFO2cyb7QeKDniuLyZFNkB3Nv/lRrMB8GA1UdIwQY
MBaAFCkIX8U0wT4IguJgqJXzzwxVQ+8IMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1FoZnhUVEJQZ2lDNG1Db2xmUFBERlZEN3dnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MS81NmQ0OTAtMDE5Ni00NWFjLTgzZWIt
YzMyOTcxMjllNGQzLzEvS1FoZnhUVEJQZ2lDNG1Db2xmUFBERlZEN3dnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MS81NmQ0OTAtMDE5Ni00NWFjLTgzZWItYzMyOTcxMjllNGQz
LzEvS1FoZnhUVEJQZ2lDNG1Db2xmUFBERlZEN3dnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAoWjtxcyE
zhd+vFiJyj8ft+g8hq1TfNVbW0Vu1KkaLHiBN2zXH0wr85lzh3KzFm5IwroEFqcE
k4fLI8npSlrmA3x7/MPg1yG5Gd4+d5gUrxBs0OrX2TNCyV8dIPhfqGPY8gWSaYt9
HktUK9UJQ0zAMhAYQW2qNVMdBbRaRKF5nIqscBY0lavkgS8XjTpPD9si3SCrVBXO
qiMVPCykQlKav20fGC9bG2fLZDb2YPUU2FSzy/eiuazLFv5DfckLXW7MNLtZQSpJ
J7BYZ1uoX7cbEaH0oCpKEuwkHDQwxY8ef82Q/NW2kg4t68RnMD/NL/dd8NQ/UKQ8
fzx16IV6etDueg==
-----END CERTIFICATE-----
Generated at Mon Oct 20 08:45:52 2025 by rpki-client