Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/41/56d490-0196-45ac-83eb-c3297129e4d3/1/KQhfxTTBPgiC4mColfPPDFVD7wg.mft
File:                     KQhfxTTBPgiC4mColfPPDFVD7wg.mft (raw, json)
Hash identifier:          PmXupKIDvg1L3C5evkLrvAUlMCgyn9wAPkQd+/rHlqg=
Subject key identifier:   7E:D4:1D:31:A9:D3:42:7D:A7:50:BE:47:58:6F:FA:04:CD:89:16:AF
Authority key identifier: 29:08:5F:C5:34:C1:3E:08:82:E2:60:A8:95:F3:CF:0C:55:43:EF:08
Certificate issuer:       /CN=29085fc534c13e0882e260a895f3cf0c5543ef08
Certificate serial:       019A00A3866BEFF63457E8BA7AB976F5888A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/KQhfxTTBPgiC4mColfPPDFVD7wg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/41/56d490-0196-45ac-83eb-c3297129e4d3/1/KQhfxTTBPgiC4mColfPPDFVD7wg.mft
Manifest number:          065A
Signing time:             Mon 20 Oct 2025 08:01:48 +0000
Manifest this update:     Mon 20 Oct 2025 08:01:48 +0000
Manifest next update:     Tue 21 Oct 2025 08:01:48 +0000
Files and hashes:         1: 7maLWxU6IkDM2FmAqNdy7l2m8vA.roa (hash: hXSJo4W1y0TIt55yVm6o0sEdz9TFsi3M02ghZ52Dqcs=)
                          2: KQhfxTTBPgiC4mColfPPDFVD7wg.crl (hash: L5f+4hKa8jqKGGopm10JC3v5veaJq9a76kjRlfcU0RE=)
                          3: qf1_Wz1js3xh5T6fOQssL748W8Y.roa (hash: LIiJDjtWI/OSM/oOUeypQGPeFD9dNyCQffUSuaGgb/s=)
                          4: uhoFt9UL3_6UT-K7hdXHNLEPe6w.roa (hash: ABkAtvRZwRy7ibQa3d8iTzWCloU1O/vDLYDZwO5edyc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/41/56d490-0196-45ac-83eb-c3297129e4d3/1/KQhfxTTBPgiC4mColfPPDFVD7wg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/41/56d490-0196-45ac-83eb-c3297129e4d3/1/KQhfxTTBPgiC4mColfPPDFVD7wg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/KQhfxTTBPgiC4mColfPPDFVD7wg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 21 Oct 2025 00:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:00:a3:86:6b:ef:f6:34:57:e8:ba:7a:b9:76:f5:88:8a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=29085fc534c13e0882e260a895f3cf0c5543ef08
        Validity
            Not Before: Oct 20 08:01:48 2025 GMT
            Not After : Oct 21 08:01:48 2025 GMT
        Subject: CN=7ed41d31a9d3427da750be47586ffa04cd8916af
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:90:58:e2:c8:1c:06:ef:c4:d6:33:d5:7d:a4:
                    56:ac:9e:5a:33:06:98:24:fd:e3:b7:28:37:af:16:
                    a1:93:17:2f:b2:d4:8d:8a:3c:24:f2:28:b8:0b:14:
                    64:1b:db:a7:3e:d5:2f:a4:ee:3c:ac:fd:73:61:6d:
                    75:98:ca:61:11:b7:37:f8:f6:0d:4e:4e:cc:ee:0c:
                    91:e6:0e:81:8f:bd:57:b3:ac:66:31:62:58:f5:c2:
                    f5:0c:70:9b:5f:55:4f:23:93:c5:86:d4:07:af:59:
                    91:6a:c0:c6:f9:76:05:08:62:11:f6:96:03:bb:61:
                    09:8a:c4:af:04:f5:ce:06:7c:bd:fc:1f:6f:63:a2:
                    15:71:77:54:f6:06:be:3c:1d:96:e1:23:3e:e8:e8:
                    7d:0d:00:47:3c:af:08:b4:09:63:12:9b:00:61:6d:
                    5b:56:54:af:fd:fe:89:d2:1b:63:00:45:7e:1f:2b:
                    cd:56:50:79:af:45:b5:4e:2e:e9:b5:fe:46:cc:50:
                    1d:57:2e:59:48:f8:bf:cf:58:ed:0a:42:40:61:54:
                    02:0b:cc:55:63:d3:94:5f:3f:2a:1e:2d:44:b5:ca:
                    9d:42:e7:89:b4:f9:93:56:f8:b7:4d:3c:59:45:9f:
                    c5:d1:c6:b5:6a:37:67:cd:9f:3b:f7:cb:1d:d9:3e:
                    9d:a5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7E:D4:1D:31:A9:D3:42:7D:A7:50:BE:47:58:6F:FA:04:CD:89:16:AF
            X509v3 Authority Key Identifier:
                keyid:29:08:5F:C5:34:C1:3E:08:82:E2:60:A8:95:F3:CF:0C:55:43:EF:08

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KQhfxTTBPgiC4mColfPPDFVD7wg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/41/56d490-0196-45ac-83eb-c3297129e4d3/1/KQhfxTTBPgiC4mColfPPDFVD7wg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/41/56d490-0196-45ac-83eb-c3297129e4d3/1/KQhfxTTBPgiC4mColfPPDFVD7wg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         13:e6:d9:c1:fb:a7:20:af:33:e2:f1:2c:b3:da:96:b3:c9:54:
         ae:06:02:b1:bb:ae:08:ec:b5:4b:d8:58:51:09:52:91:e8:d2:
         bb:f0:dc:be:b3:8a:09:1d:02:27:19:b4:93:74:b0:84:8c:09:
         e6:a2:11:b3:8f:4b:90:f2:81:96:7e:2f:da:7e:57:0d:21:6b:
         0d:04:52:9e:89:20:56:66:83:ab:73:97:69:ee:6f:5d:a3:0c:
         c2:14:47:ed:90:09:58:da:f9:29:be:ec:bf:64:d1:33:7a:c7:
         7c:a0:74:b7:58:97:31:47:09:67:5a:cb:07:d4:48:19:2f:8d:
         5c:2c:44:f0:48:e0:41:5a:50:ef:1c:4d:2f:11:2f:c9:44:8c:
         6a:8b:44:3c:b4:2d:df:75:a9:bb:f2:a9:24:d4:62:4f:a0:27:
         fe:f4:61:78:d3:95:2b:e1:c0:e8:83:d8:04:69:4f:ba:fd:5d:
         33:ae:e7:29:cb:dd:c4:78:79:89:2e:19:d5:4e:ad:5d:f2:1f:
         75:03:36:a4:49:f9:91:9c:24:e6:5b:3a:49:0a:70:7e:53:dc:
         f1:64:7d:bf:13:8c:fa:18:97:ef:3e:68:ee:ae:0b:6a:57:56:
         79:1f:ce:ca:28:ed:c0:70:6a:50:99:2c:47:71:c3:2f:41:b2:
         74:d5:0c:36
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZoAo4Zr7/Y0V+i6erl29YiKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5MDg1ZmM1MzRjMTNlMDg4MmUyNjBhODk1ZjNjZjBjNTU0
M2VmMDgwHhcNMjUxMDIwMDgwMTQ4WhcNMjUxMDIxMDgwMTQ4WjAzMTEwLwYDVQQD
Eyg3ZWQ0MWQzMWE5ZDM0MjdkYTc1MGJlNDc1ODZmZmEwNGNkODkxNmFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr5BY4sgcBu/E1jPVfaRWrJ5aMwaY
JP3jtyg3rxahkxcvstSNijwk8ii4CxRkG9unPtUvpO48rP1zYW11mMphEbc3+PYN
Tk7M7gyR5g6Bj71Xs6xmMWJY9cL1DHCbX1VPI5PFhtQHr1mRasDG+XYFCGIR9pYD
u2EJisSvBPXOBny9/B9vY6IVcXdU9ga+PB2W4SM+6Oh9DQBHPK8ItAljEpsAYW1b
VlSv/f6J0htjAEV+HyvNVlB5r0W1Ti7ptf5GzFAdVy5ZSPi/z1jtCkJAYVQCC8xV
Y9OUXz8qHi1EtcqdQueJtPmTVvi3TTxZRZ/F0ca1ajdnzZ8798sd2T6dpQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFH7UHTGp00J9p1C+R1hv+gTNiRavMB8GA1UdIwQY
MBaAFCkIX8U0wT4IguJgqJXzzwxVQ+8IMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1FoZnhUVEJQZ2lDNG1Db2xmUFBERlZEN3dnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MS81NmQ0OTAtMDE5Ni00NWFjLTgzZWIt
YzMyOTcxMjllNGQzLzEvS1FoZnhUVEJQZ2lDNG1Db2xmUFBERlZEN3dnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MS81NmQ0OTAtMDE5Ni00NWFjLTgzZWItYzMyOTcxMjllNGQz
LzEvS1FoZnhUVEJQZ2lDNG1Db2xmUFBERlZEN3dnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAE+bZwfun
IK8z4vEss9qWs8lUrgYCsbuuCOy1S9hYUQlSkejSu/DcvrOKCR0CJxm0k3SwhIwJ
5qIRs49LkPKBln4v2n5XDSFrDQRSnokgVmaDq3OXae5vXaMMwhRH7ZAJWNr5Kb7s
v2TRM3rHfKB0t1iXMUcJZ1rLB9RIGS+NXCxE8EjgQVpQ7xxNLxEvyUSMaotEPLQt
33Wpu/KpJNRiT6An/vRheNOVK+HA6IPYBGlPuv1dM67nKcvdxHh5iS4Z1U6tXfIf
dQM2pEn5kZwk5ls6SQpwflPc8WR9vxOM+hiX7z5o7q4LaldWeR/OyijtwHBqUJks
R3HDL0GydNUMNg==
-----END CERTIFICATE-----
Generated at Mon Oct 20 10:30:47 2025 by rpki-client