Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/d60eb6-3bb2-45c0-9daf-9f55b4ae90cc/1/QAnHa7ftKz0UTNhVpewajrfU3pk.mft
File:                     QAnHa7ftKz0UTNhVpewajrfU3pk.mft (raw, json)
Hash identifier:          rRWLf69p+3HWwPCBVxqO93PLI/07hSajQ4lDrZUA4/8=
Subject key identifier:   A7:67:88:7A:41:9E:DA:55:BA:FF:D6:B5:5C:14:3A:1B:5B:F5:1F:18
Authority key identifier: 40:09:C7:6B:B7:ED:2B:3D:14:4C:D8:55:A5:EC:1A:8E:B7:D4:DE:99
Certificate issuer:       /CN=4009c76bb7ed2b3d144cd855a5ec1a8eb7d4de99
Certificate serial:       0199FB45BCCB4266229B1181E8F81AE576A8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/QAnHa7ftKz0UTNhVpewajrfU3pk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/45/d60eb6-3bb2-45c0-9daf-9f55b4ae90cc/1/QAnHa7ftKz0UTNhVpewajrfU3pk.mft
Manifest number:          1586
Signing time:             Sun 19 Oct 2025 07:01:15 +0000
Manifest this update:     Sun 19 Oct 2025 07:01:15 +0000
Manifest next update:     Mon 20 Oct 2025 07:01:15 +0000
Files and hashes:         1: QAnHa7ftKz0UTNhVpewajrfU3pk.crl (hash: wGLzxA8F52Y1IR/IefBIpFETMoUUsJFoP6OIZRSfsM0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/45/d60eb6-3bb2-45c0-9daf-9f55b4ae90cc/1/QAnHa7ftKz0UTNhVpewajrfU3pk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/45/d60eb6-3bb2-45c0-9daf-9f55b4ae90cc/1/QAnHa7ftKz0UTNhVpewajrfU3pk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/QAnHa7ftKz0UTNhVpewajrfU3pk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 06:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fb:45:bc:cb:42:66:22:9b:11:81:e8:f8:1a:e5:76:a8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4009c76bb7ed2b3d144cd855a5ec1a8eb7d4de99
        Validity
            Not Before: Oct 19 07:01:15 2025 GMT
            Not After : Oct 20 07:01:15 2025 GMT
        Subject: CN=a767887a419eda55baffd6b55c143a1b5bf51f18
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:e4:67:43:0e:b5:31:24:20:c4:5a:57:24:a0:
                    61:76:f3:1c:20:74:96:01:2c:67:4f:29:17:ed:5f:
                    a8:1b:59:a6:ff:22:37:d1:fa:77:3a:de:ee:a3:3d:
                    b4:47:81:26:54:d1:af:21:b2:3c:cb:db:27:d6:d9:
                    3f:50:dd:5e:68:35:7c:8e:2c:44:82:db:9e:f8:1a:
                    4a:c3:9f:37:09:16:07:91:1b:8e:a9:d2:3a:dc:38:
                    f9:52:cf:d7:65:30:6e:d0:f3:e1:27:0c:eb:57:ac:
                    b9:8e:a0:2f:71:e6:9b:c6:6d:bf:f7:76:87:b3:07:
                    0f:58:8e:61:aa:00:cb:53:60:53:a2:3b:39:5a:f2:
                    52:12:df:08:6c:9c:88:dc:92:d5:51:3d:d2:3d:8b:
                    ec:7e:d6:8d:b1:3f:d8:1f:be:d8:a6:36:86:c0:e7:
                    70:8b:26:d0:67:c4:1d:8e:b9:4e:30:c3:89:41:2b:
                    c7:89:3f:5e:44:a4:53:66:62:aa:90:45:4a:7c:76:
                    74:c2:7a:28:84:f6:33:e7:e2:2d:22:98:d1:25:46:
                    62:7c:82:ae:fa:2e:4f:7d:19:bd:74:ec:0b:b8:04:
                    9d:e8:7f:20:b3:b7:52:c2:65:d7:0c:01:00:58:a1:
                    4d:7c:21:05:59:fa:7a:f2:35:28:e2:70:1f:2c:0a:
                    5d:6d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A7:67:88:7A:41:9E:DA:55:BA:FF:D6:B5:5C:14:3A:1B:5B:F5:1F:18
            X509v3 Authority Key Identifier:
                keyid:40:09:C7:6B:B7:ED:2B:3D:14:4C:D8:55:A5:EC:1A:8E:B7:D4:DE:99

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QAnHa7ftKz0UTNhVpewajrfU3pk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/d60eb6-3bb2-45c0-9daf-9f55b4ae90cc/1/QAnHa7ftKz0UTNhVpewajrfU3pk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/45/d60eb6-3bb2-45c0-9daf-9f55b4ae90cc/1/QAnHa7ftKz0UTNhVpewajrfU3pk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         79:06:a7:be:47:18:94:91:fa:e7:ef:20:a5:99:a5:16:f6:e1:
         4a:42:ec:46:85:8f:98:ee:0f:a0:9e:45:41:04:de:c3:a1:5a:
         29:32:e1:a9:a0:9e:31:f1:12:4b:f8:5e:92:78:2c:44:99:ad:
         c2:62:5d:fb:cb:80:49:da:4b:f4:63:3a:f5:2a:5c:77:c0:b5:
         92:82:0a:89:78:96:92:4a:d0:81:18:3b:3d:7b:b5:ea:cb:dc:
         0b:06:b0:90:02:4f:ca:b0:04:51:64:62:92:c2:a8:a1:f6:6d:
         a8:b7:06:2a:2a:00:bb:ad:70:5d:fd:ef:e8:a8:26:e9:0c:f4:
         b4:f0:84:a7:47:cf:c2:9b:8f:0b:0c:0b:84:42:a1:0d:fe:4b:
         97:69:30:b2:97:ab:db:f3:84:26:7a:aa:80:aa:e2:ea:03:46:
         83:bb:90:f6:0d:e9:29:a4:db:19:ed:36:ce:0c:41:e6:03:b2:
         74:98:bb:1f:22:54:27:48:e5:bc:2e:a2:a0:2c:33:df:40:2d:
         d8:2d:74:5a:61:6b:f4:87:a6:a1:b7:18:0f:f7:86:73:10:71:
         af:d6:6a:07:1d:c4:f1:c0:41:ea:80:07:3e:06:a4:13:9a:df:
         5d:6d:74:66:ab:2e:72:59:b4:4e:93:2e:0d:51:b1:f5:20:21:
         eb:5e:2a:93
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn7RbzLQmYimxGB6Pga5XaoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwMDljNzZiYjdlZDJiM2QxNDRjZDg1NWE1ZWMxYThlYjdk
NGRlOTkwHhcNMjUxMDE5MDcwMTE1WhcNMjUxMDIwMDcwMTE1WjAzMTEwLwYDVQQD
EyhhNzY3ODg3YTQxOWVkYTU1YmFmZmQ2YjU1YzE0M2ExYjViZjUxZjE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt+RnQw61MSQgxFpXJKBhdvMcIHSW
ASxnTykX7V+oG1mm/yI30fp3Ot7uoz20R4EmVNGvIbI8y9sn1tk/UN1eaDV8jixE
gtue+BpKw583CRYHkRuOqdI63Dj5Us/XZTBu0PPhJwzrV6y5jqAvceabxm2/93aH
swcPWI5hqgDLU2BTojs5WvJSEt8IbJyI3JLVUT3SPYvsftaNsT/YH77YpjaGwOdw
iybQZ8QdjrlOMMOJQSvHiT9eRKRTZmKqkEVKfHZ0wnoohPYz5+ItIpjRJUZifIKu
+i5PfRm9dOwLuASd6H8gs7dSwmXXDAEAWKFNfCEFWfp68jUo4nAfLApdbQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKdniHpBntpVuv/WtVwUOhtb9R8YMB8GA1UdIwQY
MBaAFEAJx2u37Ss9FEzYVaXsGo631N6ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUUFuSGE3ZnRLejBVVE5oVnBld2FqcmZVM3BrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS9kNjBlYjYtM2JiMi00NWMwLTlkYWYt
OWY1NWI0YWU5MGNjLzEvUUFuSGE3ZnRLejBVVE5oVnBld2FqcmZVM3BrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS9kNjBlYjYtM2JiMi00NWMwLTlkYWYtOWY1NWI0YWU5MGNj
LzEvUUFuSGE3ZnRLejBVVE5oVnBld2FqcmZVM3BrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAeQanvkcY
lJH65+8gpZmlFvbhSkLsRoWPmO4PoJ5FQQTew6FaKTLhqaCeMfESS/hekngsRJmt
wmJd+8uASdpL9GM69Spcd8C1koIKiXiWkkrQgRg7PXu16svcCwawkAJPyrAEUWRi
ksKoofZtqLcGKioAu61wXf3v6Kgm6Qz0tPCEp0fPwpuPCwwLhEKhDf5Ll2kwsper
2/OEJnqqgKri6gNGg7uQ9g3pKaTbGe02zgxB5gOydJi7HyJUJ0jlvC6ioCwz30At
2C10WmFr9IemobcYD/eGcxBxr9ZqBx3E8cBB6oAHPgakE5rfXW10Zqsuclm0TpMu
DVGx9SAh614qkw==
-----END CERTIFICATE-----
Generated at Sun Oct 19 15:15:24 2025 by rpki-client