Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/2098ac-c2de-4362-a255-acd72d2c6cb6/1/QA-ULrBzNco-f70Y8GwVjbN8_Us.mft
File:                     QA-ULrBzNco-f70Y8GwVjbN8_Us.mft (raw, json)
Hash identifier:          7CVzn8SF/1wOzhuOOQR4kwXk3uDXnBzFvwdxt9SaUco=
Subject key identifier:   60:CD:63:A7:9A:67:69:62:74:01:AC:A4:86:12:D4:87:46:2F:55:37
Authority key identifier: 40:0F:94:2E:B0:73:35:CA:3E:7F:BD:18:F0:6C:15:8D:B3:7C:FD:4B
Certificate issuer:       /CN=400f942eb07335ca3e7fbd18f06c158db37cfd4b
Certificate serial:       0199FBEACA34CD3C93D816E3F9979A92733C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/QA-ULrBzNco-f70Y8GwVjbN8_Us.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/70/2098ac-c2de-4362-a255-acd72d2c6cb6/1/QA-ULrBzNco-f70Y8GwVjbN8_Us.mft
Manifest number:          1346
Signing time:             Sun 19 Oct 2025 10:01:32 +0000
Manifest this update:     Sun 19 Oct 2025 10:01:32 +0000
Manifest next update:     Mon 20 Oct 2025 10:01:32 +0000
Files and hashes:         1: CRyZWe4rqJ2qdiNWuAP-OJQeZow.roa (hash: g+uZ3IirtTKelPa51RylP3yoQBkp1cF9hHY0LUNHp8g=)
                          2: QA-ULrBzNco-f70Y8GwVjbN8_Us.crl (hash: NFD7kHVPVyYv3lBa5KpEZHyzl38yFof6IttFKJYgzns=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/70/2098ac-c2de-4362-a255-acd72d2c6cb6/1/QA-ULrBzNco-f70Y8GwVjbN8_Us.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/70/2098ac-c2de-4362-a255-acd72d2c6cb6/1/QA-ULrBzNco-f70Y8GwVjbN8_Us.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/QA-ULrBzNco-f70Y8GwVjbN8_Us.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 06:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fb:ea:ca:34:cd:3c:93:d8:16:e3:f9:97:9a:92:73:3c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=400f942eb07335ca3e7fbd18f06c158db37cfd4b
        Validity
            Not Before: Oct 19 10:01:32 2025 GMT
            Not After : Oct 20 10:01:32 2025 GMT
        Subject: CN=60cd63a79a6769627401aca48612d487462f5537
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9c:12:d8:8c:03:3f:cd:e5:34:d3:23:b4:95:d9:
                    d8:25:e2:91:27:ee:30:27:f6:13:e4:a0:0a:2f:54:
                    28:f2:d4:83:40:1a:88:61:c4:49:01:63:74:a5:04:
                    13:83:4c:d4:93:75:09:51:18:48:f0:b3:c9:ac:d3:
                    08:e8:fa:9b:30:eb:94:bb:22:73:65:d0:d6:cf:af:
                    e1:44:fd:9c:4f:9c:a6:cc:b5:11:cd:8d:16:74:d5:
                    62:d0:0e:2b:d5:f0:6f:1c:56:8c:60:2d:60:2c:53:
                    ab:9e:3e:b7:bc:d7:40:7a:fe:ed:4e:4a:a5:0e:bd:
                    8d:fd:3c:d3:20:f0:37:c6:ec:2a:4b:e2:55:56:cd:
                    fb:76:a9:4d:0c:9b:a9:29:7d:74:3c:50:d4:4c:da:
                    1f:25:e2:5d:fd:9e:11:74:9e:c5:59:86:70:cd:cd:
                    2f:c7:47:b8:c8:5d:d7:8d:b3:26:11:01:84:87:21:
                    db:23:a2:b7:cf:8f:46:f9:f1:bd:18:bc:c2:6f:47:
                    32:d4:05:ad:cd:42:a6:4f:12:36:08:1e:bc:2c:76:
                    21:d5:15:b2:8a:fc:68:cd:25:41:7d:57:70:4f:52:
                    79:87:a2:43:8b:d6:e8:f3:61:39:c0:d1:bc:3f:82:
                    5c:eb:93:61:71:c5:ea:28:ff:57:ab:4e:9c:9a:27:
                    16:0f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                60:CD:63:A7:9A:67:69:62:74:01:AC:A4:86:12:D4:87:46:2F:55:37
            X509v3 Authority Key Identifier:
                keyid:40:0F:94:2E:B0:73:35:CA:3E:7F:BD:18:F0:6C:15:8D:B3:7C:FD:4B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QA-ULrBzNco-f70Y8GwVjbN8_Us.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/2098ac-c2de-4362-a255-acd72d2c6cb6/1/QA-ULrBzNco-f70Y8GwVjbN8_Us.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/70/2098ac-c2de-4362-a255-acd72d2c6cb6/1/QA-ULrBzNco-f70Y8GwVjbN8_Us.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4e:48:69:42:73:a2:02:6b:ef:bd:19:28:21:e5:4b:f0:e4:3a:
         0a:87:d7:92:43:ad:d6:36:e1:91:aa:31:74:32:6f:2d:f8:40:
         84:06:2b:88:2e:98:fa:5b:a4:87:3f:5e:1f:eb:3a:f7:23:9d:
         b8:fd:79:de:c1:78:7a:d5:ef:cd:d7:77:58:5f:ca:29:3c:62:
         21:7b:05:6c:8d:80:01:2d:e4:1d:ca:b9:b2:e6:02:2e:cb:46:
         ba:fe:3f:7f:84:bc:88:74:9a:e3:4b:de:04:40:65:7b:7b:f2:
         44:89:35:05:c3:32:d9:f0:74:45:e2:66:db:00:dd:11:21:55:
         56:c1:11:6f:17:52:04:8e:9d:28:9f:14:38:30:da:68:5c:3d:
         eb:34:21:52:e3:59:77:2d:19:54:63:5b:98:d2:94:a0:1f:90:
         a3:71:92:3d:9d:b3:44:54:6b:6c:ef:c4:e1:85:ca:d0:a0:41:
         5d:a7:e9:01:be:7c:37:f1:5a:9a:6e:d9:ca:59:c3:8f:8c:46:
         9b:67:a6:7d:4f:0e:c4:38:2c:82:fa:a4:0d:68:43:52:40:21:
         ab:f9:3e:f0:8e:20:59:28:0b:97:70:66:da:76:de:e7:ba:c5:
         bb:fc:64:ea:0d:6c:4c:21:73:f9:d5:f6:27:a3:38:69:56:88:
         78:c9:88:73
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn76so0zTyT2Bbj+ZeaknM8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwMGY5NDJlYjA3MzM1Y2EzZTdmYmQxOGYwNmMxNThkYjM3
Y2ZkNGIwHhcNMjUxMDE5MTAwMTMyWhcNMjUxMDIwMTAwMTMyWjAzMTEwLwYDVQQD
Eyg2MGNkNjNhNzlhNjc2OTYyNzQwMWFjYTQ4NjEyZDQ4NzQ2MmY1NTM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnBLYjAM/zeU00yO0ldnYJeKRJ+4w
J/YT5KAKL1Qo8tSDQBqIYcRJAWN0pQQTg0zUk3UJURhI8LPJrNMI6PqbMOuUuyJz
ZdDWz6/hRP2cT5ymzLURzY0WdNVi0A4r1fBvHFaMYC1gLFOrnj63vNdAev7tTkql
Dr2N/TzTIPA3xuwqS+JVVs37dqlNDJupKX10PFDUTNofJeJd/Z4RdJ7FWYZwzc0v
x0e4yF3XjbMmEQGEhyHbI6K3z49G+fG9GLzCb0cy1AWtzUKmTxI2CB68LHYh1RWy
ivxozSVBfVdwT1J5h6JDi9bo82E5wNG8P4Jc65NhccXqKP9Xq06cmicWDwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGDNY6eaZ2lidAGspIYS1IdGL1U3MB8GA1UdIwQY
MBaAFEAPlC6wczXKPn+9GPBsFY2zfP1LMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUUEtVUxyQnpOY28tZjcwWThHd1ZqYk44X1VzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC8yMDk4YWMtYzJkZS00MzYyLWEyNTUt
YWNkNzJkMmM2Y2I2LzEvUUEtVUxyQnpOY28tZjcwWThHd1ZqYk44X1VzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC8yMDk4YWMtYzJkZS00MzYyLWEyNTUtYWNkNzJkMmM2Y2I2
LzEvUUEtVUxyQnpOY28tZjcwWThHd1ZqYk44X1VzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATkhpQnOi
AmvvvRkoIeVL8OQ6CofXkkOt1jbhkaoxdDJvLfhAhAYriC6Y+lukhz9eH+s69yOd
uP153sF4etXvzdd3WF/KKTxiIXsFbI2AAS3kHcq5suYCLstGuv4/f4S8iHSa40ve
BEBle3vyRIk1BcMy2fB0ReJm2wDdESFVVsERbxdSBI6dKJ8UODDaaFw96zQhUuNZ
dy0ZVGNbmNKUoB+Qo3GSPZ2zRFRrbO/E4YXK0KBBXafpAb58N/Famm7ZylnDj4xG
m2emfU8OxDgsgvqkDWhDUkAhq/k+8I4gWSgLl3Bm2nbe57rFu/xk6g1sTCFz+dX2
J6M4aVaIeMmIcw==
-----END CERTIFICATE-----
Generated at Sun Oct 19 15:18:51 2025 by rpki-client