Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9f/33900c-e6ce-444e-bc96-3b339d081f83/1/qvHI3UCIS0nwiAZNPBANKhiahHQ.mft
File:                     qvHI3UCIS0nwiAZNPBANKhiahHQ.mft (raw, json)
Hash identifier:          yUfhgwQeYQT+wNzcQco9+M5CVZW+cE0bIsFHVI28K4k=
Subject key identifier:   05:66:A2:5B:78:FE:54:D2:C2:A6:C4:24:95:DC:8D:70:2A:74:3D:74
Authority key identifier: AA:F1:C8:DD:40:88:4B:49:F0:88:06:4D:3C:10:0D:2A:18:9A:84:74
Certificate issuer:       /CN=aaf1c8dd40884b49f088064d3c100d2a189a8474
Certificate serial:       0198D5F167865DF3AEA49BA0A4D4D306EC49
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/qvHI3UCIS0nwiAZNPBANKhiahHQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/9f/33900c-e6ce-444e-bc96-3b339d081f83/1/qvHI3UCIS0nwiAZNPBANKhiahHQ.mft
Manifest number:          02A6
Signing time:             Sat 23 Aug 2025 08:00:24 +0000
Manifest this update:     Sat 23 Aug 2025 08:00:24 +0000
Manifest next update:     Sun 24 Aug 2025 08:00:24 +0000
Files and hashes:         1: UGApytPJPEIPFbzs4L0oU_KIdHM.roa (hash: cf5ZtJTmEf4eW9FhhtNmIkoS04da9/P7WQkJtlas3+0=)
                          2: qvHI3UCIS0nwiAZNPBANKhiahHQ.crl (hash: HzT9KmSnPYwvYCxNOtBMb8Dq3OxRW0TQBYcgR7zwbU8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/9f/33900c-e6ce-444e-bc96-3b339d081f83/1/qvHI3UCIS0nwiAZNPBANKhiahHQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/9f/33900c-e6ce-444e-bc96-3b339d081f83/1/qvHI3UCIS0nwiAZNPBANKhiahHQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/qvHI3UCIS0nwiAZNPBANKhiahHQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 05:01:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d5:f1:67:86:5d:f3:ae:a4:9b:a0:a4:d4:d3:06:ec:49
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=aaf1c8dd40884b49f088064d3c100d2a189a8474
        Validity
            Not Before: Aug 23 08:00:24 2025 GMT
            Not After : Aug 24 08:00:24 2025 GMT
        Subject: CN=0566a25b78fe54d2c2a6c42495dc8d702a743d74
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c5:73:f0:fd:d6:2e:ef:99:f5:34:7b:c1:5e:a1:
                    63:b2:a1:01:87:ef:64:25:f7:58:6b:0f:1f:d9:1b:
                    aa:b7:33:65:32:2e:f9:91:56:23:b3:ff:17:3c:b4:
                    d5:f1:21:ba:1b:59:cb:77:da:f6:d9:f8:b0:3f:80:
                    4c:78:d9:a4:fc:76:3a:a3:11:43:42:f1:0e:9f:04:
                    a2:0f:2f:d6:16:fc:4b:37:52:02:9b:b0:83:45:6f:
                    43:c1:fe:b8:25:7c:24:26:b1:b8:34:f9:c7:ad:30:
                    69:ff:ac:26:ae:53:82:73:91:50:9d:39:a9:2e:3d:
                    f8:0f:4d:be:27:e8:cc:e7:40:06:75:1e:3a:4b:b3:
                    dc:fa:33:b4:ab:d3:0f:fb:39:9e:26:f7:0e:7c:79:
                    4b:ea:5e:10:de:88:0e:21:b4:77:c4:cb:66:ee:4f:
                    cf:0d:5d:20:23:8a:30:aa:32:80:8c:fa:6c:e6:6a:
                    8b:31:67:67:90:4e:c9:7b:8c:87:1d:5a:7e:85:58:
                    5a:b2:0d:12:1f:b3:b2:d4:26:d3:9a:65:95:23:17:
                    3b:56:6a:33:4d:a3:f8:d5:b3:2b:a5:3d:12:7d:6d:
                    d3:ce:49:ce:cf:cd:d0:98:92:1c:ca:16:32:e0:01:
                    e5:00:a6:98:ab:33:72:b1:43:01:dd:04:f2:17:11:
                    4a:8f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                05:66:A2:5B:78:FE:54:D2:C2:A6:C4:24:95:DC:8D:70:2A:74:3D:74
            X509v3 Authority Key Identifier:
                keyid:AA:F1:C8:DD:40:88:4B:49:F0:88:06:4D:3C:10:0D:2A:18:9A:84:74

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qvHI3UCIS0nwiAZNPBANKhiahHQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/33900c-e6ce-444e-bc96-3b339d081f83/1/qvHI3UCIS0nwiAZNPBANKhiahHQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/33900c-e6ce-444e-bc96-3b339d081f83/1/qvHI3UCIS0nwiAZNPBANKhiahHQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         05:14:78:3b:e7:67:2b:0d:d9:58:bc:27:39:96:1b:5d:84:48:
         38:5d:52:5d:e0:78:5a:11:c2:34:2c:5f:58:ae:56:94:7d:b3:
         2e:1f:75:f4:92:f2:bf:25:2b:92:06:6f:37:ed:53:ab:e5:c8:
         18:28:30:be:96:a8:54:4a:93:59:b5:cf:74:6e:cd:25:47:b6:
         d4:63:53:b0:e1:39:23:ca:20:24:de:a7:2e:df:03:d7:6c:f5:
         c2:17:e1:bb:a4:e0:54:d3:93:5b:d4:30:fb:d7:4d:6b:ab:9b:
         27:89:49:7b:fe:26:62:74:b2:0a:ae:0f:4b:92:70:99:b5:eb:
         8f:cc:9e:d9:8e:1e:13:41:61:25:e4:62:fe:55:3b:88:13:78:
         54:2e:a7:ac:64:92:7b:11:7b:4f:fa:85:05:00:71:c0:39:04:
         19:32:9e:7a:20:b6:13:88:29:8f:ae:62:39:88:68:a9:01:f7:
         30:c6:28:62:92:cd:75:d4:db:dd:cb:e5:d2:16:f1:f0:7f:f8:
         50:ce:3f:63:4a:40:f3:56:fe:16:17:d7:3a:64:04:d3:ca:19:
         39:69:cf:23:cc:22:6c:36:bc:93:b7:bc:18:56:cf:68:e0:4f:
         fc:8e:a6:bf:51:5b:e3:49:21:4e:0b:eb:45:c1:5c:a5:96:91:
         f5:77:3e:c8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjV8WeGXfOupJugpNTTBuxJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhZjFjOGRkNDA4ODRiNDlmMDg4MDY0ZDNjMTAwZDJhMTg5
YTg0NzQwHhcNMjUwODIzMDgwMDI0WhcNMjUwODI0MDgwMDI0WjAzMTEwLwYDVQQD
EygwNTY2YTI1Yjc4ZmU1NGQyYzJhNmM0MjQ5NWRjOGQ3MDJhNzQzZDc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxXPw/dYu75n1NHvBXqFjsqEBh+9k
JfdYaw8f2RuqtzNlMi75kVYjs/8XPLTV8SG6G1nLd9r22fiwP4BMeNmk/HY6oxFD
QvEOnwSiDy/WFvxLN1ICm7CDRW9Dwf64JXwkJrG4NPnHrTBp/6wmrlOCc5FQnTmp
Lj34D02+J+jM50AGdR46S7Pc+jO0q9MP+zmeJvcOfHlL6l4Q3ogOIbR3xMtm7k/P
DV0gI4owqjKAjPps5mqLMWdnkE7Je4yHHVp+hVhasg0SH7Oy1CbTmmWVIxc7Vmoz
TaP41bMrpT0SfW3TzknOz83QmJIcyhYy4AHlAKaYqzNysUMB3QTyFxFKjwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAVmolt4/lTSwqbEJJXcjXAqdD10MB8GA1UdIwQY
MBaAFKrxyN1AiEtJ8IgGTTwQDSoYmoR0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcXZISTNVQ0lTMG53aUFaTlBCQU5LaGlhaEhRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Zi8zMzkwMGMtZTZjZS00NDRlLWJjOTYt
M2IzMzlkMDgxZjgzLzEvcXZISTNVQ0lTMG53aUFaTlBCQU5LaGlhaEhRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Zi8zMzkwMGMtZTZjZS00NDRlLWJjOTYtM2IzMzlkMDgxZjgz
LzEvcXZISTNVQ0lTMG53aUFaTlBCQU5LaGlhaEhRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEABRR4O+dn
Kw3ZWLwnOZYbXYRIOF1SXeB4WhHCNCxfWK5WlH2zLh919JLyvyUrkgZvN+1Tq+XI
GCgwvpaoVEqTWbXPdG7NJUe21GNTsOE5I8ogJN6nLt8D12z1whfhu6TgVNOTW9Qw
+9dNa6ubJ4lJe/4mYnSyCq4PS5JwmbXrj8ye2Y4eE0FhJeRi/lU7iBN4VC6nrGSS
exF7T/qFBQBxwDkEGTKeeiC2E4gpj65iOYhoqQH3MMYoYpLNddTb3cvl0hbx8H/4
UM4/Y0pA81b+FhfXOmQE08oZOWnPI8wibDa8k7e8GFbPaOBP/I6mv1Fb40khTgvr
RcFcpZaR9Xc+yA==
-----END CERTIFICATE-----
Generated at Sat Aug 23 15:56:37 2025 by rpki-client