Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a4/b62439-7e47-42e1-8fdc-18e91296022d/1/QOpeOfhjVzbkjfU4IqXKzBC0Oh8.mft
File:                     QOpeOfhjVzbkjfU4IqXKzBC0Oh8.mft (raw, json)
Hash identifier:          X/g9/FDmR38NMUlek3hAcqTjMWxDezlrPIypk7Zy92k=
Subject key identifier:   73:54:8D:DC:E9:81:55:24:15:6F:7B:81:C5:0A:32:60:52:4C:20:0D
Authority key identifier: 40:EA:5E:39:F8:63:57:36:E4:8D:F5:38:22:A5:CA:CC:10:B4:3A:1F
Certificate issuer:       /CN=40ea5e39f8635736e48df53822a5cacc10b43a1f
Certificate serial:       0199FF59B95791094D82AA2DFBBD55552445
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/QOpeOfhjVzbkjfU4IqXKzBC0Oh8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a4/b62439-7e47-42e1-8fdc-18e91296022d/1/QOpeOfhjVzbkjfU4IqXKzBC0Oh8.mft
Manifest number:          16E5
Signing time:             Mon 20 Oct 2025 02:01:34 +0000
Manifest this update:     Mon 20 Oct 2025 02:01:34 +0000
Manifest next update:     Tue 21 Oct 2025 02:01:34 +0000
Files and hashes:         1: QOpeOfhjVzbkjfU4IqXKzBC0Oh8.crl (hash: ThfxZZlM/G6Xy2yVxpK2SFeYIp5iSFA+6HmAatcVFgg=)
                          2: ybs61exhN0sYw1YgpfqdbmCmhqk.roa (hash: PW/e8DJb4WqsNiI0ODBUiDNLr0vhf0OlyJoAR5NWnhE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a4/b62439-7e47-42e1-8fdc-18e91296022d/1/QOpeOfhjVzbkjfU4IqXKzBC0Oh8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a4/b62439-7e47-42e1-8fdc-18e91296022d/1/QOpeOfhjVzbkjfU4IqXKzBC0Oh8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/QOpeOfhjVzbkjfU4IqXKzBC0Oh8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 21 Oct 2025 00:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:ff:59:b9:57:91:09:4d:82:aa:2d:fb:bd:55:55:24:45
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=40ea5e39f8635736e48df53822a5cacc10b43a1f
        Validity
            Not Before: Oct 20 02:01:34 2025 GMT
            Not After : Oct 21 02:01:34 2025 GMT
        Subject: CN=73548ddce9815524156f7b81c50a3260524c200d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:54:29:6b:40:fa:f2:fc:e5:0e:d7:a6:3f:a7:
                    2f:c4:19:1d:94:31:d7:c1:2e:ef:ac:92:f4:f8:6c:
                    3d:b2:93:93:c1:7c:8f:56:65:22:07:47:5d:21:e7:
                    02:c3:02:1d:59:c3:e6:94:e1:0c:cb:ca:51:e1:91:
                    85:bc:13:af:6c:71:93:43:84:46:33:49:98:de:5f:
                    41:16:ed:0c:c6:d0:3d:42:69:54:23:9f:98:b6:6d:
                    cf:6d:3f:1b:8e:be:a9:5f:f2:07:14:2e:65:58:99:
                    cb:7f:6a:50:a2:da:87:c3:dc:43:c0:aa:ee:8e:96:
                    f4:28:99:b6:55:36:9e:55:df:98:de:37:7b:53:55:
                    d7:94:a7:4d:bd:d5:d9:6f:22:83:1c:5a:b5:70:6e:
                    f3:59:97:15:f6:fa:79:9c:81:e1:dc:3f:d3:5a:07:
                    04:fe:63:c5:c1:85:de:ba:e8:36:20:a4:a3:62:66:
                    75:b4:b4:cc:b3:ac:73:ac:be:57:95:00:b2:95:12:
                    e2:92:36:9f:51:06:76:cd:62:7c:e3:d1:6b:2d:0d:
                    62:ab:b4:31:91:88:ce:c3:1c:d7:38:86:c8:b9:ed:
                    73:b3:8d:38:cf:a4:2c:cd:cd:4d:eb:a6:8b:4f:fd:
                    d5:fc:e8:36:1b:7a:ef:4c:5c:21:a7:22:b9:b5:65:
                    7d:cf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                73:54:8D:DC:E9:81:55:24:15:6F:7B:81:C5:0A:32:60:52:4C:20:0D
            X509v3 Authority Key Identifier:
                keyid:40:EA:5E:39:F8:63:57:36:E4:8D:F5:38:22:A5:CA:CC:10:B4:3A:1F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QOpeOfhjVzbkjfU4IqXKzBC0Oh8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/b62439-7e47-42e1-8fdc-18e91296022d/1/QOpeOfhjVzbkjfU4IqXKzBC0Oh8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/b62439-7e47-42e1-8fdc-18e91296022d/1/QOpeOfhjVzbkjfU4IqXKzBC0Oh8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         8b:eb:b6:de:ce:92:8a:c1:1a:23:6d:83:16:3f:5c:6c:1f:5c:
         45:84:16:11:9f:fb:cc:97:c9:a6:8b:a2:58:6c:32:9d:ba:6c:
         f6:ce:65:a5:eb:d8:a4:83:28:07:0e:3d:b4:f4:29:ec:6e:f7:
         36:0a:be:35:08:5f:72:0b:3b:8c:91:dd:6e:66:fd:df:dc:01:
         22:be:8f:77:e6:e2:23:c2:50:ae:9c:c2:01:43:a6:d3:92:de:
         8c:fb:38:90:b1:9c:74:0a:7c:10:04:9a:b5:90:36:c2:66:95:
         1e:09:ca:9b:9d:63:8c:01:d6:2e:a7:ca:aa:67:48:42:2c:c1:
         14:0b:b9:2f:ba:0f:52:db:2c:6e:c5:dc:74:15:8b:39:64:d8:
         ef:52:c5:de:38:cf:f1:5d:70:18:95:34:bf:bc:0b:e7:4c:9a:
         ab:9e:76:ea:01:d6:a7:b4:7d:36:09:86:76:cb:e4:07:1d:e0:
         5e:93:c0:50:34:18:2f:56:3c:7c:91:1c:f2:f5:68:39:3a:0f:
         ce:1f:0d:ff:7c:44:18:b8:56:de:0b:5e:32:d3:5d:26:c0:9f:
         eb:2e:0f:31:46:b1:14:27:ac:d7:22:08:a9:9b:cf:a6:53:a6:
         95:10:e5:49:98:80:06:b6:9a:82:90:4a:e2:74:f2:18:97:96:
         61:6c:47:4e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn/WblXkQlNgqot+71VVSRFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwZWE1ZTM5Zjg2MzU3MzZlNDhkZjUzODIyYTVjYWNjMTBi
NDNhMWYwHhcNMjUxMDIwMDIwMTM0WhcNMjUxMDIxMDIwMTM0WjAzMTEwLwYDVQQD
Eyg3MzU0OGRkY2U5ODE1NTI0MTU2ZjdiODFjNTBhMzI2MDUyNGMyMDBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt1Qpa0D68vzlDtemP6cvxBkdlDHX
wS7vrJL0+Gw9spOTwXyPVmUiB0ddIecCwwIdWcPmlOEMy8pR4ZGFvBOvbHGTQ4RG
M0mY3l9BFu0MxtA9QmlUI5+Ytm3PbT8bjr6pX/IHFC5lWJnLf2pQotqHw9xDwKru
jpb0KJm2VTaeVd+Y3jd7U1XXlKdNvdXZbyKDHFq1cG7zWZcV9vp5nIHh3D/TWgcE
/mPFwYXeuug2IKSjYmZ1tLTMs6xzrL5XlQCylRLikjafUQZ2zWJ849FrLQ1iq7Qx
kYjOwxzXOIbIue1zs404z6Qszc1N66aLT/3V/Og2G3rvTFwhpyK5tWV9zwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHNUjdzpgVUkFW97gcUKMmBSTCANMB8GA1UdIwQY
MBaAFEDqXjn4Y1c25I31OCKlyswQtDofMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUU9wZU9maGpWemJramZVNElxWEt6QkMwT2g4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNC9iNjI0MzktN2U0Ny00MmUxLThmZGMt
MThlOTEyOTYwMjJkLzEvUU9wZU9maGpWemJramZVNElxWEt6QkMwT2g4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNC9iNjI0MzktN2U0Ny00MmUxLThmZGMtMThlOTEyOTYwMjJk
LzEvUU9wZU9maGpWemJramZVNElxWEt6QkMwT2g4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAi+u23s6S
isEaI22DFj9cbB9cRYQWEZ/7zJfJpouiWGwynbps9s5lpevYpIMoBw49tPQp7G73
Ngq+NQhfcgs7jJHdbmb939wBIr6Pd+biI8JQrpzCAUOm05LejPs4kLGcdAp8EASa
tZA2wmaVHgnKm51jjAHWLqfKqmdIQizBFAu5L7oPUtssbsXcdBWLOWTY71LF3jjP
8V1wGJU0v7wL50yaq5526gHWp7R9NgmGdsvkBx3gXpPAUDQYL1Y8fJEc8vVoOToP
zh8N/3xEGLhW3gteMtNdJsCf6y4PMUaxFCes1yIIqZvPplOmlRDlSZiABraagpBK
4nTyGJeWYWxHTg==
-----END CERTIFICATE-----
Generated at Mon Oct 20 09:23:15 2025 by rpki-client