Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a4/b62439-7e47-42e1-8fdc-18e91296022d/1/QOpeOfhjVzbkjfU4IqXKzBC0Oh8.mft
File:                     QOpeOfhjVzbkjfU4IqXKzBC0Oh8.mft (raw, json)
Hash identifier:          DSYbSuUwjGPy0+eiEK1UiE4ckDzbs7WoD0IHPyUxmpQ=
Subject key identifier:   E6:3E:4F:DE:2F:6E:F1:AE:83:D3:8B:5F:1A:57:79:5D:1F:8D:44:1C
Authority key identifier: 40:EA:5E:39:F8:63:57:36:E4:8D:F5:38:22:A5:CA:CC:10:B4:3A:1F
Certificate issuer:       /CN=40ea5e39f8635736e48df53822a5cacc10b43a1f
Certificate serial:       019A033584FD9F4408998BF1FA99FE4D9E6A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/QOpeOfhjVzbkjfU4IqXKzBC0Oh8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a4/b62439-7e47-42e1-8fdc-18e91296022d/1/QOpeOfhjVzbkjfU4IqXKzBC0Oh8.mft
Manifest number:          16E7
Signing time:             Mon 20 Oct 2025 20:00:30 +0000
Manifest this update:     Mon 20 Oct 2025 20:00:30 +0000
Manifest next update:     Tue 21 Oct 2025 20:00:30 +0000
Files and hashes:         1: QOpeOfhjVzbkjfU4IqXKzBC0Oh8.crl (hash: NO/4tHxQX6q33CsVbCa1N2rVi88ab0Zz9Qb3SkaemvY=)
                          2: ybs61exhN0sYw1YgpfqdbmCmhqk.roa (hash: PW/e8DJb4WqsNiI0ODBUiDNLr0vhf0OlyJoAR5NWnhE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a4/b62439-7e47-42e1-8fdc-18e91296022d/1/QOpeOfhjVzbkjfU4IqXKzBC0Oh8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a4/b62439-7e47-42e1-8fdc-18e91296022d/1/QOpeOfhjVzbkjfU4IqXKzBC0Oh8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/QOpeOfhjVzbkjfU4IqXKzBC0Oh8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 21 Oct 2025 20:00:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:03:35:84:fd:9f:44:08:99:8b:f1:fa:99:fe:4d:9e:6a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=40ea5e39f8635736e48df53822a5cacc10b43a1f
        Validity
            Not Before: Oct 20 20:00:30 2025 GMT
            Not After : Oct 21 20:00:30 2025 GMT
        Subject: CN=e63e4fde2f6ef1ae83d38b5f1a57795d1f8d441c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:01:be:cf:58:fc:7d:f9:51:66:18:d5:3f:c2:
                    79:cc:85:b4:a3:98:ef:23:4a:14:3b:77:38:51:d2:
                    c8:d3:a8:cb:eb:f3:e5:17:83:92:53:cf:ae:34:31:
                    13:da:e7:34:82:98:6a:f5:4a:08:7e:c8:a3:2a:3a:
                    1c:a5:b4:8a:4e:f2:21:6e:5b:1d:54:0a:d5:07:72:
                    95:27:7d:9b:4f:16:08:e0:8c:27:a3:1e:c1:11:42:
                    ae:36:fb:01:d0:c0:75:34:d6:3a:be:9a:d7:bc:cc:
                    80:fa:42:72:b2:ac:d8:24:d0:97:11:09:ca:0d:62:
                    4d:99:bb:9b:5d:fe:60:da:2c:df:5b:28:c0:8f:61:
                    7b:b1:e9:b8:fa:69:89:a6:41:8b:41:03:be:a0:cc:
                    56:cf:d8:b6:9e:c3:fa:83:63:f2:a3:ce:12:42:0c:
                    61:f9:3c:65:be:08:84:a7:98:9f:fe:d0:0d:8c:57:
                    b3:47:dd:98:72:5d:d2:a7:eb:81:5f:8c:d8:7c:bf:
                    b3:7d:f6:13:f9:8d:22:3b:32:39:69:35:95:47:9a:
                    d4:19:e4:a8:c3:60:fc:7b:cd:59:14:e2:b7:c7:fb:
                    c3:fa:30:0d:4b:38:6c:64:cf:4d:db:2f:80:34:33:
                    23:ab:3e:ff:b1:cd:9c:5b:bf:d0:54:a9:0b:41:f7:
                    46:05
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E6:3E:4F:DE:2F:6E:F1:AE:83:D3:8B:5F:1A:57:79:5D:1F:8D:44:1C
            X509v3 Authority Key Identifier:
                keyid:40:EA:5E:39:F8:63:57:36:E4:8D:F5:38:22:A5:CA:CC:10:B4:3A:1F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QOpeOfhjVzbkjfU4IqXKzBC0Oh8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/b62439-7e47-42e1-8fdc-18e91296022d/1/QOpeOfhjVzbkjfU4IqXKzBC0Oh8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/b62439-7e47-42e1-8fdc-18e91296022d/1/QOpeOfhjVzbkjfU4IqXKzBC0Oh8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         03:1d:5c:4a:56:bc:ca:b8:93:49:04:9c:99:8a:61:43:5b:36:
         25:2d:8d:7c:57:a1:57:c7:74:3c:9c:01:60:43:0d:c2:db:03:
         ff:49:fd:67:c9:96:66:02:37:7d:7a:bb:1d:75:4f:75:4a:8b:
         72:b1:24:ee:6d:88:9e:18:e9:d6:af:7e:6e:94:73:3e:36:7a:
         68:45:3c:fe:ed:e1:58:e9:c8:73:c3:34:38:ba:90:7e:06:90:
         00:b4:79:d3:ab:01:94:4c:d9:64:a6:93:ad:33:ca:5f:56:26:
         3d:4c:80:f0:fc:82:c8:e7:16:92:dc:7c:f2:f4:bc:ce:bc:10:
         78:ed:57:2e:f3:53:6e:7f:c1:f8:bd:48:d4:a0:27:1b:f7:9a:
         54:ea:ac:eb:54:68:00:4d:55:03:57:5c:b7:8b:f4:30:42:5d:
         ae:7a:e8:62:98:01:9c:f4:d8:6f:1d:0a:da:38:f7:c8:39:4f:
         2b:f1:9d:05:4c:98:89:6e:00:8e:82:02:e4:00:74:66:60:09:
         49:36:00:a2:04:89:4e:69:4f:94:f4:d9:34:09:8b:c0:f2:fe:
         01:b6:60:da:24:c0:fe:7c:2a:8e:de:69:3f:4c:cc:fc:62:de:
         02:15:76:72:54:39:b2:3c:d4:c9:9d:ab:a4:e8:fc:e9:57:22:
         de:9a:cf:97
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZoDNYT9n0QImYvx+pn+TZ5qMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwZWE1ZTM5Zjg2MzU3MzZlNDhkZjUzODIyYTVjYWNjMTBi
NDNhMWYwHhcNMjUxMDIwMjAwMDMwWhcNMjUxMDIxMjAwMDMwWjAzMTEwLwYDVQQD
EyhlNjNlNGZkZTJmNmVmMWFlODNkMzhiNWYxYTU3Nzk1ZDFmOGQ0NDFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwAG+z1j8fflRZhjVP8J5zIW0o5jv
I0oUO3c4UdLI06jL6/PlF4OSU8+uNDET2uc0gphq9UoIfsijKjocpbSKTvIhblsd
VArVB3KVJ32bTxYI4Iwnox7BEUKuNvsB0MB1NNY6vprXvMyA+kJysqzYJNCXEQnK
DWJNmbubXf5g2izfWyjAj2F7sem4+mmJpkGLQQO+oMxWz9i2nsP6g2Pyo84SQgxh
+TxlvgiEp5if/tANjFezR92Ycl3Sp+uBX4zYfL+zffYT+Y0iOzI5aTWVR5rUGeSo
w2D8e81ZFOK3x/vD+jANSzhsZM9N2y+ANDMjqz7/sc2cW7/QVKkLQfdGBQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOY+T94vbvGug9OLXxpXeV0fjUQcMB8GA1UdIwQY
MBaAFEDqXjn4Y1c25I31OCKlyswQtDofMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUU9wZU9maGpWemJramZVNElxWEt6QkMwT2g4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNC9iNjI0MzktN2U0Ny00MmUxLThmZGMt
MThlOTEyOTYwMjJkLzEvUU9wZU9maGpWemJramZVNElxWEt6QkMwT2g4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNC9iNjI0MzktN2U0Ny00MmUxLThmZGMtMThlOTEyOTYwMjJk
LzEvUU9wZU9maGpWemJramZVNElxWEt6QkMwT2g4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAAx1cSla8
yriTSQScmYphQ1s2JS2NfFehV8d0PJwBYEMNwtsD/0n9Z8mWZgI3fXq7HXVPdUqL
crEk7m2Inhjp1q9+bpRzPjZ6aEU8/u3hWOnIc8M0OLqQfgaQALR506sBlEzZZKaT
rTPKX1YmPUyA8PyCyOcWktx88vS8zrwQeO1XLvNTbn/B+L1I1KAnG/eaVOqs61Ro
AE1VA1dct4v0MEJdrnroYpgBnPTYbx0K2jj3yDlPK/GdBUyYiW4AjoIC5AB0ZmAJ
STYAogSJTmlPlPTZNAmLwPL+AbZg2iTA/nwqjt5pP0zM/GLeAhV2clQ5sjzUyZ2r
pOj86Vci3prPlw==
-----END CERTIFICATE-----
Generated at Tue Oct 21 02:06:46 2025 by rpki-client