Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/63ff81-6460-4c05-852d-262eb39bbe76/1/Q1QWsigrRTPDUJwY6VfODINryDc.mft
File:                     Q1QWsigrRTPDUJwY6VfODINryDc.mft (raw, json)
Hash identifier:          lOiZQbiy5rmE+Y24gxEA/gnLnKS5EKY+sQY7LYD9I6k=
Subject key identifier:   EB:D0:88:4C:D8:DD:10:82:65:65:94:13:E2:53:01:7D:3A:35:75:E3
Authority key identifier: 43:54:16:B2:28:2B:45:33:C3:50:9C:18:E9:57:CE:0C:83:6B:C8:37
Certificate issuer:       /CN=435416b2282b4533c3509c18e957ce0c836bc837
Certificate serial:       0199FC214FE02B72A523F892FDD31B826BB0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Q1QWsigrRTPDUJwY6VfODINryDc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b3/63ff81-6460-4c05-852d-262eb39bbe76/1/Q1QWsigrRTPDUJwY6VfODINryDc.mft
Manifest number:          0ED1
Signing time:             Sun 19 Oct 2025 11:01:05 +0000
Manifest this update:     Sun 19 Oct 2025 11:01:05 +0000
Manifest next update:     Mon 20 Oct 2025 11:01:05 +0000
Files and hashes:         1: Q1QWsigrRTPDUJwY6VfODINryDc.crl (hash: xkZXHzdzyeTrIVvF7iITw8hXBAw72So3lfpJalXuJz0=)
                          2: Tt9cDnLqp2SOeeoElhH21A1JSmo.roa (hash: g7FEq0smlg0TkkjLfygzTEzTD8KkWT+7GvQHUxPqdJo=)
                          3: pSYXiKXGXABhmANIG0Y2vhGLRUA.roa (hash: kjXcWabBcy+Nz9B+eKiIbdHIvrnXu/XwD/9ZftdegXw=)
                          4: uJ1wgWjtfF_PUvxzUj8noSaLQx0.roa (hash: 5K3mYspcTrH8J1dlAJJG2SBHWuIALi8AQG16SYzuq8w=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b3/63ff81-6460-4c05-852d-262eb39bbe76/1/Q1QWsigrRTPDUJwY6VfODINryDc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b3/63ff81-6460-4c05-852d-262eb39bbe76/1/Q1QWsigrRTPDUJwY6VfODINryDc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Q1QWsigrRTPDUJwY6VfODINryDc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 06:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fc:21:4f:e0:2b:72:a5:23:f8:92:fd:d3:1b:82:6b:b0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=435416b2282b4533c3509c18e957ce0c836bc837
        Validity
            Not Before: Oct 19 11:01:05 2025 GMT
            Not After : Oct 20 11:01:05 2025 GMT
        Subject: CN=ebd0884cd8dd108265659413e253017d3a3575e3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d2:9b:76:04:d7:8a:1c:55:1a:a0:ea:74:fb:7c:
                    a1:61:dd:31:6d:de:8d:a8:ca:1f:bf:6c:1c:c5:a7:
                    d9:fc:3a:4f:d2:b6:21:a2:27:68:b1:b4:0f:0c:a9:
                    40:41:96:dd:9b:be:ad:d0:75:23:34:50:b0:ff:5c:
                    2a:55:01:d2:59:d6:e6:96:9c:7a:f5:cd:e2:b8:da:
                    92:2c:fd:0c:bd:86:3c:8e:2d:da:8b:f6:0e:41:eb:
                    ba:d8:d8:9f:c8:14:0c:37:d4:b5:34:f9:47:5d:91:
                    a3:af:c3:83:93:9b:55:2e:74:50:f7:bd:70:c7:d0:
                    05:32:77:17:f7:a9:4d:1a:d7:13:69:41:f3:9e:f7:
                    df:fd:ac:e0:da:2e:ae:10:66:b2:3c:b7:0a:d0:8f:
                    0c:05:30:e1:1d:98:2d:f5:2b:e5:37:04:bb:e5:a8:
                    39:f1:ce:76:92:4f:f1:0f:c5:fd:92:10:c1:d4:81:
                    c1:53:55:b3:7e:c5:69:b3:17:8f:e0:d5:5c:e9:d1:
                    c4:b4:b0:a9:75:27:7c:de:c4:fd:92:33:09:b6:ca:
                    3b:7a:f3:d5:be:7b:95:1b:59:0b:a3:04:14:2b:8d:
                    a1:7c:78:83:2d:bd:db:44:e5:09:40:c4:f9:4f:ed:
                    55:5e:87:41:d0:a4:dc:34:a0:a6:24:38:2c:04:5f:
                    6e:39
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EB:D0:88:4C:D8:DD:10:82:65:65:94:13:E2:53:01:7D:3A:35:75:E3
            X509v3 Authority Key Identifier:
                keyid:43:54:16:B2:28:2B:45:33:C3:50:9C:18:E9:57:CE:0C:83:6B:C8:37

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Q1QWsigrRTPDUJwY6VfODINryDc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/63ff81-6460-4c05-852d-262eb39bbe76/1/Q1QWsigrRTPDUJwY6VfODINryDc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/63ff81-6460-4c05-852d-262eb39bbe76/1/Q1QWsigrRTPDUJwY6VfODINryDc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         92:ce:e8:76:f5:34:ac:38:1d:42:07:fb:69:f5:71:70:6e:09:
         ea:32:9b:42:3b:ea:09:26:39:0f:75:ca:5f:de:f4:2e:5b:9a:
         57:21:90:57:e9:b2:90:ba:67:a8:b7:8f:2e:1a:a6:c7:21:06:
         ec:43:e3:86:1c:94:a1:b5:89:75:cc:98:f4:91:72:5b:75:cc:
         c6:78:95:62:5a:f1:49:a6:6c:ed:ba:bc:7e:72:11:df:5c:85:
         af:6a:9b:62:e8:60:c6:d4:fa:3b:0b:5a:27:af:24:a5:7d:0e:
         a4:2b:1c:e7:e3:ae:27:e0:97:84:e1:1d:23:d1:66:2c:89:dc:
         a7:f7:ae:4d:ca:d8:06:c0:f0:42:28:77:39:b4:97:c9:a2:0e:
         82:13:40:00:74:05:5b:7a:3b:59:4b:a0:da:3f:e4:8e:4d:af:
         c1:a5:fb:cc:eb:0a:25:74:da:d5:9c:86:43:aa:cf:6c:c3:9a:
         1f:16:80:e9:13:aa:04:e7:c0:5f:23:66:9f:4d:ce:dc:a4:94:
         43:ac:25:1b:04:3e:4f:30:f2:a2:52:de:55:18:fe:41:69:ac:
         5e:0d:2d:09:80:93:58:b5:1f:cb:55:21:ad:12:70:12:1c:cf:
         c8:1c:05:2b:32:1b:8a:97:53:1e:5e:c7:fa:86:6a:3e:bd:6c:
         9e:49:97:14
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn8IU/gK3KlI/iS/dMbgmuwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzNTQxNmIyMjgyYjQ1MzNjMzUwOWMxOGU5NTdjZTBjODM2
YmM4MzcwHhcNMjUxMDE5MTEwMTA1WhcNMjUxMDIwMTEwMTA1WjAzMTEwLwYDVQQD
EyhlYmQwODg0Y2Q4ZGQxMDgyNjU2NTk0MTNlMjUzMDE3ZDNhMzU3NWUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0pt2BNeKHFUaoOp0+3yhYd0xbd6N
qMofv2wcxafZ/DpP0rYhoidosbQPDKlAQZbdm76t0HUjNFCw/1wqVQHSWdbmlpx6
9c3iuNqSLP0MvYY8ji3ai/YOQeu62NifyBQMN9S1NPlHXZGjr8ODk5tVLnRQ971w
x9AFMncX96lNGtcTaUHznvff/azg2i6uEGayPLcK0I8MBTDhHZgt9SvlNwS75ag5
8c52kk/xD8X9khDB1IHBU1WzfsVpsxeP4NVc6dHEtLCpdSd83sT9kjMJtso7evPV
vnuVG1kLowQUK42hfHiDLb3bROUJQMT5T+1VXodB0KTcNKCmJDgsBF9uOQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOvQiEzY3RCCZWWUE+JTAX06NXXjMB8GA1UdIwQY
MBaAFENUFrIoK0Uzw1CcGOlXzgyDa8g3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUTFRV3NpZ3JSVFBEVUp3WTZWZk9ESU5yeURjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMy82M2ZmODEtNjQ2MC00YzA1LTg1MmQt
MjYyZWIzOWJiZTc2LzEvUTFRV3NpZ3JSVFBEVUp3WTZWZk9ESU5yeURjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMy82M2ZmODEtNjQ2MC00YzA1LTg1MmQtMjYyZWIzOWJiZTc2
LzEvUTFRV3NpZ3JSVFBEVUp3WTZWZk9ESU5yeURjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAks7odvU0
rDgdQgf7afVxcG4J6jKbQjvqCSY5D3XKX970LluaVyGQV+mykLpnqLePLhqmxyEG
7EPjhhyUobWJdcyY9JFyW3XMxniVYlrxSaZs7bq8fnIR31yFr2qbYuhgxtT6Owta
J68kpX0OpCsc5+OuJ+CXhOEdI9FmLIncp/euTcrYBsDwQih3ObSXyaIOghNAAHQF
W3o7WUug2j/kjk2vwaX7zOsKJXTa1ZyGQ6rPbMOaHxaA6ROqBOfAXyNmn03O3KSU
Q6wlGwQ+TzDyolLeVRj+QWmsXg0tCYCTWLUfy1UhrRJwEhzPyBwFKzIbipdTHl7H
+oZqPr1snkmXFA==
-----END CERTIFICATE-----
Generated at Sun Oct 19 15:19:06 2025 by rpki-client