Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/5b0ff5-84c3-49bb-9fab-77b21c04bc7d/1/CQKHJW4l-jQNOvungOrGDVVq3sA.mft
File:                     CQKHJW4l-jQNOvungOrGDVVq3sA.mft (raw, json)
Hash identifier:          n/XFQEq/P9MAF2o1szhAkSkwgmZOgHPQShxwiziw79Q=
Subject key identifier:   0D:85:B1:55:02:4C:59:79:00:2F:1A:85:FF:C4:F0:F7:73:31:D0:5E
Authority key identifier: 09:02:87:25:6E:25:FA:34:0D:3A:FB:A7:80:EA:C6:0D:55:6A:DE:C0
Certificate issuer:       /CN=090287256e25fa340d3afba780eac60d556adec0
Certificate serial:       0199FFC88D7A6694686B32261EF3319A2635
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/CQKHJW4l-jQNOvungOrGDVVq3sA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b4/5b0ff5-84c3-49bb-9fab-77b21c04bc7d/1/CQKHJW4l-jQNOvungOrGDVVq3sA.mft
Manifest number:          0A01
Signing time:             Mon 20 Oct 2025 04:02:37 +0000
Manifest this update:     Mon 20 Oct 2025 04:02:37 +0000
Manifest next update:     Tue 21 Oct 2025 04:02:37 +0000
Files and hashes:         1: CQKHJW4l-jQNOvungOrGDVVq3sA.crl (hash: zYHiy4CDIuxs+HfHcQF8fidnYY4qOavcHmBaOhbQMhM=)
                          2: EOgnkpCGO25TfSV28ABNiElbHMI.roa (hash: xamMOb/MG2jklBJl6shRJRNZ2UW4izFBKtZBvXEcSVg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b4/5b0ff5-84c3-49bb-9fab-77b21c04bc7d/1/CQKHJW4l-jQNOvungOrGDVVq3sA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b4/5b0ff5-84c3-49bb-9fab-77b21c04bc7d/1/CQKHJW4l-jQNOvungOrGDVVq3sA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/CQKHJW4l-jQNOvungOrGDVVq3sA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 21 Oct 2025 04:02:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:ff:c8:8d:7a:66:94:68:6b:32:26:1e:f3:31:9a:26:35
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=090287256e25fa340d3afba780eac60d556adec0
        Validity
            Not Before: Oct 20 04:02:37 2025 GMT
            Not After : Oct 21 04:02:37 2025 GMT
        Subject: CN=0d85b155024c5979002f1a85ffc4f0f77331d05e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d3:98:eb:03:68:8f:e8:09:6a:c3:0e:3e:55:08:
                    4b:0f:00:87:b4:33:04:58:95:8a:c7:88:da:73:13:
                    9c:4e:04:de:ba:61:ed:40:f7:4f:40:3b:59:aa:0b:
                    f0:f4:50:cb:f5:08:2a:91:18:b3:6d:e8:d8:66:32:
                    35:a6:91:1d:dd:76:f7:e0:9d:58:51:f4:67:80:14:
                    be:95:4e:5c:87:56:b1:4f:0b:43:97:7d:3c:11:d7:
                    e8:8a:17:b3:57:0e:78:1c:55:b4:51:a8:9e:e7:54:
                    75:37:a8:09:11:a2:76:8f:7d:ae:80:94:6a:38:f5:
                    91:9a:bd:e6:d9:fb:07:34:67:69:28:3d:99:14:0a:
                    42:6b:6e:b2:7d:5a:ee:52:92:2e:04:ce:28:3b:d1:
                    73:ce:a0:62:78:15:8b:7f:dd:d1:e5:b3:ac:48:8e:
                    25:50:f7:03:d4:dd:a6:91:12:62:08:45:20:6a:6f:
                    cc:7c:e6:97:d8:9b:73:a0:ee:0d:33:59:1b:c7:da:
                    73:d6:85:6f:77:d8:b5:e3:aa:ed:20:21:d8:f3:4c:
                    f5:a0:86:d0:60:87:12:1e:32:e9:28:8e:a6:0b:e0:
                    27:ff:ae:9f:6f:b3:06:74:b0:1e:16:07:4c:ed:b7:
                    2f:de:61:a4:b4:17:67:4c:ee:e9:ae:c9:d4:7d:99:
                    d6:7f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0D:85:B1:55:02:4C:59:79:00:2F:1A:85:FF:C4:F0:F7:73:31:D0:5E
            X509v3 Authority Key Identifier:
                keyid:09:02:87:25:6E:25:FA:34:0D:3A:FB:A7:80:EA:C6:0D:55:6A:DE:C0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CQKHJW4l-jQNOvungOrGDVVq3sA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/5b0ff5-84c3-49bb-9fab-77b21c04bc7d/1/CQKHJW4l-jQNOvungOrGDVVq3sA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/5b0ff5-84c3-49bb-9fab-77b21c04bc7d/1/CQKHJW4l-jQNOvungOrGDVVq3sA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         51:f1:57:29:2f:28:87:68:d6:d9:12:42:ca:3f:f4:bf:3e:2d:
         27:8a:1f:a2:b6:5d:30:ed:21:2d:72:3c:c3:46:21:68:10:ef:
         d6:a0:4a:7e:c4:f7:cf:85:f0:cc:08:28:6a:18:6f:3e:5f:86:
         51:1f:99:b4:6c:c5:07:8a:cf:9a:bd:9b:d3:56:1e:b5:55:6d:
         a7:ce:12:76:cf:7e:46:13:4e:39:be:1b:de:01:e6:73:94:7f:
         2f:7d:50:0e:6f:3e:48:be:f7:b0:ed:af:7d:bd:48:8d:62:41:
         be:64:4f:a7:f8:c9:97:48:31:a8:4f:4d:9a:d4:03:b5:17:6d:
         17:9e:09:0f:8a:ed:71:0d:90:98:fa:30:9b:95:8d:0f:17:28:
         6d:79:04:68:33:49:3a:65:6e:60:e4:cc:8b:da:85:b6:6e:ad:
         72:b6:b0:3d:94:ce:11:a0:51:a7:2f:e6:73:c7:a3:64:17:d3:
         8e:ef:c6:ff:04:10:35:95:14:8c:1c:15:c6:b7:5c:6c:28:9f:
         6b:c4:ad:f4:91:29:25:e9:bd:d3:b0:9a:9e:8b:20:b4:ca:cf:
         74:64:8f:01:49:8f:f3:ed:5f:06:13:cf:93:62:b9:b9:66:f0:
         28:99:bb:a0:49:38:7a:49:d0:40:62:e9:37:3d:04:70:d7:c6:
         12:0e:ba:85
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn/yI16ZpRoazImHvMxmiY1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5MDI4NzI1NmUyNWZhMzQwZDNhZmJhNzgwZWFjNjBkNTU2
YWRlYzAwHhcNMjUxMDIwMDQwMjM3WhcNMjUxMDIxMDQwMjM3WjAzMTEwLwYDVQQD
EygwZDg1YjE1NTAyNGM1OTc5MDAyZjFhODVmZmM0ZjBmNzczMzFkMDVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA05jrA2iP6Alqww4+VQhLDwCHtDME
WJWKx4jacxOcTgTeumHtQPdPQDtZqgvw9FDL9QgqkRizbejYZjI1ppEd3Xb34J1Y
UfRngBS+lU5ch1axTwtDl308EdfoihezVw54HFW0Uaie51R1N6gJEaJ2j32ugJRq
OPWRmr3m2fsHNGdpKD2ZFApCa26yfVruUpIuBM4oO9FzzqBieBWLf93R5bOsSI4l
UPcD1N2mkRJiCEUgam/MfOaX2JtzoO4NM1kbx9pz1oVvd9i146rtICHY80z1oIbQ
YIcSHjLpKI6mC+An/66fb7MGdLAeFgdM7bcv3mGktBdnTO7prsnUfZnWfwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFA2FsVUCTFl5AC8ahf/E8PdzMdBeMB8GA1UdIwQY
MBaAFAkChyVuJfo0DTr7p4Dqxg1Vat7AMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1FLSEpXNGwtalFOT3Z1bmdPckdEVlZxM3NBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC81YjBmZjUtODRjMy00OWJiLTlmYWIt
NzdiMjFjMDRiYzdkLzEvQ1FLSEpXNGwtalFOT3Z1bmdPckdEVlZxM3NBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNC81YjBmZjUtODRjMy00OWJiLTlmYWItNzdiMjFjMDRiYzdk
LzEvQ1FLSEpXNGwtalFOT3Z1bmdPckdEVlZxM3NBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAUfFXKS8o
h2jW2RJCyj/0vz4tJ4oforZdMO0hLXI8w0YhaBDv1qBKfsT3z4XwzAgoahhvPl+G
UR+ZtGzFB4rPmr2b01YetVVtp84Sds9+RhNOOb4b3gHmc5R/L31QDm8+SL73sO2v
fb1IjWJBvmRPp/jJl0gxqE9NmtQDtRdtF54JD4rtcQ2QmPowm5WNDxcobXkEaDNJ
OmVuYOTMi9qFtm6tcrawPZTOEaBRpy/mc8ejZBfTju/G/wQQNZUUjBwVxrdcbCif
a8St9JEpJem907CanosgtMrPdGSPAUmP8+1fBhPPk2K5uWbwKJm7oEk4eknQQGLp
Nz0EcNfGEg66hQ==
-----END CERTIFICATE-----
Generated at Mon Oct 20 12:26:20 2025 by rpki-client