Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/a9a6ba-d748-40c7-8503-19ba84d84af0/1/HqtOAMDZLLUBu7IjrPA54nCR204.mft
File:                     HqtOAMDZLLUBu7IjrPA54nCR204.mft (raw, json)
Hash identifier:          E2wZ3oY4vzfSz28yXOBzy42V9a/8FNF795lE1R05Wf4=
Subject key identifier:   0B:F3:24:6E:0E:1E:DD:E1:5C:CD:CD:8F:F7:9B:D4:BE:7E:F2:B5:6C
Authority key identifier: 1E:AB:4E:00:C0:D9:2C:B5:01:BB:B2:23:AC:F0:39:E2:70:91:DB:4E
Certificate issuer:       /CN=1eab4e00c0d92cb501bbb223acf039e27091db4e
Certificate serial:       0199FDD9005714570A79F0E32D34C904C30F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HqtOAMDZLLUBu7IjrPA54nCR204.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c7/a9a6ba-d748-40c7-8503-19ba84d84af0/1/HqtOAMDZLLUBu7IjrPA54nCR204.mft
Manifest number:          15AE
Signing time:             Sun 19 Oct 2025 19:01:21 +0000
Manifest this update:     Sun 19 Oct 2025 19:01:21 +0000
Manifest next update:     Mon 20 Oct 2025 19:01:21 +0000
Files and hashes:         1: HqtOAMDZLLUBu7IjrPA54nCR204.crl (hash: 1vN8tEb/O0ipvHLOCDcEZOyAYUQReB/gZe1KosK6W7M=)
                          2: TRIkg-QwPxodaMNyhJudZJsULfg.roa (hash: ufMh2ZHdT1rvdo6TTuMqjAAVY8O4a0cCsUjxcMvHh8A=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c7/a9a6ba-d748-40c7-8503-19ba84d84af0/1/HqtOAMDZLLUBu7IjrPA54nCR204.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c7/a9a6ba-d748-40c7-8503-19ba84d84af0/1/HqtOAMDZLLUBu7IjrPA54nCR204.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/HqtOAMDZLLUBu7IjrPA54nCR204.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 19:01:21 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fd:d9:00:57:14:57:0a:79:f0:e3:2d:34:c9:04:c3:0f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1eab4e00c0d92cb501bbb223acf039e27091db4e
        Validity
            Not Before: Oct 19 19:01:21 2025 GMT
            Not After : Oct 20 19:01:21 2025 GMT
        Subject: CN=0bf3246e0e1edde15ccdcd8ff79bd4be7ef2b56c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f1:fc:94:7b:84:92:ed:66:ea:76:18:bb:17:16:
                    6e:8d:3c:7f:72:17:bb:f9:d8:82:33:b8:cb:88:d1:
                    44:cd:fc:c8:0e:c4:ab:4c:ea:54:0e:2d:bd:6e:df:
                    94:7e:55:ea:c8:a8:e3:65:66:ee:e1:09:97:37:8a:
                    58:59:cc:47:44:5c:94:18:0a:ba:5a:4f:2e:c5:f0:
                    52:2f:ce:e3:12:82:d2:15:fd:cf:b2:ab:06:3d:fd:
                    40:ac:cb:0b:18:5a:95:1a:66:3e:93:db:d8:c6:15:
                    cb:bb:d5:78:60:b4:96:01:bc:7c:e9:2c:c9:2e:78:
                    d3:63:54:ef:93:33:fe:ec:9a:d4:f9:d9:fc:28:a5:
                    6e:5d:b7:7b:1f:d3:49:a8:59:71:ef:f0:29:04:1a:
                    11:7d:c1:b5:ea:15:f2:9d:a3:f3:af:8e:7a:c4:8b:
                    03:2d:c6:ce:14:6f:96:0a:60:b5:19:cf:d6:af:38:
                    f3:50:9d:31:86:6b:65:9c:12:56:f9:8b:48:48:31:
                    2f:53:6a:c1:4f:d7:b7:84:c1:69:aa:22:ee:31:a9:
                    3f:34:c2:d5:ad:e9:68:49:41:92:de:32:4c:43:ef:
                    32:7b:6a:33:88:44:bc:96:f5:a8:bf:74:6f:54:7c:
                    15:e1:29:be:a2:29:b5:41:dc:48:33:5e:d0:2c:2f:
                    ca:85
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0B:F3:24:6E:0E:1E:DD:E1:5C:CD:CD:8F:F7:9B:D4:BE:7E:F2:B5:6C
            X509v3 Authority Key Identifier:
                keyid:1E:AB:4E:00:C0:D9:2C:B5:01:BB:B2:23:AC:F0:39:E2:70:91:DB:4E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HqtOAMDZLLUBu7IjrPA54nCR204.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/a9a6ba-d748-40c7-8503-19ba84d84af0/1/HqtOAMDZLLUBu7IjrPA54nCR204.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/a9a6ba-d748-40c7-8503-19ba84d84af0/1/HqtOAMDZLLUBu7IjrPA54nCR204.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         46:4f:fb:62:32:22:0c:44:27:71:f1:f6:a8:3f:97:e9:f9:a4:
         19:77:11:fe:ac:29:0a:76:7d:3c:94:d8:fa:ad:96:5c:dd:b4:
         5c:df:84:75:df:b9:b1:90:d5:8c:a2:bf:d1:01:41:f3:da:c9:
         a1:35:b1:63:09:32:d0:d8:d4:fc:58:78:6f:26:19:f3:20:ea:
         43:66:77:cc:04:a4:cf:24:9d:4f:39:f0:c4:44:21:52:89:2a:
         35:46:59:df:46:0c:73:a9:5f:d2:f6:7b:43:93:9a:c9:94:5f:
         59:62:4e:e7:71:80:b4:ef:da:c9:e2:2f:0e:63:35:0d:43:ee:
         fd:e4:ed:83:9f:e8:af:51:7d:e3:d9:f6:a7:aa:d7:7f:ca:b8:
         4e:81:e8:37:82:40:bb:c3:1c:2e:4d:32:c6:e7:fd:d4:50:67:
         c2:29:3e:36:0b:af:f8:27:8f:87:6d:53:6c:90:25:49:5d:c1:
         a6:c0:94:35:a0:fa:52:4a:65:f3:cf:b2:6c:a0:9a:7b:17:60:
         db:b6:c7:f1:b2:06:46:cf:27:0b:0a:2e:03:df:d8:c6:c4:cc:
         28:c8:03:92:9d:ce:76:6c:1d:87:e1:71:13:87:4d:71:1b:b2:
         42:9d:0f:fc:ec:2d:49:30:3c:c7:37:39:38:9e:ef:da:90:75:
         c0:ac:96:b9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn92QBXFFcKefDjLTTJBMMPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFlYWI0ZTAwYzBkOTJjYjUwMWJiYjIyM2FjZjAzOWUyNzA5
MWRiNGUwHhcNMjUxMDE5MTkwMTIxWhcNMjUxMDIwMTkwMTIxWjAzMTEwLwYDVQQD
EygwYmYzMjQ2ZTBlMWVkZGUxNWNjZGNkOGZmNzliZDRiZTdlZjJiNTZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8fyUe4SS7Wbqdhi7FxZujTx/che7
+diCM7jLiNFEzfzIDsSrTOpUDi29bt+UflXqyKjjZWbu4QmXN4pYWcxHRFyUGAq6
Wk8uxfBSL87jEoLSFf3PsqsGPf1ArMsLGFqVGmY+k9vYxhXLu9V4YLSWAbx86SzJ
LnjTY1TvkzP+7JrU+dn8KKVuXbd7H9NJqFlx7/ApBBoRfcG16hXynaPzr456xIsD
LcbOFG+WCmC1Gc/WrzjzUJ0xhmtlnBJW+YtISDEvU2rBT9e3hMFpqiLuMak/NMLV
reloSUGS3jJMQ+8ye2oziES8lvWov3RvVHwV4Sm+oim1QdxIM17QLC/KhQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAvzJG4OHt3hXM3Nj/eb1L5+8rVsMB8GA1UdIwQY
MBaAFB6rTgDA2Sy1AbuyI6zwOeJwkdtOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSHF0T0FNRFpMTFVCdTdJanJQQTU0bkNSMjA0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy9hOWE2YmEtZDc0OC00MGM3LTg1MDMt
MTliYTg0ZDg0YWYwLzEvSHF0T0FNRFpMTFVCdTdJanJQQTU0bkNSMjA0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy9hOWE2YmEtZDc0OC00MGM3LTg1MDMtMTliYTg0ZDg0YWYw
LzEvSHF0T0FNRFpMTFVCdTdJanJQQTU0bkNSMjA0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEARk/7YjIi
DEQncfH2qD+X6fmkGXcR/qwpCnZ9PJTY+q2WXN20XN+Edd+5sZDVjKK/0QFB89rJ
oTWxYwky0NjU/Fh4byYZ8yDqQ2Z3zASkzySdTznwxEQhUokqNUZZ30YMc6lf0vZ7
Q5OayZRfWWJO53GAtO/ayeIvDmM1DUPu/eTtg5/or1F949n2p6rXf8q4ToHoN4JA
u8McLk0yxuf91FBnwik+Nguv+CePh21TbJAlSV3BpsCUNaD6Ukpl88+ybKCaexdg
27bH8bIGRs8nCwouA9/YxsTMKMgDkp3Odmwdh+FxE4dNcRuyQp0P/OwtSTA8xzc5
OJ7v2pB1wKyWuQ==
-----END CERTIFICATE-----
Generated at Mon Oct 20 02:36:17 2025 by rpki-client