Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/a9a6ba-d748-40c7-8503-19ba84d84af0/1/HqtOAMDZLLUBu7IjrPA54nCR204.mft
File:                     HqtOAMDZLLUBu7IjrPA54nCR204.mft (raw, json)
Hash identifier:          sKNwGEiefwZBnEg891UoDVwbc1iK4DeB3+3ZloY7ZU4=
Subject key identifier:   78:20:53:6C:2A:3C:37:70:1D:1E:43:CE:0B:7D:3E:46:F6:3B:8A:B0
Authority key identifier: 1E:AB:4E:00:C0:D9:2C:B5:01:BB:B2:23:AC:F0:39:E2:70:91:DB:4E
Certificate issuer:       /CN=1eab4e00c0d92cb501bbb223acf039e27091db4e
Certificate serial:       0199FFC7DA53875DBA52DA07F5B293B057A9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HqtOAMDZLLUBu7IjrPA54nCR204.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c7/a9a6ba-d748-40c7-8503-19ba84d84af0/1/HqtOAMDZLLUBu7IjrPA54nCR204.mft
Manifest number:          15AF
Signing time:             Mon 20 Oct 2025 04:01:51 +0000
Manifest this update:     Mon 20 Oct 2025 04:01:51 +0000
Manifest next update:     Tue 21 Oct 2025 04:01:51 +0000
Files and hashes:         1: HqtOAMDZLLUBu7IjrPA54nCR204.crl (hash: Tn/gTGYsoLU+7UpP3bqFM7k0IHgcAkv9Y4x7TleQiME=)
                          2: TRIkg-QwPxodaMNyhJudZJsULfg.roa (hash: ufMh2ZHdT1rvdo6TTuMqjAAVY8O4a0cCsUjxcMvHh8A=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c7/a9a6ba-d748-40c7-8503-19ba84d84af0/1/HqtOAMDZLLUBu7IjrPA54nCR204.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c7/a9a6ba-d748-40c7-8503-19ba84d84af0/1/HqtOAMDZLLUBu7IjrPA54nCR204.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/HqtOAMDZLLUBu7IjrPA54nCR204.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 21 Oct 2025 00:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:ff:c7:da:53:87:5d:ba:52:da:07:f5:b2:93:b0:57:a9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1eab4e00c0d92cb501bbb223acf039e27091db4e
        Validity
            Not Before: Oct 20 04:01:51 2025 GMT
            Not After : Oct 21 04:01:51 2025 GMT
        Subject: CN=7820536c2a3c37701d1e43ce0b7d3e46f63b8ab0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:de:5b:f7:ae:d5:46:d4:fc:0b:27:a3:24:17:
                    1d:18:ae:89:86:38:44:63:ef:63:71:e5:85:ea:6a:
                    d0:34:78:7e:fd:e1:b1:84:1e:9c:07:a0:c3:44:e6:
                    33:f0:c2:1e:27:8c:47:ae:f7:95:6f:4e:43:4e:71:
                    8a:86:0b:f8:9d:ef:d1:5d:b5:1f:25:a2:f4:4b:6e:
                    cf:fc:74:ef:07:cc:b2:5c:66:1d:34:36:5b:05:0a:
                    22:94:c5:0c:29:8a:ea:f2:ae:c3:91:0f:d3:39:74:
                    22:52:af:4b:ed:30:e9:10:59:99:25:18:ab:56:f1:
                    7c:90:d1:d0:2d:12:69:c8:41:5d:a1:c3:f6:32:4d:
                    1c:98:9c:a8:0f:ad:8e:45:fa:0f:a7:a7:24:86:48:
                    82:c5:d7:b1:46:9b:e5:76:6d:7c:4d:d4:2d:9f:2a:
                    ca:5c:c5:80:41:d4:fc:d1:54:1e:cd:38:87:4c:81:
                    82:7a:34:1b:8b:06:b6:58:8e:fd:39:e3:64:e8:cc:
                    59:24:4c:06:f3:a5:65:3f:43:68:74:8c:2e:c3:fc:
                    07:d2:81:e8:32:fd:0d:29:0e:b8:6e:1a:ae:64:e5:
                    bc:25:cf:33:07:3e:14:bb:3c:a1:31:f1:51:02:79:
                    61:8f:14:04:56:35:c3:e0:0f:a2:a1:20:d7:4b:be:
                    60:cd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                78:20:53:6C:2A:3C:37:70:1D:1E:43:CE:0B:7D:3E:46:F6:3B:8A:B0
            X509v3 Authority Key Identifier:
                keyid:1E:AB:4E:00:C0:D9:2C:B5:01:BB:B2:23:AC:F0:39:E2:70:91:DB:4E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HqtOAMDZLLUBu7IjrPA54nCR204.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/a9a6ba-d748-40c7-8503-19ba84d84af0/1/HqtOAMDZLLUBu7IjrPA54nCR204.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/a9a6ba-d748-40c7-8503-19ba84d84af0/1/HqtOAMDZLLUBu7IjrPA54nCR204.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         ab:94:95:cb:ef:12:bb:7e:c6:26:ec:81:68:6d:ab:fc:53:ee:
         c8:99:cc:ad:70:ce:59:a4:bb:9c:f1:32:b5:72:a5:30:1f:ba:
         77:97:b3:08:f7:da:18:39:58:1e:a8:bb:ba:09:1b:8b:a9:43:
         f0:ad:ee:ac:95:60:c4:88:47:a8:b0:78:a8:41:7e:e7:c2:69:
         31:df:3f:62:7c:5c:91:a1:4b:46:cc:3f:65:06:6a:6d:a7:ea:
         0a:c0:e6:0e:aa:ee:e9:f5:15:5c:78:98:7e:88:f1:a7:b3:61:
         bf:ba:b3:95:4c:9d:7a:ed:4b:5b:ee:28:46:ec:97:14:5a:d7:
         e5:75:cf:eb:af:76:59:96:c4:b0:d7:02:14:b8:3b:f8:27:d2:
         bc:a6:72:57:81:e9:b5:d7:a9:51:9e:dc:40:88:37:0b:f5:a8:
         4b:59:71:14:c6:6a:26:83:4a:73:88:5f:37:46:98:fc:bb:ef:
         88:b9:a4:65:65:6c:19:3f:66:b2:4b:5d:52:de:c6:d9:2e:fd:
         b8:e8:50:0e:86:11:a6:af:49:c4:ea:7b:24:f8:9b:b5:9a:43:
         30:d6:71:ff:8e:86:b9:b0:02:df:36:67:55:01:8d:db:50:ed:
         b1:b3:df:77:67:bc:39:ee:3c:6e:b8:ee:61:25:44:0e:05:90:
         f8:6c:87:eb
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn/x9pTh126UtoH9bKTsFepMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFlYWI0ZTAwYzBkOTJjYjUwMWJiYjIyM2FjZjAzOWUyNzA5
MWRiNGUwHhcNMjUxMDIwMDQwMTUxWhcNMjUxMDIxMDQwMTUxWjAzMTEwLwYDVQQD
Eyg3ODIwNTM2YzJhM2MzNzcwMWQxZTQzY2UwYjdkM2U0NmY2M2I4YWIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu95b967VRtT8CyejJBcdGK6JhjhE
Y+9jceWF6mrQNHh+/eGxhB6cB6DDROYz8MIeJ4xHrveVb05DTnGKhgv4ne/RXbUf
JaL0S27P/HTvB8yyXGYdNDZbBQoilMUMKYrq8q7DkQ/TOXQiUq9L7TDpEFmZJRir
VvF8kNHQLRJpyEFdocP2Mk0cmJyoD62ORfoPp6ckhkiCxdexRpvldm18TdQtnyrK
XMWAQdT80VQezTiHTIGCejQbiwa2WI79OeNk6MxZJEwG86VlP0NodIwuw/wH0oHo
Mv0NKQ64bhquZOW8Jc8zBz4UuzyhMfFRAnlhjxQEVjXD4A+ioSDXS75gzQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHggU2wqPDdwHR5Dzgt9Pkb2O4qwMB8GA1UdIwQY
MBaAFB6rTgDA2Sy1AbuyI6zwOeJwkdtOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSHF0T0FNRFpMTFVCdTdJanJQQTU0bkNSMjA0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy9hOWE2YmEtZDc0OC00MGM3LTg1MDMt
MTliYTg0ZDg0YWYwLzEvSHF0T0FNRFpMTFVCdTdJanJQQTU0bkNSMjA0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy9hOWE2YmEtZDc0OC00MGM3LTg1MDMtMTliYTg0ZDg0YWYw
LzEvSHF0T0FNRFpMTFVCdTdJanJQQTU0bkNSMjA0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAq5SVy+8S
u37GJuyBaG2r/FPuyJnMrXDOWaS7nPEytXKlMB+6d5ezCPfaGDlYHqi7ugkbi6lD
8K3urJVgxIhHqLB4qEF+58JpMd8/YnxckaFLRsw/ZQZqbafqCsDmDqru6fUVXHiY
fojxp7Nhv7qzlUydeu1LW+4oRuyXFFrX5XXP6692WZbEsNcCFLg7+CfSvKZyV4Hp
tdepUZ7cQIg3C/WoS1lxFMZqJoNKc4hfN0aY/LvviLmkZWVsGT9msktdUt7G2S79
uOhQDoYRpq9JxOp7JPibtZpDMNZx/46GubAC3zZnVQGN21DtsbPfd2e8Oe48brju
YSVEDgWQ+GyH6w==
-----END CERTIFICATE-----
Generated at Mon Oct 20 07:43:07 2025 by rpki-client