Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e1/582695-61a1-48e7-b6ac-7bc45340dd28/1/Q5i1d7IjtadjUSGadP2kRnBIkPc.mft
File:                     Q5i1d7IjtadjUSGadP2kRnBIkPc.mft (raw, json)
Hash identifier:          Y4nzOU5/4i5T5U0KSboSiVNbco8K2e8Oj/cwCoRBGZo=
Subject key identifier:   0F:CE:25:24:57:7A:8D:B6:39:89:5C:2E:2F:AD:B4:25:73:44:8E:8B
Authority key identifier: 43:98:B5:77:B2:23:B5:A7:63:51:21:9A:74:FD:A4:46:70:48:90:F7
Certificate issuer:       /CN=4398b577b223b5a76351219a74fda446704890f7
Certificate serial:       0199FE7E167ED11B43C8E9B3BA02C4BAE313
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Q5i1d7IjtadjUSGadP2kRnBIkPc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e1/582695-61a1-48e7-b6ac-7bc45340dd28/1/Q5i1d7IjtadjUSGadP2kRnBIkPc.mft
Manifest number:          13CB
Signing time:             Sun 19 Oct 2025 22:01:40 +0000
Manifest this update:     Sun 19 Oct 2025 22:01:40 +0000
Manifest next update:     Mon 20 Oct 2025 22:01:40 +0000
Files and hashes:         1: KL5bIat3Yk7dpaHmhHBN9ywSikg.roa (hash: 2Dm1yDCv5S4uhPon+c/p0fcUA41+SmoP2uLFsPOLfB0=)
                          2: Q5i1d7IjtadjUSGadP2kRnBIkPc.crl (hash: NMBk+4u3FFkvAWA9LUBbbcRW/gk4ii2NSFLDE/2RLBg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e1/582695-61a1-48e7-b6ac-7bc45340dd28/1/Q5i1d7IjtadjUSGadP2kRnBIkPc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e1/582695-61a1-48e7-b6ac-7bc45340dd28/1/Q5i1d7IjtadjUSGadP2kRnBIkPc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Q5i1d7IjtadjUSGadP2kRnBIkPc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 20:00:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fe:7e:16:7e:d1:1b:43:c8:e9:b3:ba:02:c4:ba:e3:13
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4398b577b223b5a76351219a74fda446704890f7
        Validity
            Not Before: Oct 19 22:01:40 2025 GMT
            Not After : Oct 20 22:01:40 2025 GMT
        Subject: CN=0fce2524577a8db639895c2e2fadb42573448e8b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:1d:e4:11:1b:49:8a:f3:b3:d7:16:b9:c4:82:
                    29:a2:0d:e4:45:96:da:7d:84:d7:fd:40:c5:eb:4f:
                    16:43:64:9e:82:7e:30:57:91:52:7e:69:d4:29:19:
                    1c:bf:10:d6:b7:0d:74:60:ff:75:70:99:1e:bf:e6:
                    a6:6f:18:0c:76:85:f1:06:3d:fe:65:77:b8:8b:bb:
                    05:83:df:d1:d1:06:f6:ba:52:c9:48:c0:d1:09:cf:
                    51:75:ab:49:ce:75:f8:b1:d2:ce:a0:d4:87:26:f7:
                    15:6c:0f:aa:1a:31:47:35:7f:22:4e:0c:2c:89:96:
                    35:d4:8f:e1:e4:7f:87:5c:e5:fb:fe:02:84:b6:a6:
                    0e:be:b2:1e:3e:04:3f:19:51:39:c6:cb:78:d1:68:
                    23:a0:08:50:25:a3:b1:fc:75:35:ba:b1:d2:58:37:
                    97:15:35:90:b1:b0:7e:c3:57:c4:7b:db:5d:38:fa:
                    c3:94:82:24:f9:35:81:06:66:a4:2a:34:c4:13:a7:
                    b0:d3:4b:d4:45:9a:2c:27:5b:6a:39:a7:4d:c9:1b:
                    69:5d:16:2c:81:d6:b6:b0:57:ec:1c:c6:65:a5:1e:
                    03:45:55:7a:66:7e:41:33:c1:08:7c:c6:20:59:9b:
                    fd:08:35:64:ea:48:94:aa:99:f2:6e:6d:dc:50:7e:
                    9d:7d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0F:CE:25:24:57:7A:8D:B6:39:89:5C:2E:2F:AD:B4:25:73:44:8E:8B
            X509v3 Authority Key Identifier:
                keyid:43:98:B5:77:B2:23:B5:A7:63:51:21:9A:74:FD:A4:46:70:48:90:F7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Q5i1d7IjtadjUSGadP2kRnBIkPc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/582695-61a1-48e7-b6ac-7bc45340dd28/1/Q5i1d7IjtadjUSGadP2kRnBIkPc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/582695-61a1-48e7-b6ac-7bc45340dd28/1/Q5i1d7IjtadjUSGadP2kRnBIkPc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         75:77:e9:fa:b0:ca:28:10:cd:01:e7:a2:5a:13:9f:b7:8a:ea:
         f2:ed:75:24:22:dc:09:67:7b:76:19:f6:b5:b5:7b:27:80:6d:
         fe:0c:1c:fd:fe:ef:cf:9c:04:cf:01:c6:a3:75:2a:b2:8b:63:
         2a:d4:f7:fb:e1:03:e8:00:4f:c4:00:45:09:7c:1b:8a:b6:d5:
         83:72:0d:8f:a6:8b:23:49:41:e9:86:82:6b:e8:9a:4e:64:1c:
         78:e6:50:b4:d6:4f:fa:a0:54:8e:4d:0c:25:26:c6:98:ba:9d:
         41:06:6e:f7:9a:c0:df:e9:63:6c:b3:2c:91:cc:90:18:9b:c5:
         7b:71:31:4c:97:90:dc:24:eb:c0:ae:06:48:41:52:8e:94:86:
         ff:ee:cd:3b:f8:de:5e:24:f5:4b:84:e4:8c:7b:87:84:25:c5:
         e9:64:91:3d:df:7d:f8:9d:75:55:b7:4d:cd:2f:e7:33:b6:1b:
         d5:a7:df:b3:7f:4a:e6:f1:a6:40:c8:34:07:b4:2b:fd:0a:37:
         5e:d8:14:27:11:71:37:a9:f4:20:87:83:09:3c:36:9e:0b:2a:
         4c:9f:82:19:57:68:f4:04:57:77:17:32:ce:19:f1:f5:70:85:
         b2:bc:a1:9f:48:66:8e:df:a8:ad:0a:bb:7a:7e:96:e8:ae:a5:
         f5:06:db:21
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn+fhZ+0RtDyOmzugLEuuMTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzOThiNTc3YjIyM2I1YTc2MzUxMjE5YTc0ZmRhNDQ2NzA0
ODkwZjcwHhcNMjUxMDE5MjIwMTQwWhcNMjUxMDIwMjIwMTQwWjAzMTEwLwYDVQQD
EygwZmNlMjUyNDU3N2E4ZGI2Mzk4OTVjMmUyZmFkYjQyNTczNDQ4ZThiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsh3kERtJivOz1xa5xIIpog3kRZba
fYTX/UDF608WQ2Segn4wV5FSfmnUKRkcvxDWtw10YP91cJkev+ambxgMdoXxBj3+
ZXe4i7sFg9/R0Qb2ulLJSMDRCc9RdatJznX4sdLOoNSHJvcVbA+qGjFHNX8iTgws
iZY11I/h5H+HXOX7/gKEtqYOvrIePgQ/GVE5xst40WgjoAhQJaOx/HU1urHSWDeX
FTWQsbB+w1fEe9tdOPrDlIIk+TWBBmakKjTEE6ew00vURZosJ1tqOadNyRtpXRYs
gda2sFfsHMZlpR4DRVV6Zn5BM8EIfMYgWZv9CDVk6kiUqpnybm3cUH6dfQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFA/OJSRXeo22OYlcLi+ttCVzRI6LMB8GA1UdIwQY
MBaAFEOYtXeyI7WnY1EhmnT9pEZwSJD3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUTVpMWQ3SWp0YWRqVVNHYWRQMmtSbkJJa1BjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMS81ODI2OTUtNjFhMS00OGU3LWI2YWMt
N2JjNDUzNDBkZDI4LzEvUTVpMWQ3SWp0YWRqVVNHYWRQMmtSbkJJa1BjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMS81ODI2OTUtNjFhMS00OGU3LWI2YWMtN2JjNDUzNDBkZDI4
LzEvUTVpMWQ3SWp0YWRqVVNHYWRQMmtSbkJJa1BjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAdXfp+rDK
KBDNAeeiWhOft4rq8u11JCLcCWd7dhn2tbV7J4Bt/gwc/f7vz5wEzwHGo3Uqsotj
KtT3++ED6ABPxABFCXwbirbVg3INj6aLI0lB6YaCa+iaTmQceOZQtNZP+qBUjk0M
JSbGmLqdQQZu95rA3+ljbLMskcyQGJvFe3ExTJeQ3CTrwK4GSEFSjpSG/+7NO/je
XiT1S4TkjHuHhCXF6WSRPd99+J11VbdNzS/nM7Yb1affs39K5vGmQMg0B7Qr/Qo3
XtgUJxFxN6n0IIeDCTw2ngsqTJ+CGVdo9ARXdxcyzhnx9XCFsryhn0hmjt+orQq7
en6W6K6l9QbbIQ==
-----END CERTIFICATE-----
Generated at Mon Oct 20 05:16:16 2025 by rpki-client