Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/521438-3e04-4d72-88de-3622ac7d65cc/1/QBY91EFO8-eS4AUB80786UQKnE4.mft
File:                     QBY91EFO8-eS4AUB80786UQKnE4.mft (raw, json)
Hash identifier:          f2j+g2PIuYZxdmkpnxIZD78KOJYCgKQzctkF5N7qFlo=
Subject key identifier:   93:BD:E4:29:C2:D8:8B:CA:A7:3B:5D:B9:05:3E:71:11:A1:32:94:10
Authority key identifier: 40:16:3D:D4:41:4E:F3:E7:92:E0:05:01:F3:4E:FC:E9:44:0A:9C:4E
Certificate issuer:       /CN=40163dd4414ef3e792e00501f34efce9440a9c4e
Certificate serial:       0197B70E5A1E26F44BE7A8D1775F3C6FD732
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/QBY91EFO8-eS4AUB80786UQKnE4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f3/521438-3e04-4d72-88de-3622ac7d65cc/1/QBY91EFO8-eS4AUB80786UQKnE4.mft
Manifest number:          15B7
Signing time:             Sat 28 Jun 2025 15:01:00 +0000
Manifest this update:     Sat 28 Jun 2025 15:01:00 +0000
Manifest next update:     Sun 29 Jun 2025 15:01:00 +0000
Files and hashes:         1: QBY91EFO8-eS4AUB80786UQKnE4.crl (hash: GSoOp0mZP74I+PuAAkSFvi5EbQDak56GpR1JB6dh3bE=)
                          2: gYnUiXQeHZXoU2ZAN-fbsd-Pbx0.roa (hash: V+jQPfwx3Xoa/wL9PzJ6rz+juFyDwb1B2F2Hpp1ngN4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f3/521438-3e04-4d72-88de-3622ac7d65cc/1/QBY91EFO8-eS4AUB80786UQKnE4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f3/521438-3e04-4d72-88de-3622ac7d65cc/1/QBY91EFO8-eS4AUB80786UQKnE4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/QBY91EFO8-eS4AUB80786UQKnE4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 15:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b7:0e:5a:1e:26:f4:4b:e7:a8:d1:77:5f:3c:6f:d7:32
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=40163dd4414ef3e792e00501f34efce9440a9c4e
        Validity
            Not Before: Jun 28 15:01:00 2025 GMT
            Not After : Jun 29 15:01:00 2025 GMT
        Subject: CN=93bde429c2d88bcaa73b5db9053e7111a1329410
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:db:de:8d:ca:87:c4:b9:70:35:10:a0:01:66:
                    72:8c:8e:62:48:b2:5e:d6:c2:39:00:2a:e0:a0:00:
                    a2:35:c9:c6:65:94:6b:4f:43:8d:46:59:88:9f:3e:
                    24:d6:59:d7:cf:a7:3b:0d:71:38:ca:7b:61:05:36:
                    81:7f:eb:c8:1f:d3:a1:37:cb:8a:48:5a:7a:2a:4e:
                    86:71:e9:20:a0:a6:48:2c:27:2a:ee:81:00:3c:8f:
                    3d:d6:e0:dc:a5:9c:c3:61:bd:4f:e2:f0:29:8d:c6:
                    23:9f:cf:ba:56:14:9e:4c:fb:19:c2:4c:ca:8e:9f:
                    f7:49:bd:b6:97:ff:e3:11:1a:ca:e1:45:d4:48:99:
                    09:9a:b8:30:0b:b1:ed:74:58:29:7c:11:1f:00:eb:
                    21:1b:b5:75:9d:65:c5:2b:c1:44:59:6a:c5:86:4f:
                    d9:8e:3b:d7:c1:e4:10:d0:01:20:ec:0e:dc:27:c5:
                    39:e8:cc:9b:e7:02:76:ae:be:ec:64:d9:a7:f9:f9:
                    07:ce:74:e8:c7:7c:0d:e3:49:c7:ee:de:4d:38:3c:
                    d6:ce:3f:98:63:d7:b6:3f:51:0b:7d:e8:81:47:60:
                    21:9f:fd:63:37:0d:11:ce:de:48:0f:ba:a0:51:d6:
                    42:ac:15:eb:8c:e0:31:05:c4:dd:43:0a:1f:cd:f8:
                    10:57
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                93:BD:E4:29:C2:D8:8B:CA:A7:3B:5D:B9:05:3E:71:11:A1:32:94:10
            X509v3 Authority Key Identifier:
                keyid:40:16:3D:D4:41:4E:F3:E7:92:E0:05:01:F3:4E:FC:E9:44:0A:9C:4E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QBY91EFO8-eS4AUB80786UQKnE4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/521438-3e04-4d72-88de-3622ac7d65cc/1/QBY91EFO8-eS4AUB80786UQKnE4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/521438-3e04-4d72-88de-3622ac7d65cc/1/QBY91EFO8-eS4AUB80786UQKnE4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         ad:6a:4a:2b:c8:17:d6:40:98:d8:78:2c:13:f3:dc:6c:ec:68:
         96:3b:58:d3:f0:2e:1f:d3:d6:a7:07:5f:12:79:27:6a:f3:dd:
         c3:7d:55:bb:08:b8:41:1d:0f:be:a9:1d:3c:c3:f1:c0:10:64:
         2d:1d:c8:f8:69:a6:fb:ae:fc:18:86:1d:98:33:07:a2:c2:8f:
         cc:81:1f:57:20:06:c0:0a:5d:f2:72:14:f7:5f:75:f8:46:0c:
         ca:63:7b:8a:17:e3:4e:e9:db:54:c5:87:8d:0c:85:6a:a2:61:
         d3:da:37:8c:9c:35:63:e2:7e:eb:2c:b9:ba:98:36:79:d4:1b:
         d2:9a:59:ab:a2:22:81:4d:3f:0d:63:7d:26:01:e7:92:99:4e:
         bc:b5:7e:c0:b3:8c:cf:a8:52:ce:f0:47:eb:e8:5d:6c:f7:11:
         3b:e3:c6:1c:59:58:d3:a1:98:2a:9f:25:da:b3:fa:8d:f5:5e:
         5f:93:b3:d0:d7:83:6a:56:f5:ad:ca:6c:3a:2f:5b:71:69:35:
         3c:16:54:1c:b7:8f:68:70:72:0b:2d:ed:e8:e6:f9:ae:1c:1b:
         2e:ee:c6:0c:ee:60:18:c6:df:2e:4a:1e:04:b4:93:0a:b3:4e:
         d6:c2:2a:a2:18:f1:32:79:77:75:71:bb:19:8d:ae:5f:10:3b:
         af:10:a6:e1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe3DloeJvRL56jRd188b9cyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwMTYzZGQ0NDE0ZWYzZTc5MmUwMDUwMWYzNGVmY2U5NDQw
YTljNGUwHhcNMjUwNjI4MTUwMTAwWhcNMjUwNjI5MTUwMTAwWjAzMTEwLwYDVQQD
Eyg5M2JkZTQyOWMyZDg4YmNhYTczYjVkYjkwNTNlNzExMWExMzI5NDEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsdvejcqHxLlwNRCgAWZyjI5iSLJe
1sI5ACrgoACiNcnGZZRrT0ONRlmInz4k1lnXz6c7DXE4ynthBTaBf+vIH9OhN8uK
SFp6Kk6GcekgoKZILCcq7oEAPI891uDcpZzDYb1P4vApjcYjn8+6VhSeTPsZwkzK
jp/3Sb22l//jERrK4UXUSJkJmrgwC7HtdFgpfBEfAOshG7V1nWXFK8FEWWrFhk/Z
jjvXweQQ0AEg7A7cJ8U56Myb5wJ2rr7sZNmn+fkHznTox3wN40nH7t5NODzWzj+Y
Y9e2P1ELfeiBR2Ahn/1jNw0Rzt5ID7qgUdZCrBXrjOAxBcTdQwofzfgQVwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJO95CnC2IvKpztduQU+cRGhMpQQMB8GA1UdIwQY
MBaAFEAWPdRBTvPnkuAFAfNO/OlECpxOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUUJZOTFFRk84LWVTNEFVQjgwNzg2VVFLbkU0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMy81MjE0MzgtM2UwNC00ZDcyLTg4ZGUt
MzYyMmFjN2Q2NWNjLzEvUUJZOTFFRk84LWVTNEFVQjgwNzg2VVFLbkU0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMy81MjE0MzgtM2UwNC00ZDcyLTg4ZGUtMzYyMmFjN2Q2NWNj
LzEvUUJZOTFFRk84LWVTNEFVQjgwNzg2VVFLbkU0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEArWpKK8gX
1kCY2HgsE/PcbOxoljtY0/AuH9PWpwdfEnknavPdw31Vuwi4QR0PvqkdPMPxwBBk
LR3I+Gmm+678GIYdmDMHosKPzIEfVyAGwApd8nIU9191+EYMymN7ihfjTunbVMWH
jQyFaqJh09o3jJw1Y+J+6yy5upg2edQb0ppZq6IigU0/DWN9JgHnkplOvLV+wLOM
z6hSzvBH6+hdbPcRO+PGHFlY06GYKp8l2rP6jfVeX5Oz0NeDalb1rcpsOi9bcWk1
PBZUHLePaHByCy3t6Ob5rhwbLu7GDO5gGMbfLkoeBLSTCrNO1sIqohjxMnl3dXG7
GY2uXxA7rxCm4Q==
-----END CERTIFICATE-----
Generated at Sat Jun 28 23:17:39 2025 by rpki-client