Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3d/3b3215-5721-4345-841b-2ad9308f1f6c/1/Qkq4x890A7ViChuBPmrR2g2stE0.mft
File:                     Qkq4x890A7ViChuBPmrR2g2stE0.mft (raw, json)
Hash identifier:          Osw/+oAOaZt0dEgqAIoQmmffhs+V1+UPgerEs+mPeok=
Subject key identifier:   36:F2:40:53:01:42:9F:5F:8E:C0:27:13:50:01:13:EE:95:02:04:59
Authority key identifier: 42:4A:B8:C7:CF:74:03:B5:62:0A:1B:81:3E:6A:D1:DA:0D:AC:B4:4D
Certificate issuer:       /CN=424ab8c7cf7403b5620a1b813e6ad1da0dacb44d
Certificate serial:       019875D256812EB771E610796A874E7B59FC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Qkq4x890A7ViChuBPmrR2g2stE0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3d/3b3215-5721-4345-841b-2ad9308f1f6c/1/Qkq4x890A7ViChuBPmrR2g2stE0.mft
Manifest number:          161A
Signing time:             Mon 04 Aug 2025 16:02:55 +0000
Manifest this update:     Mon 04 Aug 2025 16:02:55 +0000
Manifest next update:     Tue 05 Aug 2025 16:02:55 +0000
Files and hashes:         1: MCPNj8vuGzZknoWdqGIIivLkJGU.roa (hash: 4hhwQet2SGHC4RmJ2ByvcZIanR2/yV/AqfOhLRjbUPM=)
                          2: Qkq4x890A7ViChuBPmrR2g2stE0.crl (hash: BzuL6cDgvIfCklmPxSDRdHC7lhLFD7csr/kZn13NJpo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3d/3b3215-5721-4345-841b-2ad9308f1f6c/1/Qkq4x890A7ViChuBPmrR2g2stE0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3d/3b3215-5721-4345-841b-2ad9308f1f6c/1/Qkq4x890A7ViChuBPmrR2g2stE0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Qkq4x890A7ViChuBPmrR2g2stE0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 05 Aug 2025 12:00:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:75:d2:56:81:2e:b7:71:e6:10:79:6a:87:4e:7b:59:fc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=424ab8c7cf7403b5620a1b813e6ad1da0dacb44d
        Validity
            Not Before: Aug  4 16:02:55 2025 GMT
            Not After : Aug  5 16:02:55 2025 GMT
        Subject: CN=36f2405301429f5f8ec02713500113ee95020459
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c4:d6:f9:7d:88:6a:ca:7f:a0:ce:51:28:1f:3c:
                    72:6d:65:d8:6a:55:41:2e:f8:ce:d4:a8:ac:7b:ba:
                    b5:69:7d:2d:da:5b:1f:fa:36:37:55:7b:8a:41:f5:
                    27:1c:46:66:27:77:c2:bd:52:66:74:3d:fa:66:8b:
                    dc:48:1a:1c:e4:c0:10:16:ef:f6:0d:b9:9d:3f:5b:
                    a6:ba:6c:73:35:7c:e8:83:6d:97:0b:9a:8a:95:92:
                    24:62:33:c3:86:13:c0:52:21:a4:7b:13:52:f5:13:
                    d8:1f:a3:c9:3a:6e:93:58:40:a8:81:c1:7c:8e:58:
                    58:5a:a2:6e:79:c6:c2:32:19:69:7d:6b:19:fa:da:
                    c6:a3:f3:2e:51:d0:fe:1c:01:d8:65:eb:e7:9a:d3:
                    68:8f:eb:82:f8:9e:65:9b:20:c8:19:9c:c1:ef:aa:
                    39:bc:97:03:b3:f7:cc:c6:df:ee:a2:f1:4c:8e:fe:
                    38:d5:82:32:39:44:bd:9a:1f:d2:df:88:9f:7d:4b:
                    ba:21:06:2c:38:4e:be:de:1e:f8:d9:20:d5:90:95:
                    58:56:b7:04:59:93:74:6d:e3:fc:c8:71:49:e6:5e:
                    9c:8e:ae:ac:b6:96:1c:e0:5d:ce:cf:d9:03:cd:22:
                    27:21:31:ac:4d:8e:d8:19:f5:6f:77:f0:14:8a:36:
                    be:6b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                36:F2:40:53:01:42:9F:5F:8E:C0:27:13:50:01:13:EE:95:02:04:59
            X509v3 Authority Key Identifier:
                keyid:42:4A:B8:C7:CF:74:03:B5:62:0A:1B:81:3E:6A:D1:DA:0D:AC:B4:4D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Qkq4x890A7ViChuBPmrR2g2stE0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/3b3215-5721-4345-841b-2ad9308f1f6c/1/Qkq4x890A7ViChuBPmrR2g2stE0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/3b3215-5721-4345-841b-2ad9308f1f6c/1/Qkq4x890A7ViChuBPmrR2g2stE0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         11:5e:7d:61:36:bb:50:ba:e7:08:5c:6e:da:55:fb:c4:a2:aa:
         2f:3f:98:dd:0d:b7:d2:95:9e:0a:1a:5d:62:73:6d:7e:e8:71:
         fd:3c:78:e0:96:57:08:92:f2:b1:de:f6:1e:3f:24:ae:42:80:
         41:4e:0d:38:75:f3:64:44:e5:63:a5:f0:d4:a1:cd:ea:d3:0e:
         b3:9d:9d:0d:36:45:48:24:b7:73:46:02:44:74:1e:c5:28:97:
         0d:b3:dd:a2:b0:de:8c:0e:9f:33:ca:17:f9:6f:3a:b5:5b:42:
         ba:48:49:d2:5c:0f:90:d8:79:cc:71:2a:5b:fc:21:25:1d:2a:
         19:e5:b7:44:c8:5d:94:56:a3:86:11:fc:92:f5:c2:e0:08:08:
         42:d7:dc:00:dd:d2:3c:89:e8:ea:00:c2:9b:d9:d7:ab:22:a6:
         bf:4b:2f:7a:c1:d2:43:af:a5:2c:8d:8d:89:dd:4f:df:91:35:
         1a:52:e0:c4:59:3a:79:06:93:dd:af:1b:50:47:b9:34:ff:12:
         1d:d6:80:35:6c:4e:05:7e:86:57:4d:78:4e:8e:bf:8b:85:d3:
         fa:05:13:08:5f:80:fb:15:d3:ec:10:81:da:6b:47:ea:ee:52:
         f9:cc:a6:4a:46:04:89:4f:64:d4:ed:d9:41:9f:71:4f:78:82:
         3f:7c:ab:66
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZh10laBLrdx5hB5aodOe1n8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQyNGFiOGM3Y2Y3NDAzYjU2MjBhMWI4MTNlNmFkMWRhMGRh
Y2I0NGQwHhcNMjUwODA0MTYwMjU1WhcNMjUwODA1MTYwMjU1WjAzMTEwLwYDVQQD
EygzNmYyNDA1MzAxNDI5ZjVmOGVjMDI3MTM1MDAxMTNlZTk1MDIwNDU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxNb5fYhqyn+gzlEoHzxybWXYalVB
LvjO1Kise7q1aX0t2lsf+jY3VXuKQfUnHEZmJ3fCvVJmdD36ZovcSBoc5MAQFu/2
DbmdP1umumxzNXzog22XC5qKlZIkYjPDhhPAUiGkexNS9RPYH6PJOm6TWECogcF8
jlhYWqJuecbCMhlpfWsZ+trGo/MuUdD+HAHYZevnmtNoj+uC+J5lmyDIGZzB76o5
vJcDs/fMxt/uovFMjv441YIyOUS9mh/S34iffUu6IQYsOE6+3h742SDVkJVYVrcE
WZN0beP8yHFJ5l6cjq6stpYc4F3Oz9kDzSInITGsTY7YGfVvd/AUija+awIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDbyQFMBQp9fjsAnE1ABE+6VAgRZMB8GA1UdIwQY
MBaAFEJKuMfPdAO1YgobgT5q0doNrLRNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUWtxNHg4OTBBN1ZpQ2h1QlBtclIyZzJzdEUwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZC8zYjMyMTUtNTcyMS00MzQ1LTg0MWIt
MmFkOTMwOGYxZjZjLzEvUWtxNHg4OTBBN1ZpQ2h1QlBtclIyZzJzdEUwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZC8zYjMyMTUtNTcyMS00MzQ1LTg0MWItMmFkOTMwOGYxZjZj
LzEvUWtxNHg4OTBBN1ZpQ2h1QlBtclIyZzJzdEUwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAEV59YTa7
ULrnCFxu2lX7xKKqLz+Y3Q230pWeChpdYnNtfuhx/Tx44JZXCJLysd72Hj8krkKA
QU4NOHXzZETlY6Xw1KHN6tMOs52dDTZFSCS3c0YCRHQexSiXDbPdorDejA6fM8oX
+W86tVtCukhJ0lwPkNh5zHEqW/whJR0qGeW3RMhdlFajhhH8kvXC4AgIQtfcAN3S
PIno6gDCm9nXqyKmv0svesHSQ6+lLI2Nid1P35E1GlLgxFk6eQaT3a8bUEe5NP8S
HdaANWxOBX6GV014To6/i4XT+gUTCF+A+xXT7BCB2mtH6u5S+cymSkYEiU9k1O3Z
QZ9xT3iCP3yrZg==
-----END CERTIFICATE-----
Generated at Mon Aug 4 18:30:56 2025 by rpki-client