Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/913752-b8dc-4dff-8667-747b0e57ab5e/1/Qk_Ro6Aljcymf8nd2_TjYVfmpxY.mft
File:                     Qk_Ro6Aljcymf8nd2_TjYVfmpxY.mft (raw, json)
Hash identifier:          O/DPTuVMsB9Z8INBv1RxEk2aeaP9MWf2rO7g1QeISSM=
Subject key identifier:   C9:18:9B:09:EF:4A:5B:39:25:6B:C9:BF:80:B5:BD:D3:1F:E6:6C:81
Authority key identifier: 42:4F:D1:A3:A0:25:8D:CC:A6:7F:C9:DD:DB:F4:E3:61:57:E6:A7:16
Certificate issuer:       /CN=424fd1a3a0258dcca67fc9dddbf4e36157e6a716
Certificate serial:       019897128152AD954D7092AFAC42BEF77802
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Qk_Ro6Aljcymf8nd2_TjYVfmpxY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/59/913752-b8dc-4dff-8667-747b0e57ab5e/1/Qk_Ro6Aljcymf8nd2_TjYVfmpxY.mft
Manifest number:          1629
Signing time:             Mon 11 Aug 2025 03:00:29 +0000
Manifest this update:     Mon 11 Aug 2025 03:00:29 +0000
Manifest next update:     Tue 12 Aug 2025 03:00:29 +0000
Files and hashes:         1: 83F_Jp7hhNkTyKzmQu0uAqQ-Hug.roa (hash: /GIKVjlq0TkCjqFIvHfnkG7+yghgu5kkQctxwrpV6qw=)
                          2: Qk_Ro6Aljcymf8nd2_TjYVfmpxY.crl (hash: A3SH2DL93MwAJRyfOiwquzNWhRaW5vb8kv3EVTKJXzQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/59/913752-b8dc-4dff-8667-747b0e57ab5e/1/Qk_Ro6Aljcymf8nd2_TjYVfmpxY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/59/913752-b8dc-4dff-8667-747b0e57ab5e/1/Qk_Ro6Aljcymf8nd2_TjYVfmpxY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Qk_Ro6Aljcymf8nd2_TjYVfmpxY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 12 Aug 2025 02:00:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:97:12:81:52:ad:95:4d:70:92:af:ac:42:be:f7:78:02
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=424fd1a3a0258dcca67fc9dddbf4e36157e6a716
        Validity
            Not Before: Aug 11 03:00:29 2025 GMT
            Not After : Aug 12 03:00:29 2025 GMT
        Subject: CN=c9189b09ef4a5b39256bc9bf80b5bdd31fe66c81
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c2:1f:dc:fb:12:d0:64:a4:94:20:08:f0:92:da:
                    f8:9a:0c:e4:1e:74:6a:df:7a:22:1d:09:94:52:46:
                    d7:47:c2:2e:b6:db:8a:a3:f7:99:e3:cd:5b:24:34:
                    f5:f3:90:77:cb:be:76:9c:df:97:1e:b9:f9:cc:09:
                    d7:77:06:fc:b0:b2:d8:73:01:be:81:d6:47:e2:ed:
                    e9:d7:6d:e3:23:2a:69:32:72:04:8a:37:d8:7f:1e:
                    42:e3:01:d0:3c:3b:10:f2:11:cb:c8:b9:1f:ba:7e:
                    49:c2:78:76:ce:31:54:94:01:10:00:75:24:5c:1e:
                    14:32:4f:87:72:09:13:93:8b:61:45:0c:19:db:d2:
                    86:ae:f9:a3:92:e1:4f:c4:43:f6:6c:ce:29:ad:86:
                    c7:5c:ac:86:b3:35:ec:9d:df:90:c0:39:70:77:d6:
                    97:72:82:cf:d9:08:af:5e:f8:1c:9e:96:f7:dd:69:
                    3b:ce:c0:9b:fd:0a:cc:de:fb:55:9d:fa:6b:9a:a2:
                    45:a1:9f:b9:76:63:14:45:8c:35:0e:20:cb:7a:bb:
                    ff:f9:27:8b:47:92:2c:74:f7:8e:b7:a7:c2:03:9e:
                    2a:03:58:98:f5:e2:7a:4f:9b:a6:06:bb:47:ae:f4:
                    44:74:c3:5d:e6:0d:fc:32:22:4f:e6:e7:d6:9f:e8:
                    e1:21
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C9:18:9B:09:EF:4A:5B:39:25:6B:C9:BF:80:B5:BD:D3:1F:E6:6C:81
            X509v3 Authority Key Identifier:
                keyid:42:4F:D1:A3:A0:25:8D:CC:A6:7F:C9:DD:DB:F4:E3:61:57:E6:A7:16

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Qk_Ro6Aljcymf8nd2_TjYVfmpxY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/913752-b8dc-4dff-8667-747b0e57ab5e/1/Qk_Ro6Aljcymf8nd2_TjYVfmpxY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/59/913752-b8dc-4dff-8667-747b0e57ab5e/1/Qk_Ro6Aljcymf8nd2_TjYVfmpxY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3e:65:6f:52:99:5c:45:a5:6e:a7:35:55:3d:8f:f8:38:c0:38:
         ad:5e:ca:5c:e6:16:72:dd:6c:a0:a1:22:6e:e3:f3:c1:08:7c:
         1e:53:de:f7:ec:d9:cc:86:a2:d9:8f:a8:55:34:b7:91:51:eb:
         af:35:b7:af:60:4a:3d:73:b8:c9:64:71:ed:ba:98:21:61:2b:
         7d:d3:41:66:47:1c:a1:19:f2:cc:82:bc:53:b4:0e:d1:cb:84:
         03:d8:a9:e4:88:dd:27:a8:8c:5f:20:d0:20:08:85:56:41:27:
         83:2a:4c:51:43:6a:f4:18:98:0f:17:2b:40:eb:c1:0d:e4:2d:
         84:8a:ed:6b:70:bf:82:aa:35:5c:25:f4:aa:d4:48:d2:8e:96:
         ea:5b:44:5d:a4:62:3d:b3:35:f8:52:5f:55:92:0c:2d:67:24:
         7a:a8:c5:9d:3c:72:99:98:8a:82:09:14:4f:48:3d:d7:d5:76:
         a1:ef:c7:ca:2a:bf:a2:82:d8:dc:22:35:a4:18:f9:53:5f:51:
         5d:55:55:c1:a0:70:07:78:0b:5d:04:7a:54:4f:e2:4c:49:f0:
         91:d2:f1:e7:43:ea:d8:41:23:46:3a:fc:da:3e:10:9a:60:d1:
         16:ad:37:e4:ed:5f:cf:ea:a6:6c:d0:11:38:f7:e7:03:e3:e2:
         ac:e5:cf:1b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZiXEoFSrZVNcJKvrEK+93gCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQyNGZkMWEzYTAyNThkY2NhNjdmYzlkZGRiZjRlMzYxNTdl
NmE3MTYwHhcNMjUwODExMDMwMDI5WhcNMjUwODEyMDMwMDI5WjAzMTEwLwYDVQQD
EyhjOTE4OWIwOWVmNGE1YjM5MjU2YmM5YmY4MGI1YmRkMzFmZTY2YzgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwh/c+xLQZKSUIAjwktr4mgzkHnRq
33oiHQmUUkbXR8IuttuKo/eZ481bJDT185B3y752nN+XHrn5zAnXdwb8sLLYcwG+
gdZH4u3p123jIyppMnIEijfYfx5C4wHQPDsQ8hHLyLkfun5Jwnh2zjFUlAEQAHUk
XB4UMk+HcgkTk4thRQwZ29KGrvmjkuFPxEP2bM4prYbHXKyGszXsnd+QwDlwd9aX
coLP2QivXvgcnpb33Wk7zsCb/QrM3vtVnfprmqJFoZ+5dmMURYw1DiDLerv/+SeL
R5IsdPeOt6fCA54qA1iY9eJ6T5umBrtHrvREdMNd5g38MiJP5ufWn+jhIQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMkYmwnvSls5JWvJv4C1vdMf5myBMB8GA1UdIwQY
MBaAFEJP0aOgJY3Mpn/J3dv042FX5qcWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUWtfUm82QWxqY3ltZjhuZDJfVGpZVmZtcHhZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OS85MTM3NTItYjhkYy00ZGZmLTg2Njct
NzQ3YjBlNTdhYjVlLzEvUWtfUm82QWxqY3ltZjhuZDJfVGpZVmZtcHhZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OS85MTM3NTItYjhkYy00ZGZmLTg2NjctNzQ3YjBlNTdhYjVl
LzEvUWtfUm82QWxqY3ltZjhuZDJfVGpZVmZtcHhZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAPmVvUplc
RaVupzVVPY/4OMA4rV7KXOYWct1soKEibuPzwQh8HlPe9+zZzIai2Y+oVTS3kVHr
rzW3r2BKPXO4yWRx7bqYIWErfdNBZkccoRnyzIK8U7QO0cuEA9ip5IjdJ6iMXyDQ
IAiFVkEngypMUUNq9BiYDxcrQOvBDeQthIrta3C/gqo1XCX0qtRI0o6W6ltEXaRi
PbM1+FJfVZIMLWckeqjFnTxymZiKggkUT0g919V2oe/Hyiq/ooLY3CI1pBj5U19R
XVVVwaBwB3gLXQR6VE/iTEnwkdLx50Pq2EEjRjr82j4QmmDRFq035O1fz+qmbNAR
OPfnA+PirOXPGw==
-----END CERTIFICATE-----
Generated at Mon Aug 11 07:48:38 2025 by rpki-client