Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5d/59294c-0f24-40c5-b5c3-6eac62e60df7/1/IQIbJSIimXv-M7fksxWsjV4GeVQ.mft
File:                     IQIbJSIimXv-M7fksxWsjV4GeVQ.mft (raw, json)
Hash identifier:          ldeplYUUFKiXFxg8B1K9FF+CwAeKWGopJg7j1vk8fkU=
Subject key identifier:   B4:2F:F1:01:7B:2B:0B:6B:DE:FF:B4:C0:A4:46:30:20:EB:B0:09:A2
Authority key identifier: 21:02:1B:25:22:22:99:7B:FE:33:B7:E4:B3:15:AC:8D:5E:06:79:54
Certificate issuer:       /CN=21021b252222997bfe33b7e4b315ac8d5e067954
Certificate serial:       019A4FCFBD96A01BF07663C9EDB346D055D3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IQIbJSIimXv-M7fksxWsjV4GeVQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5d/59294c-0f24-40c5-b5c3-6eac62e60df7/1/IQIbJSIimXv-M7fksxWsjV4GeVQ.mft
Manifest number:          1476
Signing time:             Tue 04 Nov 2025 17:00:05 +0000
Manifest this update:     Tue 04 Nov 2025 17:00:05 +0000
Manifest next update:     Wed 05 Nov 2025 17:00:05 +0000
Files and hashes:         1: 3MPX8Hgcgpj46XFJe7iOfP4Vx9k.roa (hash: X8ItFNiHsxzuYcCwG/t6V7CD4qgVaZVjCW5JDwwvo1k=)
                          2: BxuNK2XBHdo88OQyiW_5v_yfc5A.roa (hash: MFlUpzcLU82WlS9U/NlO4CgGrVyG4i0P38/lEf9NP58=)
                          3: H85sOAhghTea9a0fF7V97F8PmPU.roa (hash: 2OxoGkdCVVcRfuQOFsn/tuCAYUwqPM6hV+wTzXUpbKk=)
                          4: HLAFzpF1dtaNSAOxEl-uHrb_wcg.roa (hash: PtoSILiXlrGyGsA1CVrSehyontCCBay4De7QPXIkVlI=)
                          5: IOSFPx8A8l-pe0og_vxIgYl_NBY.roa (hash: KLjHQhBVtLRCltNJ+XqJhMVg3V2m+fHC9ZN7NVjvtDY=)
                          6: IQIbJSIimXv-M7fksxWsjV4GeVQ.crl (hash: KcM5iqImepyHLBokG1vodiSEos4Ag3+n0RN47C+rOds=)
                          7: J5ajMdCsK_xzfbhWxoAV2iRMcqc.roa (hash: i0rnl2YK8VurUbtxqh46jYu42vj9ovnjrsY7s0Ha76E=)
                          8: NIsfNrgr61FvPf7cYDhBUlhxHyo.roa (hash: erf8aKvQjphq5ECHQpzvwfDmeIXYw4ufNsUCtqSAry4=)
                          9: NojFSrrS5JKJQebH50O-Sn9xxis.roa (hash: 99amkQAhCwzYf+SSxz6XlFlKrJhhJL3h7GCB1tqsJIA=)
                          10: O0dA6ORgAzDqkWmj1R355BHaTrI.roa (hash: 296lT6a3xrMsAitqkt1Jep7cJYB5SeLJP2n68zngwhU=)
                          11: VbRKF62krl-KA_0dr7N8i46qs_A.roa (hash: PCEcpmBvUl37S6P9+HKjvTq2SZP3pF9GPHCRb88sRNw=)
                          12: W6gW_k4PAlDXWNXHj-7uVtaEhUo.roa (hash: 2GGe0Av8ayGGsSV+o4FXLrtSMr3LqMsV0faDwoshubs=)
                          13: bappW0a76vCPpE7es6c1mZAIjsM.roa (hash: cqG7BmBZANbhw2q44YhM+SIY2oACb3Cf8jR7Of0U21w=)
                          14: kdaSrzmnDVsM0RIoAgjgbrOtDPw.roa (hash: rqvV8WO0X2/bRdhoVD7e6+BEeyw0vjX6G9hkFrs+9Pk=)
                          15: vj_Rx3DB5-xDUqDlrBJ7IxL_21w.roa (hash: MTWWugX6ksDRRG983kctzCkaVVEPY1cdhe4ngzPqXI4=)
                          16: y88-XlX3iJ__DzfIGS5r5m0TLBs.roa (hash: XnV7xzm/iXlPi3I2M7gT2rIanQMocQ1jqhKZYjxglqk=)
                          17: yq4mDy7IWiKa_jUZsF8HmOo9YAA.roa (hash: D7e3OOFi7lIh2fyesD48w9fTpDFZydPZVUW+H+QSZ9A=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5d/59294c-0f24-40c5-b5c3-6eac62e60df7/1/IQIbJSIimXv-M7fksxWsjV4GeVQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5d/59294c-0f24-40c5-b5c3-6eac62e60df7/1/IQIbJSIimXv-M7fksxWsjV4GeVQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/IQIbJSIimXv-M7fksxWsjV4GeVQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 17:00:05 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:4f:cf:bd:96:a0:1b:f0:76:63:c9:ed:b3:46:d0:55:d3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=21021b252222997bfe33b7e4b315ac8d5e067954
        Validity
            Not Before: Nov  4 17:00:05 2025 GMT
            Not After : Nov  5 17:00:05 2025 GMT
        Subject: CN=b42ff1017b2b0b6bdeffb4c0a4463020ebb009a2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e2:07:c6:99:6e:3d:2c:de:22:24:f9:a0:9a:0b:
                    5b:49:19:eb:97:90:ef:73:c9:10:83:74:ff:ca:ea:
                    5f:5f:8a:53:88:ee:0b:18:01:4b:6c:cc:e5:f8:91:
                    7a:83:e6:fd:59:df:2f:7c:0c:36:85:75:ea:9d:e5:
                    d7:f5:5a:34:9f:e7:20:30:3e:9b:0d:2c:cb:d5:57:
                    c8:1d:72:0a:fb:5e:f8:48:b0:9c:d0:ea:b1:80:44:
                    e5:01:2f:69:c4:a1:36:ed:5d:96:3b:a5:2e:b8:cf:
                    d9:15:cf:12:4a:16:08:3f:06:85:3e:9e:a5:2f:ec:
                    69:81:68:25:72:d2:ea:ac:51:ad:55:48:98:25:04:
                    bc:c4:aa:2e:dc:e7:3d:65:58:5c:36:ef:be:97:06:
                    1f:7f:5c:35:86:5a:21:87:df:cf:24:2e:11:ec:ba:
                    dc:98:d2:ff:a2:fe:52:76:4b:7c:7c:7d:bb:05:fa:
                    bb:19:ae:11:41:50:f0:3a:9d:d7:c2:bc:09:99:92:
                    8d:83:24:08:04:df:65:75:03:9c:8f:39:de:ca:46:
                    b9:bc:d6:e1:96:8f:93:6e:64:27:a3:66:c2:0b:56:
                    a9:3a:82:f6:2a:e7:85:fb:08:7d:c7:e5:19:26:8b:
                    54:76:99:dc:02:2f:c6:d4:18:c4:6d:33:16:7b:0d:
                    27:6f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B4:2F:F1:01:7B:2B:0B:6B:DE:FF:B4:C0:A4:46:30:20:EB:B0:09:A2
            X509v3 Authority Key Identifier:
                keyid:21:02:1B:25:22:22:99:7B:FE:33:B7:E4:B3:15:AC:8D:5E:06:79:54

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IQIbJSIimXv-M7fksxWsjV4GeVQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/59294c-0f24-40c5-b5c3-6eac62e60df7/1/IQIbJSIimXv-M7fksxWsjV4GeVQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/59294c-0f24-40c5-b5c3-6eac62e60df7/1/IQIbJSIimXv-M7fksxWsjV4GeVQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7d:8a:ea:46:98:c1:0d:6f:f2:23:e5:bf:2e:e5:30:22:4f:62:
         22:66:13:8e:b9:51:c2:df:cb:ed:06:b2:52:45:b7:99:70:bd:
         50:06:ce:da:e4:3b:7e:d5:1e:73:d9:33:53:4b:21:64:3b:b2:
         50:7d:cf:52:56:fc:db:5b:22:52:9e:10:1c:e3:ba:f9:6b:82:
         ac:0a:72:6d:e5:37:b2:30:64:cf:7a:f8:b0:e7:01:8a:e6:2f:
         21:ba:93:a0:dd:d4:f0:2e:0f:b4:70:2b:22:d5:6e:f2:79:cb:
         ae:d9:10:b7:5b:ea:51:ba:94:8a:75:69:4e:3d:5a:25:08:5a:
         79:97:7f:13:80:b3:1e:75:c1:a7:f9:24:cf:03:e5:2d:28:bf:
         32:02:21:39:81:7e:19:9b:ba:14:fa:de:01:97:40:29:31:b5:
         84:ba:b0:0e:30:b1:de:67:1c:b4:a4:26:ef:5d:0b:4e:51:ec:
         5f:96:08:09:76:fb:56:48:49:4e:3e:ce:62:8b:b6:10:45:41:
         b7:e6:e0:b3:ff:33:87:94:90:1a:c8:59:18:a0:59:bd:4e:76:
         3a:d3:5c:41:93:b6:7a:4a:36:b1:e3:a9:11:1a:05:a0:da:78:
         79:9b:fb:ea:cf:22:f2:ca:10:8d:0c:7a:69:6c:7a:74:16:c8:
         a6:a2:4b:ec
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpPz72WoBvwdmPJ7bNG0FXTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxMDIxYjI1MjIyMjk5N2JmZTMzYjdlNGIzMTVhYzhkNWUw
Njc5NTQwHhcNMjUxMTA0MTcwMDA1WhcNMjUxMTA1MTcwMDA1WjAzMTEwLwYDVQQD
EyhiNDJmZjEwMTdiMmIwYjZiZGVmZmI0YzBhNDQ2MzAyMGViYjAwOWEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4gfGmW49LN4iJPmgmgtbSRnrl5Dv
c8kQg3T/yupfX4pTiO4LGAFLbMzl+JF6g+b9Wd8vfAw2hXXqneXX9Vo0n+cgMD6b
DSzL1VfIHXIK+174SLCc0OqxgETlAS9pxKE27V2WO6UuuM/ZFc8SShYIPwaFPp6l
L+xpgWglctLqrFGtVUiYJQS8xKou3Oc9ZVhcNu++lwYff1w1hlohh9/PJC4R7Lrc
mNL/ov5Sdkt8fH27Bfq7Ga4RQVDwOp3XwrwJmZKNgyQIBN9ldQOcjzneyka5vNbh
lo+TbmQno2bCC1apOoL2KueF+wh9x+UZJotUdpncAi/G1BjEbTMWew0nbwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLQv8QF7Kwtr3v+0wKRGMCDrsAmiMB8GA1UdIwQY
MBaAFCECGyUiIpl7/jO35LMVrI1eBnlUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVFJYkpTSWltWHYtTTdma3N4V3NqVjRHZVZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZC81OTI5NGMtMGYyNC00MGM1LWI1YzMt
NmVhYzYyZTYwZGY3LzEvSVFJYkpTSWltWHYtTTdma3N4V3NqVjRHZVZRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZC81OTI5NGMtMGYyNC00MGM1LWI1YzMtNmVhYzYyZTYwZGY3
LzEvSVFJYkpTSWltWHYtTTdma3N4V3NqVjRHZVZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAfYrqRpjB
DW/yI+W/LuUwIk9iImYTjrlRwt/L7QayUkW3mXC9UAbO2uQ7ftUec9kzU0shZDuy
UH3PUlb821siUp4QHOO6+WuCrApybeU3sjBkz3r4sOcBiuYvIbqToN3U8C4PtHAr
ItVu8nnLrtkQt1vqUbqUinVpTj1aJQhaeZd/E4CzHnXBp/kkzwPlLSi/MgIhOYF+
GZu6FPreAZdAKTG1hLqwDjCx3mcctKQm710LTlHsX5YICXb7VkhJTj7OYou2EEVB
t+bgs/8zh5SQGshZGKBZvU52OtNcQZO2eko2seOpERoFoNp4eZv76s8i8soQjQx6
aWx6dBbIpqJL7A==
-----END CERTIFICATE-----
Generated at Wed Nov 5 03:04:59 2025 by rpki-client