Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c4/65d7b9-ccf9-4b73-b669-3533a512fcf7/1/QO6XZYZL0R1KNJQm43LhGpQ0jeI.mft
File:                     QO6XZYZL0R1KNJQm43LhGpQ0jeI.mft (raw, json)
Hash identifier:          vY6HciDFDd9rWbrJ6xMo8A0YoKHuBge+zxo3o9W/FXg=
Subject key identifier:   EC:B7:FF:74:57:2B:8D:92:B8:A4:82:28:A2:3D:6A:4B:4E:8A:DA:D2
Authority key identifier: 40:EE:97:65:86:4B:D1:1D:4A:34:94:26:E3:72:E1:1A:94:34:8D:E2
Certificate issuer:       /CN=40ee9765864bd11d4a349426e372e11a94348de2
Certificate serial:       01988B0EA724F0C229CF7CEE272DA91829B4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/QO6XZYZL0R1KNJQm43LhGpQ0jeI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c4/65d7b9-ccf9-4b73-b669-3533a512fcf7/1/QO6XZYZL0R1KNJQm43LhGpQ0jeI.mft
Manifest number:          0732
Signing time:             Fri 08 Aug 2025 19:00:50 +0000
Manifest this update:     Fri 08 Aug 2025 19:00:50 +0000
Manifest next update:     Sat 09 Aug 2025 19:00:50 +0000
Files and hashes:         1: QO6XZYZL0R1KNJQm43LhGpQ0jeI.crl (hash: abGlzxur++1v1Pajz1MVEKMOYYB3ZIUWd2ii6La2EEs=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c4/65d7b9-ccf9-4b73-b669-3533a512fcf7/1/QO6XZYZL0R1KNJQm43LhGpQ0jeI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c4/65d7b9-ccf9-4b73-b669-3533a512fcf7/1/QO6XZYZL0R1KNJQm43LhGpQ0jeI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/QO6XZYZL0R1KNJQm43LhGpQ0jeI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 09 Aug 2025 19:00:50 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:8b:0e:a7:24:f0:c2:29:cf:7c:ee:27:2d:a9:18:29:b4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=40ee9765864bd11d4a349426e372e11a94348de2
        Validity
            Not Before: Aug  8 19:00:50 2025 GMT
            Not After : Aug  9 19:00:50 2025 GMT
        Subject: CN=ecb7ff74572b8d92b8a48228a23d6a4b4e8adad2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c4:48:b7:58:3b:bd:fa:8b:bd:32:61:d5:8d:f8:
                    9c:46:3a:a9:9b:09:fc:30:1e:94:1c:eb:97:de:42:
                    1a:9d:92:d8:14:2e:28:04:e7:21:43:cd:9b:14:44:
                    75:58:45:e0:7d:91:c3:cd:21:19:fe:f1:10:ec:59:
                    c2:07:94:0f:c8:55:40:90:b1:96:4f:81:0d:73:06:
                    44:6f:e3:7c:e5:9d:ac:4a:25:89:a5:38:7b:18:89:
                    98:00:ee:07:95:2e:ad:a6:6b:99:65:cb:55:8a:99:
                    b5:f6:8b:7e:77:7f:f0:b4:b5:7e:b7:97:9b:2a:b2:
                    87:ad:54:d8:7e:58:64:cc:b1:16:aa:08:39:27:79:
                    bc:85:04:3d:0a:93:e4:b0:c6:42:d4:2b:60:e6:96:
                    f7:ef:c5:4e:01:db:0f:fd:c6:81:23:c6:eb:b0:67:
                    da:ad:66:4f:76:92:a7:c2:53:ed:29:9d:cb:fd:b0:
                    84:64:e7:49:1d:4e:05:05:6a:a3:53:92:56:5d:34:
                    cd:45:9d:77:56:65:f5:6f:2b:e2:39:cb:45:46:90:
                    a4:b0:8c:b8:4f:9e:b4:9f:ce:08:e9:aa:f2:a7:8d:
                    a3:57:dd:9c:d4:6e:8a:c7:7b:b2:10:99:2f:a4:81:
                    4e:e6:65:a9:0d:a6:db:9f:fb:8a:7d:30:6a:a7:27:
                    2a:29
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EC:B7:FF:74:57:2B:8D:92:B8:A4:82:28:A2:3D:6A:4B:4E:8A:DA:D2
            X509v3 Authority Key Identifier:
                keyid:40:EE:97:65:86:4B:D1:1D:4A:34:94:26:E3:72:E1:1A:94:34:8D:E2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QO6XZYZL0R1KNJQm43LhGpQ0jeI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/65d7b9-ccf9-4b73-b669-3533a512fcf7/1/QO6XZYZL0R1KNJQm43LhGpQ0jeI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/65d7b9-ccf9-4b73-b669-3533a512fcf7/1/QO6XZYZL0R1KNJQm43LhGpQ0jeI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3f:bc:d5:bd:09:db:42:8b:4e:20:92:b0:9e:90:f7:23:51:1e:
         6f:80:fb:dd:31:26:01:ab:2b:48:84:e8:78:01:31:48:6d:98:
         58:e6:d3:ae:a6:c7:3a:32:43:43:ac:18:c4:5d:53:f1:c4:71:
         8d:4c:0a:76:ce:0f:13:71:f4:3d:66:be:89:de:65:04:ab:f1:
         52:b2:9c:f7:3a:7f:6c:6f:96:f7:3a:33:66:7f:57:20:01:4a:
         59:d3:04:02:11:d4:26:e3:dd:19:31:26:48:93:ba:8a:d2:9c:
         59:a7:d6:1a:5f:e5:fe:18:8b:10:c6:d2:79:1b:6c:1d:15:86:
         ae:36:a5:2b:df:cb:b9:34:91:68:98:88:c0:a4:dd:d3:1d:11:
         8e:1b:9b:16:4c:fb:be:e4:09:38:1b:fc:c4:b3:28:b6:ac:d8:
         82:76:74:01:25:be:50:e9:1b:d2:f9:d4:6c:ea:8a:54:22:f6:
         34:b6:4d:34:8b:b5:93:18:95:2a:6b:da:1d:f7:0d:76:9d:e3:
         6c:f6:93:7f:4a:fd:7f:1d:25:18:33:32:3a:4c:d6:41:11:c4:
         c7:bc:41:58:be:fc:ec:1c:2a:63:24:26:f6:14:7e:cc:f1:18:
         f4:86:f1:90:d6:dc:b2:34:73:8b:05:57:eb:15:91:18:a9:46:
         33:a5:60:e8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZiLDqck8MIpz3zuJy2pGCm0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwZWU5NzY1ODY0YmQxMWQ0YTM0OTQyNmUzNzJlMTFhOTQz
NDhkZTIwHhcNMjUwODA4MTkwMDUwWhcNMjUwODA5MTkwMDUwWjAzMTEwLwYDVQQD
EyhlY2I3ZmY3NDU3MmI4ZDkyYjhhNDgyMjhhMjNkNmE0YjRlOGFkYWQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxEi3WDu9+ou9MmHVjficRjqpmwn8
MB6UHOuX3kIanZLYFC4oBOchQ82bFER1WEXgfZHDzSEZ/vEQ7FnCB5QPyFVAkLGW
T4ENcwZEb+N85Z2sSiWJpTh7GImYAO4HlS6tpmuZZctVipm19ot+d3/wtLV+t5eb
KrKHrVTYflhkzLEWqgg5J3m8hQQ9CpPksMZC1Ctg5pb378VOAdsP/caBI8brsGfa
rWZPdpKnwlPtKZ3L/bCEZOdJHU4FBWqjU5JWXTTNRZ13VmX1byviOctFRpCksIy4
T560n84I6aryp42jV92c1G6Kx3uyEJkvpIFO5mWpDabbn/uKfTBqpycqKQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOy3/3RXK42SuKSCKKI9aktOitrSMB8GA1UdIwQY
MBaAFEDul2WGS9EdSjSUJuNy4RqUNI3iMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUU82WFpZWkwwUjFLTkpRbTQzTGhHcFEwamVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNC82NWQ3YjktY2NmOS00YjczLWI2Njkt
MzUzM2E1MTJmY2Y3LzEvUU82WFpZWkwwUjFLTkpRbTQzTGhHcFEwamVJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNC82NWQ3YjktY2NmOS00YjczLWI2NjktMzUzM2E1MTJmY2Y3
LzEvUU82WFpZWkwwUjFLTkpRbTQzTGhHcFEwamVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAP7zVvQnb
QotOIJKwnpD3I1Eeb4D73TEmAasrSIToeAExSG2YWObTrqbHOjJDQ6wYxF1T8cRx
jUwKds4PE3H0PWa+id5lBKvxUrKc9zp/bG+W9zozZn9XIAFKWdMEAhHUJuPdGTEm
SJO6itKcWafWGl/l/hiLEMbSeRtsHRWGrjalK9/LuTSRaJiIwKTd0x0RjhubFkz7
vuQJOBv8xLMotqzYgnZ0ASW+UOkb0vnUbOqKVCL2NLZNNIu1kxiVKmvaHfcNdp3j
bPaTf0r9fx0lGDMyOkzWQRHEx7xBWL787BwqYyQm9hR+zPEY9IbxkNbcsjRziwVX
6xWRGKlGM6Vg6A==
-----END CERTIFICATE-----
Generated at Sat Aug 9 01:24:11 2025 by rpki-client