Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/43/98b5dd-7dee-4f4e-9cd1-16320d014c04/1/hQEj5M4rgOvxLkP-5LHBjFxz07Q.mft
File:                     hQEj5M4rgOvxLkP-5LHBjFxz07Q.mft (raw, json)
Hash identifier:          V8goeNuuhPMlBxXxUTBv2KzloO5rSzgxk+/Ug/yI1v0=
Subject key identifier:   6C:60:20:83:1A:43:E0:7B:C6:3E:16:19:EA:20:4A:3F:D8:43:91:5B
Authority key identifier: 85:01:23:E4:CE:2B:80:EB:F1:2E:43:FE:E4:B1:C1:8C:5C:73:D3:B4
Certificate issuer:       /CN=850123e4ce2b80ebf12e43fee4b1c18c5c73d3b4
Certificate serial:       0199FBEB59C083AFFCF367412DA63EDAC2E5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hQEj5M4rgOvxLkP-5LHBjFxz07Q.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/43/98b5dd-7dee-4f4e-9cd1-16320d014c04/1/hQEj5M4rgOvxLkP-5LHBjFxz07Q.mft
Manifest number:          16DE
Signing time:             Sun 19 Oct 2025 10:02:09 +0000
Manifest this update:     Sun 19 Oct 2025 10:02:09 +0000
Manifest next update:     Mon 20 Oct 2025 10:02:09 +0000
Files and hashes:         1: hQEj5M4rgOvxLkP-5LHBjFxz07Q.crl (hash: uguhKXc7JQ89UDBpvrINsZV9AupPFANs8YMBftO3els=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/43/98b5dd-7dee-4f4e-9cd1-16320d014c04/1/hQEj5M4rgOvxLkP-5LHBjFxz07Q.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/43/98b5dd-7dee-4f4e-9cd1-16320d014c04/1/hQEj5M4rgOvxLkP-5LHBjFxz07Q.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/hQEj5M4rgOvxLkP-5LHBjFxz07Q.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 10:02:09 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fb:eb:59:c0:83:af:fc:f3:67:41:2d:a6:3e:da:c2:e5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=850123e4ce2b80ebf12e43fee4b1c18c5c73d3b4
        Validity
            Not Before: Oct 19 10:02:09 2025 GMT
            Not After : Oct 20 10:02:09 2025 GMT
        Subject: CN=6c6020831a43e07bc63e1619ea204a3fd843915b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:3f:65:b4:37:34:71:1d:1f:9d:f7:70:5c:9e:
                    03:f0:b3:5a:74:82:82:45:b4:d3:42:dc:12:92:48:
                    78:59:99:76:c2:4c:52:a7:89:b3:b0:ad:c4:f4:46:
                    f1:ae:c3:b7:08:84:66:20:7e:6a:87:34:f2:b9:0d:
                    1a:8a:98:a2:c0:84:77:68:19:8d:ac:29:d8:4d:18:
                    c1:af:7c:f5:61:03:4b:9f:0b:e4:22:5b:2c:a9:8b:
                    70:d8:46:d0:f2:06:40:e9:66:7e:54:1a:5f:b1:0f:
                    19:f0:3f:75:3a:67:4e:17:af:26:3c:9e:8c:a8:02:
                    99:a8:92:0b:60:f1:6a:91:b8:8d:4a:63:44:a4:9e:
                    c2:a4:e8:81:64:05:60:03:1f:9e:2b:00:81:62:74:
                    58:54:57:00:17:2d:67:77:ef:8e:06:75:3e:4c:3b:
                    32:6c:26:88:f1:55:de:b4:cf:07:67:f6:80:00:1b:
                    6f:48:a6:13:77:39:8e:c5:01:d5:47:e7:6d:56:af:
                    c5:13:a1:29:fd:1b:ee:b0:9a:20:25:cc:fc:6a:24:
                    a5:0c:68:de:66:a4:27:31:4e:84:65:73:49:28:c7:
                    6c:00:21:3d:b4:81:24:c5:b3:b5:82:2f:8c:12:6b:
                    f1:a0:ff:7b:8b:f8:23:c6:ae:58:8b:f6:9b:00:57:
                    55:43
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6C:60:20:83:1A:43:E0:7B:C6:3E:16:19:EA:20:4A:3F:D8:43:91:5B
            X509v3 Authority Key Identifier:
                keyid:85:01:23:E4:CE:2B:80:EB:F1:2E:43:FE:E4:B1:C1:8C:5C:73:D3:B4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hQEj5M4rgOvxLkP-5LHBjFxz07Q.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/43/98b5dd-7dee-4f4e-9cd1-16320d014c04/1/hQEj5M4rgOvxLkP-5LHBjFxz07Q.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/43/98b5dd-7dee-4f4e-9cd1-16320d014c04/1/hQEj5M4rgOvxLkP-5LHBjFxz07Q.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         58:01:07:8f:fd:b0:9d:87:33:52:0b:85:d6:53:91:a2:87:6e:
         f6:4d:98:ea:b8:dc:f2:f4:f6:47:2b:69:0a:e1:05:e1:1e:97:
         03:52:87:3f:5f:c6:b6:a8:5b:9f:eb:5c:81:3b:bf:cc:ef:35:
         09:e6:92:bb:69:5a:be:38:46:d0:38:c4:e3:4a:88:4f:9f:bf:
         b3:a6:26:c1:f5:82:1f:02:f0:97:61:7d:61:75:34:29:c6:a1:
         0e:b2:b4:65:86:ed:43:03:5f:13:a2:79:46:3f:a3:fc:ef:31:
         b3:60:f7:fb:68:80:00:c7:c3:be:06:09:88:89:93:86:b3:47:
         02:ed:72:4c:8a:39:78:5d:9e:c0:34:99:51:ae:13:8e:a4:a7:
         af:33:a4:35:be:48:91:6d:81:a1:a5:ea:18:a5:40:59:bb:b2:
         b8:35:93:b3:7f:f7:85:4c:9a:84:ab:16:30:77:ac:13:32:f3:
         4a:b6:da:94:d4:f6:5d:5c:7c:11:87:fb:6b:25:80:df:b6:b2:
         b1:e4:3a:44:11:76:ee:ce:34:9b:cf:a7:b1:3e:a9:93:fc:de:
         fc:01:0b:ef:f9:8d:21:fb:ba:74:3b:7f:d3:99:49:38:e9:2a:
         28:ed:dd:7f:aa:ad:8f:97:a2:da:0e:b9:e2:0c:e9:85:50:b6:
         ea:3e:d0:e9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn761nAg6/882dBLaY+2sLlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1MDEyM2U0Y2UyYjgwZWJmMTJlNDNmZWU0YjFjMThjNWM3
M2QzYjQwHhcNMjUxMDE5MTAwMjA5WhcNMjUxMDIwMTAwMjA5WjAzMTEwLwYDVQQD
Eyg2YzYwMjA4MzFhNDNlMDdiYzYzZTE2MTllYTIwNGEzZmQ4NDM5MTViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvz9ltDc0cR0fnfdwXJ4D8LNadIKC
RbTTQtwSkkh4WZl2wkxSp4mzsK3E9EbxrsO3CIRmIH5qhzTyuQ0aipiiwIR3aBmN
rCnYTRjBr3z1YQNLnwvkIlssqYtw2EbQ8gZA6WZ+VBpfsQ8Z8D91OmdOF68mPJ6M
qAKZqJILYPFqkbiNSmNEpJ7CpOiBZAVgAx+eKwCBYnRYVFcAFy1nd++OBnU+TDsy
bCaI8VXetM8HZ/aAABtvSKYTdzmOxQHVR+dtVq/FE6Ep/RvusJogJcz8aiSlDGje
ZqQnMU6EZXNJKMdsACE9tIEkxbO1gi+MEmvxoP97i/gjxq5Yi/abAFdVQwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGxgIIMaQ+B7xj4WGeogSj/YQ5FbMB8GA1UdIwQY
MBaAFIUBI+TOK4Dr8S5D/uSxwYxcc9O0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaFFFajVNNHJnT3Z4TGtQLTVMSEJqRnh6MDdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80My85OGI1ZGQtN2RlZS00ZjRlLTljZDEt
MTYzMjBkMDE0YzA0LzEvaFFFajVNNHJnT3Z4TGtQLTVMSEJqRnh6MDdRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80My85OGI1ZGQtN2RlZS00ZjRlLTljZDEtMTYzMjBkMDE0YzA0
LzEvaFFFajVNNHJnT3Z4TGtQLTVMSEJqRnh6MDdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWAEHj/2w
nYczUguF1lORoodu9k2Y6rjc8vT2RytpCuEF4R6XA1KHP1/Gtqhbn+tcgTu/zO81
CeaSu2lavjhG0DjE40qIT5+/s6YmwfWCHwLwl2F9YXU0KcahDrK0ZYbtQwNfE6J5
Rj+j/O8xs2D3+2iAAMfDvgYJiImThrNHAu1yTIo5eF2ewDSZUa4TjqSnrzOkNb5I
kW2BoaXqGKVAWbuyuDWTs3/3hUyahKsWMHesEzLzSrbalNT2XVx8EYf7ayWA37ay
seQ6RBF27s40m8+nsT6pk/ze/AEL7/mNIfu6dDt/05lJOOkqKO3df6qtj5ei2g65
4gzphVC26j7Q6Q==
-----END CERTIFICATE-----