Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/43/d66ff3-b607-476e-8d5e-8968565df63a/1/qfCQLHsw_sPg3PXyO_7fUBgjQps.mft
File:                     qfCQLHsw_sPg3PXyO_7fUBgjQps.mft (raw, json)
Hash identifier:          O1TZLekgpI5Txe1Z2lMAO22XINwd1acnsUxLxFG8OWI=
Subject key identifier:   10:D3:80:2F:3F:2D:23:51:0E:5D:1E:52:31:B0:91:A3:FC:AA:54:78
Authority key identifier: A9:F0:90:2C:7B:30:FE:C3:E0:DC:F5:F2:3B:FE:DF:50:18:23:42:9B
Certificate issuer:       /CN=a9f0902c7b30fec3e0dcf5f23bfedf501823429b
Certificate serial:       0198D515D38EFED8EDDE9383D66E09FB311A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/qfCQLHsw_sPg3PXyO_7fUBgjQps.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/43/d66ff3-b607-476e-8d5e-8968565df63a/1/qfCQLHsw_sPg3PXyO_7fUBgjQps.mft
Manifest number:          04D8
Signing time:             Sat 23 Aug 2025 04:00:33 +0000
Manifest this update:     Sat 23 Aug 2025 04:00:33 +0000
Manifest next update:     Sun 24 Aug 2025 04:00:33 +0000
Files and hashes:         1: qfCQLHsw_sPg3PXyO_7fUBgjQps.crl (hash: bE3sHM9jTj7AVatZfxunX/b6N0Dnr3GwCCoCQpyGhWg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/43/d66ff3-b607-476e-8d5e-8968565df63a/1/qfCQLHsw_sPg3PXyO_7fUBgjQps.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/43/d66ff3-b607-476e-8d5e-8968565df63a/1/qfCQLHsw_sPg3PXyO_7fUBgjQps.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/qfCQLHsw_sPg3PXyO_7fUBgjQps.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 04:00:33 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d5:15:d3:8e:fe:d8:ed:de:93:83:d6:6e:09:fb:31:1a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a9f0902c7b30fec3e0dcf5f23bfedf501823429b
        Validity
            Not Before: Aug 23 04:00:33 2025 GMT
            Not After : Aug 24 04:00:33 2025 GMT
        Subject: CN=10d3802f3f2d23510e5d1e5231b091a3fcaa5478
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c6:cb:c4:01:03:26:ee:a9:70:1c:8b:76:5e:a0:
                    3b:ff:ce:9a:0c:08:d1:2b:51:17:c9:16:91:96:19:
                    5a:44:9b:1b:6e:fe:9d:9a:c0:5e:f1:ff:5a:ba:45:
                    b0:2f:c8:40:79:6b:5f:e6:1c:57:06:ce:41:2d:c7:
                    35:4d:41:c9:0c:0b:7d:ba:ef:93:94:02:80:a3:30:
                    fe:73:b7:5e:2d:36:5b:0b:cd:ea:bd:6f:30:66:72:
                    75:cf:d2:28:f9:0a:c6:ce:86:4a:cb:a4:0d:de:13:
                    58:8d:b4:f0:5f:83:42:dc:56:9a:88:8c:a3:61:8b:
                    c5:8e:ab:d2:72:97:bc:ae:c6:e2:64:ad:3a:75:f9:
                    a8:c3:76:62:b5:0c:b5:98:65:79:44:87:ce:77:c4:
                    a0:c6:9f:7d:7e:6d:5b:cb:c1:bd:22:6a:65:ad:92:
                    be:9b:a4:5a:1a:68:1a:28:75:59:88:10:c2:09:11:
                    43:34:22:ec:21:b2:7d:f4:bf:f4:91:8d:32:51:ec:
                    ef:6d:48:7c:18:d9:a0:7a:8a:1a:40:85:f7:1d:05:
                    1c:04:49:a7:7b:d8:fd:c6:bb:8a:68:5e:32:84:dc:
                    22:24:33:05:0e:35:8b:ba:55:4e:f8:b0:ab:06:f0:
                    c5:6c:c6:1e:43:16:6d:9f:46:1d:e7:a7:04:51:bc:
                    6d:09
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                10:D3:80:2F:3F:2D:23:51:0E:5D:1E:52:31:B0:91:A3:FC:AA:54:78
            X509v3 Authority Key Identifier:
                keyid:A9:F0:90:2C:7B:30:FE:C3:E0:DC:F5:F2:3B:FE:DF:50:18:23:42:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qfCQLHsw_sPg3PXyO_7fUBgjQps.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/43/d66ff3-b607-476e-8d5e-8968565df63a/1/qfCQLHsw_sPg3PXyO_7fUBgjQps.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/43/d66ff3-b607-476e-8d5e-8968565df63a/1/qfCQLHsw_sPg3PXyO_7fUBgjQps.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         88:21:75:2f:82:72:f4:c4:c8:f6:2f:06:ec:9f:fd:a7:76:a1:
         c6:b1:a4:e1:70:b7:b3:26:68:b4:4a:3a:f0:24:53:c7:47:d4:
         31:a2:6d:28:60:6a:08:ba:9a:4a:5a:5e:3c:77:b2:81:03:b3:
         5f:ef:76:61:b4:c7:f3:0e:67:5b:f8:1a:3c:2e:c1:65:da:e4:
         d0:69:0a:e0:5f:b2:16:b9:93:f5:8e:3b:d9:0b:76:3e:7b:1d:
         58:b5:42:e5:8e:94:90:57:b8:1e:73:35:b0:01:f7:42:61:03:
         30:cf:e7:20:ae:1a:72:61:c6:26:34:5c:f7:07:3e:11:d4:0f:
         a0:38:20:e7:12:47:a7:28:91:26:b3:e9:92:54:cd:df:32:2b:
         0c:64:7c:d3:aa:79:7f:a2:56:6c:a2:d9:91:85:36:a5:76:2b:
         8e:ab:75:3c:ee:96:3f:86:a5:dd:e2:83:47:5f:8b:61:be:14:
         5b:97:57:b8:1c:24:bf:67:13:79:19:4f:e0:77:bf:a3:51:3d:
         dd:a6:f8:9b:80:51:f6:86:b2:2b:7d:84:be:3d:b1:d3:e8:95:
         7f:59:71:2a:57:7b:86:85:55:62:a4:5a:99:cc:7f:eb:a9:ff:
         15:69:bc:87:6c:c3:18:48:a1:26:98:33:56:0f:71:9e:35:93:
         4c:8c:43:d5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjVFdOO/tjt3pOD1m4J+zEaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE5ZjA5MDJjN2IzMGZlYzNlMGRjZjVmMjNiZmVkZjUwMTgy
MzQyOWIwHhcNMjUwODIzMDQwMDMzWhcNMjUwODI0MDQwMDMzWjAzMTEwLwYDVQQD
EygxMGQzODAyZjNmMmQyMzUxMGU1ZDFlNTIzMWIwOTFhM2ZjYWE1NDc4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxsvEAQMm7qlwHIt2XqA7/86aDAjR
K1EXyRaRlhlaRJsbbv6dmsBe8f9aukWwL8hAeWtf5hxXBs5BLcc1TUHJDAt9uu+T
lAKAozD+c7deLTZbC83qvW8wZnJ1z9Io+QrGzoZKy6QN3hNYjbTwX4NC3FaaiIyj
YYvFjqvScpe8rsbiZK06dfmow3ZitQy1mGV5RIfOd8Sgxp99fm1by8G9ImplrZK+
m6RaGmgaKHVZiBDCCRFDNCLsIbJ99L/0kY0yUezvbUh8GNmgeooaQIX3HQUcBEmn
e9j9xruKaF4yhNwiJDMFDjWLulVO+LCrBvDFbMYeQxZtn0Yd56cEUbxtCQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBDTgC8/LSNRDl0eUjGwkaP8qlR4MB8GA1UdIwQY
MBaAFKnwkCx7MP7D4Nz18jv+31AYI0KbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWZDUUxIc3dfc1BnM1BYeU9fN2ZVQmdqUXBzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80My9kNjZmZjMtYjYwNy00NzZlLThkNWUt
ODk2ODU2NWRmNjNhLzEvcWZDUUxIc3dfc1BnM1BYeU9fN2ZVQmdqUXBzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80My9kNjZmZjMtYjYwNy00NzZlLThkNWUtODk2ODU2NWRmNjNh
LzEvcWZDUUxIc3dfc1BnM1BYeU9fN2ZVQmdqUXBzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAiCF1L4Jy
9MTI9i8G7J/9p3ahxrGk4XC3syZotEo68CRTx0fUMaJtKGBqCLqaSlpePHeygQOz
X+92YbTH8w5nW/gaPC7BZdrk0GkK4F+yFrmT9Y472Qt2PnsdWLVC5Y6UkFe4HnM1
sAH3QmEDMM/nIK4acmHGJjRc9wc+EdQPoDgg5xJHpyiRJrPpklTN3zIrDGR806p5
f6JWbKLZkYU2pXYrjqt1PO6WP4al3eKDR1+LYb4UW5dXuBwkv2cTeRlP4He/o1E9
3ab4m4BR9oayK32Evj2x0+iVf1lxKld7hoVVYqRamcx/66n/FWm8h2zDGEihJpgz
Vg9xnjWTTIxD1Q==
-----END CERTIFICATE-----