Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/878e7c-34f5-47cb-a7e1-8042d6f4bef1/1/QTKoayl3h-SMVXBZMe05NR-EFxo.mft
File:                     QTKoayl3h-SMVXBZMe05NR-EFxo.mft (raw, json)
Hash identifier:          n2r6KjExW0/J54mW8GkPu8Ti1X8mRO0pqQ84jAwrGMo=
Subject key identifier:   6C:72:40:FD:6F:B7:70:47:7B:0E:B2:59:34:30:03:92:88:5D:F5:AB
Authority key identifier: 41:32:A8:6B:29:77:87:E4:8C:55:70:59:31:ED:39:35:1F:84:17:1A
Certificate issuer:       /CN=4132a86b297787e48c55705931ed39351f84171a
Certificate serial:       0199FBEAC1B66E3E00D63A931F084BBD1A36
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/QTKoayl3h-SMVXBZMe05NR-EFxo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/52/878e7c-34f5-47cb-a7e1-8042d6f4bef1/1/QTKoayl3h-SMVXBZMe05NR-EFxo.mft
Manifest number:          10C8
Signing time:             Sun 19 Oct 2025 10:01:30 +0000
Manifest this update:     Sun 19 Oct 2025 10:01:30 +0000
Manifest next update:     Mon 20 Oct 2025 10:01:30 +0000
Files and hashes:         1: QTKoayl3h-SMVXBZMe05NR-EFxo.crl (hash: CcnBAwYDH/9ecWwNaWVGqpzF77Rs1q0gLI9UTX8YaC8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/52/878e7c-34f5-47cb-a7e1-8042d6f4bef1/1/QTKoayl3h-SMVXBZMe05NR-EFxo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/52/878e7c-34f5-47cb-a7e1-8042d6f4bef1/1/QTKoayl3h-SMVXBZMe05NR-EFxo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/QTKoayl3h-SMVXBZMe05NR-EFxo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 10:01:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fb:ea:c1:b6:6e:3e:00:d6:3a:93:1f:08:4b:bd:1a:36
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4132a86b297787e48c55705931ed39351f84171a
        Validity
            Not Before: Oct 19 10:01:30 2025 GMT
            Not After : Oct 20 10:01:30 2025 GMT
        Subject: CN=6c7240fd6fb770477b0eb25934300392885df5ab
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a4:1e:1d:a8:5e:c8:28:a9:7b:05:00:56:9c:ce:
                    20:00:f2:2f:60:0b:72:a6:19:59:e4:7f:3b:d2:90:
                    49:61:43:7b:5f:d2:9a:93:1d:42:d8:b3:07:d7:d6:
                    52:c1:a3:04:1e:7f:94:75:41:9d:50:a1:f7:90:85:
                    c4:9d:5d:79:d1:4e:fb:e1:8c:29:ba:49:35:da:6b:
                    fc:54:95:f1:4d:c7:b7:cd:aa:f0:37:f0:8e:67:ea:
                    cf:e2:fe:32:5b:c3:bf:22:d9:27:04:f2:1a:7d:3d:
                    48:3e:a9:55:69:75:2a:31:ff:92:8d:19:f1:7f:2d:
                    3f:80:1d:b3:4d:e3:68:f0:64:b5:52:8e:3b:36:84:
                    68:ee:09:5e:8d:09:df:a2:33:40:91:1c:45:a0:d9:
                    40:77:7c:15:75:c2:c4:20:85:4f:5e:21:66:28:79:
                    4d:f7:17:92:db:6b:83:8e:bd:96:97:ee:d4:c7:ac:
                    c3:34:c4:7d:08:72:f0:d8:8c:90:64:e6:1f:c1:20:
                    25:0c:32:9c:d4:af:d0:c0:52:13:65:6c:08:44:19:
                    46:2c:54:b9:3f:b6:7c:d3:85:43:ff:d2:9c:b5:34:
                    22:2f:35:66:a9:f8:3d:eb:54:c7:8d:3b:3d:27:10:
                    f9:56:33:e6:82:b4:be:2c:ce:ce:29:3a:20:d0:27:
                    42:e9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6C:72:40:FD:6F:B7:70:47:7B:0E:B2:59:34:30:03:92:88:5D:F5:AB
            X509v3 Authority Key Identifier:
                keyid:41:32:A8:6B:29:77:87:E4:8C:55:70:59:31:ED:39:35:1F:84:17:1A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QTKoayl3h-SMVXBZMe05NR-EFxo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/878e7c-34f5-47cb-a7e1-8042d6f4bef1/1/QTKoayl3h-SMVXBZMe05NR-EFxo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/52/878e7c-34f5-47cb-a7e1-8042d6f4bef1/1/QTKoayl3h-SMVXBZMe05NR-EFxo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2a:da:b0:78:e4:46:47:45:e1:d9:0e:ad:e9:f9:2e:80:c3:6b:
         6c:7c:2e:02:f3:55:1e:cb:cd:b2:d2:7b:24:a4:77:4d:af:08:
         1a:d5:f2:ee:f6:9d:ff:b0:c9:08:f1:85:22:71:b9:ea:58:55:
         4d:2f:6d:24:11:5e:e4:a5:5e:1c:ac:e5:c9:27:7e:d0:39:fa:
         5d:a2:5e:0a:04:bb:6f:fb:f4:cb:a7:be:f5:ce:21:41:fe:db:
         fb:14:5e:ea:82:c2:1c:02:9f:af:50:f6:6f:29:6e:63:d7:df:
         cc:3b:06:1d:66:3d:fc:64:5a:7a:04:3b:2e:be:7b:8a:56:36:
         fa:5c:c3:16:8e:56:a1:54:b5:c9:7e:78:da:35:bb:15:90:2c:
         5a:78:70:e9:7b:0f:3b:be:b9:92:63:f0:29:04:d4:c2:3e:3d:
         78:fb:c2:38:75:41:b8:fe:37:fc:16:61:f3:08:81:01:4a:23:
         de:17:4a:07:14:a4:07:34:5d:4a:c2:82:6c:21:fb:48:9b:19:
         f0:72:d1:55:d6:39:d2:dc:b7:d3:5b:3f:fc:93:76:af:28:a5:
         b3:cf:44:5c:98:c8:06:68:c9:14:36:ca:fe:87:da:ab:c2:53:
         49:b4:4a:ec:95:3e:0b:d9:e9:c7:42:5e:1f:26:0e:bb:04:12:
         37:d3:c4:7d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn76sG2bj4A1jqTHwhLvRo2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQxMzJhODZiMjk3Nzg3ZTQ4YzU1NzA1OTMxZWQzOTM1MWY4
NDE3MWEwHhcNMjUxMDE5MTAwMTMwWhcNMjUxMDIwMTAwMTMwWjAzMTEwLwYDVQQD
Eyg2YzcyNDBmZDZmYjc3MDQ3N2IwZWIyNTkzNDMwMDM5Mjg4NWRmNWFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApB4dqF7IKKl7BQBWnM4gAPIvYAty
phlZ5H870pBJYUN7X9Kakx1C2LMH19ZSwaMEHn+UdUGdUKH3kIXEnV150U774Ywp
ukk12mv8VJXxTce3zarwN/COZ+rP4v4yW8O/ItknBPIafT1IPqlVaXUqMf+SjRnx
fy0/gB2zTeNo8GS1Uo47NoRo7glejQnfojNAkRxFoNlAd3wVdcLEIIVPXiFmKHlN
9xeS22uDjr2Wl+7Ux6zDNMR9CHLw2IyQZOYfwSAlDDKc1K/QwFITZWwIRBlGLFS5
P7Z804VD/9KctTQiLzVmqfg961THjTs9JxD5VjPmgrS+LM7OKTog0CdC6QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGxyQP1vt3BHew6yWTQwA5KIXfWrMB8GA1UdIwQY
MBaAFEEyqGspd4fkjFVwWTHtOTUfhBcaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUVRLb2F5bDNoLVNNVlhCWk1lMDVOUi1FRnhvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi84NzhlN2MtMzRmNS00N2NiLWE3ZTEt
ODA0MmQ2ZjRiZWYxLzEvUVRLb2F5bDNoLVNNVlhCWk1lMDVOUi1FRnhvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi84NzhlN2MtMzRmNS00N2NiLWE3ZTEtODA0MmQ2ZjRiZWYx
LzEvUVRLb2F5bDNoLVNNVlhCWk1lMDVOUi1FRnhvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKtqweORG
R0Xh2Q6t6fkugMNrbHwuAvNVHsvNstJ7JKR3Ta8IGtXy7vad/7DJCPGFInG56lhV
TS9tJBFe5KVeHKzlySd+0Dn6XaJeCgS7b/v0y6e+9c4hQf7b+xRe6oLCHAKfr1D2
byluY9ffzDsGHWY9/GRaegQ7Lr57ilY2+lzDFo5WoVS1yX542jW7FZAsWnhw6XsP
O765kmPwKQTUwj49ePvCOHVBuP43/BZh8wiBAUoj3hdKBxSkBzRdSsKCbCH7SJsZ
8HLRVdY50ty301s//JN2ryils89EXJjIBmjJFDbK/ofaq8JTSbRK7JU+C9npx0Je
HyYOuwQSN9PEfQ==
-----END CERTIFICATE-----