Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/54/1e0bb6-e456-4a8d-b60b-752d5de0a90e/1/qKI6ziwGf44hL_NZ2pbCBYtks-o.mft
File:                     qKI6ziwGf44hL_NZ2pbCBYtks-o.mft (raw, json)
Hash identifier:          AP6FxaQ4obY2CnE+Dr0PcexYb2IdEojDso2GTSR2d8Y=
Subject key identifier:   A3:BC:CF:76:CA:8F:52:31:E2:2E:76:33:3D:C6:49:A5:E7:AF:E5:A8
Authority key identifier: A8:A2:3A:CE:2C:06:7F:8E:21:2F:F3:59:DA:96:C2:05:8B:64:B3:EA
Certificate issuer:       /CN=a8a23ace2c067f8e212ff359da96c2058b64b3ea
Certificate serial:       019A006C29DCF95551FED90F574FF2818621
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/qKI6ziwGf44hL_NZ2pbCBYtks-o.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/54/1e0bb6-e456-4a8d-b60b-752d5de0a90e/1/qKI6ziwGf44hL_NZ2pbCBYtks-o.mft
Manifest number:          0717
Signing time:             Mon 20 Oct 2025 07:01:19 +0000
Manifest this update:     Mon 20 Oct 2025 07:01:19 +0000
Manifest next update:     Tue 21 Oct 2025 07:01:19 +0000
Files and hashes:         1: qKI6ziwGf44hL_NZ2pbCBYtks-o.crl (hash: T4UN5ukpO8T4tgJECL4NqpTcSV+c5iCVhveUp8Pa0Ug=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/54/1e0bb6-e456-4a8d-b60b-752d5de0a90e/1/qKI6ziwGf44hL_NZ2pbCBYtks-o.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/54/1e0bb6-e456-4a8d-b60b-752d5de0a90e/1/qKI6ziwGf44hL_NZ2pbCBYtks-o.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/qKI6ziwGf44hL_NZ2pbCBYtks-o.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 21 Oct 2025 00:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:00:6c:29:dc:f9:55:51:fe:d9:0f:57:4f:f2:81:86:21
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a8a23ace2c067f8e212ff359da96c2058b64b3ea
        Validity
            Not Before: Oct 20 07:01:19 2025 GMT
            Not After : Oct 21 07:01:19 2025 GMT
        Subject: CN=a3bccf76ca8f5231e22e76333dc649a5e7afe5a8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:ec:1a:12:c2:04:20:e0:1b:24:7e:7c:ee:81:
                    57:94:4f:a2:6a:6b:11:dc:cf:76:50:f6:7b:66:1c:
                    51:2c:e5:f8:69:78:43:d1:fd:09:53:08:af:cc:a0:
                    f6:a7:5c:0b:07:6d:33:38:ba:12:24:a5:6f:6f:88:
                    48:8e:9b:45:42:b8:bc:99:a4:d0:29:55:1b:7d:df:
                    3d:05:7d:70:7a:0d:7f:b2:cc:d2:a4:4b:75:4f:f7:
                    ed:3a:5f:f9:64:72:c1:03:91:a6:82:2f:95:0b:60:
                    5f:ca:bc:bc:63:d3:55:48:1c:c8:6a:f4:8d:bc:fb:
                    43:69:97:ee:dd:ff:de:37:49:e8:52:d0:65:bc:d6:
                    fb:dc:47:6b:d0:1f:bc:b6:67:b0:5b:d8:99:0d:92:
                    cf:11:f6:28:eb:9a:e0:31:6b:e2:62:b2:ff:c2:a7:
                    60:96:82:43:b8:ec:40:cf:41:fc:c3:1e:f6:d5:d8:
                    fb:b5:a6:ea:72:dc:07:0f:37:a4:97:63:89:56:bf:
                    15:b0:71:59:d7:b0:c9:f0:d9:c5:01:93:a9:45:ef:
                    bd:49:bc:64:c2:06:5d:9c:dc:12:82:8a:50:9e:c5:
                    08:3f:55:71:61:c4:8b:73:2d:63:a4:23:5a:90:4d:
                    d8:e6:44:c2:b0:55:7c:e1:07:ff:e5:b2:1f:54:fe:
                    45:dd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A3:BC:CF:76:CA:8F:52:31:E2:2E:76:33:3D:C6:49:A5:E7:AF:E5:A8
            X509v3 Authority Key Identifier:
                keyid:A8:A2:3A:CE:2C:06:7F:8E:21:2F:F3:59:DA:96:C2:05:8B:64:B3:EA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qKI6ziwGf44hL_NZ2pbCBYtks-o.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/54/1e0bb6-e456-4a8d-b60b-752d5de0a90e/1/qKI6ziwGf44hL_NZ2pbCBYtks-o.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/54/1e0bb6-e456-4a8d-b60b-752d5de0a90e/1/qKI6ziwGf44hL_NZ2pbCBYtks-o.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         73:5c:32:36:ee:37:c8:85:ec:e5:7c:fb:a8:be:e1:ab:42:2f:
         62:e1:f7:42:80:9c:3b:f7:84:26:e1:71:a2:94:04:75:17:aa:
         02:71:8d:2a:d8:57:92:10:a7:9d:9b:54:aa:f2:dd:29:c8:8e:
         7a:25:71:eb:dc:a2:73:6e:69:f8:df:0f:cc:82:79:c4:ce:2a:
         87:6d:11:04:78:32:3c:88:e2:a4:ac:89:ea:d9:ac:7f:ec:a9:
         c7:5b:fd:ed:36:16:fc:ea:53:55:2c:b3:a1:23:25:93:c7:c7:
         ac:b8:49:e7:86:55:80:dd:18:3f:f2:28:16:8b:3f:e8:f8:96:
         74:40:99:e2:35:ef:cd:75:f5:b3:e3:03:f8:e1:7d:b0:09:b9:
         16:0f:cc:83:5e:e7:a1:44:bf:36:cb:d2:e5:2c:64:e5:8f:09:
         0c:0b:bf:09:44:60:60:70:fb:90:54:5a:5c:17:5d:17:50:c3:
         ca:10:b1:fa:1a:25:aa:65:5a:99:18:76:8e:6d:cc:2e:9f:a8:
         e3:bb:b1:56:8d:52:99:a2:b2:41:d0:c6:7e:fe:14:b8:0f:d8:
         97:3c:9f:ee:fb:e4:64:f2:74:c9:0f:82:0f:8d:95:b9:a8:2d:
         af:1b:f4:0f:32:79:a7:f5:51:28:08:a3:aa:ff:25:5c:5f:a7:
         fa:01:aa:4d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZoAbCnc+VVR/tkPV0/ygYYhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE4YTIzYWNlMmMwNjdmOGUyMTJmZjM1OWRhOTZjMjA1OGI2
NGIzZWEwHhcNMjUxMDIwMDcwMTE5WhcNMjUxMDIxMDcwMTE5WjAzMTEwLwYDVQQD
EyhhM2JjY2Y3NmNhOGY1MjMxZTIyZTc2MzMzZGM2NDlhNWU3YWZlNWE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtuwaEsIEIOAbJH587oFXlE+iamsR
3M92UPZ7ZhxRLOX4aXhD0f0JUwivzKD2p1wLB20zOLoSJKVvb4hIjptFQri8maTQ
KVUbfd89BX1weg1/sszSpEt1T/ftOl/5ZHLBA5Gmgi+VC2Bfyry8Y9NVSBzIavSN
vPtDaZfu3f/eN0noUtBlvNb73Edr0B+8tmewW9iZDZLPEfYo65rgMWviYrL/wqdg
loJDuOxAz0H8wx721dj7tabqctwHDzekl2OJVr8VsHFZ17DJ8NnFAZOpRe+9Sbxk
wgZdnNwSgopQnsUIP1VxYcSLcy1jpCNakE3Y5kTCsFV84Qf/5bIfVP5F3QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKO8z3bKj1Ix4i52Mz3GSaXnr+WoMB8GA1UdIwQY
MBaAFKiiOs4sBn+OIS/zWdqWwgWLZLPqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcUtJNnppd0dmNDRoTF9OWjJwYkNCWXRrcy1vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NC8xZTBiYjYtZTQ1Ni00YThkLWI2MGIt
NzUyZDVkZTBhOTBlLzEvcUtJNnppd0dmNDRoTF9OWjJwYkNCWXRrcy1vLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NC8xZTBiYjYtZTQ1Ni00YThkLWI2MGItNzUyZDVkZTBhOTBl
LzEvcUtJNnppd0dmNDRoTF9OWjJwYkNCWXRrcy1vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAc1wyNu43
yIXs5Xz7qL7hq0IvYuH3QoCcO/eEJuFxopQEdReqAnGNKthXkhCnnZtUqvLdKciO
eiVx69yic25p+N8PzIJ5xM4qh20RBHgyPIjipKyJ6tmsf+ypx1v97TYW/OpTVSyz
oSMlk8fHrLhJ54ZVgN0YP/IoFos/6PiWdECZ4jXvzXX1s+MD+OF9sAm5Fg/Mg17n
oUS/NsvS5Sxk5Y8JDAu/CURgYHD7kFRaXBddF1DDyhCx+holqmVamRh2jm3MLp+o
47uxVo1SmaKyQdDGfv4UuA/Ylzyf7vvkZPJ0yQ+CD42Vuagtrxv0DzJ5p/VRKAij
qv8lXF+n+gGqTQ==
-----END CERTIFICATE-----