Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/625d78-019c-4301-ba78-70c0c15bc80a/1/q7lESdTSRidxdzvAimJFB9pRKw0.mft
File:                     q7lESdTSRidxdzvAimJFB9pRKw0.mft (raw, json)
Hash identifier:          /EN7OH0seyrpz9RceOhlmigr3Gxj2V7+sbkTQ/vFmKo=
Subject key identifier:   31:E8:81:D3:D1:67:0D:6C:5C:23:53:28:BF:61:A5:3F:38:FE:0A:9A
Authority key identifier: AB:B9:44:49:D4:D2:46:27:71:77:3B:C0:8A:62:45:07:DA:51:2B:0D
Certificate issuer:       /CN=abb94449d4d2462771773bc08a624507da512b0d
Certificate serial:       0199FCC688FAE1BA8F46B165EC5EFE7B0DAE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/q7lESdTSRidxdzvAimJFB9pRKw0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5e/625d78-019c-4301-ba78-70c0c15bc80a/1/q7lESdTSRidxdzvAimJFB9pRKw0.mft
Manifest number:          07C7
Signing time:             Sun 19 Oct 2025 14:01:33 +0000
Manifest this update:     Sun 19 Oct 2025 14:01:33 +0000
Manifest next update:     Mon 20 Oct 2025 14:01:33 +0000
Files and hashes:         1: q7lESdTSRidxdzvAimJFB9pRKw0.crl (hash: YWIX9fVZzUdoCM9YMZvgyAKagkpQS9ErpaVi1HbGVM4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5e/625d78-019c-4301-ba78-70c0c15bc80a/1/q7lESdTSRidxdzvAimJFB9pRKw0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5e/625d78-019c-4301-ba78-70c0c15bc80a/1/q7lESdTSRidxdzvAimJFB9pRKw0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/q7lESdTSRidxdzvAimJFB9pRKw0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 11:18:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fc:c6:88:fa:e1:ba:8f:46:b1:65:ec:5e:fe:7b:0d:ae
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=abb94449d4d2462771773bc08a624507da512b0d
        Validity
            Not Before: Oct 19 14:01:33 2025 GMT
            Not After : Oct 20 14:01:33 2025 GMT
        Subject: CN=31e881d3d1670d6c5c235328bf61a53f38fe0a9a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:5f:3e:4c:33:0a:69:e5:ee:b8:ca:fa:56:cc:
                    93:62:3f:08:f9:c3:78:74:2b:eb:11:75:5f:dd:02:
                    3b:57:e8:7d:31:64:00:89:92:9b:7e:fa:86:91:49:
                    42:9e:47:36:c0:3e:42:66:65:79:e5:1f:0b:29:b1:
                    7c:01:a1:b9:50:87:78:50:ec:6a:70:48:f5:66:04:
                    86:9b:42:f9:f3:4c:f0:89:1c:cc:62:cf:fb:de:a9:
                    c0:b6:b7:47:64:0b:6e:4a:39:88:76:97:7d:b5:5a:
                    f0:c4:e6:c3:5c:cb:ec:a2:c2:d8:81:a0:22:d7:51:
                    60:79:22:17:a6:1f:4f:2e:60:e0:27:8d:c9:5a:ed:
                    d4:dd:37:ca:3e:ff:ae:55:99:a9:78:57:27:9c:5d:
                    29:e0:d3:67:7a:d6:c9:92:d2:1f:c6:c4:32:99:42:
                    af:0f:1d:b8:17:03:4d:65:b9:17:4b:f4:9d:78:8d:
                    4b:09:59:16:7a:44:36:4e:cb:54:ee:dd:e3:dd:21:
                    39:2d:5b:ef:b9:d3:1d:19:a5:43:ce:58:35:2b:d4:
                    24:1e:ba:4d:e3:af:a7:c2:12:d7:c4:4d:3c:28:1b:
                    38:17:c0:45:d3:17:3a:11:0d:64:f5:05:c8:89:05:
                    fe:d5:f7:ba:19:52:de:d8:84:75:b5:7f:8e:25:58:
                    10:3d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                31:E8:81:D3:D1:67:0D:6C:5C:23:53:28:BF:61:A5:3F:38:FE:0A:9A
            X509v3 Authority Key Identifier:
                keyid:AB:B9:44:49:D4:D2:46:27:71:77:3B:C0:8A:62:45:07:DA:51:2B:0D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/q7lESdTSRidxdzvAimJFB9pRKw0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/625d78-019c-4301-ba78-70c0c15bc80a/1/q7lESdTSRidxdzvAimJFB9pRKw0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/625d78-019c-4301-ba78-70c0c15bc80a/1/q7lESdTSRidxdzvAimJFB9pRKw0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         b2:ea:a7:5b:12:45:79:26:83:0c:bc:43:30:25:a7:09:6e:b0:
         46:8b:52:66:2d:95:45:e0:a9:1e:66:83:0c:07:b2:a6:2f:a1:
         36:c0:0e:1c:a2:e7:20:f9:8d:f0:2f:61:46:fb:01:3e:fa:5b:
         ea:13:92:f0:83:a9:dd:62:3a:e2:a0:ac:94:99:83:05:0d:86:
         75:09:8d:dc:bf:d0:f5:ab:8a:a7:0d:cb:65:30:41:77:4a:c9:
         ed:ae:f7:4e:f8:81:a7:03:fa:11:0f:e6:e4:46:63:3f:9d:c0:
         c4:3e:81:eb:16:07:3c:d2:00:ce:59:73:79:dd:6c:11:7a:f6:
         bf:91:31:d1:c7:8a:15:ab:e5:e1:70:04:28:33:d3:2b:9d:f3:
         fd:07:40:e2:29:65:67:e8:5d:e1:a2:09:aa:ef:84:46:1c:14:
         cd:1e:50:7d:6b:0f:1e:46:de:cb:6a:6c:49:da:e1:5f:8f:29:
         1b:0b:7b:4b:65:a2:56:9d:06:d3:bd:63:ce:85:a2:01:c0:45:
         14:f0:b5:2a:b8:f2:69:78:24:7e:a0:bc:fc:b1:ac:fe:15:db:
         58:47:1f:3d:5b:58:2a:79:8b:76:ca:80:a6:86:d1:79:96:3a:
         cc:d2:1d:3f:a3:6f:5a:36:6b:e7:73:b9:ac:72:26:22:0d:8a:
         bb:69:b9:c8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn8xoj64bqPRrFl7F7+ew2uMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiYjk0NDQ5ZDRkMjQ2Mjc3MTc3M2JjMDhhNjI0NTA3ZGE1
MTJiMGQwHhcNMjUxMDE5MTQwMTMzWhcNMjUxMDIwMTQwMTMzWjAzMTEwLwYDVQQD
EygzMWU4ODFkM2QxNjcwZDZjNWMyMzUzMjhiZjYxYTUzZjM4ZmUwYTlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsl8+TDMKaeXuuMr6VsyTYj8I+cN4
dCvrEXVf3QI7V+h9MWQAiZKbfvqGkUlCnkc2wD5CZmV55R8LKbF8AaG5UId4UOxq
cEj1ZgSGm0L580zwiRzMYs/73qnAtrdHZAtuSjmIdpd9tVrwxObDXMvsosLYgaAi
11FgeSIXph9PLmDgJ43JWu3U3TfKPv+uVZmpeFcnnF0p4NNnetbJktIfxsQymUKv
Dx24FwNNZbkXS/SdeI1LCVkWekQ2TstU7t3j3SE5LVvvudMdGaVDzlg1K9QkHrpN
46+nwhLXxE08KBs4F8BF0xc6EQ1k9QXIiQX+1fe6GVLe2IR1tX+OJVgQPQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDHogdPRZw1sXCNTKL9hpT84/gqaMB8GA1UdIwQY
MBaAFKu5REnU0kYncXc7wIpiRQfaUSsNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcTdsRVNkVFNSaWR4ZHp2QWltSkZCOXBSS3cwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS82MjVkNzgtMDE5Yy00MzAxLWJhNzgt
NzBjMGMxNWJjODBhLzEvcTdsRVNkVFNSaWR4ZHp2QWltSkZCOXBSS3cwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS82MjVkNzgtMDE5Yy00MzAxLWJhNzgtNzBjMGMxNWJjODBh
LzEvcTdsRVNkVFNSaWR4ZHp2QWltSkZCOXBSS3cwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAsuqnWxJF
eSaDDLxDMCWnCW6wRotSZi2VReCpHmaDDAeypi+hNsAOHKLnIPmN8C9hRvsBPvpb
6hOS8IOp3WI64qCslJmDBQ2GdQmN3L/Q9auKpw3LZTBBd0rJ7a73TviBpwP6EQ/m
5EZjP53AxD6B6xYHPNIAzllzed1sEXr2v5Ex0ceKFavl4XAEKDPTK53z/QdA4ill
Z+hd4aIJqu+ERhwUzR5QfWsPHkbey2psSdrhX48pGwt7S2WiVp0G071jzoWiAcBF
FPC1KrjyaXgkfqC8/LGs/hXbWEcfPVtYKnmLdsqApobReZY6zNIdP6NvWjZr53O5
rHImIg2Ku2m5yA==
-----END CERTIFICATE-----