Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/63/b1fd7a-2e26-4a5d-802d-7246aefcd272/1/QF_8dK6SOGr7fOdw8DkOkNTN4wY.mft
File:                     QF_8dK6SOGr7fOdw8DkOkNTN4wY.mft (raw, json)
Hash identifier:          cMFhnpZRrv7fPyYfY1zQCWNV5/3vi1IVnBNkvSNBJlU=
Subject key identifier:   68:9B:56:BE:EF:56:E5:7E:17:A2:D1:AC:30:84:B2:89:A1:0B:3B:78
Authority key identifier: 40:5F:FC:74:AE:92:38:6A:FB:7C:E7:70:F0:39:0E:90:D4:CD:E3:06
Certificate issuer:       /CN=405ffc74ae92386afb7ce770f0390e90d4cde306
Certificate serial:       0199FBEB9DBD93E68A6CA44174F8B720A11E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/QF_8dK6SOGr7fOdw8DkOkNTN4wY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/63/b1fd7a-2e26-4a5d-802d-7246aefcd272/1/QF_8dK6SOGr7fOdw8DkOkNTN4wY.mft
Manifest number:          0329
Signing time:             Sun 19 Oct 2025 10:02:26 +0000
Manifest this update:     Sun 19 Oct 2025 10:02:26 +0000
Manifest next update:     Mon 20 Oct 2025 10:02:26 +0000
Files and hashes:         1: QF_8dK6SOGr7fOdw8DkOkNTN4wY.crl (hash: k46oXcWd7KkKP+QQIbJTfYvqmej5RBNzLtNUrib/w90=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/63/b1fd7a-2e26-4a5d-802d-7246aefcd272/1/QF_8dK6SOGr7fOdw8DkOkNTN4wY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/63/b1fd7a-2e26-4a5d-802d-7246aefcd272/1/QF_8dK6SOGr7fOdw8DkOkNTN4wY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/QF_8dK6SOGr7fOdw8DkOkNTN4wY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 10:02:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fb:eb:9d:bd:93:e6:8a:6c:a4:41:74:f8:b7:20:a1:1e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=405ffc74ae92386afb7ce770f0390e90d4cde306
        Validity
            Not Before: Oct 19 10:02:26 2025 GMT
            Not After : Oct 20 10:02:26 2025 GMT
        Subject: CN=689b56beef56e57e17a2d1ac3084b289a10b3b78
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:19:13:72:07:eb:f2:07:d3:08:cc:a3:3d:5b:
                    30:f2:d3:4c:a6:67:f8:6e:75:8c:35:98:f0:56:b1:
                    04:31:3b:d2:91:da:de:72:ea:ac:0a:f0:f7:f5:71:
                    fb:8b:30:52:f3:e7:47:48:53:80:d8:b1:35:37:5d:
                    1b:da:1c:72:51:5a:39:72:38:3a:9f:b2:cb:82:06:
                    e7:96:f8:86:57:b2:3a:3a:22:c8:d9:c8:a4:ea:7d:
                    3c:8e:62:f4:70:7d:29:95:9e:1f:d1:99:11:6a:3d:
                    90:38:bc:9d:12:39:3f:33:7a:25:38:df:88:42:9b:
                    bf:02:7a:9c:6b:81:3c:a3:8e:3d:99:67:05:6e:75:
                    cd:f3:7b:17:10:a5:52:1d:1f:68:91:5f:b4:15:ac:
                    09:0c:e4:90:36:36:ae:da:42:9c:19:63:ea:db:90:
                    f0:d6:c6:dc:cf:5b:ad:be:c0:c3:b4:aa:ba:ca:dc:
                    8d:f7:16:4f:35:1b:96:47:87:f8:cd:da:03:87:27:
                    e7:be:59:4a:99:8e:b1:f1:e9:af:75:af:30:b3:86:
                    cb:04:13:ce:8c:3b:18:48:84:1e:6c:ab:84:e6:04:
                    8c:3f:86:f9:ae:01:8f:3d:d1:5e:94:3b:e8:ab:94:
                    ca:78:9f:eb:fc:7d:0d:c8:19:92:d7:cf:d9:0a:53:
                    e5:77
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                68:9B:56:BE:EF:56:E5:7E:17:A2:D1:AC:30:84:B2:89:A1:0B:3B:78
            X509v3 Authority Key Identifier:
                keyid:40:5F:FC:74:AE:92:38:6A:FB:7C:E7:70:F0:39:0E:90:D4:CD:E3:06

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QF_8dK6SOGr7fOdw8DkOkNTN4wY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/63/b1fd7a-2e26-4a5d-802d-7246aefcd272/1/QF_8dK6SOGr7fOdw8DkOkNTN4wY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/63/b1fd7a-2e26-4a5d-802d-7246aefcd272/1/QF_8dK6SOGr7fOdw8DkOkNTN4wY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         aa:78:7f:9b:cb:05:19:74:08:97:31:ee:b6:b3:f6:1e:c9:6f:
         fe:0e:54:d9:1a:5a:86:c2:f3:42:dd:26:2f:fd:43:a5:cd:a1:
         ca:2f:fa:4a:ac:bd:51:2e:c9:ab:6b:8d:40:92:2f:30:1d:3a:
         f6:24:9e:8f:86:c3:d2:93:96:88:9f:4e:77:f9:86:66:30:dc:
         54:be:65:61:16:f8:58:8c:a5:8a:0d:8f:29:6b:94:ac:eb:66:
         da:5f:f7:eb:50:13:f9:4f:17:c5:2c:44:ea:b0:99:61:13:6b:
         4e:0b:1a:58:1e:41:18:fa:c6:70:73:25:63:58:ea:4e:4b:23:
         b4:c2:85:7f:bb:ee:42:b2:58:88:6d:53:54:39:65:2f:16:cd:
         a7:c4:64:b0:3a:f4:09:0b:3b:47:a5:1f:18:e1:74:46:bf:58:
         c6:12:c1:c2:c7:c5:a0:77:92:bc:8c:e2:04:56:22:3e:df:85:
         a9:5c:12:5c:bd:01:4d:fa:b7:94:6b:67:a6:e6:b0:ec:88:44:
         0f:20:f0:f2:28:7f:fe:4d:ad:2a:a0:02:cb:0d:43:ed:f0:12:
         8c:eb:9d:d8:ec:52:a8:b8:d4:3f:3c:e8:25:37:77:3b:1c:85:
         0d:85:26:75:a2:b7:87:0c:aa:ee:6f:17:58:f3:4c:5d:37:fa:
         ae:e5:38:3d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn76529k+aKbKRBdPi3IKEeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwNWZmYzc0YWU5MjM4NmFmYjdjZTc3MGYwMzkwZTkwZDRj
ZGUzMDYwHhcNMjUxMDE5MTAwMjI2WhcNMjUxMDIwMTAwMjI2WjAzMTEwLwYDVQQD
Eyg2ODliNTZiZWVmNTZlNTdlMTdhMmQxYWMzMDg0YjI4OWExMGIzYjc4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApxkTcgfr8gfTCMyjPVsw8tNMpmf4
bnWMNZjwVrEEMTvSkdrecuqsCvD39XH7izBS8+dHSFOA2LE1N10b2hxyUVo5cjg6
n7LLggbnlviGV7I6OiLI2cik6n08jmL0cH0plZ4f0ZkRaj2QOLydEjk/M3olON+I
Qpu/Anqca4E8o449mWcFbnXN83sXEKVSHR9okV+0FawJDOSQNjau2kKcGWPq25Dw
1sbcz1utvsDDtKq6ytyN9xZPNRuWR4f4zdoDhyfnvllKmY6x8emvda8ws4bLBBPO
jDsYSIQebKuE5gSMP4b5rgGPPdFelDvoq5TKeJ/r/H0NyBmS18/ZClPldwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGibVr7vVuV+F6LRrDCEsomhCzt4MB8GA1UdIwQY
MBaAFEBf/HSukjhq+3zncPA5DpDUzeMGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUUZfOGRLNlNPR3I3Zk9kdzhEa09rTlRONHdZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82My9iMWZkN2EtMmUyNi00YTVkLTgwMmQt
NzI0NmFlZmNkMjcyLzEvUUZfOGRLNlNPR3I3Zk9kdzhEa09rTlRONHdZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82My9iMWZkN2EtMmUyNi00YTVkLTgwMmQtNzI0NmFlZmNkMjcy
LzEvUUZfOGRLNlNPR3I3Zk9kdzhEa09rTlRONHdZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAqnh/m8sF
GXQIlzHutrP2Hslv/g5U2RpahsLzQt0mL/1Dpc2hyi/6Sqy9US7Jq2uNQJIvMB06
9iSej4bD0pOWiJ9Od/mGZjDcVL5lYRb4WIylig2PKWuUrOtm2l/361AT+U8XxSxE
6rCZYRNrTgsaWB5BGPrGcHMlY1jqTksjtMKFf7vuQrJYiG1TVDllLxbNp8RksDr0
CQs7R6UfGOF0Rr9YxhLBwsfFoHeSvIziBFYiPt+FqVwSXL0BTfq3lGtnpuaw7IhE
DyDw8ih//k2tKqACyw1D7fASjOud2OxSqLjUPzzoJTd3OxyFDYUmdaK3hwyq7m8X
WPNMXTf6ruU4PQ==
-----END CERTIFICATE-----