Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9c/f05d0d-c1d8-47a6-9d1e-864daca6cfdf/1/QCzcwN4_54S70vviah2BZWpGfSI.mft
File:                     QCzcwN4_54S70vviah2BZWpGfSI.mft (raw, json)
Hash identifier:          XYFOyba5rOiUjj9m+Kw8MINiiPYLX/9cWoHfbOiLBlA=
Subject key identifier:   F3:D7:0E:70:71:A5:42:94:06:D6:04:AD:51:8B:66:6D:A1:B8:81:19
Authority key identifier: 40:2C:DC:C0:DE:3F:E7:84:BB:D2:FB:E2:6A:1D:81:65:6A:46:7D:22
Certificate issuer:       /CN=402cdcc0de3fe784bbd2fbe26a1d81656a467d22
Certificate serial:       0199FFC8769EFF4EA95B347BFB017282F98E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/QCzcwN4_54S70vviah2BZWpGfSI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/9c/f05d0d-c1d8-47a6-9d1e-864daca6cfdf/1/QCzcwN4_54S70vviah2BZWpGfSI.mft
Manifest number:          0956
Signing time:             Mon 20 Oct 2025 04:02:31 +0000
Manifest this update:     Mon 20 Oct 2025 04:02:31 +0000
Manifest next update:     Tue 21 Oct 2025 04:02:31 +0000
Files and hashes:         1: QCzcwN4_54S70vviah2BZWpGfSI.crl (hash: 5HbNSTeN42Y/LtJjwh7+0+tjA1e70sCYkLkYbYPpAWQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/9c/f05d0d-c1d8-47a6-9d1e-864daca6cfdf/1/QCzcwN4_54S70vviah2BZWpGfSI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/9c/f05d0d-c1d8-47a6-9d1e-864daca6cfdf/1/QCzcwN4_54S70vviah2BZWpGfSI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/QCzcwN4_54S70vviah2BZWpGfSI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 21 Oct 2025 00:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:ff:c8:76:9e:ff:4e:a9:5b:34:7b:fb:01:72:82:f9:8e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=402cdcc0de3fe784bbd2fbe26a1d81656a467d22
        Validity
            Not Before: Oct 20 04:02:31 2025 GMT
            Not After : Oct 21 04:02:31 2025 GMT
        Subject: CN=f3d70e7071a5429406d604ad518b666da1b88119
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d5:bd:fb:97:7b:d5:e4:61:06:81:52:24:3f:28:
                    bb:d9:7c:9b:af:b8:9c:31:d7:0a:c3:93:ac:d4:9f:
                    de:54:ee:8e:36:e3:1a:f5:18:61:a0:4d:0f:50:fa:
                    01:8d:99:20:c1:b0:33:48:d2:f7:d2:8c:b4:46:6e:
                    f4:22:f8:22:78:e6:73:c3:72:c6:41:26:0b:da:3c:
                    80:57:84:db:4d:68:64:e9:8f:37:57:ac:df:6b:6c:
                    d6:ad:9e:4e:3c:19:ef:76:dc:c6:51:d3:96:dc:96:
                    94:14:0c:22:f8:70:d0:58:14:8c:1c:13:e3:96:42:
                    77:22:73:79:0c:80:d7:88:8a:cb:cd:a0:77:81:9a:
                    d1:9b:bf:28:0f:54:fc:5c:57:1c:39:95:94:7d:69:
                    d2:84:2b:95:c4:d5:70:0a:40:84:2b:c1:5d:ed:29:
                    2c:7e:4c:76:11:42:aa:cd:94:48:06:dc:0d:3d:18:
                    14:6a:5c:35:04:03:5e:c1:90:25:55:13:fa:c1:c4:
                    62:97:27:87:6a:14:db:4b:3f:dd:9a:67:52:84:ca:
                    18:9d:74:9f:83:e7:64:0b:13:ff:05:f8:6e:d3:9e:
                    34:79:75:d0:90:c7:5d:5f:29:f1:cd:74:46:81:8c:
                    c5:46:c2:0e:84:cc:dc:db:80:23:02:19:d1:62:83:
                    b8:61
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F3:D7:0E:70:71:A5:42:94:06:D6:04:AD:51:8B:66:6D:A1:B8:81:19
            X509v3 Authority Key Identifier:
                keyid:40:2C:DC:C0:DE:3F:E7:84:BB:D2:FB:E2:6A:1D:81:65:6A:46:7D:22

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QCzcwN4_54S70vviah2BZWpGfSI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/f05d0d-c1d8-47a6-9d1e-864daca6cfdf/1/QCzcwN4_54S70vviah2BZWpGfSI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/f05d0d-c1d8-47a6-9d1e-864daca6cfdf/1/QCzcwN4_54S70vviah2BZWpGfSI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1a:ce:10:9f:15:ba:b8:67:f5:ee:a0:1f:6a:40:61:3a:76:7c:
         22:74:ae:14:ab:47:c1:eb:fe:07:07:31:bc:97:09:9d:1d:79:
         aa:56:c8:64:b9:6c:47:28:81:c9:bc:25:d0:78:ef:a8:e8:19:
         bb:c0:93:8b:87:cd:81:d5:76:bd:ed:f3:ea:29:dd:2d:6e:6e:
         be:db:b8:37:58:ce:6a:db:c7:d8:6f:ee:90:14:73:ce:8d:58:
         14:e8:b6:b1:9b:75:72:7b:04:f2:49:83:e8:5e:fa:83:cb:f3:
         1c:e5:8b:9d:03:71:47:3b:16:bb:9b:70:55:8f:da:07:6c:8e:
         bf:07:90:39:30:7d:62:4e:06:be:d9:20:87:ea:47:1b:09:c7:
         99:ef:93:96:d7:6b:4e:dc:86:46:07:b9:e1:b9:3f:0e:0a:01:
         c5:30:74:c5:d7:32:bc:05:e3:4f:3d:bf:2f:11:6c:aa:a0:d9:
         4f:b3:38:8e:2a:c9:0c:59:1b:e3:82:ed:0a:e9:57:89:28:cd:
         e9:05:4a:8a:be:b0:d6:b2:b0:c7:11:91:c9:fc:ba:b5:66:7a:
         47:cb:80:ff:ed:3a:63:cb:11:22:57:3c:aa:ba:ae:7a:be:cf:
         ca:69:a2:00:75:e1:d0:98:09:d0:75:71:d6:b6:2b:82:b8:69:
         7e:37:bf:4b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn/yHae/06pWzR7+wFygvmOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwMmNkY2MwZGUzZmU3ODRiYmQyZmJlMjZhMWQ4MTY1NmE0
NjdkMjIwHhcNMjUxMDIwMDQwMjMxWhcNMjUxMDIxMDQwMjMxWjAzMTEwLwYDVQQD
EyhmM2Q3MGU3MDcxYTU0Mjk0MDZkNjA0YWQ1MThiNjY2ZGExYjg4MTE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1b37l3vV5GEGgVIkPyi72Xybr7ic
MdcKw5Os1J/eVO6ONuMa9RhhoE0PUPoBjZkgwbAzSNL30oy0Rm70IvgieOZzw3LG
QSYL2jyAV4TbTWhk6Y83V6zfa2zWrZ5OPBnvdtzGUdOW3JaUFAwi+HDQWBSMHBPj
lkJ3InN5DIDXiIrLzaB3gZrRm78oD1T8XFccOZWUfWnShCuVxNVwCkCEK8Fd7Sks
fkx2EUKqzZRIBtwNPRgUalw1BANewZAlVRP6wcRilyeHahTbSz/dmmdShMoYnXSf
g+dkCxP/Bfhu0540eXXQkMddXynxzXRGgYzFRsIOhMzc24AjAhnRYoO4YQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPPXDnBxpUKUBtYErVGLZm2huIEZMB8GA1UdIwQY
MBaAFEAs3MDeP+eEu9L74modgWVqRn0iMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUUN6Y3dONF81NFM3MHZ2aWFoMkJaV3BHZlNJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yy9mMDVkMGQtYzFkOC00N2E2LTlkMWUt
ODY0ZGFjYTZjZmRmLzEvUUN6Y3dONF81NFM3MHZ2aWFoMkJaV3BHZlNJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yy9mMDVkMGQtYzFkOC00N2E2LTlkMWUtODY0ZGFjYTZjZmRm
LzEvUUN6Y3dONF81NFM3MHZ2aWFoMkJaV3BHZlNJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGs4QnxW6
uGf17qAfakBhOnZ8InSuFKtHwev+BwcxvJcJnR15qlbIZLlsRyiBybwl0HjvqOgZ
u8CTi4fNgdV2ve3z6indLW5uvtu4N1jOatvH2G/ukBRzzo1YFOi2sZt1cnsE8kmD
6F76g8vzHOWLnQNxRzsWu5twVY/aB2yOvweQOTB9Yk4Gvtkgh+pHGwnHme+Tltdr
TtyGRge54bk/DgoBxTB0xdcyvAXjTz2/LxFsqqDZT7M4jirJDFkb44LtCulXiSjN
6QVKir6w1rKwxxGRyfy6tWZ6R8uA/+06Y8sRIlc8qrquer7PymmiAHXh0JgJ0HVx
1rYrgrhpfje/Sw==
-----END CERTIFICATE-----