Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/c57467-49a5-4cc6-9e0c-77e61eea6a64/1/QpoEfERhf8-ynNVy962HR9C5Mms.mft
File:                     QpoEfERhf8-ynNVy962HR9C5Mms.mft (raw, json)
Hash identifier:          Zql6ZpEqGabeE26QZ+rulEkR7FBgl0PaM9ko/beCPTA=
Subject key identifier:   7B:70:77:43:28:3C:9B:A6:33:1A:0A:DE:0E:5A:8A:EB:22:EF:0A:E9
Authority key identifier: 42:9A:04:7C:44:61:7F:CF:B2:9C:D5:72:F7:AD:87:47:D0:B9:32:6B
Certificate issuer:       /CN=429a047c44617fcfb29cd572f7ad8747d0b9326b
Certificate serial:       0199FBEBDEE3003CB0946A04CCE20B901B36
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/QpoEfERhf8-ynNVy962HR9C5Mms.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ac/c57467-49a5-4cc6-9e0c-77e61eea6a64/1/QpoEfERhf8-ynNVy962HR9C5Mms.mft
Manifest number:          0B57
Signing time:             Sun 19 Oct 2025 10:02:43 +0000
Manifest this update:     Sun 19 Oct 2025 10:02:43 +0000
Manifest next update:     Mon 20 Oct 2025 10:02:43 +0000
Files and hashes:         1: QpoEfERhf8-ynNVy962HR9C5Mms.crl (hash: SuLWiTsDeFLZAyY2j6/ykUwOSvnIOHWB+/EICGKz1ms=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ac/c57467-49a5-4cc6-9e0c-77e61eea6a64/1/QpoEfERhf8-ynNVy962HR9C5Mms.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ac/c57467-49a5-4cc6-9e0c-77e61eea6a64/1/QpoEfERhf8-ynNVy962HR9C5Mms.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/QpoEfERhf8-ynNVy962HR9C5Mms.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 06:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fb:eb:de:e3:00:3c:b0:94:6a:04:cc:e2:0b:90:1b:36
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=429a047c44617fcfb29cd572f7ad8747d0b9326b
        Validity
            Not Before: Oct 19 10:02:43 2025 GMT
            Not After : Oct 20 10:02:43 2025 GMT
        Subject: CN=7b707743283c9ba6331a0ade0e5a8aeb22ef0ae9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:2b:ec:a1:54:4f:b7:4f:31:d0:d2:5f:a8:9a:
                    c9:db:69:93:ee:ae:63:49:cf:d0:64:3b:e9:b9:e9:
                    04:5e:b0:fe:79:5e:3f:01:78:2e:82:b4:00:58:59:
                    d4:be:c9:cc:1d:47:3e:03:c6:7a:09:22:e0:d8:93:
                    18:31:37:f7:53:4e:53:cb:3c:7b:f5:51:af:df:aa:
                    23:53:21:6a:1e:b9:b1:f8:38:c5:b1:32:0e:0a:8b:
                    4d:99:72:d6:72:cc:f0:29:0f:28:63:2c:90:f3:9e:
                    55:13:1f:1a:ea:63:74:0b:ec:e3:5b:72:b7:3e:e9:
                    94:48:2b:94:65:91:43:61:ab:70:8a:4a:d2:ac:d5:
                    19:0d:0f:ff:e0:75:49:c8:e4:99:8c:99:f7:0f:03:
                    ed:64:e3:50:6a:c5:b8:65:0d:61:1a:4d:ad:2c:68:
                    0d:71:79:92:c9:b1:23:17:b8:22:f4:c1:70:b0:67:
                    b5:2f:4f:86:ed:44:c5:73:23:16:a4:b2:52:9c:c1:
                    ae:ff:90:d0:ca:c0:8e:40:11:5e:26:b7:12:cc:95:
                    29:93:2c:53:44:a2:1f:51:00:18:99:0a:3e:f3:fa:
                    5f:6e:8a:41:5d:99:23:ad:3b:c8:74:b1:c1:c6:ac:
                    44:06:24:f4:32:9b:fa:58:39:61:39:90:64:53:84:
                    fb:d3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7B:70:77:43:28:3C:9B:A6:33:1A:0A:DE:0E:5A:8A:EB:22:EF:0A:E9
            X509v3 Authority Key Identifier:
                keyid:42:9A:04:7C:44:61:7F:CF:B2:9C:D5:72:F7:AD:87:47:D0:B9:32:6B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QpoEfERhf8-ynNVy962HR9C5Mms.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/c57467-49a5-4cc6-9e0c-77e61eea6a64/1/QpoEfERhf8-ynNVy962HR9C5Mms.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/c57467-49a5-4cc6-9e0c-77e61eea6a64/1/QpoEfERhf8-ynNVy962HR9C5Mms.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         71:b3:ed:18:ec:7a:a5:ca:b8:1f:af:e7:3a:9a:bd:6d:2d:56:
         26:e0:6f:f2:ad:28:52:6e:d5:c2:9b:95:80:e9:5f:e0:85:91:
         a5:b1:0b:de:25:73:1a:73:51:a1:cd:8b:66:25:4a:fc:15:58:
         70:48:5f:2e:2a:51:80:ef:ae:5f:67:43:46:1c:ff:0f:cd:e7:
         9e:25:54:45:08:63:88:2d:4e:53:56:61:b5:24:b5:d1:9a:f0:
         cb:da:bf:a9:20:4d:57:41:18:e1:d9:28:30:2a:94:89:af:a8:
         9a:80:61:77:e4:bb:3e:d7:49:11:dc:1d:fb:bd:47:be:fa:80:
         00:c2:18:6e:9b:eb:8f:55:37:e9:70:b6:23:a0:fc:af:f8:13:
         3e:ec:33:a1:74:ed:47:48:81:a8:c8:4d:21:55:06:09:24:ae:
         bc:9b:e4:8f:7d:5e:4b:bb:6d:1d:0a:f6:7c:16:34:47:61:66:
         dd:e5:f9:a0:05:9d:73:15:ec:cc:e5:95:3a:02:42:47:83:30:
         f4:3b:45:13:19:7d:51:7d:9e:be:de:a5:ee:82:45:95:84:2a:
         3f:e1:b3:52:74:bb:e3:a0:25:b6:a8:15:b3:41:d8:9a:61:98:
         95:bd:58:9b:b8:b6:d3:75:a2:53:e4:5b:f0:d6:e7:15:0f:91:
         92:62:8f:aa
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn7697jADywlGoEzOILkBs2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQyOWEwNDdjNDQ2MTdmY2ZiMjljZDU3MmY3YWQ4NzQ3ZDBi
OTMyNmIwHhcNMjUxMDE5MTAwMjQzWhcNMjUxMDIwMTAwMjQzWjAzMTEwLwYDVQQD
Eyg3YjcwNzc0MzI4M2M5YmE2MzMxYTBhZGUwZTVhOGFlYjIyZWYwYWU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArSvsoVRPt08x0NJfqJrJ22mT7q5j
Sc/QZDvpuekEXrD+eV4/AXgugrQAWFnUvsnMHUc+A8Z6CSLg2JMYMTf3U05Tyzx7
9VGv36ojUyFqHrmx+DjFsTIOCotNmXLWcszwKQ8oYyyQ855VEx8a6mN0C+zjW3K3
PumUSCuUZZFDYatwikrSrNUZDQ//4HVJyOSZjJn3DwPtZONQasW4ZQ1hGk2tLGgN
cXmSybEjF7gi9MFwsGe1L0+G7UTFcyMWpLJSnMGu/5DQysCOQBFeJrcSzJUpkyxT
RKIfUQAYmQo+8/pfbopBXZkjrTvIdLHBxqxEBiT0Mpv6WDlhOZBkU4T70wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHtwd0MoPJumMxoK3g5aiusi7wrpMB8GA1UdIwQY
MBaAFEKaBHxEYX/PspzVcveth0fQuTJrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXBvRWZFUmhmOC15bk5WeTk2MkhSOUM1TW1zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYy9jNTc0NjctNDlhNS00Y2M2LTllMGMt
NzdlNjFlZWE2YTY0LzEvUXBvRWZFUmhmOC15bk5WeTk2MkhSOUM1TW1zLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYy9jNTc0NjctNDlhNS00Y2M2LTllMGMtNzdlNjFlZWE2YTY0
LzEvUXBvRWZFUmhmOC15bk5WeTk2MkhSOUM1TW1zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAcbPtGOx6
pcq4H6/nOpq9bS1WJuBv8q0oUm7VwpuVgOlf4IWRpbEL3iVzGnNRoc2LZiVK/BVY
cEhfLipRgO+uX2dDRhz/D83nniVURQhjiC1OU1ZhtSS10Zrwy9q/qSBNV0EY4dko
MCqUia+omoBhd+S7PtdJEdwd+71HvvqAAMIYbpvrj1U36XC2I6D8r/gTPuwzoXTt
R0iBqMhNIVUGCSSuvJvkj31eS7ttHQr2fBY0R2Fm3eX5oAWdcxXszOWVOgJCR4Mw
9DtFExl9UX2evt6l7oJFlYQqP+GzUnS746AltqgVs0HYmmGYlb1Ym7i203WiU+Rb
8NbnFQ+RkmKPqg==
-----END CERTIFICATE-----