Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/ba7a80-5d54-4e24-99f9-e2994534495a/1/MN-QKoFpKFoeCclwPGOg89St7kg.mft
File:                     MN-QKoFpKFoeCclwPGOg89St7kg.mft (raw, json)
Hash identifier:          Al4hKzM4OG+NuJ1SFTKo+3tYbAw0ojd/9Izl42+A/Sk=
Subject key identifier:   3F:58:83:EF:75:60:47:1E:6A:FA:76:97:67:7C:1A:FA:67:0F:E2:A9
Authority key identifier: 30:DF:90:2A:81:69:28:5A:1E:09:C9:70:3C:63:A0:F3:D4:AD:EE:48
Certificate issuer:       /CN=30df902a8169285a1e09c9703c63a0f3d4adee48
Certificate serial:       0198D4E09BF31989C5F4CB002620B8216D84
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/MN-QKoFpKFoeCclwPGOg89St7kg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ca/ba7a80-5d54-4e24-99f9-e2994534495a/1/MN-QKoFpKFoeCclwPGOg89St7kg.mft
Manifest number:          0695
Signing time:             Sat 23 Aug 2025 03:02:26 +0000
Manifest this update:     Sat 23 Aug 2025 03:02:26 +0000
Manifest next update:     Sun 24 Aug 2025 03:02:26 +0000
Files and hashes:         1: MN-QKoFpKFoeCclwPGOg89St7kg.crl (hash: OJdLHcjYHZxrzsHI0CDACxcBthxCCC8qPHwPDJf8nIA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ca/ba7a80-5d54-4e24-99f9-e2994534495a/1/MN-QKoFpKFoeCclwPGOg89St7kg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ca/ba7a80-5d54-4e24-99f9-e2994534495a/1/MN-QKoFpKFoeCclwPGOg89St7kg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/MN-QKoFpKFoeCclwPGOg89St7kg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 03:02:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d4:e0:9b:f3:19:89:c5:f4:cb:00:26:20:b8:21:6d:84
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=30df902a8169285a1e09c9703c63a0f3d4adee48
        Validity
            Not Before: Aug 23 03:02:26 2025 GMT
            Not After : Aug 24 03:02:26 2025 GMT
        Subject: CN=3f5883ef7560471e6afa7697677c1afa670fe2a9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a1:04:6c:9e:c8:ef:17:c8:ad:d9:45:80:27:e1:
                    62:3e:38:21:cd:cc:c2:f5:12:30:23:63:64:c4:97:
                    34:81:a0:6d:82:1f:1d:20:05:7c:e1:a0:d9:be:d1:
                    8f:e8:c7:bb:10:a6:0c:2b:aa:21:62:23:dd:7b:d4:
                    6c:c4:c1:1f:a2:ea:4f:01:1f:e8:5d:2f:85:46:a2:
                    22:d0:db:f5:81:a8:62:1c:79:4a:87:49:a2:53:2f:
                    cf:fd:cd:7a:c2:dd:6f:b8:a8:9d:dd:f6:a7:cb:d2:
                    8d:e0:fe:93:d3:76:ac:e1:d9:79:84:b5:e3:84:c8:
                    da:f7:7f:cf:6a:7a:5e:77:a5:2f:51:35:92:f2:2c:
                    ef:83:73:c0:18:6c:9c:ae:12:42:54:9b:85:c0:80:
                    86:b3:03:17:1a:db:01:44:70:05:9c:ad:95:9c:42:
                    59:be:60:3b:44:34:fc:9d:62:ce:67:6a:d7:9d:11:
                    eb:3f:7b:a0:19:6a:56:ff:70:14:13:13:b2:c7:8f:
                    07:0c:30:18:79:1f:12:90:b7:1c:e0:17:b1:31:d3:
                    7f:6a:be:e2:4f:0e:df:82:60:35:58:b2:fb:cd:75:
                    c4:24:60:af:37:74:ca:09:63:16:d5:a5:d4:48:23:
                    17:b5:08:eb:2a:5b:54:62:14:96:c3:bf:e7:33:b4:
                    de:79
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3F:58:83:EF:75:60:47:1E:6A:FA:76:97:67:7C:1A:FA:67:0F:E2:A9
            X509v3 Authority Key Identifier:
                keyid:30:DF:90:2A:81:69:28:5A:1E:09:C9:70:3C:63:A0:F3:D4:AD:EE:48

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MN-QKoFpKFoeCclwPGOg89St7kg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/ba7a80-5d54-4e24-99f9-e2994534495a/1/MN-QKoFpKFoeCclwPGOg89St7kg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/ba7a80-5d54-4e24-99f9-e2994534495a/1/MN-QKoFpKFoeCclwPGOg89St7kg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         08:7c:f3:70:b1:5f:51:08:2c:9b:bf:c7:1a:37:22:c7:a7:ff:
         91:1d:e3:01:c8:30:c2:f8:75:31:1c:7d:26:6a:f1:d1:34:55:
         ce:2d:5e:6c:b4:c6:17:34:1a:2f:19:a5:11:86:8e:0b:f9:c0:
         bf:71:55:89:a4:4b:e4:5a:85:c2:5f:1e:7d:85:74:07:47:db:
         2c:c5:5f:03:17:61:71:a6:51:ca:be:86:6d:c3:9f:8d:ba:05:
         2a:8a:5d:a7:3c:62:d9:61:d6:97:90:77:1e:bd:2b:d0:59:34:
         57:13:50:9d:67:5f:85:c6:5c:fa:0a:f7:9a:fb:6d:72:da:9b:
         b6:11:92:4a:85:10:32:cc:7a:77:84:72:25:e5:7d:aa:88:b2:
         97:77:39:61:da:2b:fb:47:75:a8:48:50:58:6d:68:6a:3b:17:
         08:50:7a:74:75:7b:2d:23:ac:5a:87:0c:3b:85:c3:ed:96:bc:
         b0:73:58:8c:04:10:9a:22:05:65:c3:71:e6:a9:34:cb:92:f8:
         91:e8:ce:c7:e3:df:1f:15:68:18:70:e7:00:12:09:18:37:49:
         69:dd:44:83:42:96:2a:22:cd:37:aa:bb:8b:26:b0:4c:ac:c2:
         27:11:ee:73:0d:99:d3:1b:18:ed:08:6c:cf:57:73:6d:22:16:
         e0:3b:64:f3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjU4JvzGYnF9MsAJiC4IW2EMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMwZGY5MDJhODE2OTI4NWExZTA5Yzk3MDNjNjNhMGYzZDRh
ZGVlNDgwHhcNMjUwODIzMDMwMjI2WhcNMjUwODI0MDMwMjI2WjAzMTEwLwYDVQQD
EygzZjU4ODNlZjc1NjA0NzFlNmFmYTc2OTc2NzdjMWFmYTY3MGZlMmE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoQRsnsjvF8it2UWAJ+FiPjghzczC
9RIwI2NkxJc0gaBtgh8dIAV84aDZvtGP6Me7EKYMK6ohYiPde9RsxMEfoupPAR/o
XS+FRqIi0Nv1gahiHHlKh0miUy/P/c16wt1vuKid3fany9KN4P6T03as4dl5hLXj
hMja93/Panped6UvUTWS8izvg3PAGGycrhJCVJuFwICGswMXGtsBRHAFnK2VnEJZ
vmA7RDT8nWLOZ2rXnRHrP3ugGWpW/3AUExOyx48HDDAYeR8SkLcc4BexMdN/ar7i
Tw7fgmA1WLL7zXXEJGCvN3TKCWMW1aXUSCMXtQjrKltUYhSWw7/nM7TeeQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFD9Yg+91YEceavp2l2d8GvpnD+KpMB8GA1UdIwQY
MBaAFDDfkCqBaShaHgnJcDxjoPPUre5IMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTU4tUUtvRnBLRm9lQ2Nsd1BHT2c4OVN0N2tnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS9iYTdhODAtNWQ1NC00ZTI0LTk5Zjkt
ZTI5OTQ1MzQ0OTVhLzEvTU4tUUtvRnBLRm9lQ2Nsd1BHT2c4OVN0N2tnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS9iYTdhODAtNWQ1NC00ZTI0LTk5ZjktZTI5OTQ1MzQ0OTVh
LzEvTU4tUUtvRnBLRm9lQ2Nsd1BHT2c4OVN0N2tnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACHzzcLFf
UQgsm7/HGjcix6f/kR3jAcgwwvh1MRx9Jmrx0TRVzi1ebLTGFzQaLxmlEYaOC/nA
v3FViaRL5FqFwl8efYV0B0fbLMVfAxdhcaZRyr6GbcOfjboFKopdpzxi2WHWl5B3
Hr0r0Fk0VxNQnWdfhcZc+gr3mvttctqbthGSSoUQMsx6d4RyJeV9qoiyl3c5Ydor
+0d1qEhQWG1oajsXCFB6dHV7LSOsWocMO4XD7Za8sHNYjAQQmiIFZcNx5qk0y5L4
kejOx+PfHxVoGHDnABIJGDdJad1Eg0KWKiLNN6q7iyawTKzCJxHucw2Z0xsY7Qhs
z1dzbSIW4Dtk8w==
-----END CERTIFICATE-----