Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d7/ba73a2-f0e6-476f-8133-e99277037a43/1/qQ_wEQVOz-aKitx94mit5sCCdxE.mft
File:                     qQ_wEQVOz-aKitx94mit5sCCdxE.mft (raw, json)
Hash identifier:          PWbknRyIEII7J7oEs2hnyt4LNE9PmZiWaWIV9LhHtyc=
Subject key identifier:   DE:70:7D:96:54:8F:39:63:7D:8B:9D:8F:73:1E:22:80:97:4F:57:3F
Authority key identifier: A9:0F:F0:11:05:4E:CF:E6:8A:8A:DC:7D:E2:68:AD:E6:C0:82:77:11
Certificate issuer:       /CN=a90ff011054ecfe68a8adc7de268ade6c0827711
Certificate serial:       0198D66159227B5ED49BDBEF75DA78252EAD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/qQ_wEQVOz-aKitx94mit5sCCdxE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d7/ba73a2-f0e6-476f-8133-e99277037a43/1/qQ_wEQVOz-aKitx94mit5sCCdxE.mft
Manifest number:          1646
Signing time:             Sat 23 Aug 2025 10:02:40 +0000
Manifest this update:     Sat 23 Aug 2025 10:02:40 +0000
Manifest next update:     Sun 24 Aug 2025 10:02:40 +0000
Files and hashes:         1: qQ_wEQVOz-aKitx94mit5sCCdxE.crl (hash: AhLHXVG8zYC5P5BYvUyz8vncoPG2QKJ4mzVsOjFVu7I=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d7/ba73a2-f0e6-476f-8133-e99277037a43/1/qQ_wEQVOz-aKitx94mit5sCCdxE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d7/ba73a2-f0e6-476f-8133-e99277037a43/1/qQ_wEQVOz-aKitx94mit5sCCdxE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/qQ_wEQVOz-aKitx94mit5sCCdxE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 10:02:40 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d6:61:59:22:7b:5e:d4:9b:db:ef:75:da:78:25:2e:ad
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a90ff011054ecfe68a8adc7de268ade6c0827711
        Validity
            Not Before: Aug 23 10:02:40 2025 GMT
            Not After : Aug 24 10:02:40 2025 GMT
        Subject: CN=de707d96548f39637d8b9d8f731e2280974f573f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e4:d0:19:0b:aa:4a:e8:42:cf:fa:8b:9f:dc:cf:
                    a8:6a:5b:1d:5d:fe:97:34:46:55:96:31:0b:71:24:
                    98:dd:43:3f:e5:e0:4f:ab:61:2d:b8:94:04:ad:05:
                    03:40:dc:a9:45:9d:a0:7e:83:6d:d9:7c:11:de:24:
                    83:51:b1:0a:b4:e5:e4:ab:5f:12:5f:75:9c:0a:bb:
                    96:df:b1:1f:cc:67:f7:de:db:f8:a5:38:15:25:ff:
                    b3:2a:f8:56:f3:91:eb:a2:84:11:2d:7b:34:83:69:
                    23:22:ed:13:f5:f0:6c:07:4f:dd:d3:71:be:bc:60:
                    61:93:db:b7:05:62:cf:42:d3:ae:cf:bc:a8:df:58:
                    7b:0c:66:a8:20:14:66:44:81:16:4b:8b:ee:1e:98:
                    b3:fa:d4:bc:da:2a:55:96:6c:0a:e8:6f:33:7e:7d:
                    cb:fc:65:64:38:6b:d0:aa:6a:c4:db:c1:e7:36:62:
                    80:36:e6:d6:16:87:b1:47:90:5c:c9:5f:9f:1b:e3:
                    b4:07:81:b1:5b:84:cb:40:e5:a3:77:91:03:92:ae:
                    06:aa:07:0a:b7:85:40:e5:c5:c7:75:4f:f6:f2:c5:
                    01:1b:c3:18:96:a7:94:cc:0a:52:e6:e2:77:71:ca:
                    f5:f5:72:f2:9d:65:3c:c9:da:0f:39:13:5a:59:b4:
                    cc:91
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DE:70:7D:96:54:8F:39:63:7D:8B:9D:8F:73:1E:22:80:97:4F:57:3F
            X509v3 Authority Key Identifier:
                keyid:A9:0F:F0:11:05:4E:CF:E6:8A:8A:DC:7D:E2:68:AD:E6:C0:82:77:11

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qQ_wEQVOz-aKitx94mit5sCCdxE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/ba73a2-f0e6-476f-8133-e99277037a43/1/qQ_wEQVOz-aKitx94mit5sCCdxE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/ba73a2-f0e6-476f-8133-e99277037a43/1/qQ_wEQVOz-aKitx94mit5sCCdxE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         63:34:a3:e4:88:79:59:1c:ac:fd:c5:45:3d:4d:e8:2e:6b:44:
         02:5a:75:8d:6c:0d:43:3b:9c:68:8a:b6:01:a0:d9:20:19:1f:
         75:ca:1e:4c:87:0f:a7:5e:88:2b:da:76:93:f8:25:a4:e1:f2:
         a3:b9:7e:a7:8f:8a:7d:d9:c8:26:96:c6:90:f4:43:9e:8e:29:
         a3:fd:ba:90:05:fe:f6:f2:cd:db:ed:a9:37:a4:07:db:ed:62:
         93:e8:69:ba:84:38:58:6e:62:68:d3:f4:91:cf:b3:87:26:87:
         ab:a3:a1:28:00:e6:cb:e5:ae:7f:26:e6:0b:60:86:f7:cf:3a:
         c4:d9:66:85:56:48:7c:f2:4a:a5:82:62:5a:a0:77:60:fd:76:
         5c:e0:83:d3:48:fa:8b:3b:3f:f8:dc:6d:ed:f2:21:b3:26:d9:
         d8:9f:67:48:9e:d8:43:2d:1b:83:a4:14:67:d2:bf:09:81:22:
         cb:e7:24:78:ba:90:a7:78:bf:8e:04:fd:2d:e5:3a:ad:ed:d3:
         78:20:91:cf:80:ea:b8:f3:8a:0a:7c:c9:5f:bf:53:39:d5:20:
         cd:08:68:f3:cc:54:68:4f:e3:8a:57:96:91:d0:96:9f:20:2c:
         d8:1c:c8:4b:19:3e:fd:ad:9a:cd:42:87:b8:12:84:10:31:65:
         30:ba:31:07
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjWYVkie17Um9vvddp4JS6tMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE5MGZmMDExMDU0ZWNmZTY4YThhZGM3ZGUyNjhhZGU2YzA4
Mjc3MTEwHhcNMjUwODIzMTAwMjQwWhcNMjUwODI0MTAwMjQwWjAzMTEwLwYDVQQD
EyhkZTcwN2Q5NjU0OGYzOTYzN2Q4YjlkOGY3MzFlMjI4MDk3NGY1NzNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5NAZC6pK6ELP+ouf3M+oalsdXf6X
NEZVljELcSSY3UM/5eBPq2EtuJQErQUDQNypRZ2gfoNt2XwR3iSDUbEKtOXkq18S
X3WcCruW37EfzGf33tv4pTgVJf+zKvhW85HrooQRLXs0g2kjIu0T9fBsB0/d03G+
vGBhk9u3BWLPQtOuz7yo31h7DGaoIBRmRIEWS4vuHpiz+tS82ipVlmwK6G8zfn3L
/GVkOGvQqmrE28HnNmKANubWFoexR5BcyV+fG+O0B4GxW4TLQOWjd5EDkq4GqgcK
t4VA5cXHdU/28sUBG8MYlqeUzApS5uJ3ccr19XLynWU8ydoPORNaWbTMkQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFN5wfZZUjzljfYudj3MeIoCXT1c/MB8GA1UdIwQY
MBaAFKkP8BEFTs/miorcfeJorebAgncRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcVFfd0VRVk96LWFLaXR4OTRtaXQ1c0NDZHhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNy9iYTczYTItZjBlNi00NzZmLTgxMzMt
ZTk5Mjc3MDM3YTQzLzEvcVFfd0VRVk96LWFLaXR4OTRtaXQ1c0NDZHhFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNy9iYTczYTItZjBlNi00NzZmLTgxMzMtZTk5Mjc3MDM3YTQz
LzEvcVFfd0VRVk96LWFLaXR4OTRtaXQ1c0NDZHhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYzSj5Ih5
WRys/cVFPU3oLmtEAlp1jWwNQzucaIq2AaDZIBkfdcoeTIcPp16IK9p2k/glpOHy
o7l+p4+KfdnIJpbGkPRDno4po/26kAX+9vLN2+2pN6QH2+1ik+hpuoQ4WG5iaNP0
kc+zhyaHq6OhKADmy+WufybmC2CG9886xNlmhVZIfPJKpYJiWqB3YP12XOCD00j6
izs/+Nxt7fIhsybZ2J9nSJ7YQy0bg6QUZ9K/CYEiy+ckeLqQp3i/jgT9LeU6re3T
eCCRz4DquPOKCnzJX79TOdUgzQho88xUaE/jileWkdCWnyAs2BzISxk+/a2azUKH
uBKEEDFlMLoxBw==
-----END CERTIFICATE-----