Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/6add07-e6ad-4dba-9b8b-23e3813651d4/1/qrHbDgCCCHbfogvsm3Gap5Wswd4.mft
File:                     qrHbDgCCCHbfogvsm3Gap5Wswd4.mft (raw, json)
Hash identifier:          Xftl7L+Wz0hPrKoYWhOcZJZ53l0uP9sOu9cp/LorQNI=
Subject key identifier:   35:AA:2E:89:7B:F2:90:3C:E5:DD:4B:8C:C3:9F:D0:92:CB:BF:FE:F9
Authority key identifier: AA:B1:DB:0E:00:82:08:76:DF:A2:0B:EC:9B:71:9A:A7:95:AC:C1:DE
Certificate issuer:       /CN=aab1db0e00820876dfa20bec9b719aa795acc1de
Certificate serial:       01985E35CCA93FC4085D659C397CC33C4962
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/qrHbDgCCCHbfogvsm3Gap5Wswd4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/25/6add07-e6ad-4dba-9b8b-23e3813651d4/1/qrHbDgCCCHbfogvsm3Gap5Wswd4.mft
Manifest number:          160E
Signing time:             Thu 31 Jul 2025 02:00:40 +0000
Manifest this update:     Thu 31 Jul 2025 02:00:40 +0000
Manifest next update:     Fri 01 Aug 2025 02:00:40 +0000
Files and hashes:         1: qrHbDgCCCHbfogvsm3Gap5Wswd4.crl (hash: K3FLIQ63f2P4ZDhNILiyie6Q+BWfEyR1pBG5fZqmf2U=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/25/6add07-e6ad-4dba-9b8b-23e3813651d4/1/qrHbDgCCCHbfogvsm3Gap5Wswd4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/25/6add07-e6ad-4dba-9b8b-23e3813651d4/1/qrHbDgCCCHbfogvsm3Gap5Wswd4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/qrHbDgCCCHbfogvsm3Gap5Wswd4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 01 Aug 2025 00:00:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:5e:35:cc:a9:3f:c4:08:5d:65:9c:39:7c:c3:3c:49:62
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=aab1db0e00820876dfa20bec9b719aa795acc1de
        Validity
            Not Before: Jul 31 02:00:40 2025 GMT
            Not After : Aug  1 02:00:40 2025 GMT
        Subject: CN=35aa2e897bf2903ce5dd4b8cc39fd092cbbffef9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d9:d5:22:39:01:fa:1a:f8:c3:e1:a9:14:76:52:
                    81:d8:9a:4c:a5:e3:13:8f:01:a3:0f:4d:51:88:e0:
                    71:c7:7a:82:fd:70:3d:97:1f:10:00:19:0e:16:21:
                    5e:be:21:a2:d7:67:5f:c2:13:43:54:02:bf:bb:20:
                    73:12:c6:3b:b5:63:e6:70:42:59:87:37:08:e6:10:
                    96:ea:dc:09:9e:f5:e2:1a:a9:10:27:a3:47:29:79:
                    15:94:64:2b:c8:44:92:68:90:10:f2:28:8e:a3:e9:
                    93:82:95:29:3a:9b:f7:28:63:07:87:4c:82:ba:ce:
                    50:f5:22:7d:f9:0a:88:ab:b5:c7:ec:50:11:2d:3c:
                    f5:6f:cc:ce:b9:c7:02:e6:82:03:93:bb:38:5d:91:
                    ff:37:e1:ff:69:91:b1:38:9f:5a:ea:6e:00:9e:73:
                    ee:52:8a:c5:f8:98:7d:66:4d:34:79:98:81:bc:ed:
                    72:39:37:c2:c7:04:7b:dc:4c:72:cf:b8:b6:2b:11:
                    5e:2e:e0:c5:c0:ef:63:e4:1a:fb:31:dd:a0:e8:bd:
                    f3:50:15:61:3c:6a:41:62:2a:85:30:b9:61:d3:3a:
                    33:95:e6:86:bf:35:5c:7e:44:ed:cd:5e:a0:97:d5:
                    70:5f:f3:18:cd:a5:b6:cf:9f:2a:14:54:ea:fc:19:
                    47:8d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                35:AA:2E:89:7B:F2:90:3C:E5:DD:4B:8C:C3:9F:D0:92:CB:BF:FE:F9
            X509v3 Authority Key Identifier:
                keyid:AA:B1:DB:0E:00:82:08:76:DF:A2:0B:EC:9B:71:9A:A7:95:AC:C1:DE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qrHbDgCCCHbfogvsm3Gap5Wswd4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/6add07-e6ad-4dba-9b8b-23e3813651d4/1/qrHbDgCCCHbfogvsm3Gap5Wswd4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/25/6add07-e6ad-4dba-9b8b-23e3813651d4/1/qrHbDgCCCHbfogvsm3Gap5Wswd4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         99:8b:79:5f:b9:76:68:8e:95:91:3b:9a:b2:9f:92:0d:d7:ed:
         f1:fc:48:b1:29:2b:e8:5e:9f:fa:bb:bc:88:cc:75:1c:01:ab:
         29:94:8a:bd:1c:60:9f:2d:55:67:68:f5:e4:f0:4b:30:c6:45:
         51:64:79:60:37:98:3b:5c:33:00:e8:28:fe:6d:31:1b:a0:1f:
         e6:fc:da:47:87:16:e1:27:c3:79:32:be:ff:e9:40:34:41:0b:
         53:76:9e:0a:12:0b:a6:66:b2:4b:11:c9:ea:f6:55:a4:89:95:
         78:ec:f3:d5:81:b9:e4:d6:2f:1b:ff:1b:4a:7f:14:c7:ad:ac:
         2c:7c:fb:42:98:4f:f9:2e:ac:42:24:5c:63:49:eb:5a:db:fa:
         04:63:29:2d:f6:72:25:da:c1:2a:72:da:cc:40:1c:9a:6f:c6:
         c4:22:63:29:76:37:9e:78:99:f9:c2:ac:22:dd:2b:b2:23:26:
         16:a6:13:90:2a:ae:73:fd:34:3a:f3:29:78:a9:0a:ce:6e:87:
         5e:34:24:53:a8:fb:ff:f7:a2:1d:18:9b:a0:9c:d3:cf:aa:e4:
         aa:14:63:1d:55:80:ad:35:11:3f:aa:a4:64:87:96:45:bd:e9:
         e9:8f:36:b8:4d:2a:a9:a5:ce:38:89:4e:9c:7b:ca:4a:62:bf:
         e0:44:62:a5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZheNcypP8QIXWWcOXzDPEliMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhYjFkYjBlMDA4MjA4NzZkZmEyMGJlYzliNzE5YWE3OTVh
Y2MxZGUwHhcNMjUwNzMxMDIwMDQwWhcNMjUwODAxMDIwMDQwWjAzMTEwLwYDVQQD
EygzNWFhMmU4OTdiZjI5MDNjZTVkZDRiOGNjMzlmZDA5MmNiYmZmZWY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2dUiOQH6GvjD4akUdlKB2JpMpeMT
jwGjD01RiOBxx3qC/XA9lx8QABkOFiFeviGi12dfwhNDVAK/uyBzEsY7tWPmcEJZ
hzcI5hCW6twJnvXiGqkQJ6NHKXkVlGQryESSaJAQ8iiOo+mTgpUpOpv3KGMHh0yC
us5Q9SJ9+QqIq7XH7FARLTz1b8zOuccC5oIDk7s4XZH/N+H/aZGxOJ9a6m4AnnPu
UorF+Jh9Zk00eZiBvO1yOTfCxwR73Exyz7i2KxFeLuDFwO9j5Br7Md2g6L3zUBVh
PGpBYiqFMLlh0zozleaGvzVcfkTtzV6gl9VwX/MYzaW2z58qFFTq/BlHjQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDWqLol78pA85d1LjMOf0JLLv/75MB8GA1UdIwQY
MBaAFKqx2w4Aggh236IL7JtxmqeVrMHeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcXJIYkRnQ0NDSGJmb2d2c20zR2FwNVdzd2Q0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS82YWRkMDctZTZhZC00ZGJhLTliOGIt
MjNlMzgxMzY1MWQ0LzEvcXJIYkRnQ0NDSGJmb2d2c20zR2FwNVdzd2Q0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS82YWRkMDctZTZhZC00ZGJhLTliOGItMjNlMzgxMzY1MWQ0
LzEvcXJIYkRnQ0NDSGJmb2d2c20zR2FwNVdzd2Q0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAmYt5X7l2
aI6VkTuasp+SDdft8fxIsSkr6F6f+ru8iMx1HAGrKZSKvRxgny1VZ2j15PBLMMZF
UWR5YDeYO1wzAOgo/m0xG6Af5vzaR4cW4SfDeTK+/+lANEELU3aeChILpmaySxHJ
6vZVpImVeOzz1YG55NYvG/8bSn8Ux62sLHz7QphP+S6sQiRcY0nrWtv6BGMpLfZy
JdrBKnLazEAcmm/GxCJjKXY3nniZ+cKsIt0rsiMmFqYTkCquc/00OvMpeKkKzm6H
XjQkU6j7//eiHRiboJzTz6rkqhRjHVWArTURP6qkZIeWRb3p6Y82uE0qqaXOOIlO
nHvKSmK/4ERipQ==
-----END CERTIFICATE-----