Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/8545f0-a61f-446d-a728-d010991ee323/1/qLIvDsAUwq2ldTc_pr0v7FD2UUc.mft
File:                     qLIvDsAUwq2ldTc_pr0v7FD2UUc.mft (raw, json)
Hash identifier:          zcY0qO2Cu6IP+y/Qlf+jxpAMsaVFvisLAxBfiTjOM0g=
Subject key identifier:   34:6F:30:66:EB:51:9D:81:1F:A8:C0:95:58:75:3B:19:06:DE:FA:11
Authority key identifier: A8:B2:2F:0E:C0:14:C2:AD:A5:75:37:3F:A6:BD:2F:EC:50:F6:51:47
Certificate issuer:       /CN=a8b22f0ec014c2ada575373fa6bd2fec50f65147
Certificate serial:       01984A09DC05C33687BAA23777448F5289B8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/qLIvDsAUwq2ldTc_pr0v7FD2UUc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/7b/8545f0-a61f-446d-a728-d010991ee323/1/qLIvDsAUwq2ldTc_pr0v7FD2UUc.mft
Manifest number:          01D0
Signing time:             Sun 27 Jul 2025 04:00:16 +0000
Manifest this update:     Sun 27 Jul 2025 04:00:16 +0000
Manifest next update:     Mon 28 Jul 2025 04:00:16 +0000
Files and hashes:         1: qLIvDsAUwq2ldTc_pr0v7FD2UUc.crl (hash: /PLfloe0OiITWNMVyplW9VvHRi0UJYxl2XaqVDJz2Zo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/7b/8545f0-a61f-446d-a728-d010991ee323/1/qLIvDsAUwq2ldTc_pr0v7FD2UUc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/7b/8545f0-a61f-446d-a728-d010991ee323/1/qLIvDsAUwq2ldTc_pr0v7FD2UUc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/qLIvDsAUwq2ldTc_pr0v7FD2UUc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 27 Jul 2025 20:00:05 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:4a:09:dc:05:c3:36:87:ba:a2:37:77:44:8f:52:89:b8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a8b22f0ec014c2ada575373fa6bd2fec50f65147
        Validity
            Not Before: Jul 27 04:00:16 2025 GMT
            Not After : Jul 28 04:00:16 2025 GMT
        Subject: CN=346f3066eb519d811fa8c09558753b1906defa11
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:fa:0e:86:17:b9:30:7a:9e:e1:b2:13:cd:74:ee:
                    ec:b5:0d:0e:d8:f4:9b:74:8d:ec:88:93:8a:0f:b7:
                    45:5d:03:9c:77:5a:4f:b4:b9:4b:78:97:26:79:8f:
                    2c:a4:8d:d0:38:e2:71:6e:da:06:fa:56:ef:66:fc:
                    c5:0a:c5:68:af:75:65:56:b8:16:97:9b:ad:ac:e3:
                    fd:83:ed:2b:99:53:e9:ee:79:18:d4:14:3b:81:09:
                    82:12:d2:06:a6:9e:d0:b0:91:2b:79:3a:a8:60:2e:
                    37:38:c7:41:98:b3:11:91:dc:46:94:b3:55:94:44:
                    82:03:5f:ba:26:19:c4:8f:2e:32:36:cd:b6:a5:a4:
                    c0:83:eb:64:a4:40:df:2e:b8:da:9e:1a:d2:2a:b7:
                    f5:5b:58:cd:dd:1d:da:c5:33:39:7c:80:7f:83:2a:
                    83:3f:24:d5:19:40:fa:95:62:a1:ce:fe:27:ae:34:
                    16:ec:0e:42:19:35:4b:09:a1:73:4a:5c:dd:ee:9a:
                    5a:cc:3c:73:e3:1d:1a:24:d5:ca:f3:72:d9:e2:df:
                    97:7f:a3:0a:42:6e:9a:0c:09:78:d8:73:83:47:f7:
                    fd:ae:00:63:f2:e9:75:3d:c5:ff:68:af:e4:a2:b0:
                    d8:57:92:a4:39:88:27:27:4a:32:41:97:b3:33:ec:
                    fd:4d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                34:6F:30:66:EB:51:9D:81:1F:A8:C0:95:58:75:3B:19:06:DE:FA:11
            X509v3 Authority Key Identifier:
                keyid:A8:B2:2F:0E:C0:14:C2:AD:A5:75:37:3F:A6:BD:2F:EC:50:F6:51:47

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qLIvDsAUwq2ldTc_pr0v7FD2UUc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/8545f0-a61f-446d-a728-d010991ee323/1/qLIvDsAUwq2ldTc_pr0v7FD2UUc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/8545f0-a61f-446d-a728-d010991ee323/1/qLIvDsAUwq2ldTc_pr0v7FD2UUc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         82:bc:87:a6:c1:76:15:23:72:99:c4:67:25:18:ab:fa:34:c9:
         16:cf:8b:e7:2e:7d:e7:39:be:10:03:d1:65:9e:70:dc:9d:5d:
         f3:12:14:39:27:51:65:ed:18:d8:3a:bf:03:87:e8:ce:31:b1:
         4e:96:42:77:c6:b3:e8:d0:28:ce:15:a7:28:ab:b0:f2:c0:46:
         73:93:bf:ae:5b:92:58:c2:63:84:73:0f:53:e1:40:7b:16:3c:
         b0:42:ae:7b:94:ad:28:72:e1:50:ff:7e:1b:e8:fb:13:b4:cb:
         6b:3b:06:72:0d:ef:f5:0c:95:10:13:ea:35:a9:dd:d6:67:ca:
         ff:df:89:ac:de:2c:03:95:76:69:8b:bb:4b:e0:ec:03:cf:fd:
         4a:53:dc:e1:7d:a3:09:69:89:c7:ca:4b:31:14:f2:4d:26:18:
         1d:5c:a0:75:be:24:6a:9e:28:31:b6:8c:19:26:af:b3:a4:3f:
         ee:90:5d:1c:c3:19:57:15:f0:56:50:01:49:63:b8:82:9a:f3:
         2b:ef:fb:70:33:05:55:64:06:15:4e:4f:72:55:0b:db:a5:c4:
         cc:f6:45:43:ce:49:3d:34:a6:e1:79:fe:d3:77:e3:b8:62:22:
         ca:5a:16:35:81:7a:53:f8:46:7b:95:6a:ea:d5:b7:73:f9:b5:
         13:25:30:72
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZhKCdwFwzaHuqI3d0SPUom4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE4YjIyZjBlYzAxNGMyYWRhNTc1MzczZmE2YmQyZmVjNTBm
NjUxNDcwHhcNMjUwNzI3MDQwMDE2WhcNMjUwNzI4MDQwMDE2WjAzMTEwLwYDVQQD
EygzNDZmMzA2NmViNTE5ZDgxMWZhOGMwOTU1ODc1M2IxOTA2ZGVmYTExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+g6GF7kwep7hshPNdO7stQ0O2PSb
dI3siJOKD7dFXQOcd1pPtLlLeJcmeY8spI3QOOJxbtoG+lbvZvzFCsVor3VlVrgW
l5utrOP9g+0rmVPp7nkY1BQ7gQmCEtIGpp7QsJEreTqoYC43OMdBmLMRkdxGlLNV
lESCA1+6JhnEjy4yNs22paTAg+tkpEDfLrjanhrSKrf1W1jN3R3axTM5fIB/gyqD
PyTVGUD6lWKhzv4nrjQW7A5CGTVLCaFzSlzd7ppazDxz4x0aJNXK83LZ4t+Xf6MK
Qm6aDAl42HODR/f9rgBj8ul1PcX/aK/korDYV5KkOYgnJ0oyQZezM+z9TQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDRvMGbrUZ2BH6jAlVh1OxkG3voRMB8GA1UdIwQY
MBaAFKiyLw7AFMKtpXU3P6a9L+xQ9lFHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcUxJdkRzQVV3cTJsZFRjX3ByMHY3RkQyVVVjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi84NTQ1ZjAtYTYxZi00NDZkLWE3Mjgt
ZDAxMDk5MWVlMzIzLzEvcUxJdkRzQVV3cTJsZFRjX3ByMHY3RkQyVVVjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi84NTQ1ZjAtYTYxZi00NDZkLWE3MjgtZDAxMDk5MWVlMzIz
LzEvcUxJdkRzQVV3cTJsZFRjX3ByMHY3RkQyVVVjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAgryHpsF2
FSNymcRnJRir+jTJFs+L5y595zm+EAPRZZ5w3J1d8xIUOSdRZe0Y2Dq/A4fozjGx
TpZCd8az6NAozhWnKKuw8sBGc5O/rluSWMJjhHMPU+FAexY8sEKue5StKHLhUP9+
G+j7E7TLazsGcg3v9QyVEBPqNand1mfK/9+JrN4sA5V2aYu7S+DsA8/9SlPc4X2j
CWmJx8pLMRTyTSYYHVygdb4kap4oMbaMGSavs6Q/7pBdHMMZVxXwVlABSWO4gprz
K+/7cDMFVWQGFU5PclUL26XEzPZFQ85JPTSm4Xn+03fjuGIiyloWNYF6U/hGe5Vq
6tW3c/m1EyUwcg==
-----END CERTIFICATE-----