Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/08/9eb3eb-5109-4798-8828-3d549fbb837f/1/qUjQEe24zTPmZ2eIDKSrMGHZxSM.mft
File:                     qUjQEe24zTPmZ2eIDKSrMGHZxSM.mft (raw, json)
Hash identifier:          P/LskmZqS4b9aW8elBm5qfpVn++a6sIGG9yLYuDiZmo=
Subject key identifier:   D7:68:30:F1:6F:D4:17:C2:B1:2D:56:7B:D9:9D:4A:E0:8C:20:F0:F9
Authority key identifier: A9:48:D0:11:ED:B8:CD:33:E6:67:67:88:0C:A4:AB:30:61:D9:C5:23
Certificate issuer:       /CN=a948d011edb8cd33e66767880ca4ab3061d9c523
Certificate serial:       019A72CA2828ECC72FB62D99DB2EC3973278
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/qUjQEe24zTPmZ2eIDKSrMGHZxSM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/08/9eb3eb-5109-4798-8828-3d549fbb837f/1/qUjQEe24zTPmZ2eIDKSrMGHZxSM.mft
Manifest number:          0437
Signing time:             Tue 11 Nov 2025 12:00:42 +0000
Manifest this update:     Tue 11 Nov 2025 12:00:42 +0000
Manifest next update:     Wed 12 Nov 2025 12:00:42 +0000
Files and hashes:         1: qUjQEe24zTPmZ2eIDKSrMGHZxSM.crl (hash: D9fjhQJ9peqeDQTfisIaXMyuziHq+Cn13fOiN70UkKI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/08/9eb3eb-5109-4798-8828-3d549fbb837f/1/qUjQEe24zTPmZ2eIDKSrMGHZxSM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/08/9eb3eb-5109-4798-8828-3d549fbb837f/1/qUjQEe24zTPmZ2eIDKSrMGHZxSM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/qUjQEe24zTPmZ2eIDKSrMGHZxSM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 09:00:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:72:ca:28:28:ec:c7:2f:b6:2d:99:db:2e:c3:97:32:78
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a948d011edb8cd33e66767880ca4ab3061d9c523
        Validity
            Not Before: Nov 11 12:00:42 2025 GMT
            Not After : Nov 12 12:00:42 2025 GMT
        Subject: CN=d76830f16fd417c2b12d567bd99d4ae08c20f0f9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9d:6d:19:6d:d1:1b:19:bd:f9:58:f4:e8:05:e6:
                    0e:e4:32:c3:9f:c9:0b:d7:0b:69:21:b5:4f:53:06:
                    04:97:85:68:57:94:90:1d:70:c7:ba:66:99:9b:b0:
                    a3:ad:07:f3:54:15:23:95:9f:9f:af:29:4b:9a:86:
                    1a:37:c2:3a:66:b3:b1:65:ab:75:7f:fa:cc:ca:cc:
                    3c:b9:bf:25:56:df:58:ca:08:77:60:09:72:d1:2d:
                    83:f7:e0:27:99:57:33:47:26:52:b3:50:65:80:88:
                    84:f3:4e:3c:f2:40:7b:15:d4:3a:3e:59:7f:4f:11:
                    96:86:ed:0c:24:16:5d:02:c2:92:29:78:de:5d:69:
                    38:70:fd:9c:e2:43:46:7a:6f:0b:0f:a9:c9:80:69:
                    5c:39:b1:11:d3:60:41:9b:48:58:8e:07:1c:7a:ad:
                    d9:56:3d:20:a8:87:7c:63:4d:c1:77:dd:81:0f:b2:
                    ae:e3:86:a6:a8:ca:b6:89:da:bf:f9:4f:ea:fb:88:
                    c9:a7:83:f0:ba:f5:9a:4d:6f:9f:0c:3e:6f:7c:79:
                    3f:90:32:ec:8c:f1:de:53:7d:60:b3:6d:d2:cd:f1:
                    e4:33:a0:79:1f:ce:53:41:07:23:2c:6d:1d:c4:a0:
                    38:e8:97:49:dd:ac:f5:08:7b:1c:13:29:bc:3f:fe:
                    b6:bf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D7:68:30:F1:6F:D4:17:C2:B1:2D:56:7B:D9:9D:4A:E0:8C:20:F0:F9
            X509v3 Authority Key Identifier:
                keyid:A9:48:D0:11:ED:B8:CD:33:E6:67:67:88:0C:A4:AB:30:61:D9:C5:23

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qUjQEe24zTPmZ2eIDKSrMGHZxSM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/08/9eb3eb-5109-4798-8828-3d549fbb837f/1/qUjQEe24zTPmZ2eIDKSrMGHZxSM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/08/9eb3eb-5109-4798-8828-3d549fbb837f/1/qUjQEe24zTPmZ2eIDKSrMGHZxSM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3b:84:c9:3a:a0:1f:ee:ba:8a:96:9b:b7:ba:77:96:bf:12:3a:
         62:6a:a7:5c:91:4c:d5:55:58:a4:ab:51:69:d0:57:14:07:e7:
         15:4a:bb:8f:ae:67:9e:43:a2:e4:79:7a:c1:4a:cb:a9:84:ff:
         79:34:87:9f:c4:b6:43:68:57:89:d5:fb:64:d8:c1:ed:38:a7:
         24:87:d6:d5:0f:7e:60:c3:24:28:cc:83:d0:14:66:6c:8f:24:
         88:b5:9f:04:9c:02:72:ce:07:6c:6e:ed:58:df:db:90:51:2d:
         d7:ca:f7:78:61:b7:36:df:5e:a9:86:5b:ac:b5:d0:77:93:0b:
         38:04:d9:0a:bc:45:cf:8b:b1:05:33:f7:4e:f3:42:32:a0:e6:
         af:9f:46:12:23:dd:c6:ed:43:95:7f:64:c9:87:b4:99:20:21:
         04:f0:f1:c1:3e:cf:95:e8:81:bc:05:1e:18:f6:63:be:fa:53:
         fa:22:1c:1e:f8:97:80:c5:5b:9e:44:d1:a7:e6:fe:05:45:74:
         31:81:2e:aa:e0:18:54:ff:fb:bb:31:a4:0d:01:73:91:c9:cc:
         1a:e9:fc:83:ce:59:68:a2:6b:69:c9:3b:1a:c1:de:3a:10:2c:
         cb:76:ae:b7:85:0b:39:3c:02:69:a0:67:b0:4e:95:f0:e3:ed:
         b5:e8:9b:a4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyyigo7Mcvti2Z2y7DlzJ4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE5NDhkMDExZWRiOGNkMzNlNjY3Njc4ODBjYTRhYjMwNjFk
OWM1MjMwHhcNMjUxMTExMTIwMDQyWhcNMjUxMTEyMTIwMDQyWjAzMTEwLwYDVQQD
EyhkNzY4MzBmMTZmZDQxN2MyYjEyZDU2N2JkOTlkNGFlMDhjMjBmMGY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnW0ZbdEbGb35WPToBeYO5DLDn8kL
1wtpIbVPUwYEl4VoV5SQHXDHumaZm7CjrQfzVBUjlZ+frylLmoYaN8I6ZrOxZat1
f/rMysw8ub8lVt9Yygh3YAly0S2D9+AnmVczRyZSs1BlgIiE80488kB7FdQ6Pll/
TxGWhu0MJBZdAsKSKXjeXWk4cP2c4kNGem8LD6nJgGlcObER02BBm0hYjgcceq3Z
Vj0gqId8Y03Bd92BD7Ku44amqMq2idq/+U/q+4jJp4PwuvWaTW+fDD5vfHk/kDLs
jPHeU31gs23SzfHkM6B5H85TQQcjLG0dxKA46JdJ3az1CHscEym8P/62vwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNdoMPFv1BfCsS1We9mdSuCMIPD5MB8GA1UdIwQY
MBaAFKlI0BHtuM0z5mdniAykqzBh2cUjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcVVqUUVlMjR6VFBtWjJlSURLU3JNR0haeFNNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOC85ZWIzZWItNTEwOS00Nzk4LTg4Mjgt
M2Q1NDlmYmI4MzdmLzEvcVVqUUVlMjR6VFBtWjJlSURLU3JNR0haeFNNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOC85ZWIzZWItNTEwOS00Nzk4LTg4MjgtM2Q1NDlmYmI4Mzdm
LzEvcVVqUUVlMjR6VFBtWjJlSURLU3JNR0haeFNNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAO4TJOqAf
7rqKlpu3uneWvxI6YmqnXJFM1VVYpKtRadBXFAfnFUq7j65nnkOi5Hl6wUrLqYT/
eTSHn8S2Q2hXidX7ZNjB7TinJIfW1Q9+YMMkKMyD0BRmbI8kiLWfBJwCcs4HbG7t
WN/bkFEt18r3eGG3Nt9eqYZbrLXQd5MLOATZCrxFz4uxBTP3TvNCMqDmr59GEiPd
xu1DlX9kyYe0mSAhBPDxwT7PleiBvAUeGPZjvvpT+iIcHviXgMVbnkTRp+b+BUV0
MYEuquAYVP/7uzGkDQFzkcnMGun8g85ZaKJrack7GsHeOhAsy3aut4ULOTwCaaBn
sE6V8OPtteibpA==
-----END CERTIFICATE-----