Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/ea1072-f326-4e51-adf1-ba9b0fa1b7a2/1/QnbajwSHyFCAm0qYcoysIXKycD0.mft
File:                     QnbajwSHyFCAm0qYcoysIXKycD0.mft (raw, json)
Hash identifier:          CL6rQBoE0lKcknVo+K7F3vL+c3+U+MWIgPFwpqsstB4=
Subject key identifier:   5F:D6:B9:48:47:6F:44:6F:CC:66:9D:EC:F0:F3:AD:B2:67:C7:ED:DD
Authority key identifier: 42:76:DA:8F:04:87:C8:50:80:9B:4A:98:72:8C:AC:21:72:B2:70:3D
Certificate issuer:       /CN=4276da8f0487c850809b4a98728cac2172b2703d
Certificate serial:       0199239EB0C9F0F270521F5800FB4D804F11
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/QnbajwSHyFCAm0qYcoysIXKycD0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0d/ea1072-f326-4e51-adf1-ba9b0fa1b7a2/1/QnbajwSHyFCAm0qYcoysIXKycD0.mft
Manifest number:          1670
Signing time:             Sun 07 Sep 2025 10:00:25 +0000
Manifest this update:     Sun 07 Sep 2025 10:00:25 +0000
Manifest next update:     Mon 08 Sep 2025 10:00:25 +0000
Files and hashes:         1: QnbajwSHyFCAm0qYcoysIXKycD0.crl (hash: tRBXHceBT7/7oykgXCUIDH+W/VnEsYeKtzX+sDzLhHU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0d/ea1072-f326-4e51-adf1-ba9b0fa1b7a2/1/QnbajwSHyFCAm0qYcoysIXKycD0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0d/ea1072-f326-4e51-adf1-ba9b0fa1b7a2/1/QnbajwSHyFCAm0qYcoysIXKycD0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/QnbajwSHyFCAm0qYcoysIXKycD0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 07:00:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:23:9e:b0:c9:f0:f2:70:52:1f:58:00:fb:4d:80:4f:11
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4276da8f0487c850809b4a98728cac2172b2703d
        Validity
            Not Before: Sep  7 10:00:25 2025 GMT
            Not After : Sep  8 10:00:25 2025 GMT
        Subject: CN=5fd6b948476f446fcc669decf0f3adb267c7eddd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:d0:e1:00:12:41:be:b1:76:2d:19:ed:db:d9:
                    bd:44:21:db:37:f4:cb:f3:f6:7f:dc:74:46:d9:fe:
                    9f:b1:f8:73:7f:a7:ec:17:eb:0e:88:83:32:2a:d4:
                    98:6f:87:33:d1:b9:a4:53:ee:1b:82:6b:d5:8e:f8:
                    ff:a4:97:ce:c1:21:11:be:01:1f:ed:2b:78:b5:2f:
                    72:47:a2:70:e0:6a:75:ff:f0:d2:5a:82:c4:c8:65:
                    af:2f:7e:5f:e5:22:62:04:ee:c8:54:cd:16:68:1c:
                    4c:3c:87:4f:63:2b:b3:29:3e:87:9a:90:de:5a:ac:
                    b5:bf:fa:fa:64:e3:88:01:88:d0:dd:4d:48:c4:8b:
                    bf:42:db:f9:fc:ed:63:94:b3:43:55:cf:82:33:ab:
                    fe:b0:b1:aa:6a:08:44:5b:ec:d9:aa:3e:77:bd:5c:
                    d3:99:e7:30:bd:a6:8e:b9:a4:cd:58:82:19:a1:63:
                    06:04:53:4f:b2:cd:92:c6:79:0a:07:40:77:10:95:
                    be:a7:cf:2f:c9:e4:ed:86:a2:83:3f:96:17:d1:d1:
                    fb:3e:91:ab:13:67:1d:74:be:4a:6c:38:ea:35:67:
                    dd:91:00:4f:29:32:33:1f:6b:81:bf:1a:ea:cd:0f:
                    ac:35:1c:26:09:4c:d9:f5:f0:36:f2:75:5f:33:cf:
                    e6:5d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5F:D6:B9:48:47:6F:44:6F:CC:66:9D:EC:F0:F3:AD:B2:67:C7:ED:DD
            X509v3 Authority Key Identifier:
                keyid:42:76:DA:8F:04:87:C8:50:80:9B:4A:98:72:8C:AC:21:72:B2:70:3D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QnbajwSHyFCAm0qYcoysIXKycD0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/ea1072-f326-4e51-adf1-ba9b0fa1b7a2/1/QnbajwSHyFCAm0qYcoysIXKycD0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/ea1072-f326-4e51-adf1-ba9b0fa1b7a2/1/QnbajwSHyFCAm0qYcoysIXKycD0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         31:11:2d:62:a6:08:44:b5:d6:1e:a3:a6:fc:a4:04:84:bf:ab:
         27:66:26:41:4f:e5:3c:80:a1:4b:c2:91:84:fe:74:ec:d9:c4:
         6f:d7:e7:53:83:18:dc:21:88:2c:f8:25:5f:ea:ce:69:40:39:
         e4:10:0d:35:dc:6a:4e:94:fe:2c:92:78:84:7f:3d:ce:24:64:
         4c:aa:f3:1b:10:86:f3:81:5c:50:fc:b6:14:da:3f:01:96:49:
         e1:b2:76:8f:52:b4:15:b6:dd:dd:f9:75:b8:96:cb:f0:fe:01:
         de:85:e1:b2:d3:61:81:ef:c6:08:8e:2d:e3:54:45:42:af:d7:
         5e:0e:30:10:4f:8a:0a:60:ec:a0:06:47:ca:8a:38:d7:b8:e9:
         79:c6:e1:03:a1:3c:e1:ee:ba:a3:0c:47:92:f3:c7:6b:ca:31:
         2a:e0:c7:17:0f:e0:b9:c7:98:75:20:46:e1:57:3b:81:b2:1e:
         57:66:a6:23:3f:c4:9f:b6:3d:72:08:8c:8b:37:64:8f:29:37:
         a7:12:fc:8d:0d:87:b2:a8:9d:40:ae:53:03:5f:57:c4:c2:7f:
         67:14:a9:9d:24:4e:17:56:2b:40:d0:cb:86:cd:1f:78:67:95:
         45:83:af:b0:1c:30:f2:c2:c3:19:26:03:5a:d5:c3:f8:26:03:
         ad:d9:de:af
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkjnrDJ8PJwUh9YAPtNgE8RMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQyNzZkYThmMDQ4N2M4NTA4MDliNGE5ODcyOGNhYzIxNzJi
MjcwM2QwHhcNMjUwOTA3MTAwMDI1WhcNMjUwOTA4MTAwMDI1WjAzMTEwLwYDVQQD
Eyg1ZmQ2Yjk0ODQ3NmY0NDZmY2M2NjlkZWNmMGYzYWRiMjY3YzdlZGRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqNDhABJBvrF2LRnt29m9RCHbN/TL
8/Z/3HRG2f6fsfhzf6fsF+sOiIMyKtSYb4cz0bmkU+4bgmvVjvj/pJfOwSERvgEf
7St4tS9yR6Jw4Gp1//DSWoLEyGWvL35f5SJiBO7IVM0WaBxMPIdPYyuzKT6HmpDe
Wqy1v/r6ZOOIAYjQ3U1IxIu/Qtv5/O1jlLNDVc+CM6v+sLGqaghEW+zZqj53vVzT
mecwvaaOuaTNWIIZoWMGBFNPss2SxnkKB0B3EJW+p88vyeTthqKDP5YX0dH7PpGr
E2cddL5KbDjqNWfdkQBPKTIzH2uBvxrqzQ+sNRwmCUzZ9fA28nVfM8/mXQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFF/WuUhHb0RvzGad7PDzrbJnx+3dMB8GA1UdIwQY
MBaAFEJ22o8Eh8hQgJtKmHKMrCFysnA9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUW5iYWp3U0h5RkNBbTBxWWNveXNJWEt5Y0QwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZC9lYTEwNzItZjMyNi00ZTUxLWFkZjEt
YmE5YjBmYTFiN2EyLzEvUW5iYWp3U0h5RkNBbTBxWWNveXNJWEt5Y0QwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZC9lYTEwNzItZjMyNi00ZTUxLWFkZjEtYmE5YjBmYTFiN2Ey
LzEvUW5iYWp3U0h5RkNBbTBxWWNveXNJWEt5Y0QwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMREtYqYI
RLXWHqOm/KQEhL+rJ2YmQU/lPIChS8KRhP507NnEb9fnU4MY3CGILPglX+rOaUA5
5BANNdxqTpT+LJJ4hH89ziRkTKrzGxCG84FcUPy2FNo/AZZJ4bJ2j1K0Fbbd3fl1
uJbL8P4B3oXhstNhge/GCI4t41RFQq/XXg4wEE+KCmDsoAZHyoo417jpecbhA6E8
4e66owxHkvPHa8oxKuDHFw/guceYdSBG4Vc7gbIeV2amIz/En7Y9cgiMizdkjyk3
pxL8jQ2HsqidQK5TA19XxMJ/ZxSpnSROF1YrQNDLhs0feGeVRYOvsBww8sLDGSYD
WtXD+CYDrdnerw==
-----END CERTIFICATE-----