Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/f32c2a-c054-417d-8e0c-c00bacfffce5/1/qxSu-APVDXALuYUq6LsrtAkmFqU.mft
File:                     qxSu-APVDXALuYUq6LsrtAkmFqU.mft (raw, json)
Hash identifier:          1HAEKt7WIrvDdmtvdq8Ba1dyc7K0kifx9OXm5P9mQag=
Subject key identifier:   76:DD:86:0E:5B:8C:7A:6D:C4:23:62:9B:26:F6:98:51:79:43:14:40
Authority key identifier: AB:14:AE:F8:03:D5:0D:70:0B:B9:85:2A:E8:BB:2B:B4:09:26:16:A5
Certificate issuer:       /CN=ab14aef803d50d700bb9852ae8bb2bb4092616a5
Certificate serial:       0199240D168C59744D827A8710784673A4B2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/qxSu-APVDXALuYUq6LsrtAkmFqU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/22/f32c2a-c054-417d-8e0c-c00bacfffce5/1/qxSu-APVDXALuYUq6LsrtAkmFqU.mft
Manifest number:          0D8A
Signing time:             Sun 07 Sep 2025 12:01:01 +0000
Manifest this update:     Sun 07 Sep 2025 12:01:01 +0000
Manifest next update:     Mon 08 Sep 2025 12:01:01 +0000
Files and hashes:         1: qxSu-APVDXALuYUq6LsrtAkmFqU.crl (hash: LGDx+21GZ12j6kZ5SOaLqrpcSalvSz+RhBIqYjCC/lE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/22/f32c2a-c054-417d-8e0c-c00bacfffce5/1/qxSu-APVDXALuYUq6LsrtAkmFqU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/22/f32c2a-c054-417d-8e0c-c00bacfffce5/1/qxSu-APVDXALuYUq6LsrtAkmFqU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/qxSu-APVDXALuYUq6LsrtAkmFqU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 07:00:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:24:0d:16:8c:59:74:4d:82:7a:87:10:78:46:73:a4:b2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ab14aef803d50d700bb9852ae8bb2bb4092616a5
        Validity
            Not Before: Sep  7 12:01:01 2025 GMT
            Not After : Sep  8 12:01:01 2025 GMT
        Subject: CN=76dd860e5b8c7a6dc423629b26f6985179431440
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d9:fd:8b:66:60:9a:8e:c1:54:82:e8:89:b2:87:
                    e9:dc:66:88:f1:85:02:46:be:bc:c2:be:a6:73:1c:
                    10:d7:75:45:7c:7f:57:c0:d6:da:e0:37:78:6d:7a:
                    36:33:be:a4:e4:19:41:3d:15:f6:97:8b:eb:d1:af:
                    a3:fd:3a:a5:24:f8:d9:d4:c7:f9:f8:8b:e6:cb:a7:
                    a7:39:41:75:4a:19:36:97:f9:95:cf:be:1f:0b:da:
                    8b:b6:f3:73:2c:f5:f3:c6:c0:77:d8:2c:7d:5b:30:
                    36:5d:5e:0e:f8:62:ce:cd:3f:9d:f2:c0:7a:c4:70:
                    66:59:f4:83:fa:75:1f:fd:ef:23:2c:70:99:9c:a3:
                    bd:26:d2:b9:f9:87:ea:2d:9c:27:fb:14:4c:81:75:
                    cc:e7:82:56:48:e9:e6:6e:7a:95:c5:f8:85:4c:cb:
                    c1:9f:25:7e:72:c8:aa:65:5c:af:68:fd:85:a0:c1:
                    6e:51:4e:c9:6a:97:56:79:df:58:bb:87:31:a1:17:
                    80:00:89:89:11:0f:bc:d5:fb:80:7e:1e:63:e5:fc:
                    91:29:99:7f:50:b5:9a:00:30:b6:99:b3:61:a3:37:
                    e0:37:9b:d9:01:ee:8e:3e:ff:a4:ba:f1:3e:21:d3:
                    74:32:65:ff:28:6e:79:8b:64:5c:c9:7f:ba:6c:f3:
                    e3:d9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                76:DD:86:0E:5B:8C:7A:6D:C4:23:62:9B:26:F6:98:51:79:43:14:40
            X509v3 Authority Key Identifier:
                keyid:AB:14:AE:F8:03:D5:0D:70:0B:B9:85:2A:E8:BB:2B:B4:09:26:16:A5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qxSu-APVDXALuYUq6LsrtAkmFqU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/f32c2a-c054-417d-8e0c-c00bacfffce5/1/qxSu-APVDXALuYUq6LsrtAkmFqU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/22/f32c2a-c054-417d-8e0c-c00bacfffce5/1/qxSu-APVDXALuYUq6LsrtAkmFqU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         04:9e:8d:12:53:ac:ab:f2:fc:60:73:47:61:cc:23:62:61:cf:
         08:b4:d4:ea:c7:5a:bb:e0:50:6f:b9:fb:2d:00:d3:4d:da:59:
         4f:cf:1c:fe:eb:a8:94:37:51:b5:e6:85:37:6a:c7:eb:6a:a7:
         04:1e:ff:72:e4:20:29:d5:4c:71:64:c9:d5:13:55:dd:81:2c:
         51:3d:79:3e:f5:31:d2:82:37:8b:14:02:f6:72:29:62:07:c0:
         fe:eb:a6:98:38:8f:f6:ce:8a:03:10:91:aa:4c:8c:55:53:b4:
         9e:9f:2c:5a:d8:6a:27:38:05:aa:0d:e7:e6:72:54:40:82:86:
         7d:43:06:55:af:53:7b:74:fd:8c:ae:38:09:86:f0:eb:19:05:
         0b:34:1e:d7:78:8f:b9:ba:a1:e1:79:d2:61:82:9f:cd:f7:5c:
         8b:6c:a9:58:d1:ff:ff:17:44:a9:f0:fc:a5:f3:b9:f9:9d:50:
         9d:4b:8f:c1:b1:08:8b:5b:55:dc:3f:5a:eb:60:d6:d0:36:7b:
         b8:a4:71:eb:c7:14:9a:c0:ed:f1:42:76:0a:02:dc:14:33:98:
         87:01:76:d2:42:a3:2c:0e:b3:a3:82:01:a6:52:13:ca:fc:ce:
         eb:f2:1e:74:94:3b:f1:fe:e8:1f:40:e8:93:a9:01:74:88:6d:
         93:dd:e9:bf
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkkDRaMWXRNgnqHEHhGc6SyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiMTRhZWY4MDNkNTBkNzAwYmI5ODUyYWU4YmIyYmI0MDky
NjE2YTUwHhcNMjUwOTA3MTIwMTAxWhcNMjUwOTA4MTIwMTAxWjAzMTEwLwYDVQQD
Eyg3NmRkODYwZTViOGM3YTZkYzQyMzYyOWIyNmY2OTg1MTc5NDMxNDQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2f2LZmCajsFUguiJsofp3GaI8YUC
Rr68wr6mcxwQ13VFfH9XwNba4Dd4bXo2M76k5BlBPRX2l4vr0a+j/TqlJPjZ1Mf5
+Ivmy6enOUF1Shk2l/mVz74fC9qLtvNzLPXzxsB32Cx9WzA2XV4O+GLOzT+d8sB6
xHBmWfSD+nUf/e8jLHCZnKO9JtK5+YfqLZwn+xRMgXXM54JWSOnmbnqVxfiFTMvB
nyV+csiqZVyvaP2FoMFuUU7JapdWed9Yu4cxoReAAImJEQ+81fuAfh5j5fyRKZl/
ULWaADC2mbNhozfgN5vZAe6OPv+kuvE+IdN0MmX/KG55i2RcyX+6bPPj2QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHbdhg5bjHptxCNimyb2mFF5QxRAMB8GA1UdIwQY
MBaAFKsUrvgD1Q1wC7mFKui7K7QJJhalMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcXhTdS1BUFZEWEFMdVlVcTZMc3J0QWttRnFVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMi9mMzJjMmEtYzA1NC00MTdkLThlMGMt
YzAwYmFjZmZmY2U1LzEvcXhTdS1BUFZEWEFMdVlVcTZMc3J0QWttRnFVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMi9mMzJjMmEtYzA1NC00MTdkLThlMGMtYzAwYmFjZmZmY2U1
LzEvcXhTdS1BUFZEWEFMdVlVcTZMc3J0QWttRnFVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEABJ6NElOs
q/L8YHNHYcwjYmHPCLTU6sdau+BQb7n7LQDTTdpZT88c/uuolDdRteaFN2rH62qn
BB7/cuQgKdVMcWTJ1RNV3YEsUT15PvUx0oI3ixQC9nIpYgfA/uummDiP9s6KAxCR
qkyMVVO0np8sWthqJzgFqg3n5nJUQIKGfUMGVa9Te3T9jK44CYbw6xkFCzQe13iP
ubqh4XnSYYKfzfdci2ypWNH//xdEqfD8pfO5+Z1QnUuPwbEIi1tV3D9a62DW0DZ7
uKRx68cUmsDt8UJ2CgLcFDOYhwF20kKjLA6zo4IBplITyvzO6/IedJQ78f7oH0Do
k6kBdIhtk93pvw==
-----END CERTIFICATE-----