Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2c/000485-721f-4d97-a0f2-5bdb2c60102d/1/QhO1RxlmwlYQ2VpaL6XMBvyT_1c.mft
File:                     QhO1RxlmwlYQ2VpaL6XMBvyT_1c.mft (raw, json)
Hash identifier:          DPG57NPjTW70BxPL1EygecklENItSCkvzjnpJYmYvzc=
Subject key identifier:   94:58:64:BF:6C:7F:85:1B:BF:2A:54:AD:A6:73:2C:D7:3B:EE:31:D7
Authority key identifier: 42:13:B5:47:19:66:C2:56:10:D9:5A:5A:2F:A5:CC:06:FC:93:FF:57
Certificate issuer:       /CN=4213b5471966c25610d95a5a2fa5cc06fc93ff57
Certificate serial:       019916BF31C05928B0D7E211B758AD46C8DF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/QhO1RxlmwlYQ2VpaL6XMBvyT_1c.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2c/000485-721f-4d97-a0f2-5bdb2c60102d/1/QhO1RxlmwlYQ2VpaL6XMBvyT_1c.mft
Manifest number:          058F
Signing time:             Thu 04 Sep 2025 22:00:52 +0000
Manifest this update:     Thu 04 Sep 2025 22:00:52 +0000
Manifest next update:     Fri 05 Sep 2025 22:00:52 +0000
Files and hashes:         1: QhO1RxlmwlYQ2VpaL6XMBvyT_1c.crl (hash: VJt9EtMehsQjKCDtsgZ0Mkzw9QglvetcehnAADXb9ms=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/2c/000485-721f-4d97-a0f2-5bdb2c60102d/1/QhO1RxlmwlYQ2VpaL6XMBvyT_1c.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/2c/000485-721f-4d97-a0f2-5bdb2c60102d/1/QhO1RxlmwlYQ2VpaL6XMBvyT_1c.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/QhO1RxlmwlYQ2VpaL6XMBvyT_1c.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 05 Sep 2025 19:46:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:16:bf:31:c0:59:28:b0:d7:e2:11:b7:58:ad:46:c8:df
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4213b5471966c25610d95a5a2fa5cc06fc93ff57
        Validity
            Not Before: Sep  4 22:00:52 2025 GMT
            Not After : Sep  5 22:00:52 2025 GMT
        Subject: CN=945864bf6c7f851bbf2a54ada6732cd73bee31d7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:65:a1:27:fe:ee:e7:d9:45:e8:f5:4e:35:d6:
                    a3:c7:c6:bb:ca:d1:fe:94:e1:41:d0:60:de:2d:20:
                    af:81:53:5f:06:7d:c2:5f:d5:38:0a:c3:eb:fb:47:
                    88:9e:66:30:9e:32:e6:91:04:96:1d:51:9f:e4:32:
                    0b:ef:24:89:b7:42:a3:6a:94:3d:9e:9a:fa:14:37:
                    fd:ca:72:09:95:4c:8e:ae:80:fd:89:d6:4c:bb:08:
                    6d:9f:96:2a:82:17:8c:09:aa:f7:f6:bf:0d:54:57:
                    45:1b:7f:a3:d2:bd:9a:91:7c:70:d7:14:f1:a2:1a:
                    36:15:43:ab:68:32:e8:4b:e7:97:11:73:ca:b7:a1:
                    52:13:11:c8:8d:fb:fe:8d:8e:80:36:10:70:20:f1:
                    c6:0a:2e:41:9a:83:c8:ac:28:6a:c4:c2:03:ce:b4:
                    66:b9:ee:5a:2d:2c:e6:a5:32:2c:d9:b9:87:2d:49:
                    4a:e0:62:d9:af:bc:0a:57:6a:22:c3:dc:63:81:a2:
                    d9:db:84:ee:0f:2b:01:d4:14:46:02:f5:c9:e4:f1:
                    73:c0:5b:f9:8d:7e:45:7f:8e:fd:00:eb:11:27:41:
                    d8:03:b7:d6:6d:f7:a2:38:21:e0:87:f4:16:17:58:
                    28:f5:bf:4a:c5:65:1d:57:7d:26:c0:57:fb:16:bb:
                    16:e5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                94:58:64:BF:6C:7F:85:1B:BF:2A:54:AD:A6:73:2C:D7:3B:EE:31:D7
            X509v3 Authority Key Identifier:
                keyid:42:13:B5:47:19:66:C2:56:10:D9:5A:5A:2F:A5:CC:06:FC:93:FF:57

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QhO1RxlmwlYQ2VpaL6XMBvyT_1c.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/000485-721f-4d97-a0f2-5bdb2c60102d/1/QhO1RxlmwlYQ2VpaL6XMBvyT_1c.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/000485-721f-4d97-a0f2-5bdb2c60102d/1/QhO1RxlmwlYQ2VpaL6XMBvyT_1c.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7f:a3:23:cf:e6:0d:96:bb:39:c6:e3:d4:9b:c0:47:b7:9f:2b:
         3b:d8:c0:56:e7:af:61:f1:6a:e1:ca:44:7e:d5:c6:53:8e:22:
         04:97:4b:40:06:70:1d:f7:52:cd:2a:b8:ec:ba:18:c8:86:eb:
         c5:9d:08:fe:b4:c1:1f:67:d7:8d:69:69:59:9d:78:94:de:fc:
         91:a0:fb:fb:c1:73:ad:27:59:6c:f1:e6:03:af:b6:a0:52:2b:
         19:2a:3c:c2:f6:2c:f1:0e:01:f8:8d:6f:4f:66:99:5e:2b:3d:
         af:c7:ce:18:b0:92:cf:24:d7:80:38:2c:f4:08:aa:bc:b8:6c:
         14:19:34:8a:af:46:49:9f:8e:8c:d1:2f:a8:07:9b:26:37:a5:
         cc:cd:ef:36:48:fe:b8:cf:bb:ca:60:9d:0f:d0:3f:c9:72:8c:
         43:53:a6:8b:97:f7:c4:42:44:28:65:e4:45:8b:72:dc:f3:a2:
         26:16:e5:93:93:00:60:b7:8a:fa:a1:6a:a6:e2:48:59:b5:d4:
         ca:c9:e4:10:a4:2e:dc:f1:12:7a:71:9b:68:72:6e:d8:33:d2:
         62:94:1a:55:69:4c:01:73:33:6c:02:b9:94:e6:eb:63:f3:9c:
         86:e1:1c:4b:37:bc:8e:f7:d5:72:64:61:59:81:fe:ff:a3:b1:
         36:68:bf:10
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkWvzHAWSiw1+IRt1itRsjfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQyMTNiNTQ3MTk2NmMyNTYxMGQ5NWE1YTJmYTVjYzA2ZmM5
M2ZmNTcwHhcNMjUwOTA0MjIwMDUyWhcNMjUwOTA1MjIwMDUyWjAzMTEwLwYDVQQD
Eyg5NDU4NjRiZjZjN2Y4NTFiYmYyYTU0YWRhNjczMmNkNzNiZWUzMWQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsmWhJ/7u59lF6PVONdajx8a7ytH+
lOFB0GDeLSCvgVNfBn3CX9U4CsPr+0eInmYwnjLmkQSWHVGf5DIL7ySJt0KjapQ9
npr6FDf9ynIJlUyOroD9idZMuwhtn5YqgheMCar39r8NVFdFG3+j0r2akXxw1xTx
oho2FUOraDLoS+eXEXPKt6FSExHIjfv+jY6ANhBwIPHGCi5BmoPIrChqxMIDzrRm
ue5aLSzmpTIs2bmHLUlK4GLZr7wKV2oiw9xjgaLZ24TuDysB1BRGAvXJ5PFzwFv5
jX5Ff479AOsRJ0HYA7fWbfeiOCHgh/QWF1go9b9KxWUdV30mwFf7FrsW5QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJRYZL9sf4UbvypUraZzLNc77jHXMB8GA1UdIwQY
MBaAFEITtUcZZsJWENlaWi+lzAb8k/9XMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUWhPMVJ4bG13bFlRMlZwYUw2WE1CdnlUXzFjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYy8wMDA0ODUtNzIxZi00ZDk3LWEwZjIt
NWJkYjJjNjAxMDJkLzEvUWhPMVJ4bG13bFlRMlZwYUw2WE1CdnlUXzFjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYy8wMDA0ODUtNzIxZi00ZDk3LWEwZjItNWJkYjJjNjAxMDJk
LzEvUWhPMVJ4bG13bFlRMlZwYUw2WE1CdnlUXzFjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAf6Mjz+YN
lrs5xuPUm8BHt58rO9jAVuevYfFq4cpEftXGU44iBJdLQAZwHfdSzSq47LoYyIbr
xZ0I/rTBH2fXjWlpWZ14lN78kaD7+8FzrSdZbPHmA6+2oFIrGSo8wvYs8Q4B+I1v
T2aZXis9r8fOGLCSzyTXgDgs9AiqvLhsFBk0iq9GSZ+OjNEvqAebJjelzM3vNkj+
uM+7ymCdD9A/yXKMQ1Omi5f3xEJEKGXkRYty3POiJhblk5MAYLeK+qFqpuJIWbXU
ysnkEKQu3PESenGbaHJu2DPSYpQaVWlMAXMzbAK5lObrY/OchuEcSze8jvfVcmRh
WYH+/6OxNmi/EA==
-----END CERTIFICATE-----