Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2c/ecda24-d7c3-446a-af36-fe5634c17cc9/1/Q5OKPegDvWyR8UrZZ71BQbigKK8.mft
File:                     Q5OKPegDvWyR8UrZZ71BQbigKK8.mft (raw, json)
Hash identifier:          CdXPbE0zq0aKvpoUV/JQBmSyR7bM5xslTI6FlZg+5DY=
Subject key identifier:   A3:6E:FB:E0:C5:75:50:36:52:E6:1D:1D:36:B2:C5:6B:AF:F1:D8:79
Authority key identifier: 43:93:8A:3D:E8:03:BD:6C:91:F1:4A:D9:67:BD:41:41:B8:A0:28:AF
Certificate issuer:       /CN=43938a3de803bd6c91f14ad967bd4141b8a028af
Certificate serial:       019A72941051E7C7872E77FCD6BBBE118F53
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Q5OKPegDvWyR8UrZZ71BQbigKK8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2c/ecda24-d7c3-446a-af36-fe5634c17cc9/1/Q5OKPegDvWyR8UrZZ71BQbigKK8.mft
Manifest number:          1440
Signing time:             Tue 11 Nov 2025 11:01:37 +0000
Manifest this update:     Tue 11 Nov 2025 11:01:37 +0000
Manifest next update:     Wed 12 Nov 2025 11:01:37 +0000
Files and hashes:         1: Q5OKPegDvWyR8UrZZ71BQbigKK8.crl (hash: /EbSJuU2lWTnHL3QE9P2TwEW2a8lFh6ezscMrmk+BKA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/2c/ecda24-d7c3-446a-af36-fe5634c17cc9/1/Q5OKPegDvWyR8UrZZ71BQbigKK8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/2c/ecda24-d7c3-446a-af36-fe5634c17cc9/1/Q5OKPegDvWyR8UrZZ71BQbigKK8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Q5OKPegDvWyR8UrZZ71BQbigKK8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 09:00:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:72:94:10:51:e7:c7:87:2e:77:fc:d6:bb:be:11:8f:53
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=43938a3de803bd6c91f14ad967bd4141b8a028af
        Validity
            Not Before: Nov 11 11:01:37 2025 GMT
            Not After : Nov 12 11:01:37 2025 GMT
        Subject: CN=a36efbe0c575503652e61d1d36b2c56baff1d879
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e3:65:95:5e:e8:5f:89:5a:78:b1:08:ed:81:21:
                    96:8e:cc:6b:94:0e:29:da:b5:40:b2:8d:70:7e:88:
                    90:25:6b:1e:ba:d2:eb:74:45:bc:95:ee:9f:e7:10:
                    cc:10:ce:d1:50:ab:92:c4:4c:10:89:03:12:9f:3a:
                    e7:ec:94:ed:2e:72:87:50:33:74:14:67:f5:c5:85:
                    12:e5:03:d9:fe:db:ee:d8:dd:3a:39:ff:c8:da:84:
                    2f:d5:b8:c4:96:1a:6c:8e:54:78:c0:93:1d:b0:b9:
                    92:5e:9d:0f:3d:34:47:41:95:40:b9:c7:8b:ea:3c:
                    d6:26:f3:e7:a6:7f:b9:75:05:aa:a7:42:74:72:24:
                    46:36:0c:86:00:9c:55:51:d3:27:fd:16:fc:12:53:
                    46:b7:b7:8d:08:be:61:e3:a7:03:30:a9:91:51:8d:
                    32:2b:11:4e:c4:02:e2:40:46:c1:17:72:6b:53:2d:
                    ac:6d:ec:0e:6d:6c:d6:b8:46:9a:7f:db:4d:34:a5:
                    6d:8e:b5:ee:bc:54:e7:ce:85:d7:7e:f0:53:b6:3e:
                    3d:25:91:2f:e8:46:69:b8:de:b8:21:c5:ed:3d:9f:
                    d0:2c:0f:f4:c8:74:32:a4:d8:5f:2d:12:63:0a:ff:
                    d2:30:3a:48:13:d3:61:05:63:98:91:4a:17:de:00:
                    88:b5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A3:6E:FB:E0:C5:75:50:36:52:E6:1D:1D:36:B2:C5:6B:AF:F1:D8:79
            X509v3 Authority Key Identifier:
                keyid:43:93:8A:3D:E8:03:BD:6C:91:F1:4A:D9:67:BD:41:41:B8:A0:28:AF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Q5OKPegDvWyR8UrZZ71BQbigKK8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/ecda24-d7c3-446a-af36-fe5634c17cc9/1/Q5OKPegDvWyR8UrZZ71BQbigKK8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/ecda24-d7c3-446a-af36-fe5634c17cc9/1/Q5OKPegDvWyR8UrZZ71BQbigKK8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a0:c6:f8:b4:93:f4:d6:8e:24:c7:e9:e4:1a:d7:fb:32:19:d3:
         e9:41:22:ca:aa:9f:7e:ee:b1:21:91:1b:f0:6d:24:31:2f:0f:
         f0:68:c8:43:6d:e8:9a:43:2d:95:8b:94:aa:cc:3e:95:50:fc:
         db:a4:bc:2a:29:34:23:84:15:23:16:d7:89:76:34:da:cd:1d:
         2c:f2:a9:2e:8f:85:7f:2d:bb:d4:32:e0:f0:dd:b7:25:7b:c0:
         a7:e0:e0:8d:7f:cd:6c:dc:ed:c6:a6:00:b5:c4:cf:b1:7c:98:
         fa:82:3c:14:cc:4c:89:48:7e:d9:8f:1b:53:8b:c3:2b:5e:67:
         a8:dd:8c:b9:93:0a:c5:60:4b:b3:31:9e:1f:20:73:ef:c0:cb:
         fe:97:75:cf:df:19:53:97:e4:fe:fe:a3:23:82:77:bc:0c:db:
         c8:1d:e6:1f:b6:49:0f:81:f0:a8:89:51:2d:ba:03:f5:d0:a9:
         b8:13:34:e2:67:d3:2e:69:97:a3:9d:a9:3b:80:16:c5:46:13:
         9e:71:b8:b4:1e:ef:9d:33:fd:5b:6b:d3:77:3e:b1:61:ae:92:
         af:60:81:1a:35:48:25:b8:a0:09:28:19:0a:24:ed:4c:a3:a7:
         d9:ac:8e:9c:9b:ed:5e:04:26:24:81:be:35:53:55:4a:b5:7c:
         87:dd:5e:70
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpylBBR58eHLnf81ru+EY9TMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzOTM4YTNkZTgwM2JkNmM5MWYxNGFkOTY3YmQ0MTQxYjhh
MDI4YWYwHhcNMjUxMTExMTEwMTM3WhcNMjUxMTEyMTEwMTM3WjAzMTEwLwYDVQQD
EyhhMzZlZmJlMGM1NzU1MDM2NTJlNjFkMWQzNmIyYzU2YmFmZjFkODc5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA42WVXuhfiVp4sQjtgSGWjsxrlA4p
2rVAso1wfoiQJWseutLrdEW8le6f5xDMEM7RUKuSxEwQiQMSnzrn7JTtLnKHUDN0
FGf1xYUS5QPZ/tvu2N06Of/I2oQv1bjElhpsjlR4wJMdsLmSXp0PPTRHQZVAuceL
6jzWJvPnpn+5dQWqp0J0ciRGNgyGAJxVUdMn/Rb8ElNGt7eNCL5h46cDMKmRUY0y
KxFOxALiQEbBF3JrUy2sbewObWzWuEaaf9tNNKVtjrXuvFTnzoXXfvBTtj49JZEv
6EZpuN64IcXtPZ/QLA/0yHQypNhfLRJjCv/SMDpIE9NhBWOYkUoX3gCItQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKNu++DFdVA2UuYdHTayxWuv8dh5MB8GA1UdIwQY
MBaAFEOTij3oA71skfFK2We9QUG4oCivMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUTVPS1BlZ0R2V3lSOFVyWlo3MUJRYmlnS0s4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYy9lY2RhMjQtZDdjMy00NDZhLWFmMzYt
ZmU1NjM0YzE3Y2M5LzEvUTVPS1BlZ0R2V3lSOFVyWlo3MUJRYmlnS0s4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYy9lY2RhMjQtZDdjMy00NDZhLWFmMzYtZmU1NjM0YzE3Y2M5
LzEvUTVPS1BlZ0R2V3lSOFVyWlo3MUJRYmlnS0s4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAoMb4tJP0
1o4kx+nkGtf7MhnT6UEiyqqffu6xIZEb8G0kMS8P8GjIQ23omkMtlYuUqsw+lVD8
26S8Kik0I4QVIxbXiXY02s0dLPKpLo+Ffy271DLg8N23JXvAp+DgjX/NbNztxqYA
tcTPsXyY+oI8FMxMiUh+2Y8bU4vDK15nqN2MuZMKxWBLszGeHyBz78DL/pd1z98Z
U5fk/v6jI4J3vAzbyB3mH7ZJD4HwqIlRLboD9dCpuBM04mfTLmmXo52pO4AWxUYT
nnG4tB7vnTP9W2vTdz6xYa6Sr2CBGjVIJbigCSgZCiTtTKOn2ayOnJvtXgQmJIG+
NVNVSrV8h91ecA==
-----END CERTIFICATE-----