Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/31/5cc4b7-867d-452a-8902-e87932c555f3/1/QcSlZE8EKVIdH9xbuyM6BBsgCIc.mft
File:                     QcSlZE8EKVIdH9xbuyM6BBsgCIc.mft (raw, json)
Hash identifier:          XiZeMk2IL2wyETTcbVBH7JTE/bR06EZFJ9OB3qw0CFk=
Subject key identifier:   45:8F:6A:7A:4C:31:DF:77:61:22:1B:A5:FB:DB:AE:73:0F:2E:96:A9
Authority key identifier: 41:C4:A5:64:4F:04:29:52:1D:1F:DC:5B:BB:23:3A:04:1B:20:08:87
Certificate issuer:       /CN=41c4a5644f0429521d1fdc5bbb233a041b200887
Certificate serial:       0199221F0DC4A1AFE310ADCD9891AF143091
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/QcSlZE8EKVIdH9xbuyM6BBsgCIc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/31/5cc4b7-867d-452a-8902-e87932c555f3/1/QcSlZE8EKVIdH9xbuyM6BBsgCIc.mft
Manifest number:          166D
Signing time:             Sun 07 Sep 2025 03:01:24 +0000
Manifest this update:     Sun 07 Sep 2025 03:01:24 +0000
Manifest next update:     Mon 08 Sep 2025 03:01:24 +0000
Files and hashes:         1: QcSlZE8EKVIdH9xbuyM6BBsgCIc.crl (hash: fElSn3qMQyH5P9BZNx7AvRR3IYQFbqEXORodE/WSp0Y=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/31/5cc4b7-867d-452a-8902-e87932c555f3/1/QcSlZE8EKVIdH9xbuyM6BBsgCIc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/31/5cc4b7-867d-452a-8902-e87932c555f3/1/QcSlZE8EKVIdH9xbuyM6BBsgCIc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/QcSlZE8EKVIdH9xbuyM6BBsgCIc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 03:01:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:22:1f:0d:c4:a1:af:e3:10:ad:cd:98:91:af:14:30:91
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=41c4a5644f0429521d1fdc5bbb233a041b200887
        Validity
            Not Before: Sep  7 03:01:24 2025 GMT
            Not After : Sep  8 03:01:24 2025 GMT
        Subject: CN=458f6a7a4c31df7761221ba5fbdbae730f2e96a9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:d8:ed:7f:ed:43:43:03:3a:cd:1f:dd:f5:72:
                    ab:8e:5a:9b:6f:ba:94:45:bd:4f:26:4a:24:b4:a6:
                    2c:ec:d4:bb:29:96:5a:1e:a0:cc:de:85:1e:1a:ea:
                    4e:5e:23:96:4f:a9:38:02:0d:46:b4:ef:2b:c8:7b:
                    ee:b5:f7:fb:21:2f:ed:44:aa:41:55:c0:d1:16:4a:
                    95:78:b2:8f:c4:e0:68:0c:7b:a4:a7:2a:ef:70:3f:
                    ef:73:57:2b:ad:32:54:b7:40:97:3c:c2:8c:3f:28:
                    b2:a6:5b:5c:ed:bc:27:7c:7c:e9:82:0a:30:4f:e8:
                    23:7e:45:ef:67:dd:f8:b9:40:34:66:44:64:b4:bb:
                    24:5d:e3:04:17:58:84:88:62:97:dd:b7:5c:57:84:
                    11:13:85:30:02:da:dc:2d:12:ba:ed:d8:f0:34:4b:
                    4a:3f:2f:7f:29:a2:7f:f7:71:4d:aa:35:e9:3c:f7:
                    ae:30:5e:b7:9b:8b:2d:5a:28:4b:fe:5b:0d:91:e3:
                    71:42:cf:8f:af:3a:9d:8d:64:19:02:af:07:f3:12:
                    f9:8c:c2:7c:eb:14:3c:cb:aa:29:f1:04:06:a6:c1:
                    b9:0f:70:b9:27:e0:ad:46:6e:51:88:62:3c:c9:c9:
                    78:7a:de:e1:97:ca:2f:be:79:54:b9:e4:93:d6:b1:
                    50:69
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                45:8F:6A:7A:4C:31:DF:77:61:22:1B:A5:FB:DB:AE:73:0F:2E:96:A9
            X509v3 Authority Key Identifier:
                keyid:41:C4:A5:64:4F:04:29:52:1D:1F:DC:5B:BB:23:3A:04:1B:20:08:87

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QcSlZE8EKVIdH9xbuyM6BBsgCIc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/31/5cc4b7-867d-452a-8902-e87932c555f3/1/QcSlZE8EKVIdH9xbuyM6BBsgCIc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/31/5cc4b7-867d-452a-8902-e87932c555f3/1/QcSlZE8EKVIdH9xbuyM6BBsgCIc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         dc:10:14:ec:97:61:d7:87:2f:70:6a:69:7a:01:2e:db:d0:0f:
         09:79:be:8a:7b:95:83:f0:19:ce:1c:d1:fc:b5:af:a7:4d:a1:
         81:61:44:36:90:8a:70:3f:12:06:9e:ea:f0:d0:6a:f2:b8:b4:
         db:3b:f7:ac:ac:2b:b4:d5:4f:33:a7:fd:bf:b7:88:d2:c7:bb:
         d6:36:ff:bb:79:57:50:24:05:70:f5:d9:80:a6:3d:10:06:88:
         d8:c4:4e:70:ee:2b:cf:2b:9d:bc:4a:f3:5d:ce:a0:e7:dd:c1:
         39:b9:1c:53:f1:c8:55:d2:fb:dd:20:d4:b2:0b:86:25:d8:aa:
         cc:f2:7e:24:72:76:cf:13:0e:9d:2a:9c:13:e1:7a:a9:01:e6:
         d1:03:b2:56:01:8a:e9:a4:47:b0:48:0c:fc:6b:93:59:c7:ad:
         c4:96:9d:32:0d:00:47:e2:ea:fb:43:3d:3e:bf:3c:3a:8a:7e:
         f8:be:d0:d0:90:9f:0e:b1:15:b8:ff:4c:18:d6:58:81:c0:9b:
         b9:27:dd:03:29:0c:fd:68:12:fc:23:27:34:d2:a1:1e:24:b7:
         da:8b:34:3c:a3:eb:26:8a:9a:6c:67:81:41:e6:6d:3a:e6:76:
         b5:be:6c:53:33:57:e6:df:9b:ca:96:12:ef:cb:0e:04:19:a7:
         71:3a:82:7d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkiHw3Eoa/jEK3NmJGvFDCRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQxYzRhNTY0NGYwNDI5NTIxZDFmZGM1YmJiMjMzYTA0MWIy
MDA4ODcwHhcNMjUwOTA3MDMwMTI0WhcNMjUwOTA4MDMwMTI0WjAzMTEwLwYDVQQD
Eyg0NThmNmE3YTRjMzFkZjc3NjEyMjFiYTVmYmRiYWU3MzBmMmU5NmE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAotjtf+1DQwM6zR/d9XKrjlqbb7qU
Rb1PJkoktKYs7NS7KZZaHqDM3oUeGupOXiOWT6k4Ag1GtO8ryHvutff7IS/tRKpB
VcDRFkqVeLKPxOBoDHukpyrvcD/vc1crrTJUt0CXPMKMPyiypltc7bwnfHzpggow
T+gjfkXvZ934uUA0ZkRktLskXeMEF1iEiGKX3bdcV4QRE4UwAtrcLRK67djwNEtK
Py9/KaJ/93FNqjXpPPeuMF63m4stWihL/lsNkeNxQs+PrzqdjWQZAq8H8xL5jMJ8
6xQ8y6op8QQGpsG5D3C5J+CtRm5RiGI8ycl4et7hl8ovvnlUueST1rFQaQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEWPanpMMd93YSIbpfvbrnMPLpapMB8GA1UdIwQY
MBaAFEHEpWRPBClSHR/cW7sjOgQbIAiHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUWNTbFpFOEVLVklkSDl4YnV5TTZCQnNnQ0ljLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMS81Y2M0YjctODY3ZC00NTJhLTg5MDIt
ZTg3OTMyYzU1NWYzLzEvUWNTbFpFOEVLVklkSDl4YnV5TTZCQnNnQ0ljLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMS81Y2M0YjctODY3ZC00NTJhLTg5MDItZTg3OTMyYzU1NWYz
LzEvUWNTbFpFOEVLVklkSDl4YnV5TTZCQnNnQ0ljLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEA3BAU7Jdh
14cvcGppegEu29APCXm+inuVg/AZzhzR/LWvp02hgWFENpCKcD8SBp7q8NBq8ri0
2zv3rKwrtNVPM6f9v7eI0se71jb/u3lXUCQFcPXZgKY9EAaI2MROcO4rzyudvErz
Xc6g593BObkcU/HIVdL73SDUsguGJdiqzPJ+JHJ2zxMOnSqcE+F6qQHm0QOyVgGK
6aRHsEgM/GuTWcetxJadMg0AR+Lq+0M9Pr88Oop++L7Q0JCfDrEVuP9MGNZYgcCb
uSfdAykM/WgS/CMnNNKhHiS32os0PKPrJoqabGeBQeZtOuZ2tb5sUzNX5t+bypYS
78sOBBmncTqCfQ==
-----END CERTIFICATE-----