Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/ac0b0a-2e83-469d-b89b-326808eccccc/1/QpeJWSkM6bssG1thREOEQVta-tY.mft
File:                     QpeJWSkM6bssG1thREOEQVta-tY.mft (raw, json)
Hash identifier:          2JkExi+KllhjZPErz3G5wnoZb1aySbpO5X1ae0UA7TM=
Subject key identifier:   86:C1:F3:F1:C4:52:38:29:FB:F5:99:BF:DD:F3:45:C3:1D:C6:6C:9A
Authority key identifier: 42:97:89:59:29:0C:E9:BB:2C:1B:5B:61:44:43:84:41:5B:5A:FA:D6
Certificate issuer:       /CN=42978959290ce9bb2c1b5b61444384415b5afad6
Certificate serial:       019921B10D49B2E4EA18EB22C1887CD6C1A4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/QpeJWSkM6bssG1thREOEQVta-tY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/33/ac0b0a-2e83-469d-b89b-326808eccccc/1/QpeJWSkM6bssG1thREOEQVta-tY.mft
Manifest number:          166D
Signing time:             Sun 07 Sep 2025 01:01:15 +0000
Manifest this update:     Sun 07 Sep 2025 01:01:15 +0000
Manifest next update:     Mon 08 Sep 2025 01:01:15 +0000
Files and hashes:         1: QpeJWSkM6bssG1thREOEQVta-tY.crl (hash: wrzmvGn1OTRG9RClef7VVUy+9NxlFUCGHa2XaLoK8AE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/33/ac0b0a-2e83-469d-b89b-326808eccccc/1/QpeJWSkM6bssG1thREOEQVta-tY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/33/ac0b0a-2e83-469d-b89b-326808eccccc/1/QpeJWSkM6bssG1thREOEQVta-tY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/QpeJWSkM6bssG1thREOEQVta-tY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 01:01:15 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:21:b1:0d:49:b2:e4:ea:18:eb:22:c1:88:7c:d6:c1:a4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=42978959290ce9bb2c1b5b61444384415b5afad6
        Validity
            Not Before: Sep  7 01:01:15 2025 GMT
            Not After : Sep  8 01:01:15 2025 GMT
        Subject: CN=86c1f3f1c4523829fbf599bfddf345c31dc66c9a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:da:34:4f:09:39:02:04:ec:3c:dd:de:2e:cd:81:
                    b4:d2:2e:ef:28:02:32:bb:fc:12:72:66:f9:81:87:
                    b6:ed:89:73:39:c1:57:36:fa:d2:d5:2f:eb:81:29:
                    7a:13:f0:d7:56:59:d6:3f:74:5f:69:5f:be:3a:05:
                    7f:ea:05:05:aa:9b:6b:2d:ea:b2:47:aa:bc:9d:ed:
                    6e:a8:8f:d5:03:04:e2:b7:e5:7c:be:ec:85:9b:69:
                    e3:92:69:5a:b6:ea:80:fa:5d:da:68:7a:86:c1:05:
                    a4:c7:3f:79:a8:00:d3:3f:6d:33:31:7c:27:3f:52:
                    87:65:d8:8e:a8:21:04:b1:ba:a7:62:38:21:0e:0e:
                    ea:cc:a3:5d:4f:49:ea:ce:80:46:ef:0f:1d:93:6e:
                    97:6e:16:1c:d7:4f:b3:1e:55:20:fb:c4:04:1e:fb:
                    7e:aa:36:3a:f0:1d:38:c4:3d:31:d7:1d:d7:bf:ec:
                    9b:e7:bf:c9:96:b6:cf:3a:13:76:49:b7:c8:c5:52:
                    6e:de:80:68:2a:22:7b:75:bd:93:a3:1d:aa:23:ad:
                    2e:98:75:0a:bd:db:c1:a2:f5:f1:c0:b0:ee:c0:3d:
                    16:2e:1c:ee:23:8f:04:b1:86:46:42:c4:f2:f7:43:
                    f3:9a:7d:20:47:45:75:7f:56:ef:33:81:35:64:12:
                    75:1f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                86:C1:F3:F1:C4:52:38:29:FB:F5:99:BF:DD:F3:45:C3:1D:C6:6C:9A
            X509v3 Authority Key Identifier:
                keyid:42:97:89:59:29:0C:E9:BB:2C:1B:5B:61:44:43:84:41:5B:5A:FA:D6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QpeJWSkM6bssG1thREOEQVta-tY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/ac0b0a-2e83-469d-b89b-326808eccccc/1/QpeJWSkM6bssG1thREOEQVta-tY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/33/ac0b0a-2e83-469d-b89b-326808eccccc/1/QpeJWSkM6bssG1thREOEQVta-tY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         71:66:9a:94:2c:09:f1:2a:34:47:b2:d8:2e:1f:9f:e7:04:fd:
         c4:38:13:f8:d5:42:18:8f:eb:02:a3:b7:17:3c:1a:5a:1b:5a:
         4c:4a:20:ad:14:a2:86:5d:c4:93:b3:4a:fe:83:f3:db:88:a2:
         45:51:53:e7:4d:6a:ed:39:4d:52:76:50:f1:d8:57:23:7e:fd:
         14:a9:a5:9e:38:00:0a:b2:e7:08:c2:cd:e1:af:88:19:a2:49:
         c9:93:6a:6b:3f:5b:cd:78:18:f8:1f:6b:fc:0c:c0:15:73:7b:
         c4:cb:4e:c2:31:95:48:e8:b3:f7:1f:c4:58:4c:04:15:07:9b:
         a9:60:56:dd:58:0a:6a:2f:48:b3:14:11:c8:5a:78:74:37:47:
         35:85:a8:e5:eb:e1:62:73:36:8f:79:fb:b3:f3:86:a3:78:16:
         f9:9c:61:aa:75:08:90:1f:56:32:9b:ff:f4:21:45:4a:3a:36:
         3d:99:ca:5d:b0:ae:d0:14:ab:07:3e:9f:fb:32:48:0e:01:a2:
         21:63:f1:49:21:8a:5d:9a:5d:c0:fb:64:64:85:df:91:0b:08:
         35:a6:ff:c7:20:17:44:60:bf:c9:c8:c5:c6:1a:9c:f9:dd:a2:
         89:05:db:25:9f:92:0e:f9:d5:ac:5f:2a:ec:83:4f:2d:d8:6d:
         cd:cf:e8:21
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkhsQ1JsuTqGOsiwYh81sGkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQyOTc4OTU5MjkwY2U5YmIyYzFiNWI2MTQ0NDM4NDQxNWI1
YWZhZDYwHhcNMjUwOTA3MDEwMTE1WhcNMjUwOTA4MDEwMTE1WjAzMTEwLwYDVQQD
Eyg4NmMxZjNmMWM0NTIzODI5ZmJmNTk5YmZkZGYzNDVjMzFkYzY2YzlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2jRPCTkCBOw83d4uzYG00i7vKAIy
u/wScmb5gYe27YlzOcFXNvrS1S/rgSl6E/DXVlnWP3RfaV++OgV/6gUFqptrLeqy
R6q8ne1uqI/VAwTit+V8vuyFm2njkmlatuqA+l3aaHqGwQWkxz95qADTP20zMXwn
P1KHZdiOqCEEsbqnYjghDg7qzKNdT0nqzoBG7w8dk26XbhYc10+zHlUg+8QEHvt+
qjY68B04xD0x1x3Xv+yb57/JlrbPOhN2SbfIxVJu3oBoKiJ7db2Tox2qI60umHUK
vdvBovXxwLDuwD0WLhzuI48EsYZGQsTy90Pzmn0gR0V1f1bvM4E1ZBJ1HwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIbB8/HEUjgp+/WZv93zRcMdxmyaMB8GA1UdIwQY
MBaAFEKXiVkpDOm7LBtbYURDhEFbWvrWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXBlSldTa002YnNzRzF0aFJFT0VRVnRhLXRZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy9hYzBiMGEtMmU4My00NjlkLWI4OWIt
MzI2ODA4ZWNjY2NjLzEvUXBlSldTa002YnNzRzF0aFJFT0VRVnRhLXRZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMy9hYzBiMGEtMmU4My00NjlkLWI4OWItMzI2ODA4ZWNjY2Nj
LzEvUXBlSldTa002YnNzRzF0aFJFT0VRVnRhLXRZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAcWaalCwJ
8So0R7LYLh+f5wT9xDgT+NVCGI/rAqO3FzwaWhtaTEogrRSihl3Ek7NK/oPz24ii
RVFT501q7TlNUnZQ8dhXI379FKmlnjgACrLnCMLN4a+IGaJJyZNqaz9bzXgY+B9r
/AzAFXN7xMtOwjGVSOiz9x/EWEwEFQebqWBW3VgKai9IsxQRyFp4dDdHNYWo5evh
YnM2j3n7s/OGo3gW+ZxhqnUIkB9WMpv/9CFFSjo2PZnKXbCu0BSrBz6f+zJIDgGi
IWPxSSGKXZpdwPtkZIXfkQsINab/xyAXRGC/ycjFxhqc+d2iiQXbJZ+SDvnVrF8q
7INPLdhtzc/oIQ==
-----END CERTIFICATE-----