Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/2b136f-0041-4dc4-ac7b-43ecdc3f4bef/1/QAlHG9muvWlFaoNaP7CjUbBSZgI.mft
File:                     QAlHG9muvWlFaoNaP7CjUbBSZgI.mft (raw, json)
Hash identifier:          Q0COtpuwcOE4hhg8HNfQ4tGJmbYZNCVbwO6dPTT+WqY=
Subject key identifier:   F0:D0:08:64:28:A2:EB:67:FA:9D:52:2B:E4:05:1F:F0:6B:93:BD:11
Authority key identifier: 40:09:47:1B:D9:AE:BD:69:45:6A:83:5A:3F:B0:A3:51:B0:52:66:02
Certificate issuer:       /CN=4009471bd9aebd69456a835a3fb0a351b0526602
Certificate serial:       019923D6249608295D9DE1F298386AC57DF7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/QAlHG9muvWlFaoNaP7CjUbBSZgI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/35/2b136f-0041-4dc4-ac7b-43ecdc3f4bef/1/QAlHG9muvWlFaoNaP7CjUbBSZgI.mft
Manifest number:          8E
Signing time:             Sun 07 Sep 2025 11:01:00 +0000
Manifest this update:     Sun 07 Sep 2025 11:01:00 +0000
Manifest next update:     Mon 08 Sep 2025 11:01:00 +0000
Files and hashes:         1: QAlHG9muvWlFaoNaP7CjUbBSZgI.crl (hash: clGdzun4N1eGO+FkmKm9efadcFp0FA6zBiE2F2B5iU4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/35/2b136f-0041-4dc4-ac7b-43ecdc3f4bef/1/QAlHG9muvWlFaoNaP7CjUbBSZgI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/35/2b136f-0041-4dc4-ac7b-43ecdc3f4bef/1/QAlHG9muvWlFaoNaP7CjUbBSZgI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/QAlHG9muvWlFaoNaP7CjUbBSZgI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 07:00:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:23:d6:24:96:08:29:5d:9d:e1:f2:98:38:6a:c5:7d:f7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4009471bd9aebd69456a835a3fb0a351b0526602
        Validity
            Not Before: Sep  7 11:01:00 2025 GMT
            Not After : Sep  8 11:01:00 2025 GMT
        Subject: CN=f0d0086428a2eb67fa9d522be4051ff06b93bd11
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9b:7e:51:e3:d5:3e:f6:88:e8:8c:61:ac:79:93:
                    7a:64:14:bb:c9:0a:c3:72:f7:92:ba:7d:1b:7b:72:
                    b6:85:ce:55:45:b7:00:58:6a:54:09:61:15:c7:c1:
                    2c:ce:51:95:78:71:26:22:4a:cc:f0:7b:2f:ec:31:
                    1d:98:43:02:1c:c1:33:a6:43:5c:43:89:74:06:ee:
                    af:d2:77:1e:75:06:bb:87:2c:1f:5d:ac:c2:65:63:
                    41:3e:18:fd:98:f6:9d:16:72:22:c9:ff:99:56:29:
                    3a:1f:43:17:0f:c4:8d:aa:57:9b:80:b7:5b:03:75:
                    1a:34:d7:67:f7:9b:77:8e:66:2e:3c:de:47:ac:e4:
                    d5:ca:11:6d:b4:72:e4:5f:f3:4a:c4:32:dd:02:e7:
                    bc:f3:f1:d2:50:75:88:69:5e:cf:e4:27:b6:f3:d3:
                    eb:e0:0e:a9:e8:b1:4a:52:fa:2b:73:9c:4e:55:d6:
                    ee:d8:e6:21:2c:11:f8:c1:23:0a:31:19:2c:60:5f:
                    39:bd:f8:c9:7d:5c:fd:91:ff:a8:87:29:74:f0:99:
                    59:2c:7b:c6:eb:db:7c:19:0e:65:51:5e:d1:25:71:
                    8f:fd:f8:b2:5e:6a:fa:55:0e:cc:af:97:72:57:8c:
                    0d:8d:f1:1a:cd:3f:33:ee:b3:d1:01:ba:4d:60:c6:
                    fa:67
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F0:D0:08:64:28:A2:EB:67:FA:9D:52:2B:E4:05:1F:F0:6B:93:BD:11
            X509v3 Authority Key Identifier:
                keyid:40:09:47:1B:D9:AE:BD:69:45:6A:83:5A:3F:B0:A3:51:B0:52:66:02

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QAlHG9muvWlFaoNaP7CjUbBSZgI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/2b136f-0041-4dc4-ac7b-43ecdc3f4bef/1/QAlHG9muvWlFaoNaP7CjUbBSZgI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/35/2b136f-0041-4dc4-ac7b-43ecdc3f4bef/1/QAlHG9muvWlFaoNaP7CjUbBSZgI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         97:6d:0b:64:1f:3c:27:2e:9b:ce:04:f9:cf:9d:c1:87:c8:60:
         ba:f2:f0:a4:05:5e:17:bf:5a:36:27:0f:66:c6:b4:00:ce:7d:
         b6:30:f8:7a:ec:82:38:dd:10:98:cd:1f:8c:92:7b:2a:99:ea:
         d8:c5:71:90:60:e4:16:97:f7:6e:32:8e:5b:aa:10:87:f2:17:
         f7:56:03:d4:b5:2a:c2:6c:46:bf:89:b8:93:c5:8c:89:42:d6:
         20:e3:97:c3:12:75:01:3f:c6:3b:b1:7c:c8:19:a6:bc:ec:71:
         27:6f:33:b7:13:5d:a2:78:a2:27:1a:b6:c3:55:72:c7:8b:32:
         73:57:9d:ad:33:2b:1e:6f:5c:53:45:41:8d:6a:e9:2c:08:37:
         bf:10:8d:96:82:23:d7:df:df:f0:a9:44:fb:f2:d3:be:7a:7b:
         2a:9a:66:6e:10:8d:ab:9d:8a:86:ff:ae:1b:ee:9c:93:cd:b3:
         91:77:c3:cc:5c:e7:cb:b9:56:39:bb:b2:7c:3d:c5:20:8d:30:
         1f:8d:25:e3:6d:eb:8b:b3:71:ee:69:ed:d6:e5:e3:8c:ca:2c:
         cc:f0:8b:b9:6f:95:81:11:56:18:18:1e:45:58:23:b3:5c:64:
         3d:49:e1:5e:6b:b2:65:f5:51:03:e5:ff:6e:1a:f2:fe:b5:0a:
         83:57:3f:01
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkj1iSWCCldneHymDhqxX33MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwMDk0NzFiZDlhZWJkNjk0NTZhODM1YTNmYjBhMzUxYjA1
MjY2MDIwHhcNMjUwOTA3MTEwMTAwWhcNMjUwOTA4MTEwMTAwWjAzMTEwLwYDVQQD
EyhmMGQwMDg2NDI4YTJlYjY3ZmE5ZDUyMmJlNDA1MWZmMDZiOTNiZDExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm35R49U+9ojojGGseZN6ZBS7yQrD
cveSun0be3K2hc5VRbcAWGpUCWEVx8EszlGVeHEmIkrM8Hsv7DEdmEMCHMEzpkNc
Q4l0Bu6v0ncedQa7hywfXazCZWNBPhj9mPadFnIiyf+ZVik6H0MXD8SNqlebgLdb
A3UaNNdn95t3jmYuPN5HrOTVyhFttHLkX/NKxDLdAue88/HSUHWIaV7P5Ce289Pr
4A6p6LFKUvorc5xOVdbu2OYhLBH4wSMKMRksYF85vfjJfVz9kf+ohyl08JlZLHvG
69t8GQ5lUV7RJXGP/fiyXmr6VQ7Mr5dyV4wNjfEazT8z7rPRAbpNYMb6ZwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPDQCGQooutn+p1SK+QFH/Brk70RMB8GA1UdIwQY
MBaAFEAJRxvZrr1pRWqDWj+wo1GwUmYCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUUFsSEc5bXV2V2xGYW9OYVA3Q2pVYkJTWmdJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS8yYjEzNmYtMDA0MS00ZGM0LWFjN2It
NDNlY2RjM2Y0YmVmLzEvUUFsSEc5bXV2V2xGYW9OYVA3Q2pVYkJTWmdJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS8yYjEzNmYtMDA0MS00ZGM0LWFjN2ItNDNlY2RjM2Y0YmVm
LzEvUUFsSEc5bXV2V2xGYW9OYVA3Q2pVYkJTWmdJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAl20LZB88
Jy6bzgT5z53Bh8hguvLwpAVeF79aNicPZsa0AM59tjD4euyCON0QmM0fjJJ7Kpnq
2MVxkGDkFpf3bjKOW6oQh/IX91YD1LUqwmxGv4m4k8WMiULWIOOXwxJ1AT/GO7F8
yBmmvOxxJ28ztxNdoniiJxq2w1Vyx4syc1edrTMrHm9cU0VBjWrpLAg3vxCNloIj
19/f8KlE+/LTvnp7KppmbhCNq52Khv+uG+6ck82zkXfDzFzny7lWObuyfD3FII0w
H40l423ri7Nx7mnt1uXjjMoszPCLuW+VgRFWGBgeRVgjs1xkPUnhXmuyZfVRA+X/
bhry/rUKg1c/AQ==
-----END CERTIFICATE-----