Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/43/98b5dd-7dee-4f4e-9cd1-16320d014c04/1/hQEj5M4rgOvxLkP-5LHBjFxz07Q.mft
File:                     hQEj5M4rgOvxLkP-5LHBjFxz07Q.mft (raw, json)
Hash identifier:          Sf6B2GPylD7YleCBlkuhW9DxeO1G4k/udVsStN2QfjY=
Subject key identifier:   9B:06:13:0E:ED:6C:79:72:6A:52:C5:4B:E4:11:A3:F5:42:DD:86:ED
Authority key identifier: 85:01:23:E4:CE:2B:80:EB:F1:2E:43:FE:E4:B1:C1:8C:5C:73:D3:B4
Certificate issuer:       /CN=850123e4ce2b80ebf12e43fee4b1c18c5c73d3b4
Certificate serial:       019A73A5D913265348D833E0B229D30D82CE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hQEj5M4rgOvxLkP-5LHBjFxz07Q.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/43/98b5dd-7dee-4f4e-9cd1-16320d014c04/1/hQEj5M4rgOvxLkP-5LHBjFxz07Q.mft
Manifest number:          171C
Signing time:             Tue 11 Nov 2025 16:00:40 +0000
Manifest this update:     Tue 11 Nov 2025 16:00:40 +0000
Manifest next update:     Wed 12 Nov 2025 16:00:40 +0000
Files and hashes:         1: hQEj5M4rgOvxLkP-5LHBjFxz07Q.crl (hash: BU/tw8Gcna+IG4iJLxpdPlffjclXuzFoCF8pSu38YcM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/43/98b5dd-7dee-4f4e-9cd1-16320d014c04/1/hQEj5M4rgOvxLkP-5LHBjFxz07Q.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/43/98b5dd-7dee-4f4e-9cd1-16320d014c04/1/hQEj5M4rgOvxLkP-5LHBjFxz07Q.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/hQEj5M4rgOvxLkP-5LHBjFxz07Q.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 09:00:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:73:a5:d9:13:26:53:48:d8:33:e0:b2:29:d3:0d:82:ce
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=850123e4ce2b80ebf12e43fee4b1c18c5c73d3b4
        Validity
            Not Before: Nov 11 16:00:40 2025 GMT
            Not After : Nov 12 16:00:40 2025 GMT
        Subject: CN=9b06130eed6c79726a52c54be411a3f542dd86ed
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:30:83:66:07:07:46:80:3b:f2:52:98:e9:97:
                    0a:64:e0:4a:d3:fd:c2:c7:2a:bb:ce:87:e6:9a:0a:
                    32:9a:62:a1:6f:a3:9b:93:02:fd:4b:e0:ee:02:c7:
                    b7:c0:8e:95:31:4d:78:fb:40:9e:cb:e1:95:78:1c:
                    47:73:fa:4b:e3:1a:7c:73:4f:fd:28:e4:4f:c4:9c:
                    9f:f0:3a:43:c1:95:c7:8a:00:86:73:8f:ef:37:b2:
                    0a:d3:a2:65:5a:a3:66:d2:d8:2b:92:23:65:12:72:
                    88:31:9b:24:48:3f:76:ad:6d:3a:dd:e7:ed:72:0a:
                    62:a0:2c:5a:15:54:bc:c1:b0:96:db:95:84:16:d4:
                    a7:6d:b3:b3:60:2e:9f:48:19:19:d1:f6:34:5a:fd:
                    2f:5a:a3:2b:ed:e7:4c:e4:ff:c8:59:52:52:c1:35:
                    48:34:8c:70:f3:1b:62:fa:5c:b8:da:c0:10:f8:94:
                    d3:1c:5b:ed:38:ee:54:b9:49:b1:de:3e:a3:36:0d:
                    9f:eb:91:75:3d:28:33:87:13:9f:f6:5b:43:6b:4c:
                    2a:44:37:b0:5f:ad:e3:db:77:b2:1d:1e:47:94:18:
                    84:5d:99:8c:47:26:c7:f8:9f:f0:88:53:91:61:88:
                    e7:b6:28:4f:5a:34:14:5e:8c:b9:76:7b:4b:87:9e:
                    9b:4f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9B:06:13:0E:ED:6C:79:72:6A:52:C5:4B:E4:11:A3:F5:42:DD:86:ED
            X509v3 Authority Key Identifier:
                keyid:85:01:23:E4:CE:2B:80:EB:F1:2E:43:FE:E4:B1:C1:8C:5C:73:D3:B4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hQEj5M4rgOvxLkP-5LHBjFxz07Q.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/43/98b5dd-7dee-4f4e-9cd1-16320d014c04/1/hQEj5M4rgOvxLkP-5LHBjFxz07Q.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/43/98b5dd-7dee-4f4e-9cd1-16320d014c04/1/hQEj5M4rgOvxLkP-5LHBjFxz07Q.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         69:a9:a3:a9:92:4d:51:8e:d7:19:b2:0b:bb:83:c9:91:f5:65:
         65:09:19:04:f4:98:2b:81:88:15:ff:75:ab:5b:e6:6e:39:16:
         f1:46:db:92:8a:09:9d:17:8a:97:4c:b0:8c:53:66:48:ef:66:
         39:99:fb:c3:44:d9:9b:c1:65:9d:60:17:02:a5:73:57:f2:87:
         a0:1f:9c:aa:32:25:99:59:94:87:c8:bc:7b:50:a2:fd:45:ed:
         57:82:6f:3c:dd:ec:63:b7:63:bb:58:37:1a:72:10:8f:a9:75:
         f2:67:9e:73:24:e9:f9:0b:97:e1:6e:bf:99:32:20:ab:ac:8a:
         8b:77:ed:a9:82:3e:97:76:bc:06:66:a6:42:14:e6:bc:46:de:
         96:60:85:6e:69:4e:07:f1:fa:28:6b:25:f6:e5:1d:e3:b5:e7:
         5c:a7:db:a7:5b:d2:f1:01:7b:5d:69:10:cb:65:92:bd:0e:7c:
         17:c2:89:f3:1f:d9:18:6b:1e:18:8f:85:7d:28:de:98:45:4f:
         99:f6:49:4c:81:1a:62:40:aa:4d:56:79:44:7d:b1:9c:6e:2d:
         5d:25:39:9a:ec:81:17:64:e7:60:e7:6c:d7:33:8e:ca:44:10:
         e9:ee:27:b3:f4:61:95:01:a5:6e:99:46:f2:0c:81:c7:09:31:
         cd:09:86:2c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpzpdkTJlNI2DPgsinTDYLOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1MDEyM2U0Y2UyYjgwZWJmMTJlNDNmZWU0YjFjMThjNWM3
M2QzYjQwHhcNMjUxMTExMTYwMDQwWhcNMjUxMTEyMTYwMDQwWjAzMTEwLwYDVQQD
Eyg5YjA2MTMwZWVkNmM3OTcyNmE1MmM1NGJlNDExYTNmNTQyZGQ4NmVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtjCDZgcHRoA78lKY6ZcKZOBK0/3C
xyq7zofmmgoymmKhb6ObkwL9S+DuAse3wI6VMU14+0Cey+GVeBxHc/pL4xp8c0/9
KORPxJyf8DpDwZXHigCGc4/vN7IK06JlWqNm0tgrkiNlEnKIMZskSD92rW063eft
cgpioCxaFVS8wbCW25WEFtSnbbOzYC6fSBkZ0fY0Wv0vWqMr7edM5P/IWVJSwTVI
NIxw8xti+ly42sAQ+JTTHFvtOO5UuUmx3j6jNg2f65F1PSgzhxOf9ltDa0wqRDew
X63j23eyHR5HlBiEXZmMRybH+J/wiFORYYjntihPWjQUXoy5dntLh56bTwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJsGEw7tbHlyalLFS+QRo/VC3YbtMB8GA1UdIwQY
MBaAFIUBI+TOK4Dr8S5D/uSxwYxcc9O0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaFFFajVNNHJnT3Z4TGtQLTVMSEJqRnh6MDdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80My85OGI1ZGQtN2RlZS00ZjRlLTljZDEt
MTYzMjBkMDE0YzA0LzEvaFFFajVNNHJnT3Z4TGtQLTVMSEJqRnh6MDdRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80My85OGI1ZGQtN2RlZS00ZjRlLTljZDEtMTYzMjBkMDE0YzA0
LzEvaFFFajVNNHJnT3Z4TGtQLTVMSEJqRnh6MDdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAaamjqZJN
UY7XGbILu4PJkfVlZQkZBPSYK4GIFf91q1vmbjkW8UbbkooJnReKl0ywjFNmSO9m
OZn7w0TZm8FlnWAXAqVzV/KHoB+cqjIlmVmUh8i8e1Ci/UXtV4JvPN3sY7dju1g3
GnIQj6l18meecyTp+QuX4W6/mTIgq6yKi3ftqYI+l3a8BmamQhTmvEbelmCFbmlO
B/H6KGsl9uUd47XnXKfbp1vS8QF7XWkQy2WSvQ58F8KJ8x/ZGGseGI+FfSjemEVP
mfZJTIEaYkCqTVZ5RH2xnG4tXSU5muyBF2TnYOds1zOOykQQ6e4ns/RhlQGlbplG
8gyBxwkxzQmGLA==
-----END CERTIFICATE-----