Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/55/e5654c-9fe7-4793-8a8f-40edadeee860/1/QIsP5ljrlvtQsTX3G7kvJ7ksE5Q.mft
File:                     QIsP5ljrlvtQsTX3G7kvJ7ksE5Q.mft (raw, json)
Hash identifier:          m3t7ClmKSKCIMw2xxBScMtY/jJUtYzWDoIuuIjip/nc=
Subject key identifier:   39:17:FC:E5:57:AC:5C:8D:18:3B:ED:17:93:03:FE:F2:85:CB:D2:63
Authority key identifier: 40:8B:0F:E6:58:EB:96:FB:50:B1:35:F7:1B:B9:2F:27:B9:2C:13:94
Certificate issuer:       /CN=408b0fe658eb96fb50b135f71bb92f27b92c1394
Certificate serial:       0199244382636D0183BC4F150A2DF2C2938D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/QIsP5ljrlvtQsTX3G7kvJ7ksE5Q.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/55/e5654c-9fe7-4793-8a8f-40edadeee860/1/QIsP5ljrlvtQsTX3G7kvJ7ksE5Q.mft
Manifest number:          166E
Signing time:             Sun 07 Sep 2025 13:00:27 +0000
Manifest this update:     Sun 07 Sep 2025 13:00:27 +0000
Manifest next update:     Mon 08 Sep 2025 13:00:27 +0000
Files and hashes:         1: QIsP5ljrlvtQsTX3G7kvJ7ksE5Q.crl (hash: ENxDMTe1eAluFHJzCegaEi+d8jFbruEsnOLUKVzxZMs=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/55/e5654c-9fe7-4793-8a8f-40edadeee860/1/QIsP5ljrlvtQsTX3G7kvJ7ksE5Q.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/55/e5654c-9fe7-4793-8a8f-40edadeee860/1/QIsP5ljrlvtQsTX3G7kvJ7ksE5Q.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/QIsP5ljrlvtQsTX3G7kvJ7ksE5Q.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 07:00:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:24:43:82:63:6d:01:83:bc:4f:15:0a:2d:f2:c2:93:8d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=408b0fe658eb96fb50b135f71bb92f27b92c1394
        Validity
            Not Before: Sep  7 13:00:27 2025 GMT
            Not After : Sep  8 13:00:27 2025 GMT
        Subject: CN=3917fce557ac5c8d183bed179303fef285cbd263
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9a:c3:18:a2:7a:49:fc:e3:1b:71:13:a5:d6:64:
                    61:b5:c7:65:45:80:4b:35:02:a1:25:b3:40:79:a3:
                    ca:d8:14:88:05:87:d0:91:fb:e6:0e:4e:03:48:be:
                    77:93:9c:7e:e1:07:e5:01:2a:a7:f7:f0:a5:32:10:
                    a2:3d:e6:fb:30:39:9e:ed:ff:18:ce:94:e8:4a:90:
                    a6:06:c6:82:5f:ee:78:db:1a:d5:b5:02:3b:cb:27:
                    f5:1f:a7:7a:ac:b0:e4:23:71:1a:de:66:5f:9e:b1:
                    72:0a:12:2b:ed:38:d3:88:62:ef:6c:63:ed:26:10:
                    43:db:4c:64:8b:72:5d:42:6d:67:77:29:cd:8d:13:
                    9c:33:74:4c:3e:ff:e4:7d:b6:a4:d5:19:76:09:29:
                    09:3d:6a:d0:93:d6:45:cd:56:56:f8:01:8d:0c:a1:
                    35:6d:b7:71:44:42:14:3d:6d:6e:65:44:10:71:14:
                    35:56:4e:19:59:c6:83:82:e0:fc:4a:ee:45:60:0d:
                    23:6b:18:c1:3f:d7:6e:43:47:6a:4e:6b:96:ad:1a:
                    45:cd:5e:95:78:dd:f1:9b:31:fb:37:18:7f:9c:38:
                    aa:03:60:49:1e:31:3c:12:fe:61:0e:0b:66:e7:e8:
                    20:09:ed:90:5b:3f:ac:3e:d6:e4:bf:4c:03:f1:52:
                    35:69
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                39:17:FC:E5:57:AC:5C:8D:18:3B:ED:17:93:03:FE:F2:85:CB:D2:63
            X509v3 Authority Key Identifier:
                keyid:40:8B:0F:E6:58:EB:96:FB:50:B1:35:F7:1B:B9:2F:27:B9:2C:13:94

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QIsP5ljrlvtQsTX3G7kvJ7ksE5Q.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/55/e5654c-9fe7-4793-8a8f-40edadeee860/1/QIsP5ljrlvtQsTX3G7kvJ7ksE5Q.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/55/e5654c-9fe7-4793-8a8f-40edadeee860/1/QIsP5ljrlvtQsTX3G7kvJ7ksE5Q.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6c:7b:ab:30:41:35:92:b4:7b:39:15:cd:24:41:9d:ab:d7:66:
         d8:24:9c:23:c2:98:f4:b7:30:8b:32:89:1d:f9:f4:14:64:63:
         44:34:ef:f8:71:51:69:ca:7f:07:6b:84:3f:5e:6c:9a:29:6b:
         8b:4b:da:1d:90:e7:8a:1c:01:a1:13:ba:9c:1a:d6:f6:5a:1a:
         1a:12:d9:ad:34:9a:e4:2d:41:f0:70:2f:88:20:04:c9:93:df:
         ca:0b:35:1d:97:81:80:96:f3:b2:8e:b6:e0:a2:e6:7d:1c:66:
         f5:c4:a3:bc:bb:4b:45:c8:4d:b7:04:17:05:2b:44:47:98:9f:
         6d:3b:46:63:a5:ba:6d:8b:b1:3d:7f:4c:36:8d:e5:16:65:8c:
         51:5c:ac:23:42:a7:b9:d1:97:74:a1:f2:af:ad:01:0a:fb:fe:
         1c:dc:82:a5:ad:80:72:fe:4d:6e:d0:11:f3:4f:6b:c6:cd:71:
         74:54:a9:19:e5:77:21:88:c1:14:89:6b:05:bc:fb:2a:7e:3f:
         79:fc:a0:45:8f:dd:13:54:18:13:74:cb:ac:0d:4a:66:bc:d1:
         c1:04:99:63:4d:f7:2f:6e:b4:86:d1:48:68:1f:8f:ce:01:c7:
         4f:b1:78:68:c5:6a:4f:c6:56:8f:7b:64:a8:ec:e4:62:0c:c4:
         f1:e2:9e:38
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkkQ4JjbQGDvE8VCi3ywpONMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwOGIwZmU2NThlYjk2ZmI1MGIxMzVmNzFiYjkyZjI3Yjky
YzEzOTQwHhcNMjUwOTA3MTMwMDI3WhcNMjUwOTA4MTMwMDI3WjAzMTEwLwYDVQQD
EygzOTE3ZmNlNTU3YWM1YzhkMTgzYmVkMTc5MzAzZmVmMjg1Y2JkMjYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmsMYonpJ/OMbcROl1mRhtcdlRYBL
NQKhJbNAeaPK2BSIBYfQkfvmDk4DSL53k5x+4QflASqn9/ClMhCiPeb7MDme7f8Y
zpToSpCmBsaCX+542xrVtQI7yyf1H6d6rLDkI3Ea3mZfnrFyChIr7TjTiGLvbGPt
JhBD20xki3JdQm1ndynNjROcM3RMPv/kfbak1Rl2CSkJPWrQk9ZFzVZW+AGNDKE1
bbdxREIUPW1uZUQQcRQ1Vk4ZWcaDguD8Su5FYA0jaxjBP9duQ0dqTmuWrRpFzV6V
eN3xmzH7Nxh/nDiqA2BJHjE8Ev5hDgtm5+ggCe2QWz+sPtbkv0wD8VI1aQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDkX/OVXrFyNGDvtF5MD/vKFy9JjMB8GA1UdIwQY
MBaAFECLD+ZY65b7ULE19xu5Lye5LBOUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUUlzUDVsanJsdnRRc1RYM0c3a3ZKN2tzRTVRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NS9lNTY1NGMtOWZlNy00NzkzLThhOGYt
NDBlZGFkZWVlODYwLzEvUUlzUDVsanJsdnRRc1RYM0c3a3ZKN2tzRTVRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NS9lNTY1NGMtOWZlNy00NzkzLThhOGYtNDBlZGFkZWVlODYw
LzEvUUlzUDVsanJsdnRRc1RYM0c3a3ZKN2tzRTVRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAbHurMEE1
krR7ORXNJEGdq9dm2CScI8KY9LcwizKJHfn0FGRjRDTv+HFRacp/B2uEP15smilr
i0vaHZDnihwBoRO6nBrW9loaGhLZrTSa5C1B8HAviCAEyZPfygs1HZeBgJbzso62
4KLmfRxm9cSjvLtLRchNtwQXBStER5ifbTtGY6W6bYuxPX9MNo3lFmWMUVysI0Kn
udGXdKHyr60BCvv+HNyCpa2Acv5NbtAR809rxs1xdFSpGeV3IYjBFIlrBbz7Kn4/
efygRY/dE1QYE3TLrA1KZrzRwQSZY033L260htFIaB+PzgHHT7F4aMVqT8ZWj3tk
qOzkYgzE8eKeOA==
-----END CERTIFICATE-----