Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/0f1aaf-b173-4ce1-bcba-cc353ebacba6/1/QxxX4ZIdMaNK69EuUHoTb-BFmMY.mft
File:                     QxxX4ZIdMaNK69EuUHoTb-BFmMY.mft (raw, json)
Hash identifier:          1GZDSyBDXek1PnTBDR4GJ+tsa6OzL9XrDiUYxepFRjU=
Subject key identifier:   FD:0D:59:57:AE:EC:2B:37:94:9C:25:50:32:FC:79:9B:9C:73:97:D7
Authority key identifier: 43:1C:57:E1:92:1D:31:A3:4A:EB:D1:2E:50:7A:13:6F:E0:45:98:C6
Certificate issuer:       /CN=431c57e1921d31a34aebd12e507a136fe04598c6
Certificate serial:       019A7301593DAFBD5778DE5C887717973723
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/QxxX4ZIdMaNK69EuUHoTb-BFmMY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/65/0f1aaf-b173-4ce1-bcba-cc353ebacba6/1/QxxX4ZIdMaNK69EuUHoTb-BFmMY.mft
Manifest number:          04DC
Signing time:             Tue 11 Nov 2025 13:00:59 +0000
Manifest this update:     Tue 11 Nov 2025 13:00:59 +0000
Manifest next update:     Wed 12 Nov 2025 13:00:59 +0000
Files and hashes:         1: QxxX4ZIdMaNK69EuUHoTb-BFmMY.crl (hash: YjPHgx/hNaCbuqKdCaeA3lE/xN1ALofEKRV/d1+CLIU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/65/0f1aaf-b173-4ce1-bcba-cc353ebacba6/1/QxxX4ZIdMaNK69EuUHoTb-BFmMY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/65/0f1aaf-b173-4ce1-bcba-cc353ebacba6/1/QxxX4ZIdMaNK69EuUHoTb-BFmMY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/QxxX4ZIdMaNK69EuUHoTb-BFmMY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 09:00:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:73:01:59:3d:af:bd:57:78:de:5c:88:77:17:97:37:23
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=431c57e1921d31a34aebd12e507a136fe04598c6
        Validity
            Not Before: Nov 11 13:00:59 2025 GMT
            Not After : Nov 12 13:00:59 2025 GMT
        Subject: CN=fd0d5957aeec2b37949c255032fc799b9c7397d7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:94:c6:db:8f:4b:36:14:23:27:d0:46:f3:1f:cf:
                    fe:eb:7e:02:56:b4:7d:7d:5e:bc:78:8e:48:55:ff:
                    f9:e6:97:ff:cb:39:9b:40:b0:e3:81:21:04:60:25:
                    d9:53:f8:cc:ec:7f:ed:5a:a4:fc:34:ab:58:a6:3d:
                    ec:99:4a:8e:f6:26:c4:b5:94:80:67:2e:e5:37:16:
                    75:bc:2e:5d:1c:47:56:00:74:40:b4:92:d4:07:55:
                    f7:bb:5e:a8:29:0c:36:37:48:a1:48:5a:c1:2a:35:
                    ef:7a:62:c9:f3:ca:9e:70:ef:ce:ed:39:18:d0:20:
                    02:89:e9:3a:af:4e:2a:94:02:21:27:fe:0e:74:93:
                    ff:d9:5a:fa:e5:27:af:64:ef:ca:0b:7d:7f:ad:f4:
                    ab:2b:d9:ac:d4:57:ea:c2:13:2a:21:6a:c3:a6:3c:
                    ff:8a:91:6a:fd:da:e7:d5:7a:e0:f0:d8:7e:a6:ea:
                    5c:07:5d:c8:39:64:ab:d6:f9:e1:7e:59:12:8a:26:
                    05:2e:87:89:0f:ac:a3:07:c9:31:88:31:cb:f3:83:
                    4d:9f:7b:4d:0f:ee:6c:cd:a5:e7:dd:70:f1:04:56:
                    86:c5:2d:c7:b5:44:67:ea:14:61:aa:8e:cf:ed:43:
                    7b:73:81:25:de:0c:4f:f4:68:2a:f7:b6:bd:ec:58:
                    0a:71
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FD:0D:59:57:AE:EC:2B:37:94:9C:25:50:32:FC:79:9B:9C:73:97:D7
            X509v3 Authority Key Identifier:
                keyid:43:1C:57:E1:92:1D:31:A3:4A:EB:D1:2E:50:7A:13:6F:E0:45:98:C6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QxxX4ZIdMaNK69EuUHoTb-BFmMY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/0f1aaf-b173-4ce1-bcba-cc353ebacba6/1/QxxX4ZIdMaNK69EuUHoTb-BFmMY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/65/0f1aaf-b173-4ce1-bcba-cc353ebacba6/1/QxxX4ZIdMaNK69EuUHoTb-BFmMY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         c4:78:65:fe:59:09:98:c8:d2:76:cd:da:33:8d:b1:73:79:7d:
         81:20:fb:a7:23:19:b6:d8:40:cd:25:4c:5e:76:26:ea:4b:f9:
         ef:ac:81:ad:6f:29:93:6c:82:25:6d:a7:f8:f0:a0:90:ba:98:
         10:da:23:da:bc:b9:8b:b2:82:1a:25:38:31:6c:2e:ff:ab:d4:
         06:ec:40:fa:27:7a:4e:98:41:4f:60:85:33:76:7b:bd:31:e9:
         b5:10:d0:d3:92:e0:03:43:12:c3:6e:57:44:23:b8:00:70:47:
         20:ad:db:da:49:b7:1d:fc:6f:d9:06:5b:6c:fd:9a:24:7b:4a:
         12:c8:61:e0:90:de:af:3c:5e:bc:30:d7:1d:56:3f:ab:04:5f:
         83:ba:48:e1:8e:1e:30:03:59:40:83:91:24:30:4a:e4:24:15:
         df:e7:cb:ca:2c:52:d8:c0:3a:28:54:60:04:52:5a:c8:25:0c:
         54:0d:3d:2a:bf:62:58:5c:1a:63:0d:09:ba:7f:9e:f7:35:c4:
         0c:ca:58:bf:f2:1b:cc:d9:39:21:ef:59:39:f7:e1:de:2e:c9:
         08:82:41:7c:b5:9c:5c:3c:5a:bd:1c:ea:ea:d4:52:67:ed:47:
         de:42:55:7f:5b:6e:20:f9:50:6a:53:f2:44:fe:81:44:7a:02:
         0f:bd:e3:df
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpzAVk9r71XeN5ciHcXlzcjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMWM1N2UxOTIxZDMxYTM0YWViZDEyZTUwN2ExMzZmZTA0
NTk4YzYwHhcNMjUxMTExMTMwMDU5WhcNMjUxMTEyMTMwMDU5WjAzMTEwLwYDVQQD
EyhmZDBkNTk1N2FlZWMyYjM3OTQ5YzI1NTAzMmZjNzk5YjljNzM5N2Q3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlMbbj0s2FCMn0EbzH8/+634CVrR9
fV68eI5IVf/55pf/yzmbQLDjgSEEYCXZU/jM7H/tWqT8NKtYpj3smUqO9ibEtZSA
Zy7lNxZ1vC5dHEdWAHRAtJLUB1X3u16oKQw2N0ihSFrBKjXvemLJ88qecO/O7TkY
0CACiek6r04qlAIhJ/4OdJP/2Vr65SevZO/KC31/rfSrK9ms1FfqwhMqIWrDpjz/
ipFq/drn1Xrg8Nh+pupcB13IOWSr1vnhflkSiiYFLoeJD6yjB8kxiDHL84NNn3tN
D+5szaXn3XDxBFaGxS3HtURn6hRhqo7P7UN7c4El3gxP9Ggq97a97FgKcQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFP0NWVeu7Cs3lJwlUDL8eZucc5fXMB8GA1UdIwQY
MBaAFEMcV+GSHTGjSuvRLlB6E2/gRZjGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXh4WDRaSWRNYU5LNjlFdVVIb1RiLUJGbU1ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS8wZjFhYWYtYjE3My00Y2UxLWJjYmEt
Y2MzNTNlYmFjYmE2LzEvUXh4WDRaSWRNYU5LNjlFdVVIb1RiLUJGbU1ZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS8wZjFhYWYtYjE3My00Y2UxLWJjYmEtY2MzNTNlYmFjYmE2
LzEvUXh4WDRaSWRNYU5LNjlFdVVIb1RiLUJGbU1ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAxHhl/lkJ
mMjSds3aM42xc3l9gSD7pyMZtthAzSVMXnYm6kv576yBrW8pk2yCJW2n+PCgkLqY
ENoj2ry5i7KCGiU4MWwu/6vUBuxA+id6TphBT2CFM3Z7vTHptRDQ05LgA0MSw25X
RCO4AHBHIK3b2km3Hfxv2QZbbP2aJHtKEshh4JDerzxevDDXHVY/qwRfg7pI4Y4e
MANZQIORJDBK5CQV3+fLyixS2MA6KFRgBFJayCUMVA09Kr9iWFwaYw0Jun+e9zXE
DMpYv/IbzNk5Ie9ZOffh3i7JCIJBfLWcXDxavRzq6tRSZ+1H3kJVf1tuIPlQalPy
RP6BRHoCD73j3w==
-----END CERTIFICATE-----