Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/87ab16-b4de-4ccf-ac49-461a6eccfc47/1/q-KqqfiJDkQV40HAd9hnvuJaodE.mft
File:                     q-KqqfiJDkQV40HAd9hnvuJaodE.mft (raw, json)
Hash identifier:          vpzP4/tuTr8DRpjShoTICQkcFW/BBO8cW4YKae3AaYo=
Subject key identifier:   61:59:6A:0F:D6:45:96:3F:CE:AE:7C:5D:40:52:F2:68:1B:15:AA:79
Authority key identifier: AB:E2:AA:A9:F8:89:0E:44:15:E3:41:C0:77:D8:67:BE:E2:5A:A1:D1
Certificate issuer:       /CN=abe2aaa9f8890e4415e341c077d867bee25aa1d1
Certificate serial:       0199228D3238373FA616EFA299A166504C7B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/q-KqqfiJDkQV40HAd9hnvuJaodE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/70/87ab16-b4de-4ccf-ac49-461a6eccfc47/1/q-KqqfiJDkQV40HAd9hnvuJaodE.mft
Manifest number:          C8
Signing time:             Sun 07 Sep 2025 05:01:42 +0000
Manifest this update:     Sun 07 Sep 2025 05:01:42 +0000
Manifest next update:     Mon 08 Sep 2025 05:01:42 +0000
Files and hashes:         1: q-KqqfiJDkQV40HAd9hnvuJaodE.crl (hash: bAUB5OxO9v6uhoSf/HrXL9P6nkL6YKIHW8KC+qTxOcI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/70/87ab16-b4de-4ccf-ac49-461a6eccfc47/1/q-KqqfiJDkQV40HAd9hnvuJaodE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/70/87ab16-b4de-4ccf-ac49-461a6eccfc47/1/q-KqqfiJDkQV40HAd9hnvuJaodE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/q-KqqfiJDkQV40HAd9hnvuJaodE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 05:00:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:22:8d:32:38:37:3f:a6:16:ef:a2:99:a1:66:50:4c:7b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=abe2aaa9f8890e4415e341c077d867bee25aa1d1
        Validity
            Not Before: Sep  7 05:01:42 2025 GMT
            Not After : Sep  8 05:01:42 2025 GMT
        Subject: CN=61596a0fd645963fceae7c5d4052f2681b15aa79
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:5a:1d:c8:f7:ed:9a:13:40:44:2f:1e:e2:aa:
                    ca:86:c1:6b:90:5c:18:e0:7e:17:6b:88:c3:3a:3e:
                    e2:ec:93:8a:82:12:d4:02:a3:c7:99:6c:a8:20:e7:
                    3a:62:a0:63:ed:31:19:32:90:3b:3e:f3:19:dc:21:
                    c9:01:06:38:69:a7:e5:7d:b3:52:ea:2d:29:bd:80:
                    1e:df:04:30:8a:08:90:0d:80:c3:93:e5:a1:a7:57:
                    4c:b4:a6:7d:1f:e7:57:69:c2:dc:c6:48:5e:20:70:
                    6f:05:22:b9:8c:67:08:0b:06:24:ee:ab:90:9f:3e:
                    13:cf:69:1a:06:66:92:37:bf:bc:83:bb:6d:42:0b:
                    16:76:2e:d7:13:5d:94:5e:37:e4:e2:64:9c:65:d7:
                    db:74:97:d3:b9:f8:1c:88:f4:2d:27:93:4c:89:1c:
                    be:f2:12:c9:54:48:dd:e3:99:bf:0b:58:0a:83:42:
                    90:0e:b6:63:73:06:cd:1c:c7:c2:de:16:36:f7:f7:
                    ad:56:d5:fd:ee:c5:76:e5:67:2b:c9:39:ab:98:bb:
                    74:15:12:60:6e:10:9b:56:f2:cb:58:c9:28:c8:05:
                    37:1d:0d:5b:bd:fd:bc:8a:d5:93:35:52:93:e3:83:
                    1b:13:c9:48:a6:f4:f7:1d:03:f4:2d:95:f7:4f:f5:
                    4f:95
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                61:59:6A:0F:D6:45:96:3F:CE:AE:7C:5D:40:52:F2:68:1B:15:AA:79
            X509v3 Authority Key Identifier:
                keyid:AB:E2:AA:A9:F8:89:0E:44:15:E3:41:C0:77:D8:67:BE:E2:5A:A1:D1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/q-KqqfiJDkQV40HAd9hnvuJaodE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/87ab16-b4de-4ccf-ac49-461a6eccfc47/1/q-KqqfiJDkQV40HAd9hnvuJaodE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/70/87ab16-b4de-4ccf-ac49-461a6eccfc47/1/q-KqqfiJDkQV40HAd9hnvuJaodE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         aa:5c:da:bb:74:ac:99:a6:1e:a4:3d:83:19:73:f4:67:3f:68:
         75:93:23:35:e3:6f:d5:77:5d:e6:fb:fe:6b:b7:84:42:cb:35:
         e4:be:89:99:9b:d0:32:08:e0:6b:9b:15:97:08:dd:d5:60:da:
         30:e4:38:e7:f6:af:dc:8b:c2:96:40:15:df:04:82:67:cf:ba:
         a7:18:42:9c:36:99:e9:45:2b:30:76:43:06:fc:e6:46:0c:d5:
         b6:67:f1:9c:13:ea:3f:45:02:e5:e4:a3:61:db:93:02:ff:94:
         b6:17:6f:4f:42:85:72:82:85:c5:3b:59:0a:c1:23:ca:f2:77:
         ca:85:64:5c:88:21:51:a9:b6:cd:8e:15:83:14:94:58:17:b5:
         2a:e9:61:29:48:f9:b1:b4:e8:fd:ec:47:b0:60:a5:9f:5b:45:
         cc:1d:52:1d:a3:85:e3:6e:fd:2e:59:ef:49:ad:61:4c:f2:4b:
         92:87:82:2d:db:ba:e0:6a:d9:0d:f7:74:d4:46:d8:89:79:25:
         49:5b:00:65:56:81:e9:fb:3f:1f:2c:c8:49:e7:29:b2:72:81:
         78:ea:74:e5:7e:9d:a1:7f:d8:ce:9b:e9:45:b9:56:4c:6b:d6:
         9c:68:06:08:73:d2:d7:0f:25:66:65:f7:1f:c8:76:d0:f5:ae:
         70:5c:77:58
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkijTI4Nz+mFu+imaFmUEx7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiZTJhYWE5Zjg4OTBlNDQxNWUzNDFjMDc3ZDg2N2JlZTI1
YWExZDEwHhcNMjUwOTA3MDUwMTQyWhcNMjUwOTA4MDUwMTQyWjAzMTEwLwYDVQQD
Eyg2MTU5NmEwZmQ2NDU5NjNmY2VhZTdjNWQ0MDUyZjI2ODFiMTVhYTc5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp1odyPftmhNARC8e4qrKhsFrkFwY
4H4Xa4jDOj7i7JOKghLUAqPHmWyoIOc6YqBj7TEZMpA7PvMZ3CHJAQY4aaflfbNS
6i0pvYAe3wQwigiQDYDDk+Whp1dMtKZ9H+dXacLcxkheIHBvBSK5jGcICwYk7quQ
nz4Tz2kaBmaSN7+8g7ttQgsWdi7XE12UXjfk4mScZdfbdJfTufgciPQtJ5NMiRy+
8hLJVEjd45m/C1gKg0KQDrZjcwbNHMfC3hY29/etVtX97sV25WcryTmrmLt0FRJg
bhCbVvLLWMkoyAU3HQ1bvf28itWTNVKT44MbE8lIpvT3HQP0LZX3T/VPlQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGFZag/WRZY/zq58XUBS8mgbFap5MB8GA1UdIwQY
MBaAFKviqqn4iQ5EFeNBwHfYZ77iWqHRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcS1LcXFmaUpEa1FWNDBIQWQ5aG52dUphb2RFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC84N2FiMTYtYjRkZS00Y2NmLWFjNDkt
NDYxYTZlY2NmYzQ3LzEvcS1LcXFmaUpEa1FWNDBIQWQ5aG52dUphb2RFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC84N2FiMTYtYjRkZS00Y2NmLWFjNDktNDYxYTZlY2NmYzQ3
LzEvcS1LcXFmaUpEa1FWNDBIQWQ5aG52dUphb2RFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAqlzau3Ss
maYepD2DGXP0Zz9odZMjNeNv1Xdd5vv+a7eEQss15L6JmZvQMgjga5sVlwjd1WDa
MOQ45/av3IvClkAV3wSCZ8+6pxhCnDaZ6UUrMHZDBvzmRgzVtmfxnBPqP0UC5eSj
YduTAv+UthdvT0KFcoKFxTtZCsEjyvJ3yoVkXIghUam2zY4VgxSUWBe1KulhKUj5
sbTo/exHsGCln1tFzB1SHaOF4279LlnvSa1hTPJLkoeCLdu64GrZDfd01EbYiXkl
SVsAZVaB6fs/HyzISecpsnKBeOp05X6doX/YzpvpRblWTGvWnGgGCHPS1w8lZmX3
H8h20PWucFx3WA==
-----END CERTIFICATE-----