Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/90/a303fd-36a6-438d-96da-183a47a45b2a/1/qCYCgPNU92LV7fNMisgW4cIHG1k.mft
File:                     qCYCgPNU92LV7fNMisgW4cIHG1k.mft (raw, json)
Hash identifier:          TIYVAU2iXs18sDifylqOzDCujSHxgtgkfXsXtwqZlJk=
Subject key identifier:   46:8D:DD:DB:2D:8B:60:5D:E3:1B:6F:26:86:DA:1B:21:89:E5:CE:6C
Authority key identifier: A8:26:02:80:F3:54:F7:62:D5:ED:F3:4C:8A:C8:16:E1:C2:07:1B:59
Certificate issuer:       /CN=a8260280f354f762d5edf34c8ac816e1c2071b59
Certificate serial:       0199228CF42A9F57757F30BAD1237E16E145
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/qCYCgPNU92LV7fNMisgW4cIHG1k.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/90/a303fd-36a6-438d-96da-183a47a45b2a/1/qCYCgPNU92LV7fNMisgW4cIHG1k.mft
Manifest number:          166F
Signing time:             Sun 07 Sep 2025 05:01:26 +0000
Manifest this update:     Sun 07 Sep 2025 05:01:26 +0000
Manifest next update:     Mon 08 Sep 2025 05:01:26 +0000
Files and hashes:         1: qCYCgPNU92LV7fNMisgW4cIHG1k.crl (hash: 2dbcqbDsbcYrUPHBDP4oDyiS2IDTVBKyp/jPhbe55O8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/90/a303fd-36a6-438d-96da-183a47a45b2a/1/qCYCgPNU92LV7fNMisgW4cIHG1k.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/90/a303fd-36a6-438d-96da-183a47a45b2a/1/qCYCgPNU92LV7fNMisgW4cIHG1k.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/qCYCgPNU92LV7fNMisgW4cIHG1k.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 05:00:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:22:8c:f4:2a:9f:57:75:7f:30:ba:d1:23:7e:16:e1:45
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a8260280f354f762d5edf34c8ac816e1c2071b59
        Validity
            Not Before: Sep  7 05:01:26 2025 GMT
            Not After : Sep  8 05:01:26 2025 GMT
        Subject: CN=468ddddb2d8b605de31b6f2686da1b2189e5ce6c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:b3:2c:56:be:34:46:ac:d3:57:96:be:3a:90:
                    f7:dc:32:5d:81:98:87:20:bf:20:92:7e:ac:3f:77:
                    fe:d5:83:6e:5b:70:71:ee:a0:34:82:f1:79:cc:02:
                    f7:80:aa:77:27:9d:b3:bc:07:be:af:c2:ac:e8:e2:
                    14:fb:2a:e0:aa:5d:07:85:4e:95:4f:9d:c6:5c:cb:
                    f5:68:67:2d:cf:36:93:17:f1:39:a4:3d:1e:20:8b:
                    9f:b1:5e:45:eb:69:76:dd:64:90:f1:96:87:64:a5:
                    df:52:28:e4:05:81:68:9b:2b:09:45:b0:32:69:9a:
                    66:04:28:3b:ae:08:04:8a:0f:b4:e9:4e:cb:03:44:
                    2b:ad:df:26:9f:df:18:17:f8:8a:f7:6a:3e:f4:de:
                    b1:7f:c0:f6:e4:d3:c1:7d:74:58:d3:3a:88:b6:c9:
                    bd:8d:b8:3a:59:4b:00:26:02:86:3a:59:a5:4e:f1:
                    9d:86:d8:30:17:6a:05:8a:91:d1:e1:ea:cd:d6:77:
                    6e:19:0b:0c:99:11:44:e5:95:ce:f4:a1:a5:06:49:
                    9e:56:5a:a3:32:f6:1c:26:26:da:23:20:66:62:34:
                    fe:97:bf:26:2c:10:9c:ef:2b:d7:a4:03:58:ec:e3:
                    29:35:68:e0:8f:bd:04:2d:09:06:b2:a4:2d:83:bf:
                    3a:bb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                46:8D:DD:DB:2D:8B:60:5D:E3:1B:6F:26:86:DA:1B:21:89:E5:CE:6C
            X509v3 Authority Key Identifier:
                keyid:A8:26:02:80:F3:54:F7:62:D5:ED:F3:4C:8A:C8:16:E1:C2:07:1B:59

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qCYCgPNU92LV7fNMisgW4cIHG1k.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/a303fd-36a6-438d-96da-183a47a45b2a/1/qCYCgPNU92LV7fNMisgW4cIHG1k.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/90/a303fd-36a6-438d-96da-183a47a45b2a/1/qCYCgPNU92LV7fNMisgW4cIHG1k.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         40:1c:77:33:1a:b5:ee:7a:a6:af:a8:01:87:41:41:61:08:9a:
         ca:3d:ce:14:33:73:5f:5b:13:2d:68:c2:b5:5c:da:bc:74:39:
         29:16:f2:c4:8c:4f:57:25:e3:ce:e6:a9:a4:7b:ff:30:dc:24:
         3f:96:13:11:11:a9:1f:c8:86:11:b6:a9:c4:67:19:c0:fc:bc:
         0c:59:64:c9:20:07:fe:d5:0b:4e:c3:68:d6:d8:2d:0f:0e:75:
         18:3c:ca:de:c6:ac:64:83:71:ef:a8:a6:84:56:cb:b8:dc:1a:
         b3:0a:0e:09:45:61:2f:e8:65:bc:5b:89:c5:f1:eb:b3:fd:55:
         a8:f1:6f:a6:02:ec:41:6f:fb:52:ec:34:f5:df:23:ce:f7:94:
         6a:61:8a:21:5a:2d:cf:eb:a0:61:d9:7f:23:73:62:f0:a3:16:
         5d:70:22:82:06:e0:1d:0a:b5:57:2e:75:86:4d:1e:1a:f6:02:
         76:67:b8:ce:1f:e2:89:a8:f0:ba:2f:60:dc:27:0e:7b:4d:ad:
         f8:4f:ef:24:00:1c:07:e6:dd:49:c2:44:c6:40:a1:ee:78:71:
         87:c6:90:55:2b:0f:27:37:78:32:53:b6:3e:f4:c6:f0:ee:b4:
         fe:f3:93:a5:55:e9:6e:04:b7:59:7a:8c:77:19:a2:53:38:a7:
         70:69:3a:7f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkijPQqn1d1fzC60SN+FuFFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE4MjYwMjgwZjM1NGY3NjJkNWVkZjM0YzhhYzgxNmUxYzIw
NzFiNTkwHhcNMjUwOTA3MDUwMTI2WhcNMjUwOTA4MDUwMTI2WjAzMTEwLwYDVQQD
Eyg0NjhkZGRkYjJkOGI2MDVkZTMxYjZmMjY4NmRhMWIyMTg5ZTVjZTZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsbMsVr40RqzTV5a+OpD33DJdgZiH
IL8gkn6sP3f+1YNuW3Bx7qA0gvF5zAL3gKp3J52zvAe+r8Ks6OIU+yrgql0HhU6V
T53GXMv1aGctzzaTF/E5pD0eIIufsV5F62l23WSQ8ZaHZKXfUijkBYFomysJRbAy
aZpmBCg7rggEig+06U7LA0Qrrd8mn98YF/iK92o+9N6xf8D25NPBfXRY0zqItsm9
jbg6WUsAJgKGOlmlTvGdhtgwF2oFipHR4erN1nduGQsMmRFE5ZXO9KGlBkmeVlqj
MvYcJibaIyBmYjT+l78mLBCc7yvXpANY7OMpNWjgj70ELQkGsqQtg786uwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEaN3dsti2Bd4xtvJobaGyGJ5c5sMB8GA1UdIwQY
MBaAFKgmAoDzVPdi1e3zTIrIFuHCBxtZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcUNZQ2dQTlU5MkxWN2ZOTWlzZ1c0Y0lIRzFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MC9hMzAzZmQtMzZhNi00MzhkLTk2ZGEt
MTgzYTQ3YTQ1YjJhLzEvcUNZQ2dQTlU5MkxWN2ZOTWlzZ1c0Y0lIRzFrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MC9hMzAzZmQtMzZhNi00MzhkLTk2ZGEtMTgzYTQ3YTQ1YjJh
LzEvcUNZQ2dQTlU5MkxWN2ZOTWlzZ1c0Y0lIRzFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQBx3Mxq1
7nqmr6gBh0FBYQiayj3OFDNzX1sTLWjCtVzavHQ5KRbyxIxPVyXjzuappHv/MNwk
P5YTERGpH8iGEbapxGcZwPy8DFlkySAH/tULTsNo1tgtDw51GDzK3sasZINx76im
hFbLuNwaswoOCUVhL+hlvFuJxfHrs/1VqPFvpgLsQW/7Uuw09d8jzveUamGKIVot
z+ugYdl/I3Ni8KMWXXAiggbgHQq1Vy51hk0eGvYCdme4zh/iiajwui9g3CcOe02t
+E/vJAAcB+bdScJExkCh7nhxh8aQVSsPJzd4MlO2PvTG8O60/vOTpVXpbgS3WXqM
dxmiUzincGk6fw==
-----END CERTIFICATE-----