Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/64f999-d26f-4606-a326-ce7a51aa3314/1/QnqV1vkbZ2udcauK4RQZQY3jww4.mft
File:                     QnqV1vkbZ2udcauK4RQZQY3jww4.mft (raw, json)
Hash identifier:          o/uPkl4olkgC18KkW0LW5jJNkK7AbGDAd6IcjsJXSbE=
Subject key identifier:   B9:B1:18:1D:DF:87:0E:F1:BF:1F:8D:57:05:EB:C8:10:73:D0:F6:B6
Authority key identifier: 42:7A:95:D6:F9:1B:67:6B:9D:71:AB:8A:E1:14:19:41:8D:E3:C3:0E
Certificate issuer:       /CN=427a95d6f91b676b9d71ab8ae11419418de3c30e
Certificate serial:       019922552019A9F97A1F639DC156AC6358C0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/QnqV1vkbZ2udcauK4RQZQY3jww4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/97/64f999-d26f-4606-a326-ce7a51aa3314/1/QnqV1vkbZ2udcauK4RQZQY3jww4.mft
Manifest number:          11A0
Signing time:             Sun 07 Sep 2025 04:00:28 +0000
Manifest this update:     Sun 07 Sep 2025 04:00:28 +0000
Manifest next update:     Mon 08 Sep 2025 04:00:28 +0000
Files and hashes:         1: QnqV1vkbZ2udcauK4RQZQY3jww4.crl (hash: d5rAiGh3sZVpy4f2/UssPMvr6U5ZJR6KUBIlZrGaXYE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/97/64f999-d26f-4606-a326-ce7a51aa3314/1/QnqV1vkbZ2udcauK4RQZQY3jww4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/97/64f999-d26f-4606-a326-ce7a51aa3314/1/QnqV1vkbZ2udcauK4RQZQY3jww4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/QnqV1vkbZ2udcauK4RQZQY3jww4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 04:00:28 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:22:55:20:19:a9:f9:7a:1f:63:9d:c1:56:ac:63:58:c0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=427a95d6f91b676b9d71ab8ae11419418de3c30e
        Validity
            Not Before: Sep  7 04:00:28 2025 GMT
            Not After : Sep  8 04:00:28 2025 GMT
        Subject: CN=b9b1181ddf870ef1bf1f8d5705ebc81073d0f6b6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:55:cb:ab:02:83:ad:1d:5b:c9:77:da:fd:d3:
                    bf:8f:dd:b8:c2:7d:d7:bd:ed:c2:b0:87:bb:ef:0b:
                    2f:8e:1e:64:5a:e0:60:30:97:cb:9d:9d:06:53:09:
                    c4:87:21:68:ca:6e:1a:0d:bd:33:1a:5b:67:e8:d1:
                    04:dc:d6:69:91:d2:6a:ca:71:dc:13:5b:9f:10:85:
                    db:5f:eb:9a:82:34:7b:fa:7b:0d:08:ae:b3:d7:0c:
                    48:95:65:2c:fe:93:8f:03:89:8a:fe:7b:f0:16:5d:
                    02:a2:f4:ad:32:b8:e5:f8:fa:ed:e2:0a:30:ee:bb:
                    f2:88:22:f3:5e:44:53:5d:83:8b:26:0e:9f:5d:34:
                    92:dd:00:40:dc:4e:b2:60:87:2a:f2:75:fe:fd:43:
                    d7:f0:9b:3f:6d:87:dc:c0:3e:d0:6c:39:bf:cb:7f:
                    7a:6f:aa:60:d8:cd:46:a6:bf:8e:52:fb:61:3c:60:
                    ff:ef:11:dd:56:5e:51:c7:31:01:cc:2c:e8:72:8f:
                    16:87:f1:63:3e:2b:43:65:df:d3:2e:49:dc:29:ff:
                    83:d9:54:df:0e:d5:fe:d3:2b:6b:98:79:a2:7f:c5:
                    d2:24:ff:17:ff:91:38:5f:b6:c3:51:71:fb:8a:06:
                    f7:4d:41:06:28:3a:c0:17:01:d4:7b:77:47:02:51:
                    af:01
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B9:B1:18:1D:DF:87:0E:F1:BF:1F:8D:57:05:EB:C8:10:73:D0:F6:B6
            X509v3 Authority Key Identifier:
                keyid:42:7A:95:D6:F9:1B:67:6B:9D:71:AB:8A:E1:14:19:41:8D:E3:C3:0E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QnqV1vkbZ2udcauK4RQZQY3jww4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/64f999-d26f-4606-a326-ce7a51aa3314/1/QnqV1vkbZ2udcauK4RQZQY3jww4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/97/64f999-d26f-4606-a326-ce7a51aa3314/1/QnqV1vkbZ2udcauK4RQZQY3jww4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         72:18:9c:04:ea:41:3c:e3:a5:4e:bb:a0:6e:53:88:02:c6:6b:
         14:8d:56:7c:4b:bf:9e:e8:bb:9f:9a:d9:54:33:f0:55:6e:a5:
         e3:38:7f:7a:3b:8a:60:3a:e5:f0:14:43:03:1a:e1:9f:4d:fb:
         e2:17:e9:ae:1a:21:12:0f:a5:d5:9f:f7:34:b3:53:c5:e6:24:
         6b:b7:ca:08:3a:0d:1a:57:bd:1e:26:a6:aa:ca:70:56:76:f3:
         90:21:40:85:af:f1:f8:b2:03:3d:5f:7a:a9:c2:5e:b4:86:d8:
         04:0c:98:49:8c:ab:89:55:04:48:a8:31:5e:35:37:fc:b2:35:
         1c:1c:44:6b:56:2e:3c:ee:ec:fc:0c:73:ff:c9:0c:e7:43:05:
         2b:db:4e:16:22:38:21:32:61:a7:6c:3e:d6:ce:b5:13:f8:76:
         85:93:72:55:f1:71:7e:f3:d7:6e:8a:e8:76:21:03:03:49:f6:
         9e:5f:3a:c7:2e:f5:fd:13:d2:51:92:ce:60:8d:a4:dd:b3:f1:
         60:63:ec:2e:7a:eb:aa:98:51:c5:d9:72:d0:e3:8d:d8:31:54:
         f0:c0:64:a6:4c:b0:1e:e9:11:4c:39:55:39:cc:cd:0e:43:5c:
         e7:56:b4:14:f7:af:41:00:33:fe:88:ca:40:69:a4:72:27:11:
         83:72:42:af
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkiVSAZqfl6H2OdwVasY1jAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQyN2E5NWQ2ZjkxYjY3NmI5ZDcxYWI4YWUxMTQxOTQxOGRl
M2MzMGUwHhcNMjUwOTA3MDQwMDI4WhcNMjUwOTA4MDQwMDI4WjAzMTEwLwYDVQQD
EyhiOWIxMTgxZGRmODcwZWYxYmYxZjhkNTcwNWViYzgxMDczZDBmNmI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtVXLqwKDrR1byXfa/dO/j924wn3X
ve3CsIe77wsvjh5kWuBgMJfLnZ0GUwnEhyFoym4aDb0zGltn6NEE3NZpkdJqynHc
E1ufEIXbX+uagjR7+nsNCK6z1wxIlWUs/pOPA4mK/nvwFl0CovStMrjl+Prt4gow
7rvyiCLzXkRTXYOLJg6fXTSS3QBA3E6yYIcq8nX+/UPX8Js/bYfcwD7QbDm/y396
b6pg2M1Gpr+OUvthPGD/7xHdVl5RxzEBzCzoco8Wh/FjPitDZd/TLkncKf+D2VTf
DtX+0ytrmHmif8XSJP8X/5E4X7bDUXH7igb3TUEGKDrAFwHUe3dHAlGvAQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLmxGB3fhw7xvx+NVwXryBBz0Pa2MB8GA1UdIwQY
MBaAFEJ6ldb5G2drnXGriuEUGUGN48MOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUW5xVjF2a2JaMnVkY2F1SzRSUVpRWTNqd3c0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny82NGY5OTktZDI2Zi00NjA2LWEzMjYt
Y2U3YTUxYWEzMzE0LzEvUW5xVjF2a2JaMnVkY2F1SzRSUVpRWTNqd3c0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny82NGY5OTktZDI2Zi00NjA2LWEzMjYtY2U3YTUxYWEzMzE0
LzEvUW5xVjF2a2JaMnVkY2F1SzRSUVpRWTNqd3c0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAchicBOpB
POOlTrugblOIAsZrFI1WfEu/nui7n5rZVDPwVW6l4zh/ejuKYDrl8BRDAxrhn037
4hfprhohEg+l1Z/3NLNTxeYka7fKCDoNGle9HiamqspwVnbzkCFAha/x+LIDPV96
qcJetIbYBAyYSYyriVUESKgxXjU3/LI1HBxEa1YuPO7s/Axz/8kM50MFK9tOFiI4
ITJhp2w+1s61E/h2hZNyVfFxfvPXborodiEDA0n2nl86xy71/RPSUZLOYI2k3bPx
YGPsLnrrqphRxdly0OON2DFU8MBkpkywHukRTDlVOczNDkNc51a0FPevQQAz/ojK
QGmkcicRg3JCrw==
-----END CERTIFICATE-----