Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/64f999-d26f-4606-a326-ce7a51aa3314/1/QnqV1vkbZ2udcauK4RQZQY3jww4.mft
File:                     QnqV1vkbZ2udcauK4RQZQY3jww4.mft (raw, json)
Hash identifier:          MO4RTru1U659TpOgXNv6cfDBRaY6B7t0VdVfAxR/pC4=
Subject key identifier:   42:14:7A:9D:59:2B:9B:45:C0:4B:13:AA:CB:A9:BF:48:18:D7:0A:3D
Authority key identifier: 42:7A:95:D6:F9:1B:67:6B:9D:71:AB:8A:E1:14:19:41:8D:E3:C3:0E
Certificate issuer:       /CN=427a95d6f91b676b9d71ab8ae11419418de3c30e
Certificate serial:       019A1F518A7A2AD7C425933BDAF99F052037
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/QnqV1vkbZ2udcauK4RQZQY3jww4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/97/64f999-d26f-4606-a326-ce7a51aa3314/1/QnqV1vkbZ2udcauK4RQZQY3jww4.mft
Manifest number:          1223
Signing time:             Sun 26 Oct 2025 07:00:28 +0000
Manifest this update:     Sun 26 Oct 2025 07:00:28 +0000
Manifest next update:     Mon 27 Oct 2025 07:00:28 +0000
Files and hashes:         1: QnqV1vkbZ2udcauK4RQZQY3jww4.crl (hash: r5VUi1j6UPRdq0BVBtdqPN2mLRfQQo7OZRbJBf+RcrI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/97/64f999-d26f-4606-a326-ce7a51aa3314/1/QnqV1vkbZ2udcauK4RQZQY3jww4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/97/64f999-d26f-4606-a326-ce7a51aa3314/1/QnqV1vkbZ2udcauK4RQZQY3jww4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/QnqV1vkbZ2udcauK4RQZQY3jww4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 27 Oct 2025 03:42:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:1f:51:8a:7a:2a:d7:c4:25:93:3b:da:f9:9f:05:20:37
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=427a95d6f91b676b9d71ab8ae11419418de3c30e
        Validity
            Not Before: Oct 26 07:00:28 2025 GMT
            Not After : Oct 27 07:00:28 2025 GMT
        Subject: CN=42147a9d592b9b45c04b13aacba9bf4818d70a3d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:86:f4:54:e3:97:fc:3c:da:3d:1f:83:21:57:
                    3d:41:c0:46:bd:64:29:bc:b4:c4:6c:59:5b:0c:d2:
                    42:13:2c:45:6e:ae:4c:ad:e5:3c:35:4e:f1:8a:0f:
                    65:ad:9d:d3:2e:96:20:91:b6:55:7f:32:c8:41:bc:
                    8c:e2:06:7e:6a:af:dd:de:88:28:e0:fb:33:c0:73:
                    c1:a4:f6:c7:e2:9d:91:e6:c4:e6:81:7b:c2:34:c7:
                    cd:a9:3d:be:8a:d1:b4:6b:55:50:de:ba:3f:50:23:
                    41:f6:a7:e9:16:06:d3:b0:16:88:52:92:f8:06:cf:
                    cb:15:d2:38:23:10:34:cc:0e:56:72:07:6d:8e:54:
                    37:08:2d:bc:29:7c:34:9d:f0:23:e2:45:79:09:2e:
                    0c:04:c1:1f:f9:7f:b6:37:18:ae:5d:55:91:e0:4d:
                    5b:87:15:ac:33:af:7a:0c:ba:c2:e7:89:e4:da:fd:
                    f3:8c:29:df:d7:b9:d0:81:fb:2d:a9:2f:6b:88:05:
                    7d:7c:a6:0c:cc:ef:82:5e:fe:5f:42:c1:31:77:76:
                    27:92:5c:b1:4c:01:64:d6:0c:b6:8f:65:ab:ab:44:
                    c6:57:66:43:e5:22:b1:2c:d6:b9:11:7a:5a:50:7f:
                    98:b4:0e:ad:5d:d6:de:1f:e2:86:94:12:52:9c:6c:
                    04:1d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                42:14:7A:9D:59:2B:9B:45:C0:4B:13:AA:CB:A9:BF:48:18:D7:0A:3D
            X509v3 Authority Key Identifier:
                keyid:42:7A:95:D6:F9:1B:67:6B:9D:71:AB:8A:E1:14:19:41:8D:E3:C3:0E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QnqV1vkbZ2udcauK4RQZQY3jww4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/64f999-d26f-4606-a326-ce7a51aa3314/1/QnqV1vkbZ2udcauK4RQZQY3jww4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/97/64f999-d26f-4606-a326-ce7a51aa3314/1/QnqV1vkbZ2udcauK4RQZQY3jww4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         52:16:9c:d0:b3:94:15:a4:41:3d:20:e5:ce:28:00:52:b7:cc:
         50:dc:c0:6f:0e:af:ee:64:37:1c:80:57:61:5b:b1:28:af:e8:
         ec:8c:ac:a1:db:9f:11:e0:c5:b4:a9:ef:5e:b0:cf:49:bd:fa:
         f0:dc:5c:d9:12:38:d6:26:13:08:43:dc:28:ba:76:4a:1c:bf:
         ff:97:4d:5c:97:52:61:2c:d4:d7:51:cc:5d:50:0c:da:c5:ff:
         b9:6f:d3:8d:7e:64:35:fb:73:b2:89:9c:23:be:06:c6:cc:f4:
         98:9c:37:e1:bd:dc:b1:23:21:83:93:ce:d6:5c:8d:f2:75:7a:
         83:32:d9:a8:93:7d:2e:cb:ac:f2:5e:e1:12:74:b0:69:11:82:
         c8:6f:28:12:8d:d4:44:69:1e:af:ac:3f:70:a7:f4:9a:7b:a3:
         41:37:5e:12:84:e6:8d:33:68:97:36:86:57:98:0f:8f:72:e5:
         7e:41:ba:1f:0e:f8:ed:78:c7:d6:c5:65:d7:f9:34:c1:e6:92:
         57:0c:e6:6f:de:4b:ba:5b:98:19:c5:66:01:67:e8:95:10:72:
         cb:e6:17:1f:d5:64:8d:f3:f8:1e:cc:09:d9:3f:c4:86:e7:04:
         47:b8:8b:68:cc:9e:d4:2d:07:c5:12:3b:89:1d:b5:6a:c7:98:
         8a:97:b4:55
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZofUYp6KtfEJZM72vmfBSA3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQyN2E5NWQ2ZjkxYjY3NmI5ZDcxYWI4YWUxMTQxOTQxOGRl
M2MzMGUwHhcNMjUxMDI2MDcwMDI4WhcNMjUxMDI3MDcwMDI4WjAzMTEwLwYDVQQD
Eyg0MjE0N2E5ZDU5MmI5YjQ1YzA0YjEzYWFjYmE5YmY0ODE4ZDcwYTNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtob0VOOX/DzaPR+DIVc9QcBGvWQp
vLTEbFlbDNJCEyxFbq5MreU8NU7xig9lrZ3TLpYgkbZVfzLIQbyM4gZ+aq/d3ogo
4PszwHPBpPbH4p2R5sTmgXvCNMfNqT2+itG0a1VQ3ro/UCNB9qfpFgbTsBaIUpL4
Bs/LFdI4IxA0zA5WcgdtjlQ3CC28KXw0nfAj4kV5CS4MBMEf+X+2NxiuXVWR4E1b
hxWsM696DLrC54nk2v3zjCnf17nQgfstqS9riAV9fKYMzO+CXv5fQsExd3Ynklyx
TAFk1gy2j2Wrq0TGV2ZD5SKxLNa5EXpaUH+YtA6tXdbeH+KGlBJSnGwEHQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEIUep1ZK5tFwEsTqsupv0gY1wo9MB8GA1UdIwQY
MBaAFEJ6ldb5G2drnXGriuEUGUGN48MOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUW5xVjF2a2JaMnVkY2F1SzRSUVpRWTNqd3c0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny82NGY5OTktZDI2Zi00NjA2LWEzMjYt
Y2U3YTUxYWEzMzE0LzEvUW5xVjF2a2JaMnVkY2F1SzRSUVpRWTNqd3c0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny82NGY5OTktZDI2Zi00NjA2LWEzMjYtY2U3YTUxYWEzMzE0
LzEvUW5xVjF2a2JaMnVkY2F1SzRSUVpRWTNqd3c0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAUhac0LOU
FaRBPSDlzigAUrfMUNzAbw6v7mQ3HIBXYVuxKK/o7IysodufEeDFtKnvXrDPSb36
8Nxc2RI41iYTCEPcKLp2Shy//5dNXJdSYSzU11HMXVAM2sX/uW/TjX5kNftzsomc
I74Gxsz0mJw34b3csSMhg5PO1lyN8nV6gzLZqJN9Lsus8l7hEnSwaRGCyG8oEo3U
RGker6w/cKf0mnujQTdeEoTmjTNolzaGV5gPj3LlfkG6Hw747XjH1sVl1/k0weaS
Vwzmb95LuluYGcVmAWfolRByy+YXH9VkjfP4HswJ2T/EhucER7iLaMye1C0HxRI7
iR21aseYipe0VQ==
-----END CERTIFICATE-----