Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/c57467-49a5-4cc6-9e0c-77e61eea6a64/1/QpoEfERhf8-ynNVy962HR9C5Mms.mft
File:                     QpoEfERhf8-ynNVy962HR9C5Mms.mft (raw, json)
Hash identifier:          2+K1AqvdVv4AZ5vFPoOZ9gOunVIis7NXMyPwRBrG7WI=
Subject key identifier:   C0:DF:47:DC:54:F5:EC:29:E4:72:94:3C:F6:AA:95:7D:E1:E9:CE:0E
Authority key identifier: 42:9A:04:7C:44:61:7F:CF:B2:9C:D5:72:F7:AD:87:47:D0:B9:32:6B
Certificate issuer:       /CN=429a047c44617fcfb29cd572f7ad8747d0b9326b
Certificate serial:       019A71B7776786E09C031241EA994633C85D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/QpoEfERhf8-ynNVy962HR9C5Mms.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ac/c57467-49a5-4cc6-9e0c-77e61eea6a64/1/QpoEfERhf8-ynNVy962HR9C5Mms.mft
Manifest number:          0B94
Signing time:             Tue 11 Nov 2025 07:00:40 +0000
Manifest this update:     Tue 11 Nov 2025 07:00:40 +0000
Manifest next update:     Wed 12 Nov 2025 07:00:40 +0000
Files and hashes:         1: QpoEfERhf8-ynNVy962HR9C5Mms.crl (hash: LSUOWZeq24RpsaswPT/nnWC2+cCD3A++NqOKTeA7i8Q=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ac/c57467-49a5-4cc6-9e0c-77e61eea6a64/1/QpoEfERhf8-ynNVy962HR9C5Mms.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ac/c57467-49a5-4cc6-9e0c-77e61eea6a64/1/QpoEfERhf8-ynNVy962HR9C5Mms.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/QpoEfERhf8-ynNVy962HR9C5Mms.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 07:00:40 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:b7:77:67:86:e0:9c:03:12:41:ea:99:46:33:c8:5d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=429a047c44617fcfb29cd572f7ad8747d0b9326b
        Validity
            Not Before: Nov 11 07:00:40 2025 GMT
            Not After : Nov 12 07:00:40 2025 GMT
        Subject: CN=c0df47dc54f5ec29e472943cf6aa957de1e9ce0e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:df:2b:9d:78:2d:b3:9b:8b:a7:1e:5b:60:ef:a6:
                    32:45:11:f3:c2:58:9e:9d:42:26:b8:06:de:f3:55:
                    f6:79:4e:f3:dc:67:33:2a:cb:81:6b:9e:7f:da:7d:
                    b6:a6:20:bb:f3:1c:7d:39:1a:c6:a8:26:03:99:85:
                    5e:62:28:1d:a3:21:eb:01:c5:da:c9:75:41:fb:cc:
                    cb:6d:23:ca:44:86:19:38:57:71:ca:9d:c8:9c:00:
                    8d:3f:7d:f8:8c:44:93:6a:61:bb:a0:f2:17:01:3b:
                    e2:4b:51:60:76:db:02:a5:0e:01:2a:dd:7d:1c:95:
                    ea:c6:86:ae:f4:77:3f:5a:27:e2:41:ac:c4:5b:96:
                    e3:01:dd:af:f4:eb:45:e1:b8:76:45:c4:57:18:8f:
                    3d:ac:bc:a0:29:b8:05:8a:b2:8b:94:8f:fc:09:0c:
                    b9:0e:a7:3e:07:62:af:70:db:81:f9:b5:63:5a:dc:
                    d9:49:a9:a7:4e:6b:d8:98:be:58:a7:01:55:a6:cb:
                    75:ec:a7:ca:bc:e8:41:69:32:62:9b:0a:06:39:1f:
                    09:3b:15:ce:d3:47:c7:03:85:b6:9c:98:8f:58:e9:
                    96:af:c5:63:04:4e:f7:38:ad:9d:40:a7:75:53:0d:
                    ad:ce:ea:de:de:f0:e0:4a:41:7d:64:b1:b8:08:9e:
                    f1:07
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C0:DF:47:DC:54:F5:EC:29:E4:72:94:3C:F6:AA:95:7D:E1:E9:CE:0E
            X509v3 Authority Key Identifier:
                keyid:42:9A:04:7C:44:61:7F:CF:B2:9C:D5:72:F7:AD:87:47:D0:B9:32:6B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QpoEfERhf8-ynNVy962HR9C5Mms.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/c57467-49a5-4cc6-9e0c-77e61eea6a64/1/QpoEfERhf8-ynNVy962HR9C5Mms.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/c57467-49a5-4cc6-9e0c-77e61eea6a64/1/QpoEfERhf8-ynNVy962HR9C5Mms.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         9b:ce:a3:2c:d6:27:85:10:76:57:30:b9:7f:76:5f:61:ab:8c:
         2a:90:28:5c:ce:fb:ee:ee:da:92:26:53:db:0e:e6:14:37:0e:
         4e:53:a3:af:47:83:e2:77:3f:95:ce:39:58:0b:4f:48:8c:bd:
         6d:33:fa:85:7f:26:82:9e:89:9b:35:92:e3:27:51:bb:4a:61:
         3c:54:60:3b:01:3b:50:ff:09:6b:9f:e6:d3:f6:4a:eb:0d:66:
         31:b4:d0:e9:af:1f:86:ff:4a:b4:63:c3:8c:c3:c1:ee:b0:4d:
         f3:11:91:57:5b:d5:29:ee:77:70:98:a3:75:db:e4:90:ff:39:
         22:2b:19:38:e4:a1:7c:a9:0d:0a:1c:10:14:60:93:8f:88:25:
         3c:df:99:0f:6c:41:c7:b5:49:7d:3a:7e:db:38:0f:eb:09:99:
         2b:5f:69:0b:10:03:f1:6e:2d:27:3a:a6:50:8c:19:fb:76:07:
         ba:1b:7a:24:0f:c0:4a:d0:06:f0:f3:22:3f:a1:11:dd:3f:d1:
         69:fd:67:49:4b:d8:c2:7a:91:fe:71:1f:08:d1:39:45:8c:a0:
         38:7c:9b:bf:88:9d:32:00:8c:77:6a:0a:eb:c9:66:05:c3:6c:
         87:fc:89:75:c7:2c:2e:5c:af:27:da:3d:39:2a:17:4d:b0:89:
         41:55:2e:68
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxt3dnhuCcAxJB6plGM8hdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQyOWEwNDdjNDQ2MTdmY2ZiMjljZDU3MmY3YWQ4NzQ3ZDBi
OTMyNmIwHhcNMjUxMTExMDcwMDQwWhcNMjUxMTEyMDcwMDQwWjAzMTEwLwYDVQQD
EyhjMGRmNDdkYzU0ZjVlYzI5ZTQ3Mjk0M2NmNmFhOTU3ZGUxZTljZTBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3yudeC2zm4unHltg76YyRRHzwlie
nUImuAbe81X2eU7z3GczKsuBa55/2n22piC78xx9ORrGqCYDmYVeYigdoyHrAcXa
yXVB+8zLbSPKRIYZOFdxyp3InACNP334jESTamG7oPIXATviS1FgdtsCpQ4BKt19
HJXqxoau9Hc/WifiQazEW5bjAd2v9OtF4bh2RcRXGI89rLygKbgFirKLlI/8CQy5
Dqc+B2KvcNuB+bVjWtzZSamnTmvYmL5YpwFVpst17KfKvOhBaTJimwoGOR8JOxXO
00fHA4W2nJiPWOmWr8VjBE73OK2dQKd1Uw2tzure3vDgSkF9ZLG4CJ7xBwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMDfR9xU9ewp5HKUPPaqlX3h6c4OMB8GA1UdIwQY
MBaAFEKaBHxEYX/PspzVcveth0fQuTJrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXBvRWZFUmhmOC15bk5WeTk2MkhSOUM1TW1zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYy9jNTc0NjctNDlhNS00Y2M2LTllMGMt
NzdlNjFlZWE2YTY0LzEvUXBvRWZFUmhmOC15bk5WeTk2MkhSOUM1TW1zLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYy9jNTc0NjctNDlhNS00Y2M2LTllMGMtNzdlNjFlZWE2YTY0
LzEvUXBvRWZFUmhmOC15bk5WeTk2MkhSOUM1TW1zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAm86jLNYn
hRB2VzC5f3ZfYauMKpAoXM777u7akiZT2w7mFDcOTlOjr0eD4nc/lc45WAtPSIy9
bTP6hX8mgp6JmzWS4ydRu0phPFRgOwE7UP8Ja5/m0/ZK6w1mMbTQ6a8fhv9KtGPD
jMPB7rBN8xGRV1vVKe53cJijddvkkP85IisZOOShfKkNChwQFGCTj4glPN+ZD2xB
x7VJfTp+2zgP6wmZK19pCxAD8W4tJzqmUIwZ+3YHuht6JA/AStAG8PMiP6ER3T/R
af1nSUvYwnqR/nEfCNE5RYygOHybv4idMgCMd2oK68lmBcNsh/yJdccsLlyvJ9o9
OSoXTbCJQVUuaA==
-----END CERTIFICATE-----